So, you’re looking for the best Enshrouded server hosting. And why not? Who wants to play on an unreliable public server that lags, crashes, and has no guaranteed uptime? This article delves deep into the realm of enshrouded game server hosting, exploring the features, benefits, and considerations that define the best solutions in the market.Best Enshrouded Server Hosting ComparisonHere is a quick overview of the list of the best Enshrouded server hosting providers for 2024.Advantages of Using an Enshrouded Dedicated ServerYou get Uninterrupted Adventures: There are no frustrating server crashes and disconnects with dedicated enshrouded servers. Your Enshrouded server runs 24/7, ensuring you can play anytime, anywhere, without interruptions.You create your Rules: You can customize game settings to your liking. Adjust difficulty, change world parameters, and even install custom mods with a dedicated enshrouded server. You can create an experience that perfectly suits your preferences and play style.Choose Friends Only or Grand Gatherings: You can choose who joins your world and host private sessions for exclusive co-op adventures with your chosen crew. With your own enshrouded server, you can open your gates to the community and build a server hub where players can gather and explore together.Increased Game’s Potential: Dedicated enshrouded servers possess superior processing power compared to public servers. You can enjoy visuals, action, and the ability to host massive adventures with even the largest groups of players.Complete Control and Security: You can manage your server settings, adjust permissions, and ensure a safe and enjoyable environment for everyone playing. You become the master of your domain, with complete control over every aspect of your Enshrouded server.Now that you know the major advantages of having a dedicated Enshrouded server, let’s turn into knowing the best one for you.How do you select the best Enshrouded server hosting?We analyzed the market for top Enshrouded Server Hosting and assessed different options based on the following criteria:Make sure the game panel is easy for users and supports a knowledge base for better managementIt has the ability to protect your data and files against security risks and DDoS attacksOffers full-time customer support services and quick assistanceAutomatically creates a backup of your files for unforeseen eventsOffers free trial sessions or money-back guarantee optionsBest Enshrouded Server Hosting Providers for 2024After careful consideration, comparisons and checking reviews, here are the best Enshrouded servers in the market for you:1. Sparked Host (Editor’s Choice)The Sparked Host Enshrouded server is an ideal choice because it gives you a 24-hour free trial. You can try and test their server before investing your money. Their Enshrouded server hosting plans start at just $13.20, which is one of the lower entry points compared to some competitors. It’s the best choice for budget-conscious players. They also offer dedicated hardware with increasing RAM and CPU cores as you move up the pricing tiers. It means the sparked host server can handle a large player base.Key FeaturesUser-friendly Console: even beginners with less technical expertise can use the console to manage and control hosting settingsEnterprise Hardware: uses high-quality hardware infrastructure to keep the process smooth and always runningPlugin Installer: supports different plugins that help extend the functionality of your hosting serverModpack Installer: allows users to install modpacks or modifications for gamingReverse Proxy: forwards client requests to the right server and ensures security and better performanceServer Importer: enables easy migration of existing servers or settingsServer Splitter: splits or divides server resources into several small servers for different useProsInstant Setup: offers quick installation in minutes after purchaseBudget Friendly: cost-effective solution suitable for all users, even with a low budgetGlobal Locations: offers several global locations across the globe to deliver the best service to its usersDDoS Protection: ensures server stability by mitigating all the potential risks and threatsGood Support: the support team is available 24/7 to help customers find solutions to their queriesConsCustomer support: a bit slow at managing user concerns and queriesWhy do we recommend it?Sparked Host is a budget-friendly server hosting equipped with RAID 10 NVMe SSDs, DDoS protection, a user-friendly console, and access to high-quality hardware infrastructure. It even provides services across 10 worldwide locations and 24/7 support which makes it a great solution.Who is it recommended for?Any gamer or player who focuses on investing in a low-budget enshrouded server hosting plan must go with this tool. You can handle a large player base at a decent price which is quite low in comparison to other options in the list.Editor’s ChoiceSparked Host is our top pick because it uses high-quality enterprise hardware to keep the server up and running at all times. Faster, it offers excellent support services, protection against DDoS attacks, quick setup, and more features at an affordable price. Additionally, regardless of your location, users can enjoy a seamless gaming experience at all times thanks to its worldwide coverage facilities.Pricing PlansHere’s their pricing structure for Enshrouded server hosting:Price Per MonthRAMRecommended PlayerNVMe Storage$13.206 GB4-8100 GB$22.008 GB8-10100 GB$28.0010 GB10-16250 GBTry Sparked Host2. XgamingServer (Enterprise Enshrouded Server Hosting)The primary advantage of hosting your dedicated enshrouded server with XgamingServer is you get everything superior. Superior performance, superior quality, and superior cost-effectiveness.Their servers are optimized for minimal latency, high uptime, and flawless gameplay. Additionally, you not only get technical assistance for setting up your enshrouded server but also comprehensive tools and support for managing your enshrouded server with GTX.Key FeaturesEnshrouded maps: users can add these maps to improve their gaming experienceIntuitive game panel: the intuitive interface makes it easy for players to navigate the game panel and settingsRAM and Storage: offers custom RAM and storage settings for hosting game serversOffsite backups: maintains server backups and stores offsite for situations like server issues or data lossDDoS protection: prevents servers from malicious attacks and other threatsProsInstant provision: allows users to quickly configure and provision the gaming server without any delay99% uptime: guarantee uptime and availability to players at all timesWorldwide coverage: offers hosting locations in various regions across the globe for smooth servicesSupport system: offers live chat, ticket system, and knowledge base to address user queriesConsMoney-Back Guarantee: only offers a period of 24 hoursRelocation: does not offer the location switching featuresWhy do we recommend it?XgamingServer allows users to customize the server as per their need as well as guarantees 99.9% uptime with lightning-fast speed. Additionally, it provides scalable solutions that can expand with you, whether your goal is to host a tiny community or a large online base.Who is it recommended for?XgamingServer is highly recommended for players or individuals who want quick setup features, automated backups, and protection against DDoS attacks.Pricing PlansHere’s XgamingServer’s pricing structure for the Enshrouded server:Price Per MonthRAMPlayer SlotsSSD Storage$25.004 GBUnlimited50 GB$35.006 GBUnlimited60 GB$45.008 GBUnlimited80 GBTry XgamingServer3. GravelHost (Cheap Enshrouded Server Hosting)GravelHost stands out as a reputable provider of enshrouded game server hosting solutions, catering to the diverse needs of gamers and gaming communities. With