HackerTrans
TopNewTrendsCommentsPastAskShowJobs

timattrn

no profile record

comments

timattrn
·2 anni fa·discuss
I wonder about this too, at least in a testing/honeypot build
timattrn
·2 anni fa·discuss
Another independent maintainer would have helped too. Many eyes make bugs shallow, but just one extra genuine maintainer would have helped enormously. Clearly the existing maintainer trusted the attacker completely, but a second maintainer would not have. That's another social dimension to this attack: doing enough real work to suppress other maintainers coming along.
timattrn
·2 anni fa·discuss
so this backdoor is a package which installs a fake sshd? what is selinux for?
timattrn
·2 anni fa·discuss
Your "product" is what you sell. The owners of redis labs don't sell redis, they sell hosting, as far as I can see, in which case they made themselves a competitor to AWS, Azure, etc. And they don't have a competitive advantage in that. Also, why should AWS not compete back? Is a hosting company supposed to sit back and watch another hosting company just win business?