💾 Archived View for jacksonchen666.com › posts › 2023-06-24 › 12-32-41 › index.gmi captured on 2024-03-21 at 15:24:48. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-11-04)
-=-=-=-=-=-=-
2023-06-24 10:32:41Z (last updated 2023-10-16 08:55:03Z)
So how is the weakest point of the door the walls?
Let's say you face a door. This door is so strong, absolutely nobody in the world has been able to bypass it. Your goal is to get through the door. You might spend all your energy focusing on the door, trying to find every single vulnerability in the door but to no avail.
Then someone comes around. They ask "What are you trying to do?"
"Trying to break through the door"
They respond back, saying "the wall isn't there, you can just go around the door".
You realize that entire time you tried to break the door, the wall was missing. So if you wanted to just go around the door, you could simply go around the door like there was no wall.
Now for a more complicated real world example, but without success at all.
Here's the picture: There are 2 computers, I call them laptop-server and imac (very self explanatory). They are turned on, I have remote access to both of them. Until I lose remote access to one of them.
I didn't realize what I had done until it was too late: I enabled a firewall without also allowing SSH connections.
It was too late because when I came back to my computer much later, I noticed that mosh was not able to communicate with the imac. And no matter what I tried, I could not find a way to get into imac with SSH.
So that's when I started to think options to hack into my own machine because well... I locked myself out. Completely.
However, I gave up trying to find some hole (I'm not that much into security, unfortunately), and just resorted to someone else getting physical access to disable the firewall.
The thing is, security is not simple. There's a reason why Internet of Things is despised.
Want to gain root access on a Linux machine? Easy: Reboot into an image like SystemRescue or some install image, chroot and now you can set the root password. Of course, this assumes you have physical access to the Linux machine and the filesystem isn't encrypted (or your encryption sucks and is easily bypassed).
But even with full disk encryption, *insert xkcd here*.
So yeah, security isn't as simple as setting up anti-virus software and being completely blissfully ignorant for the rest of your life. There are many reasons you shouldn't be using Windows 7 in 2023.