a focus on security and performance, GravelHost’s servers are equipped with advanced DDoS protection, secure data encryption, and reliable uptime guarantees. Whether hosting Minecraft servers, multiplayer game worlds, or voice chat servers, GravelHost offers a seamless gaming experience backed by responsive customer support and intuitive management tools.Key FeaturesBackup options: allows maintaining backup and restoring data for up to 3 yearsPlugin installer: allows access to various plugins that help extend their functions and customize optionsFull FTP access: offers flexibility by allowing users full access to upload, download, and manage filesFree MySQL database: helps in database management for game serversUnmetered NVMe SSD: users can access storage options without thinking about data transfer limit or costingProsBudget Friendly: comes in different pricing plans that are affordable and surely can meet your budget requirementsDDoS Protection: prevents downtime by detecting DDoS attacks and other threats in real-timeGlobal Locations: offers server hosting services in 8 Global locations across the globe for smooth gameplay24/7 availability: customers can generate tickets at any time of the day and the support team will address their queries within 5 minutesCustom game control panel: makes it easy for users to manage and configure the servers.ConsLack of certain features: Lacks certain advanced game server features and functionalities.Why do we recommend it?GravelHost is an affordable and reliable solution that offers excellent customer service along with fast loading speeds and a better user experience. It even comes with a user-friendly interface, intuitive management tools, and robust security measures like encryption and DDoS protection that make it a great option.Who is it recommended for?If you are looking for top-notch features in your server hosting solution but at a budget-friendly price, you must go with GravelHost. It is an affordable solution that gives you the ability to easily personalize your gaming experience.Try GravelHost4. Modern HostingIn a rapidly evolving digital landscape, ModernHosting emerges as a beacon of reliability and innovation, offering a comprehensive suite of game server hosting solutions tailored to modern gamers’ needs. With a diverse portfolio spanning popular titles like Counter-Strike: Global Offensive, Team Fortress 2, and Garry’s Mod, ModernHosting caters to a broad audience of enthusiasts and professionals alike.Moreover, ModernHosting prides itself on its intuitive user interface and streamlined user experience. From automated server deployments to real-time monitoring and analytics, ModernHosting empowers users to take full control of their gaming environments, unleashing their creativity and unleashing the full potential of their servers.Key FeaturesCustomizable: users can easily use the panel, customize its settings, and upload all files without any hassleDDoS protection: offers protection to servers against malicious threats and DDoS attacks at all timesAvailability: the server hosting is available across various locations around the globe for quick resolution and high-speed connectivityHardware: offers latest and high-quality hardware to ensure delivering smooth and best performancePros24/7 uptime: allows users and players to enjoy an uninterrupted experienceDaily backups: automatically generates backup on a daily basis and allows users to access it at any time using the control panelProfessional support: has a dedicated support team to look after user queries and concernsMoney Back Guarantee: offers a period of 24 hours to test the product and demand for refundConsMoney-Back Guarantee: This feature is only valid for a day.Why do we recommend it?Modern Hosting uses enterprise-level software and technology to safeguard your servers on a constant basis, ensuring that your server is up and running at all times. Further, it offers daily backups with Git Support and additional features like RocketMod, OpenMod & Uscript Installer.Who is it recommended for?It is highly recommended for individuals who look for automated server deployments, demand limited player slots, full control over the gaming environment, intuitive interface, and around-the-clock assistance.Try Modern Hosting5. DatHostDatHost has established itself as a trusted provider of high-performance game servers. With its enshrouded hosting solutions, DatHost prioritizes performance, security, and ease of management. With its focus on performance, reliability, and customer satisfaction, DatHost has earned a reputation as a premier hosting provider. If you are looking for the stable and high-performance game hosting then DatHost is the best option for you.Key FeaturesInstant relocation: users can move their servers to any location within minutes and at any timeDDoS protection: offers DDoS defense and protection to the server hosting at all timesAutomatic updates: eliminates maintenance tasks by automatically running regular updates to keep the server hosting secure and up-to-dateDaily backups: recovers fast from uncertain events or data loss by maintaining regular backupsProsEasy to use interface: the intuitive interface enables users to quickly kickstart the setup procedure even with less technical knowledgeMoney back guarantee: offers 7 days free trial period with refund option24/7 uptime: guarantees exceptional service at all times with no interruptions or delaysEasy configuration: users can make use of the control panel to easily configure the serverConsUnresponsive pre-sales support: The support team is less responsive or lacks resources essential for addressing user concernsWhy do we recommend it?DatHost is a premier hosting provider with a straightforward interface, DDR4 ECC RAM, and other storage options. It even offers API support, automated backups, instant relocation capabilities, and protection from DDoS attacks.Who is it recommended for?DatHost is your best option if you’re looking for a reliable and efficient game hosting service. It has a dedicated support team that offers assistance at all times.Try DatHost6. Apex Hosting (Premium Enshrouded Server Hosting)Apex hosting prioritizes top-tier hardware and optimized configurations specifically for Enshrouded. This guarantees lag-free gameplay, even with large player counts and demanding mods, surpassing other hosts with less powerful setups.Moreover, with Apex shrouded hosting, you get world-class support, a diverse game panel, and an easy-to-set-up server.Key FeaturesHere are some more interesting features for your enshrouded server hosting:Mod support: All you need is a one-click installer to setup the mod pack plus it comes with tutorial supportBackup: allows keeping a backup of all your gaming data for instances like hardware failure or configuration issuesFull FTP Support: Use the built-in Panel FTP capability in Apex to take advantage of full FTP support.Global Location: Apex Servers locations are spread across 16 countries worldwide, so you get low latency and high speed.Hardware: They use Enterprise-grade hardware & fast processors in all their server plans for a smooth enshrouded gaming experience.ProsDDoS protection: keeps your server safe and secure against DDoS threatsFree subdomain: offers free subdomains with each order, facilitating interactions that are easy for everyoneControl Panel: allows users to manage the console, configure servers, and access files easilyConsDownload speed: A strong connection does not always correspond to a fast download speed.Why do we recommend it?Apex Hosting comes with a dynamic game panel that can be easily accessed through any mobile device or system. It further offers unlimited player slots, world-class enshrouded support, modding support, and fast processors that help deliver a lag-free experience.Who is it recommended for?Apex Hosting is a