in one of @adamshostack's (excellent) books i highlighted a lot but recent threads here about this topic and saw it scroll by:
-
in one of @adamshostack's (excellent) books i highlighted a lot but recent threads here about this topic and saw it scroll by:
> First, turn on automatic update on everything, most especially devices, operating systems, and web browsers. The updates that engineers ship often address security problems that can be exploited automatically. If your vendor mixes functionality changes with security fixes, complain loudly.
-
in one of @adamshostack's (excellent) books i highlighted a lot but recent threads here about this topic and saw it scroll by:
> First, turn on automatic update on everything, most especially devices, operating systems, and web browsers. The updates that engineers ship often address security problems that can be exploited automatically. If your vendor mixes functionality changes with security fixes, complain loudly.
now i would argue the opposite position.
-
now i would argue the opposite position.
the latest update may just as likely be a malicious payload. so how are we supposed to stay current and safe? scheduled patch cycles? sandboxes? these all require automation and the fastest paths would use inference, which is another path for malicious software to get involved.
-
R relay@relay.infosec.exchange shared this topic
