HackerTrans
TopNewTrendsCommentsPastAskShowJobs

timattrn

no profile record

comments

timattrn
·2 jaar geleden·discuss
I wonder about this too, at least in a testing/honeypot build
timattrn
·2 jaar geleden·discuss
Another independent maintainer would have helped too. Many eyes make bugs shallow, but just one extra genuine maintainer would have helped enormously. Clearly the existing maintainer trusted the attacker completely, but a second maintainer would not have. That's another social dimension to this attack: doing enough real work to suppress other maintainers coming along.
timattrn
·2 jaar geleden·discuss
so this backdoor is a package which installs a fake sshd? what is selinux for?
timattrn
·2 jaar geleden·discuss
Your "product" is what you sell. The owners of redis labs don't sell redis, they sell hosting, as far as I can see, in which case they made themselves a competitor to AWS, Azure, etc. And they don't have a competitive advantage in that. Also, why should AWS not compete back? Is a hosting company supposed to sit back and watch another hosting company just win business?