8·
1 day agoYeah but at least that organization has not ever instigated a war, right?
- 0 Posts
- 9 Comments
Joined 3 years ago
Cake day: August 15th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
If you actually read his github you would know that there is a different version of the responsible component between the recovery environment and an installation. Only the RE has the issue.
I’ve read the XZ vulnerability. The very same thing can happen in a closed source corporate project. There are many arrests of foreign intelligence agents that worked in big tech amd/government. It would of course be easier to cover up. As would vulnerabilities discovered by ai, since they can limit who can check their code.
Were they the developers of the ssh package? Microsoft is the developer of the vulnerable bitlocker package and the ones who chose to ship it.
I am employed, most employers are obviously not as corrupt as the biggest corporations on the planet, they simply can’t afford to.
I agree we can’t know. We can know for FOSS software. You are treating uknownable as being less than the known bugs in Foss software. That’s dishonest, lad.
What are the indications that the BitLocker vulnerability is already being utilized?
Microsoft shipping a vulnerable version of the recovery environment. It is the ‘exploit’.
Alleged by a guy who was fired from Microsoft. I’d take that with a pinch of salt.
Such is the nature of closed source software. You select people who will remain complicit till they have a grievance against you. Even if they don’t and talked for moral reasons do you think they would not been fired for it?
That being said, open source repos are being attacked constantly with attempts at intentional malicious code injection - I’m sure you’ve heard of XZ Utils? How many others went through and are being exploited without anyone noticing?
Who knows. How many more went through at closed source software a limited amount of people can test in the same way?
They will be patched. There is also no indication that they 'be been known and exploited till recently.
This was allegedly deliberately non patched to be exploited.
Getting a system without bugs and security issues is impossible, you can at least avoid intentional compromise.
Unfortunately not, the main reason the majority of people use gmail is that they don’t even know there are other email providers.
If a military attack is not negotiated away as I mentioned.
Would it defend every state? Or would the big countries make concessions to avoid a military conflict? With or without a veto right.
By the way EU already had a mutual defense pact. A single military would increase effectiveness but remove member’s state ability to defend themselves.
Certainly they have not at all stopped misinforming people. There are also still elements that promote hatred.