|
|
|
|
|
|
by lazyjones
3544 days ago
|
|
|
>- the device is compromised, exfiltrating company secrets, but has been rigged to send false reports to the central antivirus server saying it's clean.
- the device is not something it makes sense to install a host-based IDS/firewall/AV on.
- the device is assigned to a broker-dealer who is using a non-work email account to give fraudulent advice to clients off the record. So, because banks fail at keeping their devices secure, TLS 1.3 must be weakened? I don't see a convincing case here. The third point especially seems a bit ridiculous: non-work accounts can probably be used from anywhere, why would said broker-dealer bother using the bank's network for his fraudulent activities? If he controls his device, he can use an LTE USB stick, an external VPN with a cipher of his choice etc. ... |
|
|