For 2 decades now we’ve been told “use web services instead of in-house, it’ll be more secure since you don’t have security expertise”.
Know what? My home servers have never once been hacked, even when I did dumb shit like expose ports directly to the internet.
Oh, I got a zillion port scans, and people hammering the service login, but never hacked.
Today, with VPS, Reverse Proxy, Wireguard/Tailscale, I feel I can self-host with greater security assurances than any of these idiots.
cm0002@lemmy.world
on 04 Feb 2024 02:32
nextcollapse
Oh, I got a zillion port scans, and people hammering the service login, but never hacked.
Port scans drop to practically 0 once you start blocking all out of country IPs lmfao, I figure if the day ever comes where I might want to access my shit from a foreign country (without a VPN) or whatever I can just whitelist
Pretty much. Thankfully, the job I work at only does business inside the country it’s located I’m. If that ever changes, they will be providing us with the IP’s to whitelist them.
filister@lemmy.world
on 04 Feb 2024 03:43
collapse
That’s very lame to say. The incentives of hackers to hack you and compromise your system is very very low. You don’t represent any interest to them. So having just blocked port 22 and disabled ICMP can do the task to detract a big chunk of the automated attacks.
On the other hand commercial services are very high profile hacking targets and the attack vectors are a lot more sophisticated. Plus if you have a company, you need also to allow your employees to be able to work and you need to give them certain privileges to access the data they need. And guess what, not everyone is super careful and people make mistakes.
Once you start building stuff, you inevitably introduce bugs and dependencies, the bigger the project, the bigger the dependencies and patching all of them becomes harder and more time consuming.
Big corporations like MS, Google, Apple, etc. are having extremely strict and restrictive policies, including a huge cyber security engineers teams, and this is extremely expensive, especially for smaller companies, who are more focused on their product.
So please don’t think that these companies are run by idiots but a single human mistake can lead to this compromise. And sorry to disappoint you but you aren’t a cyber security guru either. Just hackers don’t care about you which saves your ass.
guyrocket@kbin.social
on 04 Feb 2024 01:49
nextcollapse
Anydesk spokeswoman stated "It's all this fucking cat's fault! This is one major son of a bitch cat, folks...don't get too close!"
Rustmilian@lemmy.world
on 04 Feb 2024 08:28
collapse
<img alt="AnyDesk Based In Florida" src="https://lemmy.world/pictrs/image/e6eba6c0-c07f-4997-b965-c156d574520d.jpeg">
threaded - newest
Upvoted for the cat
Security cat is watching you hax...
Lol, I thought it was the usual Kbin caching glitch, but no, the cat is in the actual article.
Pretty lame reason to upvote a post tbh. Upvote my comment if you agree 👆
To the bottom with you!
One of the few times I downvote
Keep not investing in security, there’s literally no downsides for the business! /s
Any desk, you say?
- Hackers
Right?
For 2 decades now we’ve been told “use web services instead of in-house, it’ll be more secure since you don’t have security expertise”.
Know what? My home servers have never once been hacked, even when I did dumb shit like expose ports directly to the internet.
Oh, I got a zillion port scans, and people hammering the service login, but never hacked.
Today, with VPS, Reverse Proxy, Wireguard/Tailscale, I feel I can self-host with greater security assurances than any of these idiots.
Port scans drop to practically 0 once you start blocking all out of country IPs lmfao, I figure if the day ever comes where I might want to access my shit from a foreign country (without a VPN) or whatever I can just whitelist
Pretty much. Thankfully, the job I work at only does business inside the country it’s located I’m. If that ever changes, they will be providing us with the IP’s to whitelist them.
That’s very lame to say. The incentives of hackers to hack you and compromise your system is very very low. You don’t represent any interest to them. So having just blocked port 22 and disabled ICMP can do the task to detract a big chunk of the automated attacks.
On the other hand commercial services are very high profile hacking targets and the attack vectors are a lot more sophisticated. Plus if you have a company, you need also to allow your employees to be able to work and you need to give them certain privileges to access the data they need. And guess what, not everyone is super careful and people make mistakes.
Once you start building stuff, you inevitably introduce bugs and dependencies, the bigger the project, the bigger the dependencies and patching all of them becomes harder and more time consuming.
Big corporations like MS, Google, Apple, etc. are having extremely strict and restrictive policies, including a huge cyber security engineers teams, and this is extremely expensive, especially for smaller companies, who are more focused on their product.
So please don’t think that these companies are run by idiots but a single human mistake can lead to this compromise. And sorry to disappoint you but you aren’t a cyber security guru either. Just hackers don’t care about you which saves your ass.
Anydesk spokeswoman stated "It's all this fucking cat's fault! This is one major son of a bitch cat, folks...don't get too close!"
<img alt="AnyDesk Based In Florida" src="https://lemmy.world/pictrs/image/e6eba6c0-c07f-4997-b965-c156d574520d.jpeg">
It all makes sense now /s