[Discuss] The web of clowns
Eric Chadbourne
eric.chadbourne at icloud.com
Sat Jun 12 19:15:54 EDT 2021
On June 12, 2021 at 6:22 PM, Rich Pieri <richard.pieri at gmail.com> wrote:
On Sat, 12 Jun 2021 14:57:26 -0400
Eric Chadbourne <eric.chadbourne at icloud.com> wrote:
The vast majority of companies and government agencies are wildly
incompetent at IT, particularly security.
They're getting better. It is taking some very high profile wakeup
calls like the Solarwinds breach but it is happening.
Breach velocity is increasing, or so it appears from here, but I'm just reading the same public stuff you all are.
ICANN is an untrustworthy whore completely overrun by the industry
they should regulate.
ICANN is not, and never has been, a regulatory agency. ICANN is a
non-profit corporation. It has no regulatory authority.
The word regulatory may have been incorrect. They do require significant contractual obligations and have methods to modify them. Feels like a governing body even though it really isn't.
Top domains that boast extra security are actually the exact
opposite. For example dot bank and dot cpa. Complete clown show top
to bottom.
Much of this is due to DNS being insecure and trusting at its heart.
Turns out, securing something that is intrinsically insecure is hard.
And of course these extra security TLDs are the most attractive
targets and the most agressively attacked.
Yeah you hit the nail on the head IMHO. The combination of arrogance and ignorance is impressive. DNS is hard at that level.
How do you all find the energy to keep working in this
field? I’m either going to leave or transition to red teaming.
This is all terrible. Kind of a joke industry.
Beats manual labor.
True.
Thanks,
Eric
More information about the Discuss
mailing list