reliable solution that allows users to install up to 200 modpacks, is convenient, and offers ultra-low latency, worldwide locations, and options to create backups automatically. If you are looking for such a solution, you must go in for it.Pricing PlansHere’s the Apex hosting plan for Enshrouded server:Price First MonthPrice RecurringRAM$16.87$22.496 GB$20.99$27.998 GB$26.25$35.0010 GB$29.24$38.9912 GB$34.12$45.5014 GB$38.99$51.9916 GB$48.74$64.9920 GB$58.49$77.9924 GB$68.24$90.9928 GB$77.99$103.9932 GBTry Apex Hosting7. Shockbyte (Trusted Enshrouded Server Hosting)Shockbyte makes enshrouded server hosting easy for everyone, including newbies. They have a full knowledge base, tricks and tips for setting up your enshrouded server. And if you’re not content with this, they have a friendly support team who’s 24/7 up to take your call and solve queries.Key FeaturesHere are some more features you receive when you buy Shockbyte’s Enshrouded server hosting:Low Latency: make sure there are no delays in the speed at which users and servers exchange data.Full FTP access: gives full control over uploading, downloading, and management of filesFree Modded Minecraft server hosting: provides free hosting for modded Minecraft servers along with access to custom mods and plugin integrationsWorldwide Locations: Shockbyte servers have global locations that give a lag-free enshrouded experience.ProsAutomatic backups: creates frequent data backups to recover faster in case of unforeseen events or data lossSecurity: provides defense against fraudulent traffic or DDoS attacks for hosting accountsCustomer support: Customers can email, use the ticket system, or use live chat to communicate with the support teamConsPerformance issues: some customers reported performance irregularities at the time of heavy trafficLimited support: certain mods and game types receive less support than others.Why do we recommend it?Shockbyte can help you reach the full potential of an enshrouded server hosting by giving you full access to all configuration settings and the ability to change them as per need. Gamers also have significantly more control than in a self-hosted environment and can adjust the server player count to play with 8 or 16 players.Who is it recommended for?Even beginners can use the enshrouded server hosting thanks to its knowledge base and excellent features. Further, since it offers multiple server locations, users across various regions can enjoy a smooth and better gaming experience.Pricing PlansHere’s Shockbyte’s pricing plan for Enshrouded server hosting:Price Per MonthPlayer SlotStorage$19.99Up to 8NVMe24.998-16NVMeTry Shockbyte Hosting8. Zap-Hosting (Cheap Enshrouded Server Hosting)Zap Hosting’s intelligent algorithm calculates your ideal enshrouded server resources based on your desired player count and gameplay expectations. You don’t need any guesswork to host your server.Not just this, your enshrouded server hosting comes with lots of flexibility. You can upgrade your resources during the ordering process or anytime.Key FeaturesSome more features that you wouldn’t want to miss from Zap areLow Latency: make sure there are no delays in the speed at which users and servers exchange data.Full FTP access: gives full control over uploading, downloading, and management of filesFree Modded Minecraft server hosting: provides free hosting for modded Minecraft servers along with access to custom mods and plugin integrationsWorldwide Locations: Shockbyte servers have global locations that give a lag-free enshrouded experience.ProsAutomatic backups: creates frequent data backups to recover faster in case of unforeseen events or data lossSecurity: provides defense against fraudulent traffic or DDoS attacks for hosting accountsCustomer support: Customers can email, use the ticket system, or use live chat to communicate with the support teamConsPerformance issues: some customers reported performance irregularities at the time of heavy trafficLimited support: certain mods and game types receive less support than others.Why do we recommend it?Shockbyte can help you reach the full potential of an enshrouded server hosting by giving you full access to all configuration settings and the ability to change them as per need. Gamers also have significantly more control than in a self-hosted environment and can adjust the server player count to play with 8 or 16 players.Who is it recommended for?Even beginners can use the enshrouded server hosting thanks to its knowledge base and excellent features. Further, since it offers multiple server locations, users across various regions can enjoy a smooth and better gaming experience.Pricing PlansHere’s Zap hosting’s pricing structure for enshrouded server hosting:Price Per Month Player SlotRAM$13.7846 GB$15.4966 GB$17.1986 GB$18.90106 GB$20.61126 GB$22.31146 GBTry Zap-HostingWhat is Enshrouded?Enshrouded is a cooperative survival-crafting, action-adventure, mysterious role-playing game [RPG]. It is set within a voxel-based world that is consumed by a mysterious and deadly fog called the Shroud. In the enshrouded game, you must work to survive the harsh environment, craft tools, and weapons, build shelters and settlements, and ultimately find the secrets of the Shroud and the fallen kingdom.Enshrouded is currently in Early Access and is being developed by Keen Games, an independent game development studio based in Gothenburg, Sweden.The official player limit of the game right now is 16, but with a dedicated enshrouded server,, up to 200 players can play together.If you want to learn more about Enshrouded, you can check out their official website https://enshrouded.com.What is the minimum system requirement for hosting an Enshrouded server?Here’s the complete detail on the system requirement for Enshrouded server hosting.RequirementMinimumRecommendedOperating SystemWindows 10 (64-bit)Windows 10 (64-bit)ProcessorIntel Core i5-6400 (2.7 GHz, 4 Cores) / AMD Ryzen 5 1500X (3.5 GHz, 4 Cores)Intel i7-8700 (3.7 GHz, 6 Cores) / AMD Ryzen 7 2700X (3.7 GHz, 8 Cores)Memory16 GB16 GBGraphicsNVIDIA GeForce GTX 1060 (6GB VRAM) / AMD Radeon RX 580 (6GB VRAM)NVIDIA RTX 2070 Super (6GB VRAM) / AMD Radeon RX 6700 XT (6GB VRAM)NetworkBroadband Internet ConnectionBroadband Internet ConnectionStorage60 GB available space60 GB available spaceConclusionRemember, there’s no one-size-fits-all server. Think about:How much are you willing to spend?How many friends do you play with?How powerful do you want things to be (think lag-free!)And then decide.Here’s the quick rundown to help you find your perfect shrouded server hosting:Sparked Host and Shockbyte Enshrouded server: They are Great for customizing options. If you want better control, you can opt for one among them.GravelHost and Apex Hosting: They are easy to use and affordable, perfect if you’re just starting or playing with a small crew.XgamingServer: Top-notch performance, with lots of modding and maps available. Ideal for big groups or serious gamers.Zap-Hosting: Budget-friendly options without sacrificing quality.Before you choose, check out each provider’s website and see what they offer. Don’t be afraid to ask questions – they’re there to help you.FAQs: Best Enshrouded Server Hosting Services1. What features should I look for in an enshrouded server host?When choosing your enshrouded server host, key features to look for includeFast CPU and RAM configurations to support mods/plugins.Low-latency networks for high-performance games.Geographically close server locations to reduce lag.DDoS protection and hardware redundancy for minimizing downtime.Efficient control panels for managing settings.Scalability for more future scope.24/7 customer support for rich assistance.2. How many players can a good Enshrouded server support?A well-configured enshrouded server with ample resources like quad-core CPUs, 32-64GB RAM, SSD storage, and