Sent a patch upstream to today (and found a segfault bug in master at the same time). I like contributing to OSS once in a while.

@gudenau true. Much cheaper to wait until a breach happens and remediate it and buy back user and regulator trust... 🙄

I guess what I'm saying is... what if there were a way to get executives to care about security and compliance *before* a breach happens. Some kind of process where you assess risks and build protective controls...

Too bad the software industry never developed such a process.

@TheGibson I'm just stuck at how to do it without having the ability to punish people for bypassing policies & controls. The only things I know to do are make good things easier and bad things harder...

@TheGibson If by "a cloud provider" you mean "a few dozen dozen different SaaS and PaaS providers that different things use"

@TheGibson I guess what I'm looking for is some way to make people not want to exfiltrate data. What I'm doing now is playing whack-a-mole and shutting down one avenue as fast as new ones pop up, which is exhausting.

@TheGibson Assume you're forbidden from taking any punitive action by your management and executive team... Competent moderately technical types can bypass any DLP...

How do you handle coworkers exfiltrating customer data to unmanaged, unsecured third-party SaaS products? For a long time, I thought the best solution was to just try to provide IT-sanctioned first-party tools, but that appears to not work — any reasonably-sized employee base will want more tools than an IT team can possibly set up and manage.

work gripe 

@gudenau you can mmap the same file or region twice and only mprotect one, I think. you'd probably want to test it, though.

Ugh just spent 90 minutes fucking with PIM. Multicast routing is such a confusing quagmire.

travel rant 

Spent the last few days in Austin and wrote up largely uninformed impressions at roguelazer.com/2020/01/2020-au

Just had audio get stuck in ducked mode after I swiped away a notification before its sound effect had finished playing. That's an annoying bug.

sha-mbles.github.io/ the latest -1 attack website isn’t as obnoxious as most branded vulnerabilities.

I wonder how close is to swapping out hash algorithms? I know it’s in progress...

Show more
Mastodon for Tech Folks

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!