There’s a great way I figured out to differentiate quickly between Cybersec Fud and legitimate discussions related to security.
The usual main difference is that they are meant exclusively to sound scary there’s no room for constructive criticism, discussion about it, or finding solutions to the problems presented, and I’ve found that if you try to steer these discussions in said direction the person will usually try to shoot you down.
Someone might say there are no solutions but see, here’s the thing, there are always solutions, you’re just not looking in the right places. After all lack of source code and sparse dubious documentation didn’t stop people from studying and disabling IntelME, and believe it or not while security Vulnerabilities are usually bad, some can be your best friend and the key to the solution. (Not saying it’s easy, I’m saying it’s possible, contrary to what most open source advocates say).
Honestly if someone wants to have one of these discussions with me and they don’t want to discuss it constructively or think about possible solutions I don’t want to hear it because it’s not meant to promote intelligent discussion. It’s more like scary campfire stories but it’s portrayed in a way that seems constructive and intelligent. It’s also usually very patronizing since many times (not necessarily this specific commenter) the people making the statements tend to inadvertently talk down to you, this was my experience from hearing similar ones from colleagues.
There’s a great way I figured out to differentiate quickly between Cybersec Fud and legitimate discussions related to security. The usual main difference is that they are meant exclusively to sound scary there’s no room for constructive criticism, discussion about it, or finding solutions to the problems presented, and I’ve found that if you try to steer these discussions in said direction the person will usually try to shoot you down.
Someone might say there are no solutions but see, here’s the thing, there are always solutions, you’re just not looking in the right places. After all lack of source code and sparse dubious documentation didn’t stop people from studying and disabling IntelME, and believe it or not while security Vulnerabilities are usually bad, some can be your best friend and the key to the solution. (Not saying it’s easy, I’m saying it’s possible, contrary to what most open source advocates say).
Honestly if someone wants to have one of these discussions with me and they don’t want to discuss it constructively or think about possible solutions I don’t want to hear it because it’s not meant to promote intelligent discussion. It’s more like scary campfire stories but it’s portrayed in a way that seems constructive and intelligent. It’s also usually very patronizing since many times (not necessarily this specific commenter) the people making the statements tend to inadvertently talk down to you, this was my experience from hearing similar ones from colleagues.