treasure

joined 3 months ago
sorted by: new top controversial old
Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet in c/[email protected]
[–] [email protected] 3 points 1 month ago* (last edited 1 month ago)

Copying my reply from a other thread:

This link should be working.

Quoting from the OP tweet:

* Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.
* Full disclosure happening in less than 2 weeks (as agreed with devs).
* Still no CVE assigned (there should be at least 3, possibly 4, ideally 6).
* Still no working fix.
* Canonical, RedHat and others have confirmed the severity, a 9.9, check screenshot.
* Devs are still arguing about whether or not some of the issues have a security impact.

I've spent the last 3 weeks of my sabbatical working full time on this research, reporting, coordination and so on with the sole purpose of helping and pretty much only got patronized because the devs just can't accept that their code is crap - responsible disclosure: no more.

59
Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet (nitter.poast.org)
submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/[email protected]
11 comments fedilink
 

EDIT: Original post seems to have been removed, try this Nitter mirror instead.

These Human Rights Defenders Were Hacked by Pegasus. Now They Want Police to Charge the Spyware Maker. in c/[email protected]
I hate the rich in c/[email protected]
[–] [email protected] 21 points 2 months ago (1 children)

Cannot complain.

Spotted the German.

The Best Encrypted Messengers in 2024 in c/[email protected]
[–] [email protected] 5 points 3 months ago

That's mentioned in the article I believe. I was just trying to save some people a minute or two. :)

The Best Encrypted Messengers in 2024 in c/[email protected]
[–] [email protected] 115 points 3 months ago (15 children)

TLDR: Avoid Telegram and WhatsApp. Recommended messengers are Session, Signal, SimpleX and Threema. Honorable mention: Briar.