top | item 33423194

(no title)

> This eventually succeeded, giving the threat actor access to one of our GitHub organizations where they proceeded to copy 130 of our code repositories.

When I was at dropbox I saw quite a few devs provisioning non-mac laptops with their linux distro of choice. Always wondered what was stopping those people from just making a copy of rserver/rclient without IT/security noticing.

discuss

insanitybit|3 years ago

There was an attempt to improve this situation but it got canned. That said, there actually weren't a ton of Linux laptops when I was there - relatively speaking, at least. We knew of them though.

If you wanted linux on your laptop you'd have to do a bit more than just provision the laptop with it, I don't want to get too detailed but it ends up giving the security more insight into the device than you may imagine. Indeed, at the time I worked there, we likely would have been able to piece things together to see that between the 2FA logs, Github logs, netflow, etc. If you were in an office we could likely track down exactly where you were sitting based on that - we definitely had done so before during a red team exercise.

Security has changed radically since my time there so I couldn't speak to what's possible now.