Block all port 53 traffic from your network outside of your DNS server/pihole itself.
Block all known DoH servers.
If you want to get REALLY fancy you can write a NAT rule that will force any outgoing request on port 53 to route to your dns/pihole.
I do all of this. It's actually funny to see the requests that were hardcoded to go somewhere. Giant fuck you to those companies.
That was basically the workflow. On smaller drives you could do one when you get in, one at lunch and one before you left. Eventually drives got large enough that it was just once in the morning and once before leaving.
I’ll overdo it.
Half the contracts you didn't know if they wanted the short wipes or long wipes. So you just do long wipes to cover your ass. It's not like there was a rush, it was a simply menial task that became a second nature set of bashing the keyboard. Like typing some of my passwords and pins... I have no fucking clue what they are anymore... but put in front of the keyboard and I can type them by muscle memory.
I think the issue comes down to whether the org in question does that 7 passes consistently on all discs, or if it just so happened to start that policy with those that had evidence on them.
No? If 1 is sufficient, any additional shouldn't matter in any considerations at all. Could have simply been somebody who hit the preset on accident.
Congrats? DBAN was made prior to 2006... IT people existed before 2006. What's your point? You think that people just spawned into existence in 2006 with decades of IT knowledge? So like I said... "It WAS my default for a very long time because I simply defaulted to it for COMPLIANCE reasons"... eg. my contracts at the time required it and I ran boatloads of wipes.
Regardless... DOD 5220.22-M now states
The National Industrial Security Program Operating Manual (NISPOM) is now Part 117 of Title 32, Code of Federal Regulations.
So let's go look at the NISPOM stuff which says... NOTHING! So what you end up with is companies referencing the old DOD 5220.22-M because old government contracts will actually say that specific document in contracts as something that must be adhered to for a long long time. So even though it "died" on 2006, contracts may not be renewed for some time after that which still keeps the document alive.
Now DOD 5220.22-M actually specified and defines short wipes (3 pass) and long wipes (7 pass). And in theory, could be superceded by NIST 800-88 (and probably is the default on modern contracts). And regardless of all of that... DoD internally has it's own standards, which after wipe often requires degaussing or outright destruction of the disk, I remember having a dedicated device for it that would document serials and stuff. I'd have to pull up my army documents to remember which specific rules required that type of stuff, but I'm not going to dig out shit from 2010 just to argue with someone on lemmy.
So I guess this boils down to... The world didn't spawn into existence in 2006. People are older than 2006 and are allowed to talk about their experiences from before the "old times".
Edit: And in current contracts... all our shit is NVMe and secure erase. But I'm willing to bet muscle memory would still kick in for me if I saw the DBAN screen.
so someone using it is being very intentional.
Not if you're used to taking DoD requests. It was my default for a very long time because I simply defaulted to it for compliance reasons.
It’s also considered wildly overkill
Absolutely is. Doesn't mean that people like me aren't out there in droves.
But SSDs make this all moot and HDD are being phased out of many environments. SSDs with chucking the key is more than sufficient as well.
It is... It's literally a preconfigured option on the dban selection list.
Source: My memory... but if that's not good enough, here's wiki too.
https://en.wikipedia.org/wiki/Darik%27s_Boot_and_Nuke
and DOD 5220.22-M (7 passes) are also included as options to handle data remanence.
That's a completely fair assessment. They're definitely still quite expensive.
But I already have a 7950x3d and a 7900xtx... My machine is as good as it's getting. I had the budget, and have some needs that the larger screen meets.
Has it been worth it? Eh... situationally it's been super nice. But I can't say it's been worth the extra $600 I paid above the next flagship spec quite yet. My first samsung fold though... Verizon paid for me previous phone and paid me more than I paid for it... So that one was definitely worth it.
No. The implication of my "comfortability" with google holding my credentials is that they can use it, or leak it. You wouldn't know that they did it. I said I don't trust them, you said "if google did pull something", I'm saying you wouldn't even know if they DID pull something. They control such a vast amount of infrastructure and resources that they could do a boatload of malicious stuff and you'd never know. Hell they do some quite malicious things with AMP, ads, pushing nonstandard shit in chrome, etc... But you do you. Give them all your shit. They won't complain. But you won't catch me in that boat.
That’s some real tinfoil hat stuff
If you say so. I only work in IT and security.
If Google did pull something like that
You'd likely never know.
The case is weird I don’t want to buy a bulky one on Scamazon that pops free from the glue being cheap like the second case I tried to buy.
If you're still searching... And don't need significant drop protection, look and see if "Thinborne" makes a case for your fold. I don't think they do on the older ones... but if you have a 5 or newer I think they do. I've had good results from them with the new pixel. And they're very very thin.
I'm on GrapheneOS. I harbor a deep distrust for Google overall... I couldn't have bought the phone if it didn't. I probably would have upgraded to the newest samsung fold if the pixel fold wasn't supported by grapheneOS.
So am I. I'm not sure what you think wasn't relevant. It's a literal DoD spec. Yes that spec is outdated, but it's still in Dban.
You coming out of nowhere talking about how the DoD spec itself is "dead" doesn't change the fact that it's available and probably still used by many people out there. I'm willing to be that several companies have the old DoD spec embedded in their own SOPs. And I was always talking in the context of the contract work I did long ago which WAS to the old DoD spec regardless.