— YouTube Growth, Crowdstrike Incident, and ATMs
Quick recap. The team discussed the ongoing issues with the Crowdstrike incident, the impact of outdated systems on ATM performance, and the challenges of dealing with nation state actors' malware. They also explored potential solutions, including the creation of a new boot key and the use of secure coding practices. Lastly, they examined a security incident at No Before and the importance of thorough vetting processes, as well as the benefits and challenges of IPV6.
Show 5 discussion topics
YouTube Growth, Crowdstrike Incident, and ATMs
Chris commended Steve's growth on YouTube and urged everyone to subscribe to his channel. The team reported that their group had reached 1,660 members and discussed the ongoing issues with the Crowdstrike incident, with 3% of machines still down. Estimates for the cost of the incident ranged from a billion to several billions, with Neil expressing doubts about the accuracy of these figures. The team also discussed the impact of outdated systems and software on the performance of ATMs, with Kurt sharing his personal experience of using an ATM affected by Crowdstrike. Neil and Steven explained that many older systems are based on Windows and are vulnerable to crashes, and Josef raised a question about Microsoft's plans to change this model.
Dealing With Nation State Actors' Malware
Kyle and Neil discussed the challenges and potential solutions for dealing with nation state actors' malware. Neil explained that while these actors are persistent, they often use off-the-shelf malware and introduced the concept of Ebpf, a Linux facility for observability in the kernel. He also highlighted the risks and considerations associated with vendor-distributed signatures and the impact on systems. The ongoing debate between Linux and Windows, and the complications surrounding the use of CrowdStrike were also addressed. Neil predicted that companies would continue to use Falcon due to its lower risk, but also anticipated discussions and decisions about the appropriate level of agent stability for new or changing situations.
New Boot Key and Operating System Comparisons
David Gargan proposed the creation of a new boot key and the option to enter within safe mode after inputting the BitLocker key. He suggested this could improve the rollout of operating systems and mitigate vulnerabilities. Neil and Matt discussed the differences in stability and capability between Windows and Mac operating systems, with Neil arguing that Mac's smaller installed footprint and less advanced malware techniques made it less susceptible to attacks. They also discussed the increasing use of Mac devices in the workplace and the potential for more attacks targeting them. Jay and Zak highlighted the difficulty of administering Windows devices in an enterprise setting compared to Macs.
Discussing Security, Deployment, and IPV6 Trends
The team discussed the security challenges and deployment issues of devices running on Windows and Linux. Matt suggested secure coding practices could mitigate risks, while Neil pointed out that while Linux holds a significant percentage of interesting infrastructure, it's not as attractive a target for advanced malware as Windows. Shawn shared that Microsoft Windows remains the most widely used operating system. The team also discussed recurring trends in the technology industry, with a focus on the development and challenges of IPV6. Steven shared his positive experiences using IPV6, highlighting its benefits in bypassing NAT issues and improving connection speeds.
No Before Security Incident and Prevention Strategies
The team discussed a security incident at No Before involving a new employee who installed malware, despite passing background checks. Matt referenced a podcast about infiltration attempts in the industry. The team explored ways to strengthen vetting processes to prevent such incidents. Steve agreed to research infamous audit failures for a future discussion.