top | item 46716932

(no title)

w0de0 | 1 month ago

Chrome extensions shouldn’t be in the hands of users, no matter their title. CEO included. As a device sysadmin I feel this strongly. None of you can be trusted to vet extensions. Honestly anyone who uses vanilla Chrome has a suspect threat model.

On the rest I rather agree with you. General-purpose computers are key tools over which users should be admin. Sysadmins provide a security backstop. Full lock down is the sign of an unhealthy understanding of how the org’s value is actually created.

discuss

w0de0|1 month ago

Also if you can’t figure out how to get around the Chrome extension restriction, you either have remarkably competent CPEs (not me, so unlikely), or you’re not trying hard enough. Go download Canary to start.

donatj|1 month ago

Canary respects the systems MDM rules.