🇮🇹 🇪🇪 🖥

  • 0 Posts
  • 201 Comments
Joined 9 months ago
cake
Cake day: March 19th, 2024

help-circle
  • I like the idea of canaries in documents, I think is a good point but obviously it only applies to certain types of data. Still a good idea.

    Looking at OP, they seem a small shop, with a limited budget. Seriously the best recommendation I think is to use some kind of remote storage for data (works as long as the employee complies) and to make sure the access control is done in a decent way (reducing the blast of employee behaving maliciously). Anything else is probably out of reach for a small company without a security department.

    Maybe I sounded too harsh, that’s just because in this post I have seen all kinds of comments who completely missed the point (IMHO) and suggested super complicated technical implementations that show how disconnected some people can be from real technical operations, despite the good tech skills.


  • DLP solutions are honestly a joke. 99% of the case they only cost you a fortune and prevent nothing. DLP is literally a corporate religion.

    What you mentioned also makes sense if you are windows shop running AD. If you are not, setting it up to lock 1 workstation is insane.

    Also, the moment the data gets put on the workstation you failed. Blocking USB is still a good idea, but does very little (network exfiltration is trivial, including with DLP solutions). So the idea to use remotely a machine is a decent control, and all efforts and resources should be put in place to prevent data leaving that machine. Obviously even this is imperfect, because if I can see the data on my screen I can take a picture and OCR it. So the effort needs to go in ensuring the data is accessed on a need basis.


  • Jamf doesn’t do anything for this problem, besides costing you a fortune in both license and maintenance/operation. Especially if you are not a Mac shop.

    MDM at most can be used as a reactive tool to do something on the machine - as long as the one with the machine in their hand leaves the network connection on.

    There are much cheaper solution to do that for 1 machine, and -as others correctly pointed out- the only solution (partial) here is not storing the data on a machine you don’t control. Period.




  • Your ability to SSH in the machine depends on the network connectivity. Knowing the IP does nothing if the SSH port is not forwarded by the router or if you don’t establish a reverse tunnel yourself with a public host. As a company you can do changes to the client device, but you can’t do them on the employee’s network (and they might not even be connected there). So the only option is to have the machine establish a reverse tunnel, and this removes even the need for dynamic DNS (which also might not work in certain ISPs).

    The no-sudo is also easier said than done, that means you will need to assist every time the employee needs a new package installed, you need to set unattended upgrades and of course help with debugging should something break. Depending on the job type, this might be possible.

    I still think this approach (lock laptop) is an old, ineffective approach (vs zero-trust + remote data).



  • This is honestly an extremely expensive (in terms of skills, maintenance, chance of messing up) solution for a small shop that doesn’t mitigate at all the threats posed.

    You said correctly, the employee has the final word on what happens to the data appearing on their screen. Especially in the case of client data (I.e., few and sensitive pieces of data), it might even be possible to take pictures of the screen (or type it manually) and all the time invested in (imperfect) solutions to restrict drives and network (essentially impossible unless you have a whitelist of IPs/URLs) goes out the window too.

    To me it seems this problemi is simply approached from the wrong angle: once the data is on a machine you don’t trust, it’s gone. It’s not just the employee, it’s anybody who compromises that workstation or accesses it while left unlocked. The only approach to solving the issue OP is having is simply avoiding for the data to be stored on the machine in the first place, and making sure that the access is only for the data actually needed.

    Data should be stored in the company-controlled infrastructure (be in cloud storage, object storage, a privileged-access workstation, etc.) and controls should be applied there (I.e., monitor for data transfers, network controls, etc.). This solves both the availability concerns (what if the laptop gets stolen, or breaks) and some of the security concerns. The employee will need to authenticate each time with a short-lived token to access the data, which means revoking access is also easy.

    This still does not solve the fundamental problem: if the employee can see the data, they can take it. There is nothing that can be done about this, besides ensuring that the data is minimised and the employee has only access to what’s strictly needed.


  • Many encryption algorithms rely on the assumption that the factorizations of numbers in prime numbers has an exponential cost and not a polynomial cost (I.e. is a NP problem and not P, and we don’t know if P != NP although many would bet on it). Whether there are infinite prime numbers or not is really irrelevant in the context you are mentioning, because encryption relies on factorizing finite numbers of relatively fixed sizes.

    The problem is that for big numbers like n=p*q (where p and q are both prime) it’s expensive to recover p and q given n.

    Note that actually more modern ciphers don’t rely on this (like elliptic curve crypto).





  • sudneo@lemm.eetoTechnology@lemmy.worldWhat the hell Proton!
    link
    fedilink
    English
    arrow-up
    12
    ·
    2 months ago

    Encrypted DNS doesn’t solve everything. Handshake for TLS sessions is still in clear, you can usually see the SNI, and since we are talking about Wireless, usually this data is available to anybody who is in the vicinity, not just the network owner. This already means that you can see what sites someone is visiting, more or less. TLS 1.3 can mitigate some of this (for those who implement ESNI, but you don’t know that beforehand). Also TLS works until the user is not accepting invalid certificates prompts (HSTS doesn’t work for everything) and there are still tons of HTTP-based redirect (check mailing newsletters and see how many first send you to an HTTP site, for example) that can be used for MiTM attacks.

    A VPN moves the trust to a single provider that you can choose, which is much better than trusting every single WiFi network you can attach to and the people connected to it, I would say.

    Also if you pay for the VPN (I pay Proton), it’s not true that the company business is based on user data, they are based on subscriptions.




  • I read the post, hence my points. I am not really looking for answers, because I don’t have questions, I had observations. You on the other hand seem to have your whole opinion formed on this inaccurate post, and I would expect someone in your position to look for more perspectives, when you clearly are not. You seem instead on a crusade against the company (good for you), and even if all the post was true, because they spent too much on t-shirts, invested too much in AI products (that I repeat, are opt-in)? Because they don’t comply with a technicality of GDPR? Lol Ok, more power to you.

    Also, what I mean by a subscription is that I cancel it and I am done. I didn’t invest in it in any shape or form, what I paid I consumed already, there is no feeling of wasting previous investment in a running subscription.

    Judging from your attitude, your lack of content, your very annoying “homie”, your inability to address any point against the content of the article, I am guessing either you are the author and you are butthurt that is not taken as gospel, or you just have ulterior motives and you are here just to stir shit (instead of “spreading awareness”). Either way, I have already invested too much time writing responses to your silly comments. I will show you how good I am in avoiding the sunk cost fallacy and block you, despite the time invested in the conversation.

    Cya


  • I answered with more stuff in other comments, but you didn’t address any of that anyway.

    I personally have no brand faith, I am a happy customer and the moment the company doesn’t adhere to my principles I will dump it. There is no sunk cost as it’s a running subscription (you keep mentioning this, so I though I will say it).

    That said, if I see someone claiming they have a “blase” approach to privacy or they don’t care about it, I will point out that this is complete bullshit. Using the missing “download my data” feature to support this claim is outright pathetic.

    To be even more precise, as a socialist I don’t like many of Vlad’s ideas that tend towards libertarianism. That said, the company has a good amount of worker ownership, it operates on principles I currently respect and that are miles higher than the standard tech company. I am absolutely in favour of supporting positive business in a field where companies are disgusting on average, and in cases evil.

    Now, if you have anything else than childish arguments I am happy to discuss them. I have pointed to a number of inaccuracies in the article, there are outdated data (like the number of employees) and subjective views from the author. You are posting this article everywhere like it’s some kind of holy grail of gotchas, when it’s not. There are some good points (financial reporting exists, is not 100% transparent - which is not due, the amount spent for the t-shirts was IMHO not a great idea, etc.), but the fundamental points against the company are shacky at best. As I said elsewhere, all the shpiel about AI etc. is fully addressed in kagi own site where they clearly explain what they mean, for example. The features are actually pretty nice, even for someone like me who is not a fan of LLMs, and the results are quite accurate (the post author claims they are almost always wrong) from my experience.

    BTW my searches are unlimited :)




  • That article is quite dense with inaccurate information (e.g. they own a T-shirt factory), and a lot of guesses. There is no need to listen to a random guy idea about kagi’s AI approach when they have that documented on their site.

    Also, the “blase attitude to privacy” is because of a technicality of GDPR? (Not having the ability to download a file with your email address) I am a big fan of GDPR, and their privacy policy is the best I have seen (I read the pp of every product I use and I often choose products also based on it), so really I don’t care about the technical compliance to GDPR (I am not an auditor), but the substantial compliance.

    All-in-all, the article raises some good points, but it is a very random opinion from a random person without any particular competencies in the matter. I would take it for what it is tbh

    EDIT: To add a few more:

    • They achieved profitability (BTW, 2 years of operation and being profitable with 30k users, they really don’t know what they are doing /s)
    • Their price changed twice. It was raised once, and the change was reverted later on, with unlimited searches. For me that is a great sign, especially considering the transparency of telling exactly how much each search costs for them.

    Source: see https://blog.kagi.com/what-is-next-for-kagi (published ~1 month after the linked post).