high bandwidth can comfortably support 80-100 slot servers to host large game modes and player bases for the graphics-intensive Enshrouded smoothly.3. Why should I use a game server host instead of self-hosting an Enshrouded server?Using a dedicated and well-managed game server host instead of self-hosting optimizes your enshrouded server reliability, security, and connectivity while saving you a lot of time.Specialized hosts offer guaranteed uptime, DDoS protection, better hardware at lower long-term costs, and handling maintenance/updates for you. It means taking all the headaches and giving you relief so that you only focus on the game.4. What control panel options typically come with an Enshrouded server hosting?The best quality Enshrouded hosting providers equip you with control panels like TCAdmin, Multicraft or Custom Panels. These let you manage users, install mods/scripts, initiate reboots, and adjust settings like spawn points – all through an intuitive web interface accessible anytime.5. What support should I expect when hosting a dedicated Enshrouded server?A Reputable Enshrouded server hosting offers round-the-clock support through email, tickets, live chat and Discord. This means you get access to real experts in configuring hardware, troubleshooting issues, guiding mod installs, and optimizing performance 24/7. You are never stuck with a problem when you host a dedicated enshrouded server.More than that, some hosting providers also provide 365 days of support without taking leaves even on public holidays.6. Which is the most affordable Enshrouded server hosting option?The most affordable enshrouded server hosting in the market at present is Gravel Host, Sparked Host, Zap Hosting and Modern Hosting.The starting price for hosting an enshrouded server is just $5 for the GravelHost server, $13.20 for the SparkedHost, $13.50 for Modern hosting and $13.78 for Zap hosting.7. Is there any Enshrouded server that gives a free trial?Of course, many Enshrouded server hosting providers give you a risk-free, free trial like Sparked Host, XgamingServer, GravelHost, Modern Hosting, DatHost, Apex Hosting, Shockbyte, and Zap hosting.The free trial period differs from 24 hours to 7 days. All these Enshrouded server hosting providers are listed in the blog. You can check them.Also ReadBest Palworld Server Hosting
How to Install VirtualBox Guest Additions on Ubuntu 24.04
In this guide, we will explain how to install VirtualBox guest additions on Ubuntu 24.04 LTS system.As we know VirtualBox is a free and open-source virtualization tool for Linux and Windows desktop, in order to enhance the performance and usability of virtual machine (VM), it is recommended to install VirtualBox guest additions.It offers additional functionalities to your guest VM like seamless shared clipboard, mouse pointer synchronization, and improved display resolution.PrerequisitesPre-Install Ubuntu 24.04 Instance on VirtualBoxA Local User with sudo rightsInternet connectivityWithout any delay, let’s jump into the installation steps of VirtualBox guest additions on Ubuntu 24.04.1) Start Your Ubuntu 24.04 VMFrom the VirtualBox GUI, start your Ubuntu 24.04 VM as shown below,2) Install Required PackagesLogin to your Ubuntu system and open the terminal and run following apt commands to install required packages for VirtualBox guest additions.$ sudo apt update
$ sudo apt install build-essential linux-headers-$(uname -r) -y3) Insert Guest Additions CD ImageIn VirtualBox GUI, go to the menu bar and select Devices > Insert Guest Additions CD Image.When we click on “Insert Guest Additions CD Image” then it will mount the Guest Additions ISO file under “/media/$USER/VBox_GAs”.4) Install VirtualBox Guest Additions on Ubuntu 24.04To install virtualBox Guest additions, run the script “VBoxLinuxAdditions.run”$ cd /media/linuxtechi/VBox_GAs_7.0.18/
$ sudo ./VBoxLinuxAdditions.runThe script will compile and install the guest additions. During this process, you might see several messages indicating the compilation of kernel modules.5) Reboot Your VMOnce virtualbox guest additions are installed successfully, reboot your VM to make above changes into the affect.$ sudo rebootPost reboot you will see that display resolution and graphics will change automatically when you try to resize the screen.Perfect, above screen confirms that we have successfully installed VirtualBox guest additions on Ubuntu 24.04 VM.That’s all from this guide, we hope you have found it informative and useful. Feel free to post your queries and feedback in below comments section.
Threat Modeling for Individuals – Pixelated Dwarf
What is Threat Modeling for Individuals?
Threat modeling is a way of thinking about risk. It is not all technological solutions but they do play a role in thinking about how to mitigate or lessen the threats. When you think about defense, start with thinking about what you’re defending, and how valuable it is.
Lets start off with an example that you might already have in your house. Using smart speakers in your house (Alexa, Echo or Google). Here are some of the things I thought of while visiting this issue:
What do you want to protect?
My Location
Privacy
Search History
Voice Recordings
Who do I want to protect it from?
Tech Company
Data Brokers
ISP
Hackers
How likely is it that I will need to protect it?
Tech Company
Amazon gets hacked with all your data released
Amazon gets hacked with very little data stolen
Data Brokers
Amazon sells my data to a data broker
Personal information aggregates across the web
ISP
Can snoop the traffic and “listen in”
Hackers
Can listen in on private conversations
Use Alexa to use IOT devices – for instance: “Alexa, Open the garage door”
How bad are the consequences if I fail?
Personal and confidential information is released and monetized
Voice is used to train AI for spoofing those I care about
Here is the process that we are illustrating:
Threat modeling for individuals is an on-going process that is never finished. Things always change and we need to adapt.
Steps to Individual Threat Modeling
What do I want to protect? An “asset” is something you value and want to protect. Emails, contact lists, financial information, instant messages, Your location, files, and devices are examples.
List your “assets”: The data that you keep, where it’s kept (Which computers, encrypted backups, etc.), who has access to it (is it locked away somewhere?), and what stops others from accessing it.
Who do I want to protect it from? A person or entity that poses a threat to your assets is an “adversary”.Examples of potential adversaries are your boss, your former partner, your business competition, your government, or a hacker on a public network.
Make a list of your adversaries or those who might want to get a hold of your assets. This list may include individuals, a government agency, or corporations.
Depending on who your adversaries are, under some circumstances, this list might be something you want to destroy after you’re done security planning.
How likely is it that I will need to protect it? Risk is the likelihood that a particular threat against a particular asset will actually occur. It goes hand-in-hand with capability. Write down which threats you are going to take seriously, and which may be too rare or too harmless (or too difficult to combat) to worry about.
How bad are the consequences if I fail? Security planning involves understanding how bad the consequences could be if an adversary successfully gains access to one of your assets. To determine this, you should consider the capability of your adversary. For example, your mobile phone provider has access to all of your phone records. A hacker on an open Wi-Fi network can access your unencrypted communications. Your government probably has stronger capabilities. Write down what your adversary might want to do with your private data.
