• 2 Posts
  • 72 Comments
Joined 1 year ago
cake
Cake day: July 9th, 2023

help-circle








  • Back in the day, using Windows was essentially a long series of fucking around with configurations and trying different workarounds to get things to “go”. The actual using of the computer was, in a way, secondary.

    Nothing has changed. Many many years ago I bought a used Apple to try it out and was just - astounded at how little I needed to mess with things to get them to do what I wanted. It was all in settings. That’s it.

    Watching Microsoft leap headfirst into full evil is just like watching the seasons change.




  • All that notwithstanding, Google cutting the check is a concession to the merits of the Antitrust Division’s case. As Lee Hepner put it, “If it wasn’t clear already, Google is acknowledging that actual monetary damages, even if trebled, are an insufficient deterrent for a trillion dollar entity to illegally maintain a monopoly.”

    There are a couple of things going on here. First, Google has an unlimited budget for its antitrust defense, and it also does an immense amount of product testing. It’s quite likely that it did mock trials in front of test juries, and found that the outcome probably wasn’t good. The judge in the case, Leonie Brinkema, has been pretty annoyed at Google, so it’s not a promising outcome if they go with a bench trial. But they will bet on the judge than a jury. Second, circuit courts are usually more reluctant to overturn a jury than a judge, so Google wants Brinkema to have to author an opinion that they can then try to overturn.






  • Yes, and they’re the company’s resources so they theoretically do what’s best for the company as opposed to hoping Google or (godforbid Microsoft) does it.

    The money gets paid either way, and if you have good people it’s often the right call to keep it in house but inevitably somebody read a business book last year and wants to layoff all the IT people and let Google handle it “for savings”. Later directors are amazed at how much money they’re spending just to host and use the data they used to have in-house because they don’t own anything anymore.

    There are still benefits - cloud DevOps tools are usually pretty slick, and unless your company has built a bunch of those already or is good about doing it, it might still be worth it in terms of being able to change quickly. But it’s still a version of the age old IT maxim to never own or build it yourself when you can pay someone a huge subscription and then sue them if you have to. I don’t like it, but it’s pretty much iron in the executive suite.

    As a result, IT departments or companies spend much more than half of their time - totalling years or decades - moving from whatever they were using to whatever is supposed to be better. Almost all of that effort is barely break-even if not wasted. That’s just the nature of the beast.





  • MITIGATIONS

    According to Leviathan, there are several ways to minimize the threat from rogue DHCP servers on an unsecured network. One is using a device powered by the Android operating system, which apparently ignores DHCP option 121.

    Relying on a temporary wireless hotspot controlled by a cellular device you own also effectively blocks this attack.

    “They create a password-locked LAN with automatic network address translation,” the researchers wrote of cellular hot-spots. “Because this network is completely controlled by the cellular device and requires a password, an attacker should not have local network access.”

    Leviathan’s Moratti said another mitigation is to run your VPN from inside of a virtual machine (VM) — like Parallels, VMware or VirtualBox. VPNs run inside of a VM are not vulnerable to this attack, Moratti said, provided they are not run in “bridged mode,” which causes the VM to replicate another node on the network.