|
You could say that about any CA though. At least letsencrypt is open and uses really short lifetimes for their certificates.
|
# ¿ Apr 7, 2016 09:33 |
|
|
# ¿ Apr 18, 2024 06:57 |
|
SeismicTriangle posted:anyone here come from military background? im currently about to enlist for this. People are saying it will be pretty easy to transition to a civilian career afterwards, just wondering if thats true from your perspectives and anything else you'd like to share. I dont really know anything about infosec/networks atm and school is only 6mo long so i have my doubts about those claims I wasn't military but I used to work with CTNs and the other branch equivalents on the DoD civilian side. You'll gain a lot of exposure to things like pentesting that will make you employable in infosec as a civilian, but like hobbesmaster said the biggest thing is that you will end up with a TS/SCI clearance. This means that the civilian companies that will want to employ you the most will be defense contractors. Infosec is really broad so you will have other options, but having the clearance is basically a golden ticket to a large paycheck if you stick with government contractors. And no you won't be stuck just doing help desk/IT stuff in the civilian world. Whether or not you will be the bad guy really depends on how you feel about the US military industrial complex. The NSA would be a potential duty station for a CTN, so again it depends on your personal opinions.
|
# ¿ May 23, 2017 01:03 |
|
myron cope posted:I just did the algo deploy to DigitalOcean (actually I'd done it before, destroyed that droplet for Streisand today, then went back to algo). Am i really supposed to just create a new server instead of updating it? The FAQ seems to suggest that. If you set it up with the security enhancements role it will use the unattended-upgrades package so you get the automatic ubuntu security patches and so on (essentially what you get from doing apt-get upgrade without needing to ssh in and do it yourself). But as far as upgrading algo itself, yes you are supposed to just squash your server and re-deploy the newer version of algo.
|
# ¿ Oct 23, 2017 01:42 |
|
So the NSA is finally declassifying their internal reverse engineering tool: https://www.rsaconference.com/events/us19/agenda/sessions/16608-come-get-your-free-nsa-reverse-engineering-tool It's great that there might finally be a real viable alternative to IDA Pro. It's been ~6 or 7 years since I last used ghidra, but even a gimped/redacted public build should still be better than pretty much anything currently available right now other than IDA (although I've never tried binary ninja), and IDA's pricing is what it is. I'm real interested in seeing what ghidra modules they'll actually be releasing.
|
# ¿ Jan 4, 2019 05:49 |
|
Free IDA is at least decent now, and being usable at all is a huge upgrade from the prior free version. But being x64 only, no debugger, and no scripting/plugin support are all still pretty big drawbacks.
|
# ¿ Jan 6, 2019 02:42 |
|
Ghidra is out now: https://ghidra-sre.org/ https://twitter.com/RGB_Lights/status/1103019876203978752
|
# ¿ Mar 6, 2019 02:15 |
|
|
# ¿ Apr 18, 2024 06:57 |
|
Absurd Alhazred posted:Has anyone here tried out NSA's Ghidra? It's good. IMO, the lack of a debugger is the only thing holding it back from being a complete IDA replacement right now (and supposedly there is a debugger coming at some point down the road). I'm sure there are cases where hexrays does a better job decompiling something better than Ghidra (and vice-versa) but I haven't run into anything that Ghidra has handled significantly worse than IDA. also for whatever reason, Ghidra performs better than IDA on my machine but ymmv.
|
# ¿ May 3, 2019 01:46 |