• 0 Posts
  • 21 Comments
Joined 1 year ago
cake
Cake day: June 22nd, 2023

help-circle


  • I hate to say it but company data is most definitely on personal computers.

    This is why stuff like adaptive MFA and DLP are a thing. What most people don’t know is if DLP is properly implemented the IT team/department have records of who, when, where, and what device were used to not just access/download data/files.

    The problem is a lot of companies don’t properly implement DLP because it’s not a turn key solution. You need to properly classify your data first and that requires essentially a company wide audit with buy-in from all levels of management. After the classifications you can then implement restrictions and compensating controls.

    Back in the day you could just block USB/network transfer, but if you have data accessible outside of a corporate network you then need to implement conditional access/adaptive MFA where only registered devices are permitted to access certain systems.





  • Google is removing the VPN and free shipping (which was only available on some photo orders) to make way for more “in demand features”?

    I could understand if this was coming from a smaller company with more limited resources and staff, but that’s not Google by any means.

    They really don’t care about the poor reputation the general public has of them regarding shutting down services on a whim.

    What’s worse though is they don’t seem to realize that, with the exception of Android and maybe Google Docs, their services/products are easily replaced by competitor offerings.

    In my opinion it’s a good thing if Google gets knocked of their high horse and allow competition to flourish in their place.




  • Unfortunately its not a third party module but manufacturer built-in features.

    Modern cars are internet-enabled, allowing access to services like navigation, roadside assistance and car apps that drivers can connect to their vehicles to locate them or unlock them remotely. In recent years, automakers, including G.M., Honda, Kia and Hyundai, have started offering optional features in their connected-car apps that rate people’s driving. Some drivers may not realize that, if they turn on these features, the car companies then give information about how they drive to data brokers like LexisNexis.





  • Handbrake will rip DVDs, but not Blu Rays. That’s were good ol’ MakeMKV comes in.

    I rip with MakeMKV (which will do DVDs as well) and then convert/encode the MKVs with Handbrake.

    I do the conversion/encoding because the ripped files can be 35-50 GBs for regular Blu Rays (UHD Blu Rays are even bigger!) and I can get them down to 3-8 GBs with minimal quality loss.

    I then toss the smaller MKVs on my jellyfin server.

    EDIT: Handbrake CAN rip Blu Rays but only if they arent copy protected. MakeMKV is able to rip protected Blu Rays and DVDs.






  • If you keep Bitlocker enabled on that partition you will have to enter the recovery key everytime you boot into your Linux partition. Since you don’t have that key backed up you’ll need to turn it off and then re-enable it if you wish to continue to use Bitlocker.

    If you manually enable bitlocker you will be prompted to back up the key with a few different options: to a file (but if I recall you’ll need to save the file to a drive that isn’t be encrypted by Bitlocker) or to a Microsoft account.

    To answer your question regarding best practice, Full Disk Encryption is best practice. Now to achieve that in Windows you use Bitlocker, Linux there is Luks, and macOS has filevault.

    If your machine isn’t going anywhere outside your home then it’s not as big of a deal if the drive isn’t encrypted.

    Regarding your situation FDE is going to be a bit of a pain whether you use Bitlocker or Luks. I suggest using db2’s suggestion and run a VM creating a shared folder between host and guest. Then you can encrypt the entire drive using the best encryption tool for the host OS (which I suggest be Linux).

    Edit: Replaced the ‘b’ with a space between “db2’s” and “suggestion”


  • If you don’t need/want Bitlocker simply boot into Windows go into the bitlocker settings and turn off bitlocker (dont use suspend as bitlocker will be re-enabled the next time you boot into Windows). You will need to wait for Bitlocker to decrypt before shutting down - there will be a small status window that appears showing the progress and it shouldn’t take too long.