top | item 39932755

(no title)

p4x_real | 1 year ago

nah, I used commonly known memory exhaustion denial of service vulns ONLY. There were other vulns but I did not reveal those publicly ;-). In other words, no operations were affected or compromised here.

check out my twitter @_hyp3ri0n and tell me to post something (discreet please) to prove it’s me.

discuss

Phiwise_|1 year ago

>In other words, no operations were affected or compromised here.

How do you know this? Did you check it with the NSA, or Cyber Command, or the CIA, or literally anyone before running your "attack"? Will they confirm this discussion? If you're going to make the claim of truly being on the US side of the Pacific theater, it'd be nice to have a little concrete evidence of such. I don't particularly care what vulns you use at all; what I care about is that you're wise enough with any of them to not push us into the tragedy of the commons for your own short-term gain. (For similar reasons I also do not particularly care what someone who passed beneath the intelligence ceiling for writing in wired magazine has to say about you. This is like a university professor trying to claim an interview in the campus student paper as a citation of their work.)

gwern|1 year ago

If they were "commonly known", then you exploiting them seems even more, not less, likely to have removed them from stockpiles, no? Because the North Koreans were clearly not going to fix them on their own anytime soon (because they hadn't bothered to all that time), until you came along and offered free pentesting services; while those vulns were even more likely to have already been included in stockpiles (being so well known).

j-krieger|1 year ago

> In other words, no operations were affected or compromised here.

This is impossible for you to know.

p4x_real|1 year ago

alternatively ask Andy Greenberg the author of the piece