HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Deathcrow

no profile record

comments

Deathcrow
·hace 2 años·discuss
This is only correct if the sshd backdoor is the only malicious code introduced into the library.
Deathcrow
·hace 2 años·discuss
Is there really a failed login attempts? If it never calls the real functions of ssh in case of their own cert+payload why would sshd log anything or even register a login attempt? Or does the backdoor function hook in after sshd already logged stuff?
Deathcrow
·hace 2 años·discuss
Also, in a more optimistic scenario without sockpuppets, it's unlikely that malicious and underhanded contributions will be caught by anyone that isn't a security researcher.
Deathcrow
·hace 2 años·discuss
>A very tight SELinux policy could catch sshd executing something that ain’t a shell but hardening to that degree would be extremely rare I assume.

Huh, ssh executes things that aren't shells all the time during normal operation. No? i.e. 'ssh myserver.lan cat /etc/fstab'
Deathcrow
·hace 3 años·discuss
no one can do what you suggest. it's nonsense.
Deathcrow
·hace 4 años·discuss
companies that abuse on call duty for planned maintenance suck. If it's something predictable or plannable, it's not on call. Hire people to work that day.
Deathcrow
·hace 4 años·discuss
Facebook has probably killed more people with face detection and name tagging in photos alone.
Deathcrow
·hace 4 años·discuss
>Is this real? I'm having trouble believing this shit.

Yes it's real and if you think making and distributing homemade hormones to children is vile and dangerous, you're apparently a transphobe nowadays.
Deathcrow
·hace 4 años·discuss
Yup. IMHO spam has become so good at mimicking genuine content, it's hard to recognize even for a human curator. There's so many websites in the top google results that I'm sure are entirely AI generated, which exist for the sole purpose to propagate affiliate links and ads.