sveltecider@lemmy.ca to Technology@lemmy.worldEnglish · 2 months agoThe 4th Linux kernel flaw this month can lead to stolen SSH host keyswww.zdnet.comexternal-linkmessage-square54linkfedilinkarrow-up1204arrow-down17
arrow-up1197arrow-down1external-linkThe 4th Linux kernel flaw this month can lead to stolen SSH host keyswww.zdnet.comsveltecider@lemmy.ca to Technology@lemmy.worldEnglish · 2 months agomessage-square54linkfedilink
minus-square9point6@lemmy.worldlinkfedilinkEnglisharrow-up65arrow-down2·2 months agoOh FFS, the rest of my life is doomed to be spent updating software
minus-squarewltr@discuss.tchncs.delinkfedilinkEnglisharrow-up19arrow-down2·2 months agoAlways has been!
minus-squareLeapSecond@lemmy.ziplinkfedilinkEnglisharrow-up51·2 months agoBut careful not to update too fast and fall on the supply chain attack of the week.
minus-squareAlbbi@piefed.calinkfedilinkEnglisharrow-up5·2 months agoPretty sure that was in the bible. Proverbs 25:16 - If you find honey, eat just enough - too much of it, and you will vomit. Could update that to be: If you find updates, apply them - too soon though, and you will vomit your credentials.
minus-squarecorsicanguppy@lemmy.calinkfedilinkEnglisharrow-up1·2 months agoThat’s difficult. Openssh is coded in C, not js.
minus-squareNGC2346@sh.itjust.workslinkfedilinkEnglisharrow-up10·2 months agoIt is more important than ever to introduce geo-ip conditional access on your network(s). That way you limit your attack surface by a significant margin.
minus-square9point6@lemmy.worldlinkfedilinkEnglisharrow-up4·2 months agoMy personal stuff 100% For work? No such choice (apart from the obvious ones)
minus-squareNGC2346@sh.itjust.workslinkfedilinkEnglisharrow-up1·2 months agoYour work most likely already has conditional access through MS Entra
minus-square9point6@lemmy.worldlinkfedilinkEnglisharrow-up1·2 months agoNot a Microsoft shop, but yes they have a pretty extensive IDS for anything public facing, another company to handle internal Auth
minus-squareMagicShel@lemmy.ziplinkfedilinkEnglisharrow-up4·2 months agoThat’s what we call job security, I suppose.
Oh FFS, the rest of my life is doomed to be spent updating software
🌏🧑🚀🔫🧑🚀
Always has been!
But careful not to update too fast and fall on the supply chain attack of the week.
Pretty sure that was in the bible.
Proverbs 25:16 - If you find honey, eat just enough - too much of it, and you will vomit.
Could update that to be: If you find updates, apply them - too soon though, and you will vomit your credentials.
That’s difficult. Openssh is coded in C, not js.
It is more important than ever to introduce geo-ip conditional access on your network(s). That way you limit your attack surface by a significant margin.
My personal stuff 100%
For work? No such choice (apart from the obvious ones)
Your work most likely already has conditional access through MS Entra
Not a Microsoft shop, but yes they have a pretty extensive IDS for anything public facing, another company to handle internal Auth
That’s what we call job security, I suppose.