![](/static/253f0d9b/assets/icons/icon-96x96.png)
![](https://lemmy.world/pictrs/image/db7182d9-181a-45e1-b0aa-6768f144911a.jpeg)
Because the Democrats have not had an actual majority since 2010. The closest they got was 2020-2022, but two senators ended up being traitors who were bought out.
Because the Democrats have not had an actual majority since 2010. The closest they got was 2020-2022, but two senators ended up being traitors who were bought out.
I’ve seen plenty of the usual suspects complaining that the IRA didn’t do enough despite it being the largest green energy bill ever passed.
There’s not one at all because it’s a violation of freedom of association in the 1st amendment.
Yes it is. That opportunity passed in 2022 when the Dems lost control of the House.
Ok, but to do this, the Dems would need a blowout election in their favor. They would need to retake the House and have a commanding lead in the Senate so that they can get this passed even with a couple turncoats.
Biden isn’t a fascist and neither are the people he appointed. Even if he gave an illegal order, it wouldn’t be followed because his administration isn’t stocked with incompetent lackies chosen for their loyalty alone.
Yes, that’s what happens when you give a party the slimmest margin of victory possible (50/50 in the Senate), and then 2 of the senators end up being corrupt traitors. His agencies have been making good decisions. I am not a young man and these last few years are the first time I’ve seen the federal government make actual pro-worker and pro-consumer decisions.
He’s accomplished more than Obama in half the time, not that that’s saying much.
Microsoft has always been like this. They’re a giant company with a bunch of silos that act independently and often undermine what each other are trying to accomplish.
What? There’s lots of reasons to complain about Microsft, but their legacy support is not one of them. Almost every product they make gets 10 years of support + 3 more if you pay for it. In comparison, Postgres only does 5, MySQL is 8, and Mongo is 3.
iPads actually do support multiple users. They just hide the ability to turn it on behind complex IT management tools that your average user would never be able to figure out.
It’s mostly the responsibility of the client to build defense in depth. If is a straight shot from your Solarwinds server to your ADFS server, where the SAML signing keys are stored, that’s your fault, not Solarwinds or Microsoft. Well, I would still blame Solarwinds, because they were encouraging horribly insecure practices, like doing “agentless” monitoring using a highly privileged account.
In this case, yes, not letting a SAML assertion signed by the ADFS server authenticate to Azure reduces defense in depth. But if you’re at the point where your authentication servers have been compromised, you’re already so turbo-fucked that it’s very unlikely a wall like that would stop an attacker for long.
USB devices have a hard coded vendor identifier and product identifier built into them that are issued from a central authority. The ones I saw were easily identifiable as not legitimate mice.
Oof, that was painful to read as someone in cybersecurity. I respect ProPublica, but they have no idea what they’re talking about.
The Solarwinds hack was caused by Solarwinds being absolutely god awful at cybersecurity. The password to their update server was “solarwinds123”, which we know because they accidentally published it in a public Github repo. The company is a complete and utter clown show.
As for Golden SAML, almost nobody in cybersecurity would consider it a vulnerability. It’s just a fundamental part of how asymmetric cryptography works. HTTPS suffers from the same issue. If your private key gets stolen and used to forge signatures, the problem is you not properly protecting it, not the technology requiring you to keep it secret.
A more valid complaint is that Microsoft has been neglecting their on-prem software in favor of Azure. There are tons of security features that they’ve added to Azure that will probably never make their way to ADFS or Exchange.
I’ve been the one identifying the people who use jigglers. Usually it was a manager coming to us to look for a reason to fire a poor employee or a contractor trying to bill a suspiciously large number of hours for the work produced. If it was just poor performance, HR would make us do a PIP and waste 3 months on them. Violating security procedures and falsifying time sheets was an immediate termination. And for the contractors, you need evidence in order to refuse payment.
Btw, if you want to get away with it, don’t use a software or USB one. Get one that interfaces with a regular mouse. Modern cybersecurity software logs every process executed and device connected.
There is no BIOS anymore. It’s all UEFI, which is massively fatter and more complex. Being fat and complex, they have plenty of security vulnerabilities that need to be patched.
Because the alternative is people getting compromised and getting their computer crypto locked, accounts stolen or their bank account drained.
That’s really only true if your target audience has the memory of a lead-addled boomer.
Problem with that is that it really only covers the keys sitting on a nightstand situation. You could still get your car stolen while you’re shopping or in a restaurant.
Do you people really not realize that the Republicans control the House?