....oooooooh boy:
@cigarBGuitarEfx People who don't disable the ability to turn off the AV shouldn't administer networks and systems
@brandon the user can disable AV? wtf?
@steckerhalter Yeah, rookie move on the administrator's part ;)
FTFY
@brandon Yep, that's the reason why automatic malware detection can never replace training users. As long as the user has no clue that an email can be faked easily to look like something official, they will go to great lengths to read it despite any automated warnings.
It's the same with physical safety measures: As long as users don't fully grasp why they were installed in the first place, they will find ways to disable them.
@colomar I've found this to be entirely true. I had a user plug their case-open sensor with gum because it "made a funny sound when it booted up". Turns out he had bent open the case once while there was a padlock on it...
@brandon
This reminds me of when I use to do dlp. A ticket came in asking why someone wasn't getting their email ans it was a screenshot of the popup saying the email was blocked for sending pii. In the ticket they put that they regularly send an excel sheet with 10s of thousands of social secuirty numbers to a 3rd party so they dont know why it isnt working, so they used their Armstrong email to send it
@frickhaditcoming ....the ignorance is thick like molasses here oh my god. What the fuck XD
@brandon
don't worry it was just retail banking account info from one of the 5 largest banks in the world. No big deal. Their dip heirarchy was also a 600k+ row CSV managed by a vbscript
@frickhaditcoming oooooooooh it was a bank you say? That makes it so much better XD
Although I'm not surprised it's managed by vbscript. Banks are almost universally behind when it comes to computing
@brandon
They only do.something if there is a federal regulation and then only do it for that area. Oh its only required in the EU? Well it wouldn't make sense to do it in NA, Asia, and Africa. Also this is after their lawyers review it and find the absolute minimum that they can wiggle in to maybe fit the words written down
@frickhaditcoming @brandon one of my first tech support issues (before I was an actual paid I.T. person) was at GTE - main HQ, long before Verizon days. Guys new Windows 3.11 computer stopped working. I talked to him, verified the issue. Seems he was used to Macs, and when he first got on Windows he pulled up a list of files in DOS. Then he pulled up a list of files on Windows file manager. "WTF? Why do I have TWO COPIES of everything?" So he deleted one copy.
I did not laugh in his face...
@donblanco @frickhaditcoming My face when I encounter this kind of ignorance
@brandon
I just walked to a coworker about this and he said there use to be a department that would print out word docs, box them up, office mail them.to another department, and scan them in because dlp blocked the email of the files. I swear to fuck im not making this up
@donblanco
Now, if this was a government facility sending docs to another government facility across the country, I might be more understanding...but wtf lmao
This is going in the podcast ๐
@brandon
Apparently they were granted an excpetion because they were allowed to share physical documenets but not explicity allowed to share the same digitally
@donblanco
@frickhaditcoming ....that makes absolutely no sense...
@brandon
No it does because they follow literally what is written on paper with no consideration ti what it means. So it it says you cant send emails with documents with say more than 10 ssns it doesn't say anything about deliverig physical documenets.
@frickhaditcoming Oooh, it forbode the sending of the electronic documents explicitly in this case. I thought it was the explicit allowance of physical documents
@brandon
Yep the dlp requirement was only for digital so they were allowed to use physical. Lawyered
@frickhaditcoming haha great use of the word Lawyered ๐
@brandon
People that don't know anything about computers shouldn't use Windows.