Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Cup Runneth Over
Aug 8, 2009

Life's too short to worry
Life's too long to wait
Life's too short not
To love everybody
Life is too long to hate




Fame Douglas posted:

The extension works fine in private browsing mode, at least on Chrome-based browsers. You probably need to enable this setting


Nope. It's not running in a private browsing window that's breaking it, it is running with the browser set to "always use private browsing mode." Apparently the way they built the extension for 7 crumples like a paper towel if you do that, even if you have the app open. Worked fine with 4.

Internet Explorer posted:

That's odd. Never had an issue with it working in incognito mode in Chrome.

Is there something else you hate about it, or are you just saying it sucks in Firefox in private browsing mode?

No, just venting frustration in making the switch from 4 to 7. My habits

Adbot
ADBOT LOVES YOU

Fame Douglas
Nov 20, 2013

RELY NOT ON MY HONOR!!! FOR WHEN I OFFER MY WORD OF BOND, I TAKE NOT THAT VOW TO HEART!! CASUALLY, I BRING SHAME TO MY HOUSEHOLD AND RUIN TO THOSE WHO RELY ON MY COMMITMENT, BY SHIRKING MY AVOWED DUTY

Cup Runneth Over posted:

Nope. It's not running in a private browsing window that's breaking it, it is running with the browser set to "always use private browsing mode." Apparently the way they built the extension for 7 crumples like a paper towel if you do that, even if you have the app open. Worked fine with 4.


No, just venting frustration in making the switch from 4 to 7. My habits

Are you still using the classic extension? That doesn't work all that well, try the modern 1password x extension instead, that might alleviate the problem https://addons.mozilla.org/en-US/firefox/addon/1password-x-password-manager/?src=search

Or try the Classic extension if its the other way around, that one might work for your unusual workflow:
https://app-updates.agilebits.com/download/OPX4?browser=firefox

Cup Runneth Over
Aug 8, 2009

Life's too short to worry
Life's too long to wait
Life's too short not
To love everybody
Life is too long to hate




Fame Douglas posted:

Are you still using the classic extension? That doesn't work all that well, try the modern 1password x extension instead, that might alleviate the problem https://addons.mozilla.org/en-US/firefox/addon/1password-x-password-manager/?src=search

Or try the Classic extension if its the other way around, that one might work for your unusual workflow:
https://app-updates.agilebits.com/download/OPX4?browser=firefox

Nope, I was using the new one. But no worries, I figured out a workaround that still does what I want.

Cup Runneth Over
Aug 8, 2009

Life's too short to worry
Life's too long to wait
Life's too short not
To love everybody
Life is too long to hate




https://twitter.com/moxie/status/1384908290115739649

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

https://twitter.com/nixcraft/status/1384991220846403587?s=20

Cabbages and Kings
Aug 25, 2004

shall we be trotting home again?




I came here to post this. This is super worth the read and is also one of the funniest things I've read all month, the wink-wink nudge-nugde "fell off a truck" and the parting paragraph are loving fire.

Space Gopher
Jul 31, 2006

BLITHERING IDIOT AND HARDCORE DURIAN APOLOGIST. LET ME TELL YOU WHY THIS SHIT DON'T STINK EVEN THOUGH WE ALL KNOW IT DOES BECAUSE I'M SUPER CULTURED.


Also, if you haven’t watched the video... watch the video.

Tryzzub
Jan 1, 2007



Mudslide Experiment

https://twitter.com/FireEye/status/1384519495394500613?s=20

gently caress you pulse secure for:
1. not having a patch released yet
2. paywalling your tool and workaround for this

Absurd Alhazred
Mar 27, 2010

I'm the babyliberal, gotta love me!


https://twitter.com/campuscodi/status/1385089083798691843

Never Be Antivirusing

Wiggly Wayne DDS
Sep 11, 2010





it's used in the second-stage as EoP not as the initial vector, tip of the iceberg as far as AV vulns go

BaseballPCHiker
Jan 16, 2006



Cabbages and Kings posted:

I came here to post this. This is super worth the read and is also one of the funniest things I've read all month, the wink-wink nudge-nugde "fell off a truck" and the parting paragraph are loving fire.

Yeah this was fantastic, well worth a read for anyone.

SMEGMA_MAIL
May 4, 2018


THUNDERDOME LOSER 2021





BaseballPCHiker posted:

Yeah this was fantastic, well worth a read for anyone.

Came here to post that loving lol.

So glad that these Stasi for hire creeps keep having terrible security.

