this post was submitted on 01 Jun 2024
95 points (97.0% liked)
Cybersecurity
5722 readers
164 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yeah, if you're not applying updates at least once/month, you're just irresponsible and probably deserve to get hacked.
Normally I would say that nobody deserves to be hacked. But now my perception of the situation has changed.
If viewed like a bank and my data is the money in it, then what's happening mostly is that my money gets stolen. After getting found out the bank says "We're sorry ;)"; the bank might even get insurance money, while I get multiple attempts at accessing my accounts at other services.
Now I would like to see this gross negligence punished. Preferably by a 4x2 to the head. Or cat-o-ninetails.
Exactly. If you run a service, the bare minimum due diligence is to install available updates in a timely manner. Imo, it's criminal negligence if a service gets hacked due to an unpatched system.
Most likely, this isn't being done because the IT dept isn't given enough time to actually maintain systems, so whoever makes that decision should face criminal charges. And orgs like the NSA should be auditing this kind of thing and issuing fines, not spying on US citizens.