Some mitigation strategies
Regularly update software and firmware: Keep all systems, devices, and software up to date with the latest security patches and updates. This helps protect against known vulnerabilities that hackers could exploit.
Use strong and unique passwords: Enforce the use of strong passwords that consist of a combination of uppercase and lowercase letters, numbers, and special characters. Avoid using the same password for multiple accounts. Use a password manager to keep track of your usernames, passwords and important information. I suggest Bitwarden or Keypass.
Multi-factor authentication (MFA): Enable MFA wherever possible to add an extra layer of security. This adds an additional step to verify the user’s identity.
Implement firewalls: Firewalls monitor and control network traffic. Implementing a hardware firewall can help identify and block malicious activity.
Secure network connections: Use secure protocols, such as HTTPS, for all network connections. Avoid using unsecured or public Wi-Fi networks, especially when accessing sensitive information.
Encrypt sensitive data: Use encryption to protect sensitive information both during storage and transmission. This ensures that even if data is intercepted, it would be unreadable without the appropriate decryption key.
Perform regular backups: Regularly back up important data to ensure that it can be recovered in case of a security incident. Store backups in a secure location, separate from the primary systems and encrypt them before storing them.
Conduct security awareness training: Educate your family about the importance of security best practices, such as recognizing phishing emails, avoiding suspicious websites, and reporting any security concerns.
Monitor and analyze system logs: Set up and regularly review logs from your systems, networks, and applications. This can help detect any unusual activity or signs of a security breach.
Incident response planning: Develop a comprehensive incident response plan that outlines the steps to be taken in the event of a security incident. This ensures a timely and effective response to mitigate further damage.
Summing it all up
Someone once said that Noah started building the ark before there was even a drop of rain in the sky. Being prepared to protect yourself and your family is important. Thinking about what you have and hold dear – that could be monetized against you, something that is personal to you or your family or just something you don’t want to loose should be the start of a journey to keep it. There are data breaches on almost a daily basis, data brokers and companies are selling our information. Data has no borders, you can send it anywhere. Protect yourself by doing a threat model for yourself and your family. Then take action.
Yes, this is a different way of looking at the world and it may seem strange when you start it for the first time, but it will help in many ways. You will narrow down what you have to protect and focus you on ways to protect it.
No Rest for the Wicked now Steam Deck Verified thanks to latest update
No Rest for the Wicked from Moon Studios GmbH and Private Division has been through another major upgrade, and thanks to it the game is now Steam Deck Verified.
What is it? From Moon Studios, the award-winning developers of Ori and the Blind Forest and Ori and the Will of the Wisps comes No Rest for the Wicked, a visceral, precision Action RPG set to reinvent the genre.
Yesterday, July 25th, The Crucible update landed for the game which Valve has now rated as Steam Deck Verified with Proton 9.
Not surprising when you see just how many performance improvements it’s seen in the update:
Reduced CPU spikes occurring when loading new areas and content.
Reduced CPU spikes occurring when instantiating numerous visual effects and objects.
Reduced memory usage in various systems.
Improved our broad-phase culling pass, reducing CPU utilization.
Improved content loading sequencing to reduce cases of on-screen pop-in.
Improved particle simulation and rendering performance for various debris effects.
Improved mesh trail performance.
Improved cloth simulation performance.
Improved character animation system’s performance.
Improved CPU performance during cinematic sequences.
Reduced CPU overhead for physics simulation of clutter, debris and destructible objects.
Reduced CPU overhead for pre-placed corpses.
Reduced CPU overhead for animating objects’ visual properties.
Reduced CPU overhead for characters outside of the camera viewport.
Additionally a dedicated Steam Deck improvement with “Updated resolution on Steam Deck button Icons” so now they should look a lot clearer. Loads more can be seen in the changelog.
Seems like this might be a good time to finally try it and it should work great on Desktop Linux as well thanks to Proton.
You can buy it from:
Fanatical
Humble Store
Steam
Article taken from GamingOnLinux.com.
5 Best Open-Source Writing Software for Linux
Linux is fundamentally an open-source Operating System. Using open-source software on Linux is as peaceful as the Himalayas. Here we’ve discussed 5 such software that could be the best friend of a writer if done right.1. Espanso:Writers are often found to be the most absent-minded individuals on the planet. While they can write a 500-page book within three months, they struggle with an official letter. You always wish to have a smart autocomplete system that will fill up the details with a hint and insert the necessary boring details like dates and times for you.While you could hire someone to fill in the details for you, why not download a program for free that will do it all?Espanso is an open-source program that inserts phrases into your writing when triggered by a keyword. Copy-pasting is a writer’s worst dream come true. Espanso helps you create templates for every other cover letter or writing you need to do. Just write once and change accordingly from later on. Emoji support, search function, are additional standard features Espanso provides.2. Markdown:We writers are fond of clutter-free, featureless, writing environments. But, most of the software that is widely available, is clumsy and complex. While we want to write and write only, those present us the option to do anything with it. Which is often the best way to market their product.Writers care about only one thing, how the text is going to look in websites and books. For that, Markdown is the best possible open-source option available for you. Markdown is the informal standard for HTML and is being used in many software to take notes, blog, and make texts readable.If you are able to implement markdown in your writing program, that’s fine. But you can also download one of the many editors that support markdown to get started. You need to use some codes like “**” and “<>” before and after the texts to format them as you wish.3. Gitbook Editor:Publishing your finished writing is a hassle. Checking the markdown, proofreading, fixing headlines, typos, take as much time as writing. You often find yourself looking for someone to do this for you. But, that someone might not be as experienced as you, might not understand the flow. Even if you find someone perfect, publishing is still a hassle.Gitbook Editor is an open-source editor that is used by 5000+ companies daily. Every quality you expect an editor to have is implemented in Gitbook Editor. While you were writing, it already has formatted your text and synced it with GitHub and GitLab. Want to publish your article online, just a click will do. Collaborating with other writers is also a struggle of the past with Gitbook Editor.4. Calibre:Love reading E-books? Lose them often? Love Kindle but don’t know how to use it? Me too. Managing my e-book collection is as stressful as describing a politician. You often wonder