This is gonna catch some folks out π
-
RE: https://infosec.exchange/@merill/116203323789181775
This is gonna catch some folks out
@GossiTheDog Compelling reason why my next job in tech under Microslop is paying for a workplace handheld 100% so my rooted phone can stay off of work.
-
@GossiTheDog waiting for the first false positive...
@KHoos @GossiTheDog Right? Or a regression where MS believes all is well when millions are affected.
-
@BernardSheppard @DJGummikuh @GossiTheDog
Why would anyone byod or even mix private/business hardware, especially if there's MDM going on. I never got that.
Also, work hardware is going into poweroff after the agreed upon hours unless very special conditions and pricing apply.On the other hand: Keeping the MDM'd business hardware up-to-date/updated or lock it otherwise sounds pretty sane.
When it was a small IT team, and the head of IT was a peer, and I could discuss, understand the stack, and trust him, a work profile was no big deal.
Otherwise, yeah, nah, you can supply me with a phone. Which I will still turn off.
-
RE: https://infosec.exchange/@merill/116203323789181775
This is gonna catch some folks out
@GossiTheDog FreeOTP+
Works fine for #Mircoslop and all other OTP tokens
-
RE: https://infosec.exchange/@merill/116203323789181775
This is gonna catch some folks out
@GossiTheDog π€―
Not quite unbelievable, but wow.
-
@GossiTheDog This is still just the authenticator TOTP protocol documented in an RFC?
@dascandy @GossiTheDog It's several different things. Standardized TOTP is supported; two similar looking but distinct('microsoft authenticator(push notification)' and 'microsoft authenticator(phone sign-in)' proprietary things are supported and preferred in default AAD configs; and it's also the client for "Face Check"/"Verified ID" cases, if an org is paying up for that.
-
@GossiTheDog this is completely idiotic. Let me guess, they also eventually will start ratting out Android devices which no longer receive security updates and wipe them as well? Fuck Microslop
@DJGummikuh @GossiTheDog If 'play integrity' and similar are anything to go by; ancient and busted will be fine; so long as it's the ancient and busted that your OEM intended. The enemy, after all, is your filthy little hacker fingers; not an industry of pervasively abysmal code quality and more or less open contempt for confidentiality issues.
-
RE: https://infosec.exchange/@merill/116203323789181775
This is gonna catch some folks out
@GossiTheDog thats why I dont use MS Apps on my Phone. I have setup a Auth Code App like Aegis for my work account I hope its still a option.
-
@GossiTheDog This is going to do wonders for work/life balance
@schrotthaufen @GossiTheDog Yes, if work would never buy you an extra phone, you don't have to answer email after hours!
-
RE: https://infosec.exchange/@merill/116203323789181775
This is gonna catch some folks out
@GossiTheDog Thank god I removed Microsoft from my life.
-
RE: https://infosec.exchange/@merill/116203323789181775
This is gonna catch some folks out
@GossiTheDog this oughta be funny.
-
@shlee @GossiTheDog None of them would be good as such.
The typical American IT usahenof rooted would be "compromised." The router has been hacked by a hostile 3rd party and is no longer trustworthy.
"Rooted" is also Australian slang for "pregnant," and.... how does this happen to an appliance, exactly?
