this post was submitted on 09 Aug 2024
30 points (96.9% liked)

technology

23303 readers
278 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Frank@hexbear.net 17 points 3 months ago

It's normal white-hat practice. White hat hacker ethics require you to contact the company and give them lots of chances to fix it.

But if they refuse to fix it or inform people of the vulnerability you broad-band it to the world because it's the only way to force the company's hand.

It sounds like you basically need to have root access to the computer to take advantage of this. Like if someone can use this your system is already totally pwned. But, like, if a spy or something gets access to a machine they could load this and then it'd be in the system with no way to find it or dig it out.