if anything is remotely possible to help you out with it, where you could keep your library and keep a backup of it all.Calibre is all that. It’s open-source, works on Linux, free to use, manages your e-books like it’s their nanny, opens them up in a comprehensive manner, downloads the ones you need, and backs them up. What more do you need for a free e-book manager!5. Plume Creator:Hello novelists. Do you need image insertion in your text? Would you love to have a hint of red in your headings? NO! You just need a simple workspace that doesn’t harass you every day with features. While it would be lovely to have some rich-text formatting available but everything over the top is disgraceful.Plume Creator is just that. With minimal necessary features like rich text formatting and full-screen mode, it appeals the most to novelists, who don’t have much demand for editing. Take notes, check stats, export to .html and .odf formats, but nothing overwhelming and certainly doesn’t get in the way. It’s also free and is available for Linux.The Bottom Line:While open-source writing software are the greatest of solutions, but you need to understand how to install them on your Linux OS. While some of them are easily downloadable, most of them require specific processes to be installed. But, don’t worry, it’s not rocket science.All the best.This is a guest post by Cath Jenkin
How To EASILY View CPU Info In Linux Over CLI
Have you ever wondered what’s under the hood of your computer’s central processing unit (CPU)? Well, wonder no more! Linux command line interface (CLI) offers a powerful and efficient way to access and display CPU information. From the clock speed and number of cores to the cache size and instruction set, the CLI provides a wealth of technical details that can help you understand how your CPU works and how to optimize its performance. So, get ready to unleash your inner geek and join me on this exciting journey of exploring CPU info in Linux through the CLI..elementor-widget-spacer,.e-con>.elementor-widget-spacer{width:var(–container-widget-width,var(–spacer-size));–align-self:var(–container-widget-align-self,initial);–flex-shrink:0;}.e-con-inner>.elementor-widget-spacer>.elementor-widget-container,.e-con>.elementor-widget-spacer>.elementor-widget-container{height:100%;width:100%;}.e-con-inner>.elementor-widget-spacer>.elementor-widget-container>.elementor-spacer,.e-con>.elementor-widget-spacer>.elementor-widget-container>.elementor-spacer{height:100%;}.e-con-inner>.elementor-widget-spacer>.elementor-widget-container>.elementor-spacer>.elementor-spacer-inner,.e-con>.elementor-widget-spacer>.elementor-widget-container>.elementor-spacer>.elementor-spacer-inner{height:var(–container-widget-height,var(–spacer-size));}.e-con-inner>.elementor-widget-spacer.elementor-widget-empty,.e-con>.elementor-widget-spacer.elementor-widget-empty{position:relative;min-height:22px;min-width:22px;}.e-con-inner>.elementor-widget-spacer.elementor-widget-empty .elementor-widget-empty-icon,.e-con>.elementor-widget-spacer.elementor-widget-empty .elementor-widget-empty-icon{position:absolute;top:0;bottom:0;left:0;right:0;margin:auto;padding:0;width:22px;height:22px;}/*]]]]>*/]]>Now, when it comes to an overview of CPU info, there are several handy ways to do this.The top command is a powerful tool for monitoring system activity in real-time, including CPU usage. When you run the top command in the terminal, you’ll see a live display of system statistics, including the percentage of CPU usage by each running process. This is what it looks like and, here is a post to further learn about the top command as well as it’s close cousins, htop and btop.
What about cores? Like always, in Linux there is more than one way to achieve the same results. I’ll throw 2 solutions at you for this one.
One handy trick that has existed in Linux since the dinosaurs, is cat! Well, technically cpuinfo but let’s still give cat some credit, ok?
linuxman@ubuntu:~$ cat /proc/cpuinfo | grep cores
cpu cores : 1
Normally, there is much more info about the CPU using this method but we’re only interested in our CPU core count for now. So, we are filtering the output of cpuinfo using grep to search for a line that includes “cores”. And as we can see, in my little guinea pig VM, it only has one core.For the other handy trick, we will use lscpu but filter out a lot of other junk we’re not interested in right now.
linuxman@ubuntu:~$ lscpu | grep “CPU(s)” | head -n 1
CPU(s): 1
Why is this command so long? I don’t know, but it works for me (insert shrug emoji). lscpu actually has way more info than cpuinfo and much more simplified. But because it is dumbed down, we have to do a bit more filtering to get only what we want out of it.As you can see, I filtered “CPU(s)” because unlike cpuinfo, “cores” gives us something completely different. What can you do about it?I follow up with head to filter the first line of output because there are multiple lines that include “CPU(s)”. Anyhow, we still get decent results!As far as hardware info, yes, you can use the last two commands but where’s the fun in that? cpuinfo is too mainstream, am I right?
First up, we have dmidecode. This one is like asking your CPU for its ID card. It displays hardware information about the CPU, including the manufacturer, model name, family, and more. It’s like getting to know your CPU on a personal level, finding out its name, where it’s from, and what it likes to do. So, if you really want to dig deep into your machine’s guts, dmidecode it!
linuxman@ubuntu:~$ sudo dmidecode -t processor
[sudo] password for linuxman:
# dmidecode 3.2
Getting SMBIOS data from sysfs.
SMBIOS 2.8 present.
Handle 0x0400, DMI type 4, 42 bytes
Processor Information
Socket Designation: CPU 0
Type: Central Processor
Family: Other
Manufacturer: QEMU
ID: 10 0F 83 00 FF FB 8B 07
Version: pc-q35-6.1
Voltage: Unknown
External Clock: Unknown
Max Speed: 2000 MHz
Current Speed: 2000 MHz
Status: Populated, Enabled
Upgrade: Other
L1 Cache Handle: Not Provided
L2 Cache Handle: Not Provided
L3 Cache Handle: Not Provided
Serial Number: Not Specified
Asset Tag: Not Specified
Part Number: Not Specified
Core Count: 1
Core Enabled: 1
Thread Count: 1
Characteristics: None
Next up, we have lshw. This command is like opening up your CPU and looking inside. It lists detailed information about the CPU hardware, including the CPU type, clock speed, cache size, and more. It’s like being a surgeon, exploring the inner workings of your CPU to better understand how it operates.
linuxman@ubuntu:~$ sudo lshw -C cpu
*-cpu
description: CPU
product: AMD EPYC-Rome Processor
vendor: Advanced Micro Devices [AMD]
physical id: 400
bus info: cpu@0
version: pc-q35-6.1
slot: CPU 0
size: 2GHz
capacity: 2GHz
width: 64 bits
capabilities: fpu fpu_exception wp vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx mmxext fxsr_opt pdpe1gb rdtscp x86-64 rep_good nopl cpuid extd_apicid tsc_known_freq pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw topoext perfctr_core ssbd ibpb stibp vmmcall fsgsbase tsc_adjust bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves clzero xsaveerptr wbnoinvd arat umip rdpid arch_capabilities
configuration: cores=1 enabledcores=1 threads=1
If you’re curious about your CPU temperature and want to check it in Linux CLI, you can use the sensors command. Think of it as your very own personal weatherman for your system – it reads the data from the sensors on your motherboard and reports back the temperature readings, including those for the CPU.Keep in mind that depending on your system’s configuration, you may need to run the sensors-detect command first to detect and load the appropriate kernel modules for your system’s sensors. It’s like finding the right trail to hike on – you want to make sure you’re heading in the right direction.
