AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Issues with world of warcraft realms11/4/2023 There are ways to get there and exploit those resources, too.Īnd naturally, with so many moving pieces, so many different agents, you get hierarchical organizations, larger infrastructure, traders conducting arbitrage and moving freight, bigger and badder ships and bigger and badder groups to hold vaster tracts of territory. Some of those resources are more elusive: they come from gas clouds which are hard to detect, or components found in uncharted systems. They do it by stripping asteroid belts of resources, holding territory where they can conduct R&D, and build every bullet you expend, every ship you pilot. The ships, the guns, the ammo: these all come from somewhere. and how to get all those things cheaply, or at least for a smaller cost than it takes to make money with it. That gets you thinking about which ship to fly, which guns to put on it, and so on. That gets you to start thinking about how you shoot things and how to do it efficiently and effectively. Eventually, you run out of ammo, or your ship is destroyed, or you want something bigger and badder. There are pirates, other players, other factions. The simplest play is to fly around and shoot things. And because you're a gamer, the galaxy is an oyster to exploit for your amusement. As someone who has ascended into virtual godhood by the benefit of effective immortality, you have entered a new plane of power dynamics. A capsuleer is someone who can pilot certain specially designed ships. Let's slingshot you into the future, where empires span hundreds of solar systems, spaceships abound everywhere, cloning technology is available to an elite class called capsuleers, and human beings still act human. The principle of least privilege is a nice maxim, but there's a cost to figuring out exactly what the least privilege is, and there's a cost to giving someone too little privilege - downtime when they can't fix something they're supposed to fix. Do you honestly think you know every possible attack vector someone with legitimate sudo access could use? * Maybe he knows where your tripwires are. Okay, you are a good admin and you have tripwires. * Maybe he was editing crontab one day and added a one-shot script to create a nefarious account. Okay, so you're a good admin and disabled that. Maybe he was editing a file in sudo with vi and ran ":! bash". * But maybe it won't even show up in the logs. Okay, so you're a good admin and you check the logs and make everyone use "sudo" for everything. One of them gets his certificate revoked and then laid off - in that order - but he already installed a back door account. A certain percentage of them need root access. So you have folks administering the servers. There are a few scenarios in which client-side certificates just aren't good enough by themselves.
0 Comments
Read More
Leave a Reply. |