Nobody should directly have access to production, it should be controlled via CD flows which are gated on approvals from other team members or metrics.
I can see that being somewhat impractical in real life, but you’re not wrong.
In the ideal setup NotPetya would have been less of an issue for Mærsk should only have allowed whitelisted software to run on computers controlling critical infrastructure. It’s just a solution very few choose to deploy.
Either the malware modifies the finance software, and is executed as part of the finance software, but the checksum for the software is now different and can't run.
Or: The executable malware code is separate and only triggered by the finance software, which will fail to execute it, because the malware isn't a whitelisted application.
At any rate, the malware would never be able to escape beyond the finance software computers. This means that yes you could have some issues with invoicing, new orders and so on, but you most likely didn't have to shutdown ports, because the computers there aren't allowed to run the finance software.
Glad you brought this up. My day job involves finding malicious network traffic. DOH is really easy to detect because in suricata or bro/zeek you simply match new outbound connections with DNS responses. If you don't get a matching pair then you need to investigate why you have outbound traffic that is bypassing your DNS server. Note this is alpha stage code. I run this at home on all of my outbound traffic.
I respect your viewpoint. I look at it more as a modern form of "you can go outside to play when your homework is done". Parenting is really hard in March 2020. Many of us are working at home and our children are glued to their ipads watching who knows what on youtube. Many parents can't be 100% present during work hours.
Not a fair comparison. In common parlance, there are no other uses for "w/" than "with". Certainly "4" usually means 4.
(Edit: Turns out that if 80 is the limit, "for" would've fit. Hah.
$ len "Show HN: Encourage children to use the net more for learning with Pihole 5beta"
Length of 'Show HN: Encourage children to use the net more for learning with Pihole 5beta' is 78
...
I also would've left out "more" because... am I really wanting to encourage my kids to be on the net more than they are already?!
...
Perhaps something like "Show HN: Shape your kids online time with PiHole 5Beta"... but anyway cool project. It does shape things like Khan Academy as punishment / work, though. Like... If you only give your kids broccoli, they'll like broccoli. If you give them candy, then say "you can only have more candy after you eat 5 bites of broccoli", they'll f'ing hate broccoli and covet candy as their new god. But the real world is messy like that, eh? :-D )
For me, it is. I spend most of my day staring at code and I think that's caused me to have a strong cognitive switch between numbers and letters, at least with spaces around them.
As someone said in the reddit post..
If my daughter figures out how to install a kali vm and then gets a reverse metasploit shell on the server, I would be so proud I would probably cry.
Key though is corporate infosec is similar to home infosec. If the user has local admin access, then the user can change any configuration.
Pleasant surprise to see my post on the front page. I don't mention this in the original reddit post but the nodejs code comes from our 2016-2018 failed startup that at one point was invited to be on the TV show shark tank.
Dev (local administrator access ok, production access not ok)
Ops (local admin access not ok, production access ok)