Many “NGFW” creations looks into the application-stack “layer 8”. I am however pondering over, since many seems to also identify the underlying OS (for enabling better and easier rule-sets per device category for example) – why not also provide a baseline for that specific OS – what to expect and also identify the normally permitted traffic – and the underlying connectionpoints for those. With this reasoning, one could filter out lots of garbage traffic that otherwise needs to be looked at with all the possible UTM-profiles.
This would be something we all could benefit from, make easier exclusions on per OS-basis etc. If we learn what normal is, we do not have to look at it all the time – only in a fully forensic perspective would it be needed – to fully determine a timeline etc.
Been looking at https://www.youtube.com/watch?v=A3DudqwsRPw, a summary over the history of AOL.
The feel I got – was that if you allow marketing to take charge without innovation – you get an AOL history. Doomed.
And – if you get a smaller company with tech-savvy ppl in charge only – you get no growth (based on personal experience).
If you get tech-savvy ppl with a understanding of “what’s next” – you get corporations like google (in the beginning).
But then, think again.. Some inovations press beyond our current boundries. Some boundries are ethical – and those are worse than that of simply “one-step-forward” thinking.
So, Troy Hunt got the following out;
If we back a bit, we have a communication history in general.
Based on email…
@yourdomain – those where the general in-channels.
Troy got into a tight spot, I have not encountered that – sadly, I got into something worse. Ignorance and fudge..
Reporting anything in a public space – really? How come?
Public space / “social media” is usually under the hand of PR / marketing. Getting ’em to move their butts and report higher … Not the easiest way when we are not talking about security-aware companies.
So how do we determine or detect security-aware companies? We don’t. Bash’em with information – make a correct statement (like Troy and friend did) – and hope that the receiver is not part of the stupidity-bunch.
Rant… This is a rant.
But in short, by the birth of the internet – interconnected computing, and the applications of that era – why whould not part of the first users take over in a hostile model what they started or, partially took over.
It’s a matter of cost. Looking back at my own involvement with the military – I get it. For low priority stuff you might even hook it up to the interwebs.
But – the problem is, they need to start just do what we do with our normal armies. Stuff ’em as security at the boarder and threatening power. Not enslaving the whole of us. Not stepping on rules, and regulations the majority of us keep. I am not talking about the amount of data. The amount of data is irrelevant. It is the intent of the normal average person connected to the internet. The persona that thinks they have nothing to loose. Nothing to hide, and the worst fear is loosing their smartphone.
Is it really about “defending ours”?
How about it’s time we simply stopped the intelligence community from walking into our livingrooms, and the corporations from owning us instead of us being the consumer of their products.
Time to step up the game, by laying down the rules.
So.. What are the rules?
In war – spare the civilians.
If you have to wage wars on the webs, stop involving us- and our data.
I’ve had Netflix for years. Why? I could stream content to my devices – sadly not the devices I wanted to in the beginning, and of course – no “offline” mode. Because, DRM, and… yes. DRM.
Not until Chrome chewed some on it did it expand to the linux platform in a while back. It has never been a great experience, but good enough to hang around for and be able to time to time catchup on series or some odd bad movie you never thought of watching.
Tonight however I just got fed up. I was unable to start streaming anything – because they had decided I was either using a proxy or a VPN connection. Assholes. I was using neither – if any – I did use VPN to get home and be able to watch the same shit as before back in the days when I traveled heavily.
Enough. No more sponsoring DRM and stupidity.
Sadly, I have realized that paying for spotify is not worth it either. I will now save roughly 200 sek (est. US $22) per month, that I can place on other things. Woopie.
And all is not well.
But, re-discovered pfSense. It’s grown into a nifty little perimeter protector.
Reverting over to FreeNas – because even at home de-duplication and compression is… useful.
Found myself a small little windows tablet – quite interesting.
The year of 2015 – the year one would think that after so many spam emails one would start thinking on what comes into the mailbox.
It’s tax time in Sweden. Several have gotten spam with attachments, from what claims to be the tax office. It’s not.
First of – they don’t have your email. I don’t care how well thought out and graphically correct it may look.
Second – if you are doing your tax on the internet, there’s several steps to take to just log in – to see your data.
Why on earth would they send anything to your email, with the information ATTACHED?
Thirdly- if you’re getting the spams from DHL – DID YOU ORDER ANYTHING FROM DHL TO BEGIN WITH?
No? SO WHY THE HELL DID YOU CLICK IT?!
The same way your normal mail works – you open it, athenticate it, and then authorize it. The authorize action along with the authentication can always be verified by contating the vendor in question.
So… Why are you STILL NOT DOING IT FOR EMAILS?
Here’s the tax office WARING…
Did you just hover over that link before you clicked it? I hope so.
That’s all for now.
STOP CLICKING ALL THE THINGS!