Post AA7erd7IldVLWxO1Dc by sundog@hackers.town
(DIR) More posts by sundog@hackers.town
(DIR) Post #AA7cDlPmIRODm5tJSK by tek@freeradical.zone
2021-08-08T17:14:59Z
0 likes, 0 repeats
If I were committing to full-time #infosec for a long time to come, I’d go all in on red team. You get to turn it off and go to bed at the end of the day. Blue team is exhausting after a while.
(DIR) Post #AA7ccZsKKy4xE14pU0 by thegibson@hackers.town
2021-08-08T17:19:11Z
0 likes, 0 repeats
@tek you’re not wrong.
(DIR) Post #AA7cnhcDtpBQPsqiB6 by tek@freeradical.zone
2021-08-08T17:21:28Z
0 likes, 0 repeats
@TheGibson I’m watching all these talks on stuff we have to protect against. It seems like it’d be less stressful to see a kit full of new tools I could use, and only looking at the ones that seem fun to play with.
(DIR) Post #AA7cxWyGKXfaIaqPa4 by thegibson@hackers.town
2021-08-08T17:23:12Z
0 likes, 0 repeats
@tek red team gets old too for entirely other reasons.But yes, blue teaming is hard and requires a 24/7 TourDeForce.
(DIR) Post #AA7d1xHYRpuL3lyggy by rysiek@mastodon.technology
2021-08-08T17:24:02Z
0 likes, 0 repeats
@tek @TheGibson we need way better ways of supporting Blue Team efforts long-term. Capt. Obvious here, but burnout is a humongous problem.
(DIR) Post #AA7dPbiWHIY57vrvFo by tek@freeradical.zone
2021-08-08T17:28:20Z
0 likes, 0 repeats
@TheGibson @rysiek Fucking preach.
(DIR) Post #AA7ercagitPtto7yNs by mjd@hackers.town
2021-08-08T17:38:30Z
0 likes, 0 repeats
@thegibson @tek Also if you accidentally the purple team because there is no one else maybe you should get the fsck out.Internet: Please send this note to me 3 years ago.
(DIR) Post #AA7erd7IldVLWxO1Dc by sundog@hackers.town
2021-08-08T17:42:51Z
0 likes, 1 repeats
@mjd @thegibson @tek infosec raid positionsblue team - tankred team - DPSpurple team - squishy combat healer
(DIR) Post #AA7ezUbyH2P7T6Tt8S by rysiek@mastodon.technology
2021-08-08T17:43:56Z
0 likes, 0 repeats
@sheogorath @tek @TheGibson yup, but the difficulty in Blue Team relates to: - ever-growing complexity of digital environments - constant, insane rate of change (even if complexity levels stayed the same, the rate of change itself would do you in) - Blue Teams are not "sexy", hard to get funding for them (in media/NGO space), and hard to justify the expenditure to the higher-ups (in a company) - Blue Team work is never visible if all is going well, which makes justifying the cost even harder.
(DIR) Post #AA7ezV3yauo0rxaFmq by tek@freeradical.zone
2021-08-08T17:46:00Z
0 likes, 0 repeats
@rysiek @sheogorath @TheGibson Also:- The attacks. Never. Stop. There’s never a moment when everyone gets to relax.
(DIR) Post #AA7iHNyjyMg7yLM48W by rysiek@mastodon.technology
2021-08-08T17:48:33Z
0 likes, 0 repeats
@sheogorath @tek @TheGibson in some orgs there is an understanding that Blue Team is important and require funding, space, and management buy-in (so that policies are not just on paper).But even if that understanding is in the org, the funders (i.e. grant-givers) need to be on-board too. For companies it's just cost that gets passed on onto customers, but if a competitor is doing things on the cheap, how do you justify that?tl;dr industry incentives *across the board* must change, dramatically.
(DIR) Post #AA7iHOVM16lZbUc6yG by malte@anticapitalist.party
2021-08-08T18:21:55Z
0 likes, 0 repeats
@rysiek @sheogorath @tek @TheGibson it's almost as if we need to abolish capitalism 🤔
(DIR) Post #AA7iHOx0MIsszFYC4O by tek@freeradical.zone
2021-08-08T18:22:51Z
0 likes, 0 repeats
@malte @TheGibson @sheogorath @rysiek None of this would go away under another economic system though.
(DIR) Post #AA7iLE3wmYG6NPcaIK by thegibson@hackers.town
2021-08-08T18:23:31Z
0 likes, 0 repeats
@tek @malte @sheogorath @rysiek This is true, the motivations/incentives might change…
(DIR) Post #AA7iVID4DaK88Ogg8u by tek@freeradical.zone
2021-08-08T18:25:23Z
0 likes, 0 repeats
@sheogorath @rysiek @malte @TheGibson For example, if money disappeared today, people would still be hacking medical systems for power/blackmail reasons. “How can you trust ${leader} when they had to be treated for syphilis?”, or similar.
(DIR) Post #AA7j7X0HfBuB1LwRtY by malte@anticapitalist.party
2021-08-08T18:32:15Z
0 likes, 0 repeats
@tek @sheogorath @rysiek @TheGibson capitalism is more than just about "money". accumulation of power that is not money is still capitalism, as far as i'm concerned.and i can imagine societies in which those problems don't exist ¯\_(ツ)_/¯
(DIR) Post #AA7jITgaL4b7uswnxY by tek@freeradical.zone
2021-08-08T18:34:16Z
0 likes, 0 repeats
@sheogorath @malte @rysiek @TheGibson I can’t imagine a society where there aren’t at least some little assholes taking advantage of everyone else having their guard down. As long as those people exist, there’s going to be infosec.
(DIR) Post #AA7jYBdPDkmwZ4x1EG by malte@anticapitalist.party
2021-08-08T18:37:05Z
0 likes, 0 repeats
@tek @sheogorath @rysiek @TheGibson yes, there's always gonna be infosec. but we were talking about distribution of resources.and when we live in a society that is not structured around the wants and wishes of assholes, those resources may be distributed in ways that might disappoint assholes, but help everybody else live a chill life ¯\_(ツ)_/¯
(DIR) Post #AA7jcjzTQc04HBRcmG by tek@freeradical.zone
2021-08-08T18:37:56Z
0 likes, 0 repeats
@sungo It’s exhausting.
(DIR) Post #AA7oYDtfJFAdLsOQFs by mjd@hackers.town
2021-08-08T19:32:56Z
0 likes, 0 repeats
@tek @sungo It is. Which is why we need to help each other, and stay vigilant, and not be crushed by a single mistake. Because those are going to happen... and most of them you can't do a damned thing about because it isn't entirely your system/network/interwebz .