HackerTrans
TopNewTrendsCommentsPastAskShowJobs

terry_hc

no profile record

Submissions

Ask HN: How does one scrape a website?

2 points·by terry_hc·6 месяцев назад·1 comments

Ask HN: Local hostnames without root/admin

13 points·by terry_hc·10 месяцев назад·32 comments

comments

terry_hc
·2 месяца назад·discuss
I have now read all of the points in the mitigations section. Just like the slides, the commentaries to the mitigations willingly assert uselessness and imply a sense of absolute insecurity, but without specific or even general examples.

So I'm looking forward to your careful explanation of how insecure the whole thing is and how easily it can be dismantled. Because I really want and need to know. Let's talk.
terry_hc
·2 месяца назад·discuss
The slides are over 6 years old. The developers' attitudes haven't changed much, but are all of the arguments still valid?

I've followed this discussion here and there over the years and it always goes like this:

1) everyone makes fun of the mitigations

2) many even outright assert they can easily defeat and exploit OpenBSD

3) nobody provides a working PoC when asked to demonstrate how insecure the OS is

And somewhere in the mix there's also you and your usual blabber, also without any substantial examples of how insecure and exploitable the OS is. Always.
terry_hc
·10 месяцев назад·discuss
As noted in the ingress, the web browser is the primary application. It must work for an end-user lacking the technical facilities or even sufficient administrative access to install a resolver or edit the system's hosts file. A browser extension would be a great solution.
terry_hc
·10 месяцев назад·discuss
I want to note that I mean to use such internal hostnames to reach services inside a VPN. If solutions such as IPsec or OpenVPN can somehow push and manifest host->IP correlations for the OS, as an alternative to pushing an additional DNS resolver living inside the VPN, that would also be a viable solution.