this post was submitted on 21 Jun 2024
50 points (94.6% liked)

Cybersecurity

5680 readers
90 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
 

Attackers are using social engineering to get users to copy, paste, and run malicious scripts — all while thinking they are helping out the IT team.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 18 points 4 months ago (6 children)

Hot take: to Most windows users (not you) probably shouldn't be able to access power shell or cmd.exe at all.

[–] [email protected] 18 points 4 months ago

Accessing powershell is not the issue - that Windows is broken, with a sprinkle of bad permission management by corporations using it is the issue. And the bad permission practices are a direct result of how broken Windows is - I tried a while ago to use it with a fully unprivileged user, just like I do for decades on UNIX and now Linux. It pretty much is impossible without privilege elevation prompts every few minutes.

In a proper environment a user should be able to destroy data they're working with - but not have the ability to alter the operating system.

[–] [email protected] 10 points 4 months ago* (last edited 4 months ago)

Shit like that is how you got here in the first place. To make computers easy enough to be fool proof is to make them nearly useless and requires someone to administer the system (even if that someone is the genius bar at apple.)

The issue isn't access, its literacy. This shit was acceptable 20-30 years ago. But we're at the point where everyone who's at working age has spent most of if not all of their adult life at a time where basic computer use was considered a standard skillset.

Now that mobile OS's have been the norm for a decade or so, we have comp sci students who can't even navigate a fucking file explorer despite growing up on the internet.

Hand-holding design is a positive-feedback loop.

That being said you should probably disable, or at least severely limit their use for standard users in a corporate environment via group policy.

[–] [email protected] 5 points 4 months ago (1 children)
[–] [email protected] 5 points 4 months ago

The stupid thing is you can't reenter S mode once you've left.

Family member needed printer software that wasn't on MS Store, so I told them we'd need to drop S mode to get it, which meant reducing security. Now I have to be the defacto IT person and the security team for them.

[–] BrikoX 4 points 4 months ago

This is similar to how casual users on Windows should be limited to a non-admin account, to limit vectors for malware.

[–] [email protected] 0 points 4 months ago* (last edited 4 months ago) (1 children)

Isn't it what happens on Mac? I'm told there is a command line on there, but I'll be damned if I've ever met* a Mac addict who's heard of it, let alone used it.

[–] [email protected] 2 points 4 months ago

I'm certainly biased, but we use macOS at work and nearly everyone is familiar with the terminal. We're developers though, but even our less technical people (product owners and whatnot) know what it is and what it can do.

But yeah, I wouldn't be opposed to turning on a dev option to enable it though. I use it every day, but most don't need to (even our devs could configure commands in their IDE).