linuxman@ubuntu:~$ sudo sensors
coretemp-isa-0000
Adapter: ISA adapter
Package id 0: +47.0°C (high = +100.0°C, crit = +100.0°C)
Core 0: +46.0°C (high = +100.0°C, crit = +100.0°C)
acpitz-virtual-0
Adapter: Virtual device
temp1: +27.8°C (crit = +119.0°C)
amdgpu-pci-0200
Adapter: PCI adapter
vddgfx: 800.00 mV
fan1: 0 RPM
temp1: +47.0°C (crit = +94.0°C, hyst = -273.1°C)
nvme-pci-0100
Adapter: PCI adapter
Composite: +49.9°C (low = -273.1°C, high = +80.8°C)
(crit = +88.8°C)
And just like with the weather report, the temperature readings you get from the sensors command may not always be 100% accurate or consistent. So use the information as a general guideline rather than a definitive measurement. But overall, using the sensors command can be a fun and useful way to keep tabs on your system’s CPU temperature.
In conclusion, Linux CLI provides a treasure trove of information about your CPU hardware, and there are various ways to access this information. From the cat /proc/cpuinfo command that’s like being a detective on a case, to the dmidecode -t processor command that’s like getting to know your CPU on a personal level, each command offers a unique perspective on your CPU hardware. And if you prefer a more visual approach, there are GUI tools and third-party system information tools that can provide detailed CPU hardware information. Whether you’re a tech enthusiast, a system administrator, or just curious about your system, exploring CPU hardware information in Linux CLI can be an exciting and rewarding experience. So go ahead and start exploring – you never know what interesting CPU facts you might uncover!
Configure ProFTPd for SFTP on CentOS
This is a guide on how to configure ProFTPd for SFTP sessions. Secure File Transfer Protocol (SFTP) is a secure version of FTP which transfers files via the SSH protocol. ProFTPD can be reconfigured to serve SFTP sessions vs using the default FTP protocol. This guide assumes you already have a existing ProFTPD installation. If you do not already have it installed please follow How to Install Proftpd.Edit /etc/proftpd.conf To Enable sFTPnano /etc/proftpd.confUn-comment the following lines to load mod_sftp#LoadModule mod_sftp.c
#LoadModule mod_sftp_pam.cToLoadModule mod_sftp.c
LoadModule mod_sftp_pam.cAdd the following to the end of the configuration (outside of the <global> </global> block to run it separately)<IfModule mod_sftp.c>
SFTPEngine ON
SFTPLog /var/log/sftp.log
Port 2222
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPLog /var/log/proftpd/sftp.log
SFTPCompression delayed
</IfModule>SFTPEngine – This will enable SFTPSFTPLog – This will set the log file for sftp connectionsPort – This will set the port ProFTPd will listen on for SFTP connectionsSFTPHostKey – This points to the SSH key.SFTPCompression – This sets the compression method used during transfersOpen the sFTP port in the firewallFirewalld:Enable firewall rule:firewall-cmd –zone=public –add-port=2222/tcp –permanentLoad the new firewallfirewall-cmd –reloadIptables:Enable the firewall rule:iptables -A INPUT -p tcp -m tcp –dport 2222 -j ACCEPTSave the firewall rule:iptables-save > /etc/sysconfig/iptables Restart ProftpdCentOS 7:systemctl restart proftpdCentOS 6:service proftpd restartThats all you need to do to configure ProFTPd to accept ssh connections. You should now able to connect via port 2222 using a sFTP client.Jan 14, 2018LinuxAdmin.io
Popular DNS record types you can check through your Linux device
Which are the popular DNS record types?
There are a lot of different DNS record types. Yet, some of them are more well-known. That is because they are more commonly implemented in DNS (Domain Name System) configurations. So, let’s explain a little bit more about the most popular DNS record types:
NS record
For this record, NS stands for Name Server. Its main goal is to indicate the Authoritative DNS server for a domain name. The NS record is also one of the crucial DNS record types for achieving proper DNS configuration.
A record
This fundamental DNS record is also known as Address record. Its purpose is especially important for every domain. The A record is responsible for pointing a domain name to its IP address, more precisely IPv4 address.
AAAA record
You could find this record called also quad A record. It is very similar to the previous one. They both link domain names to their corresponding IP addresses. However, the main difference is that the AAAA record is only used for the newer IPv6 addresses.
SOA record
The acronym SOA stands for Start of Authority. This is the first DNS record that you should add to your DNS zone. It stores important data about the DNS administrator and also crucial information about zone transfers.
MX record
The Mail eXchanger record, or shortly MX record, is another vital piece of your configuration. Its purpose is to indicate the name server responsible for receiving email messages for your domain name. If you do not have such a record available, you are going to experience difficulties in receiving emails.
PTR record
You can find this record, also called Pointer record. It has the valuable aim to point an IP address (IPv4 or IPv6) to its corresponding domain name. It serves for Reverse DNS lookup and validating that the precise IP address actually belongs to that domain name.
CNAME record
This DNS record links one domain name to another. The CNAME record shows the actual canonical domain name. Therefore, it is very useful and beneficial to use it for your subdomains.
How to check your DNS record types through your Linux device?
There are a lot of different ways to check and see your DNS records. However, as a Linux user, you have some outstanding options to achieve this task. Here are some great commands that you can write straight into your Terminal application.
Nslookup command
The Nslookup command is simple and easy to use. For the purpose to see all of the available DNS records for your domain, type the following:
$ nslookup -type=any example.com
*Make sure to replace example.com with the domain name you want. You could also change “any” with the specific DNS record type you want to see.
Dig command
The Dig command is another option for you to check and see different DNS record types. It provides detailed information.
Simply use the following pattern:
dig example.com DNS record type
*Make sure to replace example.com with the domain name you want and DNS record type with the one you want.
Host command
The Host command is another easy-to-use tool with a command-line interface (CLI). When you want to see a complete list with all of the DNS records for a domain and their TTL (Time-to-live) values, type the following:
host -a example.com
As a result, you are going to witness records such as A, AAAA, CNAME, MX, with their TTL values.
*Make sure to replace example.com with the domain name you want.
Linux 6.11-rc1 Released With Initial Intel Battlemage Support, AMD RDNA4 Primed
The Linux 6.11 merge window is over with the Linux 6.11-rc1 release now out the door.
Linux 6.11 is bringing many new features across the board. There is initial support for some Qualcomm Snapdragon X1 laptops, a lot of CPU and GPU additions, other hardware support work, and a fair amount of kernel features added.
