You would have a point if the exploit were more serious, and looked harder to fix than it does.
As is, this is a phishing type variant that it’s not at all clear gatekeeper was even designed to stop. However, the default behavior described (especially making symlinks to NFS shares without any sort of warning or special graphic when following them in Finder) seems sufficient for forceful language when complaining about it to Apple / giving a disclosure deadline then publishing.
Maybe your experience is “another interesting perspective worth writing about or considering” and not a refutation of the author’s experience and her conclusions about what it meant.
My original comment wasn't intended as refutation of anything. It was intended to offer a broader perspective on her piece.
She waited 18 months to say publicly what she thought about it. She's still quite young and 18 months is not a lot of time in the grand scheme of things.
I'm 53. I had an affair in my twenties. I then read as much research as I could get my hands on.
Some common themes:
People frequently are unfaithful while physically separated from their spouse. It's a common feeling that it somehow doesn't count if you are far apart. In fact, some people use that stance as justification to have an ongoing long distance affair.
Affairs are common in stressful situations. When things are overwhelming, humans have a weird habit of reaching for a smidgen of distraction and comfort amid the chaos.
Although popular opinion is that affairs ruin relationships, cause and effect almost always runs the other direction: Affairs don't kill relationships. Instead, relationships in their death throes foster affairs.
I generally consider 18 months to not be a whole lot of time to gain perspective on international and cross cultural experiences. Cultures and nation's tend to be far older than the individuals in them and it can take quite a long time to digest the intersection where two such things meet in one person's life and, unfortunately, all too often grind on that specific individual.
I for one appreciated your original comment - thanks for sharing your experience and perspective. It's a good point, that culture shock and dissonance, growing up and being humbled by the unreasonable chaos of the real world, are important aspects of what the author of the article lived through.
The phrase "cult-like atmosphere" of corporations is meaningful too. Having lived in different national/regional/organizational cultures, I'd agree that there's a significant correspondence between culture and cult.
Socrates “knows that he knows nothing” and spends his time trying to refute that. He looks for knowledge earnestly but usually doesn’t find it. Socrates is less devil’s advocate, more “how can we be sure of X when Y? If not Y because Z, doesn’t Z also make X problematic because of (blablabla)?”
Sure, he gets people RAGEing like a great troll, but at least ostensibly he’s doing more the 2nd type of argument described in the article, but with kind of a backdrop that precise intellectual beliefs are really hard to specify or maintain. It’s like dialectic but it’s not Hegelian; he wants to return to some central question and doesn’t necessarily see that thesis/antithesis climb as crucial, he just finds problems with the premises and wants to find better ones (Hegel’s whole thing was a bit more nuanced than that).
Re: article, trolling initially meant trying to get a rise out of people. It’s not so much you won’t admit you’re wrong or you’re eristically tearing everything down, it’s that you’re pretending to play the argument game (or some other game, like “art criticism” or “testimonial”) but in fact you’re fucking with people of varying levels of specificity.
we grit our teeth and "believe" that anyone traceably affected got an email directly from the company or something :D
(that said, google main page vulnerable to xss is kind of like... what, we're afraid someone will take over google and put some cryptominers on the google.com main page?)
Well, a compromised google.com main page could return malicious search results for certain queries. How many Windows sysadmins install PuTTY by googling "putty", and then installing an executable from whatever site shows up in the first couple of results?...
If the primary install method is "search and download whatever manually from the internet," you have bigger issues than a potential Google compromise: create a site with better ranking than the canonical HTTP (!) download page, MITM the HTTP download, whatever.
Where did they deny that anybody's email bodies were read? I'm looking for it and I can't find it. I only see that they told the other 94%(?) of people that unauthorized access did not reveal the contents of their messages in particular, which seems to be truthful?
> This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments, between January 1st 2019 and March 28th 2019.
Notice it says your email account. The whole email is about the account of the recipient, not those of other recipients. Given that they explicitly worded it this way and people clearly misinterpreted it to mean something else, I hope you can forgive me for being a little skeptical of third-party anecdotes that suggest Microsoft claimed nobody's email contents were accessed...
it is of course just a matter of time for either of the companies you mentioned to "be hacked" (obviously it's happened countless times with Microsoft, both the OS and their cloud services like O365, and there was a recent high profile revelation that the google apps suite APIs exposed user info to developers). the difference is incident response and layered security.
