Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet by treasure in c/linux@lemmy.ml
[-] treasure@feddit.org 2 points 1 week ago

Yeah, what a disappointment. This guy brought shame to the security community because he was salty that his vulnerability didn't get the attention it "deserved".

Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet by treasure in c/privacy@lemmy.ml
[-] treasure@feddit.org 3 points 2 weeks ago* (last edited 2 weeks ago)

Copying my reply from another thread:

This link should be working.

Quoting from the OP tweet:

* Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.
* Full disclosure happening in less than 2 weeks (as agreed with devs).
* Still no CVE assigned (there should be at least 3, possibly 4, ideally 6).
* Still no working fix.
* Canonical, RedHat and others have confirmed the severity, a 9.9, check screenshot.
* Devs are still arguing about whether or not some of the issues have a security impact.

I've spent the last 3 weeks of my sabbatical working full time on this research, reporting, coordination and so on with the sole purpose of helping and pretty much only got patronized because the devs just can't accept that their code is crap - responsible disclosure: no more.

Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet by treasure in c/linux@lemmy.ml
[-] treasure@feddit.org 24 points 2 weeks ago

This link should be working.

Quoting from the OP tweet:

* Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.
* Full disclosure happening in less than 2 weeks (as agreed with devs).
* Still no CVE assigned (there should be at least 3, possibly 4, ideally 6).
* Still no working fix.
* Canonical, RedHat and others have confirmed the severity, a 9.9, check screenshot.
* Devs are still arguing about whether or not some of the issues have a security impact.

I've spent the last 3 weeks of my sabbatical working full time on this research, reporting, coordination and so on with the sole purpose of helping and pretty much only got patronized because the devs just can't accept that their code is crap - responsible disclosure: no more.

Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet by treasure in c/cybersecurity@sh.itjust.works
[-] treasure@feddit.org 8 points 2 weeks ago

Me too, I'm looking forward to the writeup.

59
Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet (nitter.poast.org)
submitted 2 weeks ago* (last edited 2 weeks ago) by treasure@feddit.org to c/privacy@lemmy.ml
11 comments fedilink

EDIT: Original post seems to have been removed, try this Nitter mirror instead.

39
Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet (nitter.poast.org)
submitted 2 weeks ago* (last edited 2 weeks ago) by treasure@feddit.org to c/cybersecurity@sh.itjust.works
19 comments fedilink

EDIT: Original post seems to have been removed, try this Nitter mirror instead.

89
Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet (nitter.poast.org)
submitted 2 weeks ago* (last edited 2 weeks ago) by treasure@feddit.org to c/linux@lemmy.ml
29 comments fedilink

EDIT: Original post seems to have been removed, try this Nitter mirror instead.

These Human Rights Defenders Were Hacked by Pegasus. Now They Want Police to Charge the Spyware Maker. by treasure in c/technology@lemmy.world
I hate the rich by treasure in c/memes@lemmy.ml
[-] treasure@feddit.org 21 points 1 month ago

Cannot complain.

Spotted the German.

What are your favourite extensions? by treasure in c/firefox@lemmy.ml
[-] treasure@feddit.org 2 points 1 month ago

Are you passing CloudFlare captchas with that? I'm using a VPN and whenever I hit a CloudFlare captcha with a modified user agent, it doesn't let me pass.

The Best Encrypted Messengers in 2024 by treasure in c/privacy@lemmy.ml
[-] treasure@feddit.org 5 points 2 months ago

That's mentioned in the article I believe. I was just trying to save some people a minute or two. :)

The Best Encrypted Messengers in 2024 by treasure in c/privacy@lemmy.ml
[-] treasure@feddit.org 115 points 2 months ago

TLDR: Avoid Telegram and WhatsApp. Recommended messengers are Session, Signal, SimpleX and Threema. Honorable mention: Briar.

Lumpi would like scritchies until the universe ends by treasure in c/cat@lemmy.world
[-] treasure@feddit.org 11 points 2 months ago

He wants all kinds of pets, rubs and scritches. Belly rubs too, but please without touching the belly.

293
Lumpi would like scritchies until the universe ends (feddit.org)
submitted 2 months ago by treasure@feddit.org to c/cat@lemmy.world
7 comments fedilink

...touching the belly is still deadly though.

treasure

joined 2 months ago