this post was submitted on 12 Jun 2023
14 points (93.8% liked)

Cybersecurity

5672 readers
113 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS
 

Fortigate published a patch for CVE-2023-27997, a Remote Code Execution vulnerability reachable pre-authentication, on every SSL VPN appliance.

top 2 comments
sorted by: hot top controversial new old
[–] computerboss@sh.itjust.works 1 points 1 year ago (1 children)

I bought a fortunate 60e a few months ago to play around with. After setting up some vlans, subnets, and firewall rules I am considering just selling it. Without a license you don't even get security updates. So at this point opnsense might be my next firewall to learn on. I was just trying to my hands on what is actually being used by companies.

It would be cool to see companies start offering homelab licenses for people to play around with and get experience before buying into a whole ecosystem.

[–] borari@sh.itjust.works 3 points 1 year ago* (last edited 1 year ago)

It would be cool to see companies start offering homelab licenses for people to play around with and get experience before buying into a whole ecosystem.

Like you said, I think companies should be prohibited from locking security updated behind a license paywall. Features are one thing, and while I would also like free homelab licenses, I understand why companies don't offer them, especially for products like enterprise firewalls, routers, and switches. A company shouldn't require you to pay more money to secure something they shipped with a vulnerability. Honestly this kind of shit should take precedence over the squabbling about USB-C, App Store monopolies, or whatever other flavor of the month issue the EU or the US is lambasting tech companies for.

load more comments
view more: next ›