I fixed the insecure method of updating credentials I used in this blurb yesterday. Now it's basically a one-liner, and it's not writing passwords to files.
Wrote this little tidbit because I spent far too long looking through complicated scripts for what should be a simple task.
LAPS. Learn it. Deploy it. Be happy.
Does anyone have a good link for how certificates work? I come across a lot of people who think they're black magic. I want to be able to give them some info to explain it.
Any suggestions on links/resources/presentations would be appreciated.
I found this one that seems ok as a start: https://blogs.msdn.microsoft.com/freddyk/2017/02/06/ssl-certificates-101/
I saw a novel way to calculate the Nth *day of the month, I decided to make it a more generic function.
Can we all agree to focus more on RCEs than local-only exploits? That's not to say that local-only things don't need fixing, but let's focus on the bigger issues.
I'm sick of hearing about Spectre/Meltdown (and variants) being the end of the world. Let's fix them, but let's stop pretending they're the most critical issue out there.
I've complained about systemd before, but this talk gives excellent perspective. Doesn't explain the security complaints, but still good perspective.
This is old, but it brings up a question.
How much of "good security practice" is just not being completely stupid? 90%? 95%?
We all know 2FA is important, but the type of 2FA matters.
In honor of @jerry, here's the July MS patch truck. Again.
Metadata updates, re-issues...I'm a little sick of trying to keep up with this shit-show.
Jack of all trades sysadmin (primarily Unix) with interest in security.
A Mastodon instance for info/cyber security-minded people.