HackerTrans
TopNewTrendsCommentsPastAskShowJobs

kuizu

no profile record

Submissions

PROBoter – Open-source platform for automated PCB analysis

schutzwerk.com
30 points·by kuizu·vor 3 Monaten·2 comments

comments

kuizu
·letzten Monat·discuss
Wasn't the EU Data Act (https://digital-strategy.ec.europa.eu/en/policies/data-act) put in place to exactly prevent these kind of scenarios (Article 4 and 5)?

"where the user cannot directly access the data from the connected product or related service, the data holder must make the readily available data and necessary metadata accessible to the user without undue delay, in the same quality as available to the data holder, easily, securely, free of charge, in a structured, commonly used, machine-readable format, and continuously/in real time where relevant and technically feasible."

There is even special EU guidance for vehicle data for it: https://digital-strategy.ec.europa.eu/en/library/guidance-ve...
kuizu
·vor 3 Monaten·discuss
A similar concept, but with multiple probes at the same time, was published in this blog series as open source hard- and software: https://www.schutzwerk.com/en/blog/proboter-01/ They explain some of the use cases in this demo video https://youtu.be/TYEjZA-xbGo?is=osWXCrBkLOi4JHxO
kuizu
·vor 8 Monaten·discuss
Something does not line up here. The description at NIST in the CVE is about a local privilege escalation.

It contains these two links

- https://packetstorm.news/files/id/189989

- https://gist.github.com/R-Security/1c707a08f9c7f9a91d9d84b50...

The first is also about the LPE, the second is apparently by the same author, names the same CVE-ID but is about a remote code execution?