They used to just hit http://localhost/:<various ports>/cc.png which connected to your Creative Cloud app directly, but then Chrome started blocking Local Network Access, so they had to do this hosts file hack instead.

Ok but adobe what if you didn’t portscan me either, please.

deleted by creator

If those data feeds were mostly generated from gmail inboxes, then they’d naturally never see messages already caught by google, skewing the data. This reads like marketing.

Depending on your field, your business may already have a cybersecurity department. There’s an endless parade of thankless grunt work to be done like patching (often after hours), following up with users whose machines didn’t patch for whatever reason, and so on. (With your manager’s permission) you may be able to reach out to them and volunteer to help with some of those tasks, as a way to dip a toe into that world and start learning.

Spent some time looking for ideas on how to do a security training (compliance requirement) that didn’t suck. Cribbing from some reddit posts, I think I’m going to give everyone a notecard with something like “Is Bob Bobson a client here”, have them pair up, and do a little phone conversation roleplay where one person is a visher trying to trick the other into revealing the piece of information, while the other person gets practice saying “No.” Seemed like a good way to let the staff dip a toe into thinking like an attacker.

Yeah to be clear, I do not recommend my method and I don’t think it’s a good allocation of mental resources. I’m just stubborn :P

FWIW, I use Diceware for password generation; it’s good at making memorable yet still random passphrases.

The prospect of putting all my passwords in one big juicy target has always made me nervous. I go to great lengths to just memorize everything, but damn if it doesn’t take a toll.

Please tell me you have backups of that flash drive

I think it’s fine if they act like highschoolers in a show for highschoolers. It just means that’s not a show that’s for me.

I think you’re selling DS9’s progressiveness short. The federation is portrayed as less progressive, but the message of the show itself is far more progressive than the norm; if anything, it makes the federation standins for moderate/centrist/liberals and calls them out for not being left enough.

“Matrix” is a pretty difficult-to-search name. What is it? Federated IRC?

Had to invoke our Data Transmission policy’s AI clause for the first time

Well, no one else comments in these threads, might as well.

Every email client I can think of off the top of my head blocks images by default. And I don’t see how that relates to your criticism of the whole idea of anti-phishing training

Clicking the link hypothetically confirms to the spammer that yours is a valid and monitored email address, and that you’re a sucker suitable for more targeted phishing.

Of course, it seems like every random user will also happily type their password into any text box that asks for it, too.

One time I failed a phishing test because I did a message trace and confirmed that it originated from our own internal servers.

Nuthin, furloughed.

Inventory management. Can’t secure what you can’t see etc

I guess that’s the orthodox interpretation, that it’s the eggs that were bad. But like, if you actually watch what he’s doing, he just vaguely pokes at them while they burn to the bottom of the pan, and then he serves them while they’re still liquid. And they don’t call him an accomplished cook, the closest anyone gets is elevator shaft saying “Ooh, a practiced hand!” in response to Riker pouring the eggs into a pan.