this post was submitted on 09 Aug 2024
30 points (96.9% liked)
technology
23180 readers
410 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
well why'd you tell everyone, now somebody is going to try to exploit it!
It's normal white-hat practice. White hat hacker ethics require you to contact the company and give them lots of chances to fix it.
But if they refuse to fix it or inform people of the vulnerability you broad-band it to the world because it's the only way to force the company's hand.
It sounds like you basically need to have root access to the computer to take advantage of this. Like if someone can use this your system is already totally pwned. But, like, if a spy or something gets access to a machine they could load this and then it'd be in the system with no way to find it or dig it out.