Post AdiGkxvtsfuxDbkCBc by oxyhyxo@mastodon.bsd.cafe
 (DIR) More posts by oxyhyxo@mastodon.bsd.cafe
 (DIR) Post #Adi8QcmS13nKBs77RI by stefano@mastodon.bsd.cafe
       2024-01-10T18:16:26Z
       
       0 likes, 0 repeats
       
       Last email of the day, unfortunately, similar to others received in the past: 'You've installed OpenVPN on our server, but our security procedures don't mention it. To be compliant, you should install a PPTP server, which we consider secure.'  Of course, I'm not going to do this.There's not much to do: the network will always be a sea of insecurity as long as we deal with certain procedures, rigid mindsets, and security manuals written when those graduating today probably weren't even born yet... #OpenVPN #PPTP #Infosec #IT  #NetworkInsecurity
       
 (DIR) Post #AdiA07f1IQgS3M82c4 by mario@hachyderm.io
       2024-01-10T18:34:02Z
       
       0 likes, 0 repeats
       
       @stefano how easy is it to push back when you get requests like this?
       
 (DIR) Post #AdiAMTOz8vOVqzHo2q by fluxwatcher@mastodon.social
       2024-01-10T18:38:01Z
       
       0 likes, 0 repeats
       
       @stefano Sounds terribly familiar when Microsoft Servers are involved 🤦‍♂️
       
 (DIR) Post #AdiBmRmdsmzOJkIi7k by stefano@mastodon.bsd.cafe
       2024-01-10T18:54:00Z
       
       0 likes, 0 repeats
       
       @mario It depends on the specific situation. If I have a good and established relationship with the client, I kindly refuse while pointing out the issue. When the relationship is (as in this case) indirect, where I am working for a client's client, I simply provide some links that demonstrate the insecurity of the proposed solution and emphasize that, for professional ethics, I cannot implement solutions already considered so insecure. Usually, it gets resolved without significant problems. Sometimes, they may insist, but no one can compel me to do such a thing, especially when they are ready to shift the responsibility for any problems that may arise onto me
       
 (DIR) Post #AdiDTJQ6xALCmjlWi0 by stefano@mastodon.bsd.cafe
       2024-01-10T19:12:58Z
       
       0 likes, 0 repeats
       
       @fluxwatcher Some people seem to venerate everything that's related to Microsoft. I don't understand how people can be so blind just because of a name (no, I've never been a fanboy of anything)
       
 (DIR) Post #AdiGEFZ5IwfILZTL4C by oxyhyxo@mastodon.bsd.cafe
       2024-01-10T19:43:50Z
       
       0 likes, 0 repeats
       
       @stefano I can remember setting people up with PoPToP back in the late 90’s.Then moving those same people to OpenVPN in the early 2000s. How on Earth are people still recommending PPTP in 2024?
       
 (DIR) Post #AdiGWJVFOx51m0I5a4 by stefano@mastodon.bsd.cafe
       2024-01-10T19:47:06Z
       
       0 likes, 0 repeats
       
       @oxyhyxo They miss the 1990s, I guess...
       
 (DIR) Post #AdiGkxvtsfuxDbkCBc by oxyhyxo@mastodon.bsd.cafe
       2024-01-10T19:49:46Z
       
       0 likes, 1 repeats
       
       @stefano I miss the 90s too but I don’t miss PPTP