deleted

  • LoudWaterHombre@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    6 months ago

    The point is to get him to switch so you have peace in your network and don’t have to handle the shit show when someone else does it.

    • golden_zealot
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      6 months ago

      Yes I understand the intention, but in one of these scenario’s I’ve covered my ass legally and if something happens where the company gets ransomware for example, I likely get paid thousands of dollars in overtime restoring backups and the user ends up updating anyway, and in the other I can go to prison, lose my job, and never be able to use my time at that company as a reference on a resume let alone probably easily get a job again because now I have a criminal record.

      I know this because I have lived scenario A probably 6 times in my life.

      • LoudWaterHombre@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        6 months ago

        I know, I live those scenarios too, I said let some 4chan degenerate do the dirty work, get paid for fixing it and get your network in check - if you morally can’t handle that situation because of the data, then do it yourself and you can ensure that your boundaries are not crossed.

        Free pro tip: If you do it yourself, you still get paid to fix it ;D

        • golden_zealot
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          Yea I don’t trust the opsec of some random 4chan user to cover their tracks and therefore mine in that scenario.

          I’ll just take the option that guarantees I can’t go to jail and ruin my entire fucking life lol.

            • golden_zealot
              link
              fedilink
              English
              arrow-up
              1
              ·
              6 months ago

              Hmmm yes I suppose that is true.

              Nonetheless I’ll always opt for the course of action that has the smallest potential negative impact on my personal life.

                • golden_zealot
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  6 months ago

                  My counterpoint to that is that if you’re a good security professional, you wouldn’t take such risks because your entire job revolves around mitigating risks.

                  If you break into a network, or have someone do it for you, it’s very difficult to completely remove all evidence of that having occurred, and because there’s just so many variables, there will always be a non-zero percent chance of it being traced back to you.

                  Your company can hire an entire security firm of security professionals to look for this evidence. I don’t care who someone is or how good they are at their job, very few people, unless they have narcissistic personality disorder, would trust that their individual skill completely outweighs the combined skill of an entire team of people who do that every day as their occupation.

                  Furthermore, taking such extreme risks with ones future just screams that they have some mental problem which they should probably be talking to a professional about, because a typical person would consider taking any risk of being imprisoned for years for computer crimes too big of a risk.

                  • LoudWaterHombre@lemmy.dbzer0.com
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    6 months ago

                    With this argumentation, you could argue that a good security professional is not leaving the house, because the risk of something dangerous happening is definitely lower if he stays inside.