HackerTrans
TopNewTrendsCommentsPastAskShowJobs

irundebian

no profile record

comments

irundebian
·26 วันที่ผ่านมา·discuss
Security is not always a cat and mouse game.
irundebian
·เดือนที่แล้ว·discuss
Yes, you can take the day off, but your pay will be reduced by 20%. Just because technology and productivity are advancing doesn’t mean you can work less and still get the same pay. By that logic, hardly anyone would need to work today, as productivity has increased many times over compared to previous centuries. If one company works less, then other companies that work more have an advantage. That’s why it doesn’t work.
irundebian
·2 เดือนที่ผ่านมา·discuss
Danke Merkel
irundebian
·2 เดือนที่ผ่านมา·discuss
Some domains work, some not. I assume that working domains are cached.
irundebian
·8 เดือนที่ผ่านมา·discuss
That doesn't mean anything.
irundebian
·8 เดือนที่ผ่านมา·discuss
Do you have evidence for that?
irundebian
·8 เดือนที่ผ่านมา·discuss
I doubt that most critical systems are air gapped. Even if there are, most part of Russians economy is not, but is still using IT based on COTS systems. Why wouldn't the Ukraine DoS or compromise the whole non air-gapped IT infrastructure of Russia to hit the economy if they could have easy access to RCE just because they are a government?
irundebian
·8 เดือนที่ผ่านมา·discuss
No, he didn't. Learn to discuss properly. OP stated that any government could get RCE for any OS. And that is highly unlikely, since budget above market rates does not imply that you can easily get RCEs. The market rates are high because there is scarcity of such vulnerabilites.

Governments using COTS operating systems does not imply that these systems are unackable. If the statement of OP would be true, we would just see constant exploitation of RCE zero days, or at the least the impact of that. But that is not the case.
irundebian
·8 เดือนที่ผ่านมา·discuss
Just because the market would buy something for X$, doesn't mean that you could buy that if you have more than X$.
irundebian
·8 เดือนที่ผ่านมา·discuss
The provided binaries may still contain malicious code but it guarantees that no malicious code has been inserted in between the build process of the published code. So if your binaries contain malicious code, you can be sure that all other users of the software version are affected, too.
irundebian
·5 ปีที่แล้ว·discuss
Looks that you don't have any idea of ISO/IEC 27001. ISO/IEC 27001 is actually a standard which forces you to think about your security practices and goals.