I deploy so many of these things. I don’t even know what to say.
Fortinet as a security company is like asking a sieve to hold water.
The amount of cvss 10 scores show they’ve got the high score.
If they protect their own network with Fortigate devices no matter the utp atp whatever, they’ve probably been breached for a while.
Hard not to be cynical.
Yeah as a sysadmin I’d also like to ensure casual readers note that windows 11 22h2 is EOL in Ends in 4 weeks (08 Oct 2024).
https://endoflife.date/windows
Please don’t run windows without security patches. Every month there’s about 4 active exploited zero day security vulnerabilities finally getting their patch. https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2024-patch-tuesday-fixes-4-zero-days-79-flaws/
Each month past end of security patch releases just grows your exposure. On Windows and Linux alike.
Coming in Windows 11 24h2 is live patch, Microsoft’s catch up to Linux (a decade late).
The hand-etched apology will not appear on the company’s actual devices come global launch
Luckily the article addresses this.
Watched mentour pilot YouTube about this a bit ago. It’s just sad. I recommend the watch if you’re interested in the story.
I just asked google that exact question and it said “The current world population is 8,171,661,997”
I bet to Japanese people it’ll age weirdly with the references it kept making to politicians and actors of the time.
I really enjoyed it when it wasn’t trying to be a shonen jump anime. My favourite episodes like the Nabe Shogun bottle episode, or the several lazy animator episodes either with the drawing quality rock bottom or the paralysis with no animation at all.
I used to watch it on a service called something like animeftw or something that’s no longer around on an xbox xbmc setup. So much nostalgia when I see screen caps.
Hmm, so, policy in our office is a clean desk. Before you jump to conclusions, it’s because our secured area and office occasionally has people come through that should absolutely not see what information we have on our desks. This requirement is a compliance issue for our continued contracts and certifications.
Our work from home policy hasn’t addressed this issue, but it sounds like it’s a clear gap. Your neighbour coming around for a cup of tea absolutely should not be able to see any work related information.
My assumption is that someone has considered this kind of aspect and had a check to confirm that they’ve done diligence by asking you to reveal your working space. A space the companies sensitive information would be visible. Actually you too should maybe not be looking at your wife’s screen nor materials on her work desk. Depending on the situation.
Either way, policy comes first so perhaps her employment agreement or employee handbook would reveal more.
Why would I game in my office when my couch down stairs in front of a 70 inch TV is so much more comfortable and has no work available to do on it?
The messaging around this so far doesn’t lead me to want to follow the fork on production. As a sysadmin I’m not rushing out to swap my reverse proxy.
The problem is I’m speculating but it seems like the developer was only continuing to develop under condition that they continued control over the nginx decision making.
So currently it looks like from a user of nginx, the cve registration is protecting me with open communication. From a security aspect, a security researcher probably needs that cve to count as a bug bounty.
From the developers perspective, f5 broke the pact of decision control being with the developer. But for me, I would rather it be registered and I’m informed even if I know my configuration doesn’t use it.
Again, assuming a lot here. But I agree with f5. That feature even beta could be in a dev or test environment. That’s enough reason to know.
Edit:Long term, I don’t know where I’ll land. Personally I’d rather be with the developer, except I need to trust that the solution is open not in source, but in communication. It’s a weird situation.
Bleeping computer was blocking my vpn but that also sounds common. Not only is there heaps of controls through conditional access policies where you can use device compliance policies and mass download defender for office 365 rules to detect these things, Microsoft also allow a bunch of ways to circumvent that through publishing enterprise apps and leave it to you not to lose your keys. I use one such app a lot called pnp powershell so my powershell can access basically everything and do anything so I can script largely migrations and audits of those migrations into sharepoint. While I do remove that app at the end of my projects, most people just move on.
Of course pure speculation. It’s just not even hard to either footgun yourself, and fortinet have been known to be shooting themselves in the foot, even assuming they tried to put controls in, in the first place.
I’ll read the actual article when I get home to see how impacted I will be though. As a customer, seller and with certifications. Not to mention, maybe there’s something for me to learn about the whole thing anyway.