as long as you're using software somewhere in the stack that isn't like maturity level 5, AND you don't have constant audits looking for novel attacks on working-as-intended systems, you're pretty much guaranteed to inherit (or create) a vulnerability at some point, and if you're important enough it will get exploited. the reason that doesn't mean we should start modeling computer systems as "living organisms that eventually get old and die" and should keep modeling security like war is that when you get hit, you can respond. all the layers matter, and insofar as Microsoft or Google do it right, they primarily do it right by having a mature process for monitoring, patching, isolating, etc.
as for docker hub though, yeah i'm totally with you. i'm just saying we shouldn't overestimate the preventive capacity of anyone, honestly. if you're doing anything important over the internet at all, you're making some compromises somewhere.
here are 2 links to things i handwaved at above, for example's sake:
no, using the nuclear option of removing the browser outright when others work is the smart, efficient option that someone who actually works in IT with limited resources would (and should) use.
this stuff about finding all the right config files during "basic hardening" and having it just work is the stuff of armchair commenters and people who do IT/security on a well funded, sufficiently redundant team. assuming the latter would be the people in charge of school IT is hopelessly naive.
So tell me then, what exactly are you achieving with removing Firefox when the same bypass can easily be achieved with Chrome? Remove Chrome also? Call the well funded security team to configure whatever browser you’ll eventually have to use?
The problem with half assed work is that you still put in some effort but reap none of the rewards. You work to uninstall Firefox from dozens of computers but get exactly 0 results because now you’ll have to configure Chrome. Default installations of both browsers are perfect for home use but woefully inadequate for controlled networks.
And in the end you put in just about as much effort as changing some flags in any one of the dozens of example config files available on the internet and copying it on every machine.
the DNS filtering works on chrome. yes, people can bypass it, but it doesn't even work on firefox, so they remove firefox. this isn't rocket science, and you're being foolishly contrarian instead of trying to understand what the original commenter's actual situation is. this leads me to believe that you are hypothesizing about work you don't do, but feel perfectly qualified to talk about "half assing" things.
> you're being foolishly contrarian instead of trying to understand what the original commenter's actual situation is
Perhaps because he's describing 2 different situations. One where "some schools" are removing Firefox, and one where it's not an option for him because of BYOD. Uninstalling Firefox is exactly the solution he can't apply. So I still maintain that the other schools that fully control the clients could have applied a proper fix faster and cheaper than any uninstall. It's one line in a config file [0], already linked above.
All your replies are gratuitously aggressive and insulting. That's not a good way to contradict my solution that works, is simpler and more future proof than uninstalling browsers with DOH.
Eventually all browsers will have DOH, you can't uninstall them all. And leaving a browser unmanaged and at the mercy of a student is not an option since requiring 2 extra clicks to bypass the filtering isn't a solution. You need some form of management either way.
I already gave you a solution that's better than removing the browser and "cheaper" than having to manage Chrome with GPOs (not a high bar). Insults won't change that.
this is getting really boring and repetitive, but you didn't give a "cheaper" solution, you gave an administratively more expensive solution (change files on machines rather than bulk remove an app which is out of the box functionality for many products IT like this would use), along with moving the goal posts; the goal is "keep my DNS filtering working," not "make sure no one ever gets to the porn site."
of course, you would need to do more in chrome (and windows/osx/ubuntu generally) to stop traffic to a site if a student knows what they're doing. that's not the point. the point is: we have this control in place. we've agreed it's working well enough. people can bypass the control simply by using firefox. to avoid adding overhead, we ditch firefox (for now). it's that simple.
as for future-proofing, that's a luxury. ...and part of why it's a luxury is that some goals ("make all traffic to any porn sites impossible on our school network") just aren't going to be met by budget IT.
re: BYOD, for that i go over to the armchair tech purist side i'm afraid, and just say "well, you allow that, so you need to get over that they can use VPNs and stuff. you're not DOJ or some wealthy corporation with important IP assets and equally 'important' VIP execs that insist on bringing their OSX 10.6 MBP to work. you don't get to have all the cool controls that might allow BYOD. sorry."
You didn't understand OP's comment and realized only after I pointed out that HE is the one with the BYOD problem where uninstall can't fix anything. I'm not the one moving the goalposts. His only option is applied outside of the client, at network level. As for the other schools, the effort they put in today bought them a week or two at most. More than enough time for the students to have "workarounds" in place and access anything they want since as you said the admin has no resources to control what's happening on the machine. But you know, it's unwise to pay too much, but it's worse to pay too little; buy cheap, buy twice; poor man pays twice.
They were better off uninstalling Chrome. Firefox at least can be controlled with a config file and a script to do bulk copy, Chrome wants GPOs and without lockdown you have a ton of extensions in the store to make your DNS filtering redundant. I believe the latter is the better option but if a config file is beyond the possibilities of the school admin I expect their browsers to be fully unmanaged and at the mercy of the user. It can't be both ways.
