It is currently October 26th, 2021, 6:54 pm

it firm softserve hacked locked down plundered

Release announcements and important news from the developers.
User avatar
Yincognito
Rainmeter Sage
Posts: 4071
Joined: February 27th, 2015, 2:38 pm
Location: Terra Yincognita

Re: it firm softserve hacked locked down plundered

Post by Yincognito »

jsmorley wrote: September 14th, 2020, 1:04 pm One of the biggest challenges for a security administrator is how to "balance" the security needs of the company with giving appropriate "freedom" to the end-users, to ensure that they can effectively do their jobs and be creative, and not have them live in some version of North Korea. It's a balance that is really, really complicated to find.

"Trust" and "assume" are not words that are, nor should be, in the vocabulary of any security administrator.
Yep, indeed. I have some doubts regarding the level of complexity in finding a good solution. It's not that it is simple, but rather that it can be made to be eaiser to find when thinking outside the box of the old style "you should do this and that". Like 15% wage reduction if your computer isn't clean at the end of a day's work: you can have your freedom as long as the result isn't harmful. And don't rely on people to verify this, but on automated solutions.
User avatar
Yincognito
Rainmeter Sage
Posts: 4071
Joined: February 27th, 2015, 2:38 pm
Location: Terra Yincognita

Re: it firm softserve hacked locked down plundered

Post by Yincognito »

jsmorley wrote: September 14th, 2020, 1:10 pm There is the Rainmeter "group", which helps some with visibility. As long as an author adds their "submission", which is just thrown in the general pool, to the Rainmeter "group", that can make it a bit easier to find.

What there used to be is a Rainmeter "category", which allowed skins to be separately listed and found on the general site, and probably as important, restricted submissions to the .rmskin file type. That restriction is no longer supported on the site.
Ah, I see.
User avatar
jsmorley
Developer
Posts: 22374
Joined: April 19th, 2009, 11:02 pm
Location: Fort Hunt, Virginia, USA

Re: it firm softserve hacked locked down plundered

Post by jsmorley »

Yincognito wrote: September 14th, 2020, 1:15 pm Yep, indeed. I have some doubts regarding the level of complexity in finding a good solution. It's not that it is simple, but rather that it can be made to be eaiser to find when thinking outside the box of the old style "you should do this and that". Like 15% wage reduction if your computer isn't clean at the end of a day's work: you can have your freedom as long as the result isn't harmful. And don't rely on people to verify this, but on automated solutions.
Trouble is, once your company's system has been hacked, and 5 million credit card numbers belonging to your customers are out on the dark web for sale to the highest bidder, closing that particular barn door after 5 million horses are out hardly seems effective when your company is front page news on CNBC.com, and Jim Cramer is screaming at the TV audience to sell the stock.

Your CEO is going to listen patiently while you explain that it happened even though you made all those employees promise not to download Rainmeter skins from sputnik.com, but trust me, while he is listening, he is texting security to clear out your office and disable your keycard.
User avatar
Yincognito
Rainmeter Sage
Posts: 4071
Joined: February 27th, 2015, 2:38 pm
Location: Terra Yincognita

Re: it firm softserve hacked locked down plundered

Post by Yincognito »

jsmorley wrote: September 14th, 2020, 6:14 pm Trouble is, once your company's system has been hacked, and 5 million credit card numbers belonging to your customers are out on the dark web for sale to the highest bidder, closing that particular barn door after 5 million horses are out hardly seems effective when your company is front page news on CNBC.com, and Jim Cramer is screaming at the TV audience to sell the stock.

Your CEO is going to listen patiently while you explain that it happened even though you made all those employees promise not to download Rainmeter skins from sputnik.com, but trust me, while he is listening, he is texting security to clear out your office and disable your keycard.
Haha, yes, I know - but I just said that the way I'd do it is not looking for empty promises, but prevention measures through automated systems and a hefty financial penalty for non-compliance. Anyway, I still believe doing things like people use to do is going to bring back the issue again, this time for another program instead of Rainmeter. This isn't about Rainmeter being "unsafe" in a business environment, this is about almost every software out there being like that - it just happened that it was Rainmeter this time, but it could have been any other. Sure, your advice is probably correct and should be followed, but it doesn't guarantee that it won't happen again with another program - even one that was considered "safe" by the "experts", if you know what I mean.
User avatar
brax64
Posts: 172
Joined: July 8th, 2018, 8:05 pm

Re: it firm softserve hacked locked down plundered

Post by brax64 »

IMHO this discussion is a classic example of a "never ending" one...
At the foundation sit a very simple but very evil/good concept (it depend how you see it); in technology (and in science in general) always apply the principle "there's a countermeasure for each measure" (or viceversa..), it's embedded in human nature the willingness to find the smarter answer to the smartest question.
In IT security this "cat and mouse" game is even more amplified because money, at the end, (and lots of it!) are involved, as rightly jsmorley pointed out.
So, at least for now, considering this factors, that's why, in my opinion, this is a "never ending" discussion
With this is not my intention to criticize any of yours arguments, all pertinent and on point, just my 2 cents... ;-)
User avatar
Yincognito
Rainmeter Sage
Posts: 4071
Joined: February 27th, 2015, 2:38 pm
Location: Terra Yincognita

Re: it firm softserve hacked locked down plundered

Post by Yincognito »

brax64 wrote: September 14th, 2020, 9:42 pm IMHO this discussion is a classic example of a "never ending" one...
At the foundation sit a very simple but very evil/good concept (it depend how you see it); in technology (and in science in general) always apply the principle "there's a countermeasure for each measure" (or viceversa..), it's embedded in human nature the willingness to find the smarter answer to the smartest question.
In IT security this "cat and mouse" game is even more amplified because money, at the end, (and lots of it!) are involved, as rightly jsmorley pointed out.
So, at least for now, considering this factors, that's why, in my opinion, this is a "never ending" discussion
With this is not my intention to criticize any of yours arguments, all pertinent and on point, just my 2 cents... ;-)
I fully agree - any defence can be broken eventually. My point was that this did not happen because Rainmeter "isn't safe" in a business environment, but because of the company's employees behavior. This can happen for "safe" software as well - simple example: have a running antivirus but disabling it (or its relevant options). Even "dangerous" programs (like virus samples) can be made to not cause harm by using them appropriately.

