HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Deathcrow

no profile record

comments

Deathcrow
·2 года назад·discuss
This is only correct if the sshd backdoor is the only malicious code introduced into the library.
Deathcrow
·2 года назад·discuss
Is there really a failed login attempts? If it never calls the real functions of ssh in case of their own cert+payload why would sshd log anything or even register a login attempt? Or does the backdoor function hook in after sshd already logged stuff?
Deathcrow
·2 года назад·discuss
Also, in a more optimistic scenario without sockpuppets, it's unlikely that malicious and underhanded contributions will be caught by anyone that isn't a security researcher.
Deathcrow
·2 года назад·discuss
>A very tight SELinux policy could catch sshd executing something that ain’t a shell but hardening to that degree would be extremely rare I assume.

Huh, ssh executes things that aren't shells all the time during normal operation. No? i.e. 'ssh myserver.lan cat /etc/fstab'
Deathcrow
·3 года назад·discuss
no one can do what you suggest. it's nonsense.
Deathcrow
·4 года назад·discuss
companies that abuse on call duty for planned maintenance suck. If it's something predictable or plannable, it's not on call. Hire people to work that day.
Deathcrow
·4 года назад·discuss
Facebook has probably killed more people with face detection and name tagging in photos alone.
Deathcrow
·4 года назад·discuss
>Is this real? I'm having trouble believing this shit.

Yes it's real and if you think making and distributing homemade hormones to children is vile and dangerous, you're apparently a transphobe nowadays.
Deathcrow
·4 года назад·discuss
Yup. IMHO spam has become so good at mimicking genuine content, it's hard to recognize even for a human curator. There's so many websites in the top google results that I'm sure are entirely AI generated, which exist for the sole purpose to propagate affiliate links and ads.