HackerTrans
TopNewTrendsCommentsPastAskShowJobs

bagomips

no profile record

comments

bagomips
·5 anni fa·discuss
My own take is that some exploits initially fall through the cracks in a social way when being triaged or getting somewhat inadequate fixes.

It becomes harder to go back and correct the initial triage. At the same time, some people in the company might be connected to their governments and help that bug stay in the grey zone probably not for the NSO group but maybe for the NSA. (Of course this only applies if the exploit is one the government identified and decided to use offensively and doesn't think is being used in the wild.)

Now when you are examining images as a company updates them, you are reviewing what's notable in the fixes in the very least to know how to attack older OSes. You might happen to have the perspective that understands how the triage was wrong. With enough bugs like this it is inevitable that sometimes you will if you can afford to analyze every fix.
bagomips
·5 anni fa·discuss
Not sure if Google does anything to restrict plug-ins from tampering with its results, but domains in DDG results are canonicalized making it trivial to use them as keys in localStorage. So filtering after the fact, while slightly awkward, can work for a list of thousands or millions?