You know what that is, it's the stuff that forgets everything once the power is disconnected. ![]() I wasn't expecting hard drives to be included, but every damn one of the computers was stripped of RAM too. It looked like someone went points shopping and scored HUGE. One corporation donated TONS of computers! Monitors, printers even a few serverstoo. The word went out to the local area, "Bring all your old computers here, and they will be used to educate the children of the future". ![]() I volunteered at a local school system quite a few years ago to try to teach their caffeinated spawns of Satan something about computers. Your security team is flushing value down the toilet over the smallest possible chance of compromise.) not without physical destruction of the device or other evidence of tampering. (*as with anything else, yes, I'm sure it's possible somehow, but 1. ![]() But no, instead of asking the right questions, doing proper research, and doing a proper risk analysis, we're going to use something inferior. We need the best security we can possibly get, especially in an age where so many peoples' personal data is being collected and stored. ![]() They are throwing away both a massive capital investment, and quite literally (when used properly) the best tool they have against both phishing and lateral movement in their network, because they fail to adequately understand what they are working with and do a proper risk assessment. To me this would be a whistleblower moment for higher-ups. It is not possible* for someone to alter the code on a YubiKey once it has been programmed and sealed at the factory. Then I have to say as a fellow tinfoil-hat wearer that your security team is really not smart, or really doesn't understand the YubiKey.
0 Comments
Leave a Reply. |