hhmx.de

Tindra

Tindra
@TindrasGrove@infosec.exchange

· Föderation EN Mi 19.06.2024 12:13:30

@ludicity as someone in cybersecurity, I can say that you are correct that zero trust has meaning, but that meaning is not how people who develop products treat it.

0x   2   0x

Ludic 🧛

Ludic 🧛
@ludicity@mastodon.sprawl.club

Föderation EN Mi 19.06.2024 13:00:02

@TindrasGrove Good to know! It's interesting because I really am not a sophisticated actor in the security space, but it's still quite obvious when some people are full of it. Although, of course, I'm sure slightly more savvy grifters sneak past my detectors.

0x   1   0x

Tindra

Tindra
@TindrasGrove@infosec.exchange

Föderation EN Mi 19.06.2024 13:46:09

@ludicity I think there’s some significant overlap in our fields (especially when it comes to who is actually using the not-snake-oil), so there’s some amount of transferability in BS detection skills.

Last week I went to a local data analytics conference, and the talk I got the most out of was the one person who said “you don’t need AI for any of this!!”

0x   0   0x

Jamie Gaskins

Jamie Gaskins
@jamie@zomglol.wtf

Föderation EN Mi 19.06.2024 17:08:56

@TindrasGrove @ludicity Gonna have to add it to my list, then

zomglol.wtf/@jamie/11215954666

0x   1   0x

Tindra

Tindra
@TindrasGrove@infosec.exchange

Föderation EN Mi 19.06.2024 17:14:16

@jamie @ludicity yessss

The people who try to sell zero trust as a product, not an architectural philosophy, seem to mean SSO, but ✨fancy✨

0x   1   0x

Ludic 🧛

Ludic 🧛
@ludicity@mastodon.sprawl.club

Föderation EN Di 25.06.2024 14:32:10

@TindrasGrove @jamie I just spoke to my brother (read team supernerd) and asked him to explain ZT, as I got many, many emails about it and some disagreed with each other.

Within 30 seconds I said "Wait, so it's a philosophy, not a feature".

I literally just do databases and it's obvious, what the hell are all these dweebs learning?

0x   2   0x

Jamie Gaskins

Jamie Gaskins
@jamie@zomglol.wtf

Föderation EN Di 25.06.2024 14:42:08

@ludicity @TindrasGrove Databases definitely have fewer disagreement in definitions (and arbitrary definitions are pretty rare) because SQL is standardized but they aren’t immune to it, either.

For example, SERIALIZABLE transaction isolation means different things in Postgres and MySQL. And some of MySQL’s consistency guarantees are only truly guaranteed up to some level of write throughput to a given table. It’s wild out there.

0x   0   0x

Tindra

Tindra
@TindrasGrove@infosec.exchange

Föderation EN Di 25.06.2024 15:24:39

@ludicity @jamie YES!!

It’s really easy to tell who’s full of it because they try to sell ZT as a product, not as an architectural philosophy.

They *want* it to be a product, because it’s possible to “achieve” implementing a product. You can’t “achieve” a philosophy. You just improve your process, incrementally, for ever and ever.

0x   0   0x