treasure

joined 2 months ago
sorted by: new top controversial old
Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet in c/linux@lemmy.ml
[–] treasure@feddit.org 2 points 1 month ago (1 children)

Yeah, what a disappointment. This guy brought shame to the security community because he was salty that his vulnerability didn't get the attention it "deserved".

Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet in c/privacy@lemmy.ml
[–] treasure@feddit.org 3 points 1 month ago* (last edited 1 month ago)

Copying my reply from another thread:

This link should be working.

Quoting from the OP tweet:

* Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.
* Full disclosure happening in less than 2 weeks (as agreed with devs).
* Still no CVE assigned (there should be at least 3, possibly 4, ideally 6).
* Still no working fix.
* Canonical, RedHat and others have confirmed the severity, a 9.9, check screenshot.
* Devs are still arguing about whether or not some of the issues have a security impact.

I've spent the last 3 weeks of my sabbatical working full time on this research, reporting, coordination and so on with the sole purpose of helping and pretty much only got patronized because the devs just can't accept that their code is crap - responsible disclosure: no more.

Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet in c/linux@lemmy.ml
[–] treasure@feddit.org 22 points 1 month ago (6 children)

This link should be working.

Quoting from the OP tweet:

* Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.
* Full disclosure happening in less than 2 weeks (as agreed with devs).
* Still no CVE assigned (there should be at least 3, possibly 4, ideally 6).
* Still no working fix.
* Canonical, RedHat and others have confirmed the severity, a 9.9, check screenshot.
* Devs are still arguing about whether or not some of the issues have a security impact.

I've spent the last 3 weeks of my sabbatical working full time on this research, reporting, coordination and so on with the sole purpose of helping and pretty much only got patronized because the devs just can't accept that their code is crap - responsible disclosure: no more.

Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet in c/cybersecurity@sh.itjust.works
[–] treasure@feddit.org 8 points 1 month ago (1 children)

Me too, I'm looking forward to the writeup.

58
Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet (nitter.poast.org)
submitted 1 month ago* (last edited 1 month ago) by treasure@feddit.org to c/privacy@lemmy.ml
11 comments fedilink
 

EDIT: Original post seems to have been removed, try this Nitter mirror instead.

39
Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet (nitter.poast.org)
submitted 1 month ago* (last edited 1 month ago) by treasure@feddit.org to c/cybersecurity@sh.itjust.works
19 comments fedilink
 

EDIT: Original post seems to have been removed, try this Nitter mirror instead.

88
Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet (nitter.poast.org)
submitted 1 month ago* (last edited 1 month ago) by treasure@feddit.org to c/linux@lemmy.ml
29 comments fedilink
 

EDIT: Original post seems to have been removed, try this Nitter mirror instead.

These Human Rights Defenders Were Hacked by Pegasus. Now They Want Police to Charge the Spyware Maker. in c/technology@lemmy.world
Is my 5700x3d overheating at 85c or is it just hot? in c/pcmasterrace@lemmy.world
[–] treasure@feddit.org 19 points 1 month ago

85°C is still fine. You wouldn't want your system running at those temps all the time but if those are only spikes during intensive tasks, you're good.

If you want your PC to run a bit cooler, check your airflow, set manual fan curves, or try out a mild undervolt.

I hate the rich in c/memes@lemmy.ml
[–] treasure@feddit.org 21 points 1 month ago (1 children)

Cannot complain.

Spotted the German.

What are your favourite extensions? in c/firefox@lemmy.ml
[–] treasure@feddit.org 2 points 2 months ago (1 children)

Are you passing CloudFlare captchas with that? I'm using a VPN and whenever I hit a CloudFlare captcha with a modified user agent, it doesn't let me pass.

Rule in c/196@lemmy.blahaj.zone
[–] treasure@feddit.org 64 points 2 months ago

The screenshot is getting crispy, time to get it out of the deep fryer

The Best Encrypted Messengers in 2024 in c/privacy@lemmy.ml
[–] treasure@feddit.org 5 points 2 months ago

That's mentioned in the article I believe. I was just trying to save some people a minute or two. :)

The Best Encrypted Messengers in 2024 in c/privacy@lemmy.ml
[–] treasure@feddit.org 114 points 2 months ago (15 children)

TLDR: Avoid Telegram and WhatsApp. Recommended messengers are Session, Signal, SimpleX and Threema. Honorable mention: Briar.

Lumpi would like scritchies until the universe ends in c/cat@lemmy.world
[–] treasure@feddit.org 10 points 2 months ago

He wants all kinds of pets, rubs and scritches. Belly rubs too, but please without touching the belly.

291
Lumpi would like scritchies until the universe ends (feddit.org)
 

...touching the belly is still deadly though.

view more: next ›