I appreciate that you finally confirm what I said from the beginning: It is a half assed job (because doing it properly "is a luxury"). Uninstalling just kicks the problem down the road and lets "future you" deal with it a few days or weeks later.
> an app which is out of the box functionality
Begs the question why put in effort to install then uninstall it when there was no need for either. I'm not in their head but one thing's for sure, your explanation relies on conflicting argumentation. We're talking about a hypothetical Schrödinger's admin that at the same time both has and hasn't got the resources to do the work.
firefox messes up their DNS filtering, chrome doesn't. so they remove firefox and enforce chrome. if you see that as a slippery slope, you're imagining it. they probably 1) have a decent app like ninite to remove and install apps, 2) don't have anything but their production environment, 3) don't have a homogenous environment in terms of patching (maybe they do), 4) don't have people to go around and make sure the config changes they push (however they would push them) took, worked, etc. so they block the app. maybe eventually they reinstall it. welcome to IT.
...which reinforces my point about how people actually doing this and people speculating about it tend to respond to issues like this.
> firefox messes up their DNS filtering, chrome doesn't
I take it you assume students are not creative enough to get the exact same result with Chrome? Because it is perfectly possible to do it. Unless of course you take steps to prevent that in Chrome. One way or another you either put in the work or the users will end up doing whatever they please. After configuring the OS doing the same for the browser is a relatively small step.
of course it's possible to do so. but DNS filtering works for most users, and is much easier to centrally manage on a budget (in terms of time / people / money) than browser settings.
i'm belaboring this point now, but people who actually do this stuff know that you can't just throw up a GPO to fiddle with chrome settings and expect everything to work. this culture of "power users" thinking they know the best course of action for every situation in IT (and it's always "that thing i Put In The Work to do when i was tailoring my own system") is really silly.
> know that you can't just throw up a GPO to fiddle with chrome settings
I thought we were talking about how hard it is to fix Firefox. This can be done on a budget - part of an afternoon - since it can be very easily managed with a plain old config file copied to all machines (at least until a couple of versions ago). With this gone you're left with Chrome. How would you make sure no user can use any one of the multiple options to abuse a non-managed Chrome and bypass this? Remember that your target isn't to have a browser that doesn't mess up filtering, it's to prevent students from using any (creative) means to access restricted material. And with Chrome there's one sure way to prevent those creative means. So don't answer, it will be GPOs.
And since your fix for DOH and DNS filtering is to uninstall the browser (!) when Chrome eventually implements it will make for an interesting conversation ;).
as i replied in the comment below, the goal isn't "absolute porn free paradise," it's "keep our current control working." sound shortsighted to you? it is. it's also the easiest thing, and frees everyone up to do other, more important work than impressing people who are aghast that an organization would uninstall 1 of 2 browsers b/c it bypasses some control of theirs.
as for once chrome implements DOH, they'd cross that bridge when they came to it. it's an uphill battle, because really content filtering, of course, should not be done through browser settings (remotely managed or otherwise), nor solely through DNS. if whoever tells IT what to do in that school district is hellbent on it being impossible to browse to pornhub, they'll ultimately need a layer 7 firewall. but again, when you're on the budget, you do fastest / cheapest / most effective.
(and if we return to pure hypothetical, i would argue that dns filtering really is the best way in their case, because anyone who could bypass that--besides just using firefox--will be able to bypass better chrome config, or your firefox config change, etc, since they can just edit host file, etc etc etc)
"Don't do that. A job interview is a structured process designed to let you consistently evaluate multiple candidates. If you are asking each candidate different questions, that's not a fair test."
if this is the thing you're responding to, you're misunderstanding the post entirely. "fair test" here is not about morals, it's about results. if i want to evaluate 2 candidates, i want the test to be as "fair" as possible so that i have the most relevant, fine grained information as possible. i want to render the candidates commensurable so i can make a better decision for my own purposes.
"life's not fair" in this context sounds like some kind of systems pessimism. it sounds like you're saying "stuff doesn't work." but of course it does. of course asking this question and not that question gives me more relevant hiring information. it's totally insane to think otherwise.
As is, this is a phishing type variant that it’s not at all clear gatekeeper was even designed to stop. However, the default behavior described (especially making symlinks to NFS shares without any sort of warning or special graphic when following them in Finder) seems sufficient for forceful language when complaining about it to Apple / giving a disclosure deadline then publishing.