What makes you think that? Secure Boot prevents this rootkit from running and is the recommended mitigation:
> Bootkitty is signed by a self-signed certificate, thus is not capable of running on systems with UEFI Secure Boot enabled unless the attackers certificates have been installed.
> To keep your Linux systems safe from such threats, make sure that UEFI Secure Boot is enabled
In fairness, the blog post confusingly says this in the next bullet point:
> Bootkitty is designed to boot the Linux kernel seamlessly, whether UEFI Secure Boot is enabled or not, as it patches, in memory, the necessary functions responsible for integrity verification before GRUB is executed.
However, this would still require Rootkitty to have gained execution already, which it wouldn't be able to if Secure Boot was enabled and the malicious actor's certificates weren't installed.
Certainly true if the target application is running on the same host as Wireshark. But mitmproxy is very helpful when the device or application isn't fully under your control, for example if you can't set a proxy.
Mitmproxy also has a few features which make it a lot easier to use than wireshark alone, even if the aim is only to inspect TLS traffic. Including the wireguard server mode or transparent proxying for example.
The email address wouldn't be in the document directly, only in the SVG. Whether the title of the SVG contains "Email us" or the email address wouldn't affect how it works.
If the scrapper is searching the DOM rather than simply downloading the webpages, then the email will found regardless.
You can bind a device to another, so while you would need the ability to issue the command, a server wouldn't be required to handle the state propagation.
Exactly. On a bigger scale, the time wasted by people redoing the formatting because it isn't pasted by default would outweigh that wasted by people writing blog posts about having to remove it.
And if they're that animated by it, they're are likely the sort of user that would look for a solution and change the default or learn how to paste in their software of choice without formatting.
I wonder if this lets you measure the average attention span of visitors? I'd be curious to see the impact on the average of the various platforms where this is shared.
The location report is signed with a public key advertised by the "lost" device.
To retrieve the device's location and to prevent Apple from knowing who lost the device, all signed in users can download any location report for a given public key.
> Bootkitty is signed by a self-signed certificate, thus is not capable of running on systems with UEFI Secure Boot enabled unless the attackers certificates have been installed.
> To keep your Linux systems safe from such threats, make sure that UEFI Secure Boot is enabled
In fairness, the blog post confusingly says this in the next bullet point:
> Bootkitty is designed to boot the Linux kernel seamlessly, whether UEFI Secure Boot is enabled or not, as it patches, in memory, the necessary functions responsible for integrity verification before GRUB is executed.
However, this would still require Rootkitty to have gained execution already, which it wouldn't be able to if Secure Boot was enabled and the malicious actor's certificates weren't installed.