|
|
|
|
|
|
by zamadatix
407 days ago
|
|
|
I'm not necessarily arguing it should be one way or another, just clarifying what photon_rancher was saying about the offline behavior extending past just RDP login. As for the article's stance: keep in mind RDP to any user account isn't necessarily automatically required to fix it. In general even, it's a tradeoff one makes when deciding between fail open and secure. There likely isn't a "right" and "wrong" answer here, neither approach is going to make everyone happy. Unsurprisingly, the security researcher is unhappy the needle doesn't lean more in the direction of security. |
|
|