Readit NewsEdit: my original comment was not intended to be a reply to you, but to the parent.
Thanks for the dose of epistemic humility. I'm willing to go one step further: It's plausible that no one knows the truth. Keeping secrets is hard. If someone knew they might've died in the early stages of the outbreak.
the old ‘embrace-extend-extinguish’ model is what it _truly_ is, f.e. , you cannot take extensions from m$ store and use it.
there have been large number of discussions around this topic, and folks have highlighted these concerns more articulately than i could ever hope to do.
take your pick.
Click your username at the upper right:
Turn on "showdead": showdead: yes. (defaults to "no")
There are a number of dead posts in this thread. I'd post some here (some of which don't appear to violate any HN guidelines, I'll note), but probably those same moderators would kill this one, too.
A channel was created on Telegram by a government propaganda journalist, where they basically dox every activist, posting their addresses, phone numbers, and other private details, at times when these details are actively used for beating people to near death. That's the only content that Telegram channel produces.
I was one of the people whose details were posted on that channel. My phone number, home address, etc., were posted there, along with the private details of tens of others. I contacted Telegram support multiple times, we mass reported the channel - not once have I gotten an answer, and the entire channel is still up, for nearly 4 months.
So, hearing that he's arrested for lack of moderation? Good. I'm very happy. Hope he learns a lesson.
EDIT: Country is Georgia
I mean that's not even pretending to 'protect and serve', unless we change subject from 'citizens' to 'ourselves'. I would expect such stories from say Russia or some parts of Africa, not champion of free world.
* NTLM/NTLMv1 enabled
* mDNS/llmnr/nbt-ns enabled
* dhcpv6 not controlled
* Privileged account doing plain LDAP (not LDAPS) binds or unencrypted FTP connections
* WPAD not controlled
* lights out interfaces not segregated from business network. Bonus points if its a supermicro which discloses the password hash to unauthenticated users as a design features.
* operational technology not segregated from information technology
* Not a windows bug, but popular on windows: 3rd party services with unquoted exe and uninstall strings, or service executable in a user-writable directory.
I remediate pentests as well as realworld intrusion events and we ALWAYS find one of these as the culprit. An oopsie happening on the public website leading to an intrusion is actually an extreme rarity. It's pretty much always email > standard user > administrator.
I understand not liking EDR or AV but the alternative seems to be just not detecting when this happens. The difference between EDR clients and non-EDR clients is that the non-EDR clients got compromised 2 years ago and only found it today.
What does this mean?
I also still rip audio CDs, but I don't compress with anything that isn't lossless. Hard drive space is super cheap nowadays, and FLAC is even supported natively in my browser.