On the CPU side there is RISC-V NUMA support for ACPI-based systems, some small performance gains at least for Threadripper Zen 4, performance event improvements for more Intel CPUs, AES-GCM optimized versions for AVX-512/AVX10 and VAES, AMD Core Performance Boost and Fast CPPC were added to the AMD P-State driver, and AMD SEV-SNP KVM guest support is finally mainlined.
On the graphics side, the initial cut at Intel Xe2 Battlemage discrete graphics cards has landed, including the display functionality and initial device IDs. But more work on Battlemage will continue in the cycles ahead. AMD RDNA4 (GFX12) graphics cards also appear to be in preliminary good shape with Linux 6.11.
Other changes include UBIFS being hardened against power cuts, a minimum Rust toolchain version is now defined, getrandom() in the vDSO, a nice EXT4 performance optimization, the upstream kernel can now easily build a Pacman kernel package for Arch Linux systems, a new power sequencing subsystem, and more. I’ll have out my Linux 6.11 kernel feature overview in the coming days.
Stay tuned for my more extensive Linux 6.11 feature overview and the start of more Linux 6.11 kernel performance benchmarking.
As of writing, Linus Torvalds has yet to put out any formal statement of Linux 6.11-rc1 on the mailing list but the first release candidate can be downloaded via Linux Git for those interested in getting to testing right away.Update: Linus Torvalds has now posted his v6.11-rc1 announcement: “The merge window felt pretty normal, and the stats all look pretty normal too. I was expecting things to be quieter because of summer vacations, but that (still) doesn’t actually seem to have been the case.”
Saturday’s Talks: una lista delle 6 peggiori idee in ambito sicurezza informatica scritta nel 2005 può essere considerata valida oggi?
Tra le prerogative essenziali della scienza informatica vi è sicuramente l’evoluzione. Anche solo osservando gli ultimi 10 anni della storia informatica si nota come i concetti stessi di workload siano stati totalmente stravolti. Si è vissuta una transizione evidente da datacenter di proprietà pieni di server che virtualizzavano macchine ad ambienti cloud che erogano applicativi in modalità scalabile mediante container.
E questo è solamente uno dei tanti esempi che si potrebbero fare, e si potrebbe andare ancora più indietro, quanti hanno iniziato ad usare Linux installandolo mediante Floppy Disc, che dovevano essere montati a mano?
Insomma, per quanto quindi sia complicato (anche se certamente non impossibile) fare previsioni sul futuro è possibile comunque osservare il passato, ad esempio per capire cosa vale la pena mantenere e cosa scartare. Specialmente quando si parla di sicurezza.
È per questo che, dopo essermi imbattuto in questo articolo del 2005 scritto dall’utente mjr, al secolo Marcus Ranum, dal titolo The Six Dumbest Ideas in Computer Security (traducibile con “le 6 idee più idiote in ambito di computer security”) mi sono chiesto se, nonostante siano passati quasi 20 anni dalla stesura di quell’articolo, le idee in esso riportate sono ancora attuali.
Per rispondere partiamo anzitutto dalla lista:
Default permit: nella sua più pratica esemplificazione, aprire il firewall a tutto e poi chiudere solo quello che interessa.
Enumerating Badness: riassumibile con proteggersi da specifiche vulnerabilità, senza in realtà adottare un approccio di sicurezza globalizzato e generale.
Penetrate and Patch: in cui sostanzialmente si da il proprio sistema in mano a un espertone (a volte con proprio le chiavi di accesso, perché quelle servono) e poi, in base ai rilevamenti, si attuano le contromisure.
Hacking is Cool: ed è l’alimentazione dell’idea che individuare i problemi (e magari mettere in difficoltà intere organizzazioni) sia figo.
Educating Users: citando il worm “Anna Kournikova”, famosissimo virus che nel 2001 in cambio di un click su di un .exe prometteva foto senza veli della famosa (al tempo) tennista, ecco la riflessione secondo cui educare gli utenti significa dover “patchare” gli utenti ogni settimana, processo stupido, oltre che impossibile.
Action is better than inaction: che cita Sun Tsu secondo cui “Spesso è più facile non fare qualcosa di stupido che fare qualcosa di intelligente”.
Il panorama informatico in cui questo articolo è stato scritto è palesemente molto diverso dall’attuale certo, ma non così tanto a pensarci bene. Non penso che nessuno abbia da ridire sui punti dal primo al terzo, validi allora come oggi, così come anche tolta tutta la vena di romanticismo che il punto quattro porta con se, in realtà ci si rende conto che effettivamente l’hacking is cool menzionato qui è proprio una brutta idea da passare.
Sul punto 5 è interessante notare questa previsione riportata nell’articolo:
My prediction is that in 10 years users that need education will be out of the high-tech workforce entirely, or will be self-training at home in order to stay competitive in the job market. My guess is that this will extend to knowing not to open weird attachments from strangers.
La mia previsione è che tra 10 anni gli utenti che hanno bisogno di istruzione saranno completamente fuori dalla forza lavoro high-tech, o si auto-istruiranno a casa per restare competitivi nel mercato del lavoro. Immagino che questo si estenderà al sapere di non aprire strani allegati da sconosciuti.
Interessante perché non si è verificata, ed anzi, è ben lungi dal farlo, in un contesto dove chiunque con uno smartphone si sente autorizzato a definirsi esperto di informatica ed ancora oggi gli allegati conosciuti sono tra le prime cause di infezioni da malware e virus.
Infine il punto 6 è forse l’unico su cui è davvero il caso di notare una netta discrepanza rispetto a quanto è considerato buona norma oggi: fermo restando l’utilizzo del raziocinio, è stato dimostrato come l’approccio proattivo dello shift-left è nella sostanza indispensabile per rendere le pipeline di produzione dei software realmente vicine al concetto di sicurezza.
Ed a proposito di questo, e di come in realtà lo shift-left sia ben lungi dall’essere una pratica universalmente adottata, una cosa certamente non è cambiata dal 2005 ad oggi, e sono le schermate blu di Windows.
CrowdStrike docet.
Raoul Scarazzini
Da sempre appassionato del mondo open-source e di Linux nel 2009 ho fondato il portale Mia Mamma Usa Linux! per condividere articoli, notizie ed in generale tutto quello che riguarda il mondo del pinguino, con particolare attenzione alle tematiche di interoperabilità, HA e cloud.E, sì, mia mamma usa Linux dal 2009.
Fonte: https://www.miamammausalinux.org/2024/07/saturdays-talks-una-lista-delle-sei-peggiori-idee-in-ambito-sicurezza-informatica-scritta-nel-2005-puo-essere-considerata-valida-oggi/
Visited 1 times, 1 visit(s) today