I’d like them to go prison or the ground for the political prisoners they’ve helped get killed, jailed or tortured but it’s a good start.

Harik
Sep 9, 2001

From the hard streets of Moscow
First dog to touch the stars




Plaster Town Cop

SMEGMA_MAIL posted:

Came here to post that loving lol.

So glad that these Stasi for hire creeps keep having terrible security.

I’d like them to go prison or the ground for the political prisoners they’ve helped get killed, jailed or tortured but it’s a good start.
Big fan of the wink-wink-nudge-nudge "hey defense lawyers, you can get all that digital forensic evidence tossed since it's all tainted now."

AlternateAccount
Apr 25, 2005
FYGM

Harik posted:

Big fan of the wink-wink-nudge-nudge "hey defense lawyers, you can get all that digital forensic evidence tossed since it's all tainted now."

Assuming you actually get a trial and representation.

tango alpha delta
Sep 9, 2011

Ask me about my wealthy lifestyle and passive income! I love bragging about my wealth to my lessers! My opinions are more valid because I have more money than you! Stealing the fruits of the labor of the working class is okay, so long as you don't do it using crypto. More money = better than!


holy poo poo, Broadcom just upgraded my little home network endpoint protection to Symantec Enterprise because Small Business Edition was EOL.

lol, this is absolute overkill for a home network; it's actually meant for up to twenty thousand clients.

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

tango alpha delta posted:

holy poo poo, Broadcom just upgraded my little home network endpoint protection to Symantec Enterprise because Small Business Edition was EOL.

lol, this is absolute overkill for a home network; it's actually meant for up to twenty thousand clients.

Meanwhile everyone is abandoning SEP.

tango alpha delta
Sep 9, 2011

Ask me about my wealthy lifestyle and passive income! I love bragging about my wealth to my lessers! My opinions are more valid because I have more money than you! Stealing the fruits of the labor of the working class is okay, so long as you don't do it using crypto. More money = better than!


CommieGIR posted:

Meanwhile everyone is abandoning SEP.

Do you have a link to a recent article for this? A quick Google gives me a bunch of negative reviews from around 2008.

e:more recent reviews suggest that SEP is still pretty good, but there's a lot of skepticism regarding the new owner. There seem to be a LOT of questions regarding Broadcom and how they are going to manage SEP going forward.

tango alpha delta fucked around with this message at 00:01 on Apr 23, 2021

Mustache Ride
Sep 11, 2001






A lot of enterprises are ditching boutique AV venders and going with Defender and an EDR solution.

Because, hey, Defender finds everything SEP finds and is included in the E3 licenses every enterprise has.

The Fool
Oct 16, 2003



Mustache Ride posted:

A lot of enterprises are ditching boutique AV venders and going with Defender and an EDR solution.

Because, hey, Defender finds everything SEP finds and is included in the E3 licenses every enterprise has.

Defender in E3 doesn’t have any of the org wide reporting features an enterprise is going to want. you basically need to be willing to get E5 for everyone to do that.

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

tango alpha delta posted:

Do you have a link to a recent article for this? A quick Google gives me a bunch of negative reviews from around 2008.

e:more recent reviews suggest that SEP is still pretty good, but there's a lot of skepticism regarding the new owner. There seem to be a LOT of questions regarding Broadcom and how they are going to manage SEP going forward.

Ehhhh, they still do antivirus okay, but they are largely behind in times in detection methods and are still doing largely signature based detections. It tends to be easier to get around than Defender even.

droll
Jan 9, 2020


Crowdstrike saved our rear end. Defender didn't stop poo poo.

Diva Cupcake
Aug 15, 2005



The Fool posted:

Defender in E3 doesn’t have any of the org wide reporting features an enterprise is going to want. you basically need to be willing to get E5 for everyone to do that.

E3+Security here. Defender for Endpoint owns if you’re heavily into 365 ecosystem anyways. We still have Symantec DLP but that will eventually go away as well.

Sickening
Jul 15, 2007

Black summer was the best summer.

droll posted:

Crowdstrike saved our rear end. Defender didn't stop poo poo.

What was the scope of the problem? I feel like if endpoint protection is saving your rear end, huge issues are present.

AlternateAccount
Apr 25, 2005
FYGM

SEP seems to be stepping up the aggression, and resultant also positives, on thin “reputation” based flags, etc.

BaseballPCHiker
Jan 16, 2006



I use SEP at my current gig. It works well enough I suppose.