Irresponsible behavior cannot be fixed by banning X or Y program from use in a specific environment, but by making the behavior to be responsible. I know it's often easier and more realistic to apply the former as human nature is rather difficult to control, but the effective solution is nevertheless the latter.
User avatar
jsmorley
Developer
Posts: 22374
Joined: April 19th, 2009, 11:02 pm
Location: Fort Hunt, Virginia, USA

Re: it firm softserve hacked locked down plundered

Post by jsmorley »

Yincognito wrote: September 14th, 2020, 10:05 pm I fully agree - any defence can be broken eventually. My point was that this did not happen because Rainmeter "isn't safe" in a business environment, but because of the company's employees behavior. This can happen for "safe" software as well - simple example: have a running antivirus but disabling it (or its relevant options). Even "dangerous" programs (like virus samples) can be made to not cause harm by using them appropriately.

Irresponsible behavior cannot be fixed by banning X or Y program from use in a specific environment, but by making the behavior to be responsible. I know it's often easier and more realistic to apply the former as human nature is rather difficult to control, but the effective solution is nevertheless the latter.
Yes, but has often been said: "Everyone in the world is crazy except you and me Bob, and lately I've been wondering about you..."
User avatar
Yincognito
Rainmeter Sage
Posts: 4071
Joined: February 27th, 2015, 2:38 pm
Location: Terra Yincognita

Re: it firm softserve hacked locked down plundered

Post by Yincognito »

jsmorley wrote: September 14th, 2020, 10:20 pm Yes, but has often been said: "Everyone in the world is crazy except you and me Bob, and lately I've been wondering about you..."
We're wondering about everyone anyway, even ourselves...
User avatar
redorbroder
Posts: 5
Joined: September 14th, 2020, 8:54 am

Re: it firm softserve hacked locked down plundered

Post by redorbroder »

Hello!

Good to hear all is well with SilverAzide!
Couldn't do without his Gadgets Suite!

Maybe off topic but I'm curious why browsers block this:

Code: Select all

Rainmeter-4.4-r3404-beta.exe
Opening "Issuer Statement" links to
https://secure.comodo.net/CPS
Browsers I tested (Firefox, Chrome, Waterfox).
Is this normal?
All certificate looks identical to screenshots from jsmorley shown in here.
Image
Image

Best regards,
redorbroder

Code: Select all

A rough google translation from swedish:
The connection is not private
An attacker could try to steal your information from secure.comodo.net (such as passwords, messages, or credit card information). 
Read more
NET :: ERR_CERT_DATE_INVALID

Help us make the web more secure for everyone by submitting URLs to certain pages you visit, certain system information and certain page content to Google's Privacy Policy
The server's identity as secure.comodo.net could not be verified because its security certificate expired 103 days ago. This may be because the server is incorrectly configured or the connection has been lost. The clock on the computer is currently set to Tuesday 15 September 2020. Is it working correctly? Otherwise, you should reset the computer clock and then refresh the page.

Continue to secure.comodo.net (unsafe)
User avatar
Yincognito
Rainmeter Sage
Posts: 4071
Joined: February 27th, 2015, 2:38 pm
Location: Terra Yincognita

Re: it firm softserve hacked locked down plundered

Post by Yincognito »

redorbroder wrote: September 15th, 2020, 11:47 amMaybe off topic but I'm curious why browsers block this:

Code: Select all

Rainmeter-4.4-r3404-beta.exe
Opening "Issuer Statement" links to
https://secure.comodo.net/CPS
Browsers I tested (Firefox, Chrome, Waterfox).
Is this normal?
All certificate looks identical to screenshots from jsmorley shown in here.
Image
Image

Best regards,
redorbroder
Just guessing here, but Comodo's Wiki page might offer some clues about it. It may be nothing or it may be something, but I won't try to find out:
- the official site is listed as comodo.com, this one is comodo.net
- certificate hacking appears associated with Comodo, albeit the section is from a couple of years ago
- the WhoIs page for comodo.com isn't quite identical to the one for Comodo.net

But then, as I said, it could be nothing, although it's a bit strange. This and this seem to offer some sort of an explanation for it. Again, I won't try to find out, better safe than sorry. :???:
redorbroder wrote: September 15th, 2020, 11:47 am Good to hear all is well with SilverAzide!
Couldn't do without his Gadgets Suite!
So SilverAzide is back on DA? If so, that's good news - doesn't change my evaluation on them though. And his Gadgets Suite is available here on the forum as well (actually, downloadable from GitHub), so that was a non-issue.

EDIT: Just checked his gadgets link on DA and doesn't work, so I'm not sure I understood what you meant by "all is well with SilverAzide" - maybe you know something that I don't, or I misunderstood something... :confused: