Wauw! So many answers in such a short time. Thanks all! 👍 (I will not spam the channel by sending a thank you to all but this is really greatly apriciated)
Concerning ncurses. I did hear of it but never looked at it myself.
What is not completely clear for me. I know you can use it for 'low-level' things, but does it also include 'high-level' concepts like windows, input fields and so?
The blog mentioned in one of the other posts only shows low-level things.
As I mentioned earlier, I guess chrome is more like android where you have a much more strict seperation between the OS, applications and user data.
(I remember reading about all the different partitions on android and what they are used for, but I should bruch up my knowledge on this).
Just watched some videos on btrfs. I start to understand the conceps.
Perhaps I should also look into how exactly
On windows and the "recovery partion". I guess what you say is that it should always be possiblity to boot in some kind of system, but it will not happen automatically as there is no way for a system to detect that the system completely hangs.
Thinking about it. It kind of strange.
Embedded systems have watchdog interrupts that get fired if the system hangs (i.e. if it does not provide a "yes, I still live" signal every "x" milliseconds).
Does a PC not have something similar?
What is interesting is the comment made in the video on how chromebooks do software upgrades with dual "OS" disk-partitions and the ability to rollback to the previous OS-partition.
Question: is something like this also possible on one of the major linux distros? (debian, ubuntu, rocky, ...)
What would be the procedure to do this kind of "dual partition" system-upgrade?
(*) a great video that explained some of the technical details in a very clear way, including some very interesting 'lessons learned' and "what if"s
If you ever need to explain crowdstrike to your manager, this video is a good start.
This is a typical mail a phishing campaign would send out, and we have already said to people "never believe this kind of messages. They are all fake.
Now, if a genuine company sends out mails with a genuine gift-cards (what the article on techcrunch seems to indicate) .. this is NOT helpfull at all!!!
And that comming from a cybersecurity company (rolling-eyes)
If you get your domain from OVH, you get one single mailbox (be it with a lot of aliases, like a different email-address for every service/website you use) for free.
What is your 'deleted files' policy? How long do you keep them?
I had a similar issue but then found out that the nextcloud cron-process wasn't running so files in the 'deleted files' folder where never really deleted.
"the biggest thread to the safety and cybersecurity of the citizens of a country ... are managers who think that cybersecurity is just a number on an exellsheet"
(I don't know where I read this, but I think it really hits the nail on the head)
I have been looking into a way to copy files from our servers to our S3 backup-storage, without having the access-keys stored on the server. (as I think we can assume that will be one of the first thing the ransomware toolkits will be looking for).
Perhaps a script on a remote machine that initiate a ssh to the server and does a "s3cmd cp" with the keys entered from stdin ?
Sofar, I have not found how to do this.
On the other hand, most of the disaster senarios you mention are solved by geographic redundancy: set up your backup // DRS storage in a datacenter far away from the primary service.
A scenario where all services,in all datacenters managed by a could-provider are impacted is probably new.
It is something that, considering the current geopolical situation we are now it, -and that I assume will only become worse- that we should better keep in the back of our mind.
Looking at it from a infosec point of view, cloud-providers are an ideal target.
All the customers who have just lost all their data now complaining to the cloud-provider are the ideal pressure-mechanism to get the cloud-provider to pay out.
In this case, it is not you -as a customer- that gets hacked, but it was the cloud-company itself.
The randomware-gang encrypted the disks on server level, which impacted all the customers on every server of the cloud-provider.
The issue is not cloud vs self-hosted. The question is "who has technical control over all the servers involved".
If you would home-host a server and have a backup of that a network of your friend, if your username / password pops up on a infostealer-website, you will be equaly in problem!
Well, the issue here is that your backup may be physically in a different location (which you can ask to host your S3 backup storage in a different datacenter then the VMs), if the servers themselfs on which the service (VMs or S3) is hosted is managed by the same technical entity, then a ransomware attack on that company can affect both services.
So, get S3 storage for your backups from a completely different company?
I just wonder to what degree this will impact the bandwidth-usage of your VM if -say- you do a complete backup of your every day to a host that will be comsidered as "of-premises"
Wauw! So many answers in such a short time. Thanks all! 👍 (I will not spam the channel by sending a thank you to all but this is really greatly apriciated)
Concerning ncurses. I did hear of it but never looked at it myself. What is not completely clear for me. I know you can use it for 'low-level' things, but does it also include 'high-level' concepts like windows, input fields and so?
The blog mentioned in one of the other posts only shows low-level things.