OT: Dealing with a hosting company with it's head up it's rear end

Jon Radel jon at radel.com
Fri Aug 14 14:32:39 UTC 2020

On 8/14/20 09:48, Aryeh Friedman wrote:
> On Fri, Aug 14, 2020 at 9:20 AM Tim Daneliuk <tundra at tundraware.com> wrote:
>> On August 14, 2020 12:58:49 AM "Steve O'Hara-Smith" <steve at sohara.org>
>> wrote
>>  Again many corporate firewalls don't allow ssh out (or in directly)
>>> because tunnelling bypasses the firewalls. And again it seems odd for a
>>> hosting company.
>> ssh out is typically prohibited to lower the risk of employee transfer of
>> sensitive data to external destinations - So called Data Loss Prevention.
>> This, along with email scanning and man in the middle cert management is
>> pretty common.
> Unless it is 100% air gapped with no ability to plug in portable media
> and/or record the screen then nothing is 100% immune from such loss and
> thus not allowing it makes very little sense.   If on the other hand the
> idea is to limit the damage that malware/spyware can do then it makes sense
> (even if someone does in [accidentally] install malware/spyware it can not
> send the results of its dirty work anywhere).
Untrue.  As the CISO at my latest employer said to me (paraphrasing
some, as it's been a while):

You and I know how to circumvent the restrictions, but the vast majority
of the staff hasn't a clue.  This cuts down the noise I have to wade


And back to the main topic of this thread:  What does your lawyer say
about your client that is huffing and puffing threats over your
inability to perform magic to paper over their unwise contracting
actions in regard to a different vendor?  Seems to me that you left the
land of technology a ways back on this one.

Actually, better yet, you probably don't want to discuss that on a
public list......

Good luck.

--Jon Radel
jon at radel.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4177 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20200814/208d3043/attachment.bin>

More information about the freebsd-questions mailing list