Maybe this is the wrong attitude for someone working InfoSec, but its fine. The reporting and management works well enough for us and I dont really care to look into it anymore. Its just another layer of security. We dont have E3 licensing so Defender isnt an option for us. Im sure its also fine.

We do actually have the resources though to have people follow up on detections in SEP, see how the detections were triggered, how they were delivered, what the malware was trying to do, etc. I think just having the man hours to do that follow up work makes SEP work well for us.

SMEGMA_MAIL
May 4, 2018


THUNDERDOME LOSER 2021





I’m very much a beginner but I’ve messed around by modifying various reverse shells and testing them out with AVs and defender consistently flagged them more than any other.

Again I’m not doing anything sophisticated besides just taking common tools and changing inconsequential lines of code but as far as ordinary threats go it seems pretty good.

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

BaseballPCHiker posted:

I use SEP at my current gig. It works well enough I suppose.

Maybe this is the wrong attitude for someone working InfoSec, but its fine. The reporting and management works well enough for us and I dont really care to look into it anymore. Its just another layer of security. We dont have E3 licensing so Defender isnt an option for us. Im sure its also fine.

We do actually have the resources though to have people follow up on detections in SEP, see how the detections were triggered, how they were delivered, what the malware was trying to do, etc. I think just having the man hours to do that follow up work makes SEP work well for us.

Crowdstrike is replacing our SEP, and so far its been a major improvement.

Cup Runneth Over
Aug 8, 2009

Life's too short to worry
Life's too long to wait
Life's too short not
To love everybody
Life is too long to hate




Sickening posted:

What was the scope of the problem? I feel like if endpoint protection is saving your rear end, huge issues are present.

I mean, defense in depth. If Crowdstrike saved your rear end, it saved your rear end, period.

Sickening
Jul 15, 2007

Black summer was the best summer.

Cup Runneth Over posted:

I mean, defense in depth. If Crowdstrike saved your rear end, it saved your rear end, period.

Agree to disagree. That is why I mentioned scope. Saving a laptop from being owned? Cool but not spectacular, not what i would call "saving our rear end" and what I would expect most endpoint protection services to do. It being the only thing between you and your infrastructure melting down? ehhhhhhhhhhhhh.

My point is that you are fighting symptoms, not fighting the actual problem if your endpoint is "saving your rear end".

Cup Runneth Over
Aug 8, 2009

Life's too short to worry
Life's too long to wait
Life's too short not
To love everybody
Life is too long to hate




Sickening posted:

It being the only thing between you and your infrastructure melting down?

not sure you know what defense in depth means

https://en.wikipedia.org/wiki/Defense_in_depth_(computing)

Sickening
Jul 15, 2007

Black summer was the best summer.


I know what it means. Again, if your endpoint protection is "saving your rear end" I would wager you don't have the depth you think you do.

SMEGMA_MAIL
May 4, 2018


THUNDERDOME LOSER 2021





Why are you taking what he clearly meant as hyperbole literally

The Fool
Oct 16, 2003



Get away with that voice of reason, get away

Martytoof
Feb 25, 2003

 
 




SMEGMA_MAIL posted:

Why are you taking what he clearly meant as hyperbole literally

https://www.youtube.com/watch?v=3LAnmnS0-9g

AlternateAccount
Apr 25, 2005
FYGM

His rear end, his literal meat rear end, was connected somehow to the laptop, I assume via a second interface and a crossover cable with no firewall or other device.

Martytoof
Feb 25, 2003

 
 




That's not how you blackhole traffic at ALL :|

Volmarias
Dec 31, 2002


AlternateAccount posted:

His rear end, his literal meat rear end, was connected somehow to the laptop, I assume via a second interface and a crossover cable with no firewall or other device.

That's not where the crossover cable plugs into, bud. It's in the name.

Defenestrategy
Oct 24, 2010

Worst decision I ever made.


Volmarias posted:

That's not where the crossover cable plugs into, bud. It's in the name.

Why is there a cable for chevy crossovers?

Cup Runneth Over
Aug 8, 2009

Life's too short to worry
Life's too long to wait
Life's too short not
To love everybody
Life is too long to hate




https://twitter.com/zackwhittaker/status/1385681726580613121

Adbot
ADBOT LOVES YOU

The Iron Rose
May 12, 2012

Cat Army


I still don’t know what “industry vertical” means. Isn’t it literally just the industry type? Could you not just say “industry”? Why in god’s green earth do we call powerpoints decks????


These are the questions that keep me up at night.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply