The context of the conversation, which you seem to have missed, is that now that we have a POC, we need a way to check for vulnerable servers. The link being that a POC makes it easier for script kiddies to use it, meaning we're in a race against them. But we aren't, because only one group in the whole world can use this exploit.
> is that now that we have a POC, we need a way to check for vulnerable servers.
You misunderstand me, the "need to check for vulnerable servers" has nothing to do with the PoC in itself. You want to know whether you're vulnerable against this mysterious unknown attacker that went through the all the hoops for a sophisticated supply chain attack. I never said that we need a way to detect it because there is a POC out, at least I didn't meant to imply that either.
> script kiddies to use it, meaning we're in a race against them
This is something you and the other person were suddenly coming up with, never said this in first place.
nindalf|1 year ago
miduil|1 year ago
You misunderstand me, the "need to check for vulnerable servers" has nothing to do with the PoC in itself. You want to know whether you're vulnerable against this mysterious unknown attacker that went through the all the hoops for a sophisticated supply chain attack. I never said that we need a way to detect it because there is a POC out, at least I didn't meant to imply that either.
> script kiddies to use it, meaning we're in a race against them
This is something you and the other person were suddenly coming up with, never said this in first place.