Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
4ndrewl
77 days ago
|
parent
|
context
|
favorite
| on:
Less is safer: Reducing the risk of supply chain a...
I believe they're saying it can open, it just can't send the data anywhere.
Seems a little excessive, but here we are.
notpushkin
77 days ago
|
next
[–]
It still can encrypt everything and demand you pay some ₿₿₿₿.
lxgr
76 days ago
|
prev
[–]
If it can open and write any file on the OS, it's pretty much game over. Too many ways to exfiltrate data even without network/socket access.
HSO
76 days ago
|
parent
[–]
Worse, what keeps this from editing the config files for Little Snitch (or similar blockers)?
TomaszZielinski
76 days ago
|
root
|
parent
|
next
[–]
I believe LS has some protections against this. Never tried them, but there are config related security options, incl. protection against synthetic events. So they definitely put some thought into that.
4ndrewl
76 days ago
|
root
|
parent
|
prev
[–]
File system permissions?
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Seems a little excessive, but here we are.