the attacker is opening github issues 😂

> I noticed in your blog post that you were talking about doing a postmortem and steps you need to take. As someone who is intimately familiar with your entire infrastructure, I thought I could help you out.
[then about ssh agent forwarding, and principle of least privilege]

matrix thing Show more

matrix thing, signing keys in prod Show more

@CobaltVelvet I don't know, I hope they warned them before and they choose to ignore the problem. If it isn't the case, that's a kinda shitty thing to do.

@CobaltVelvet Sorry, I misread the situation at first. I though they disclosed actual harmful content for the end users.
It's actually super funny ^^.

@Sylvhem well they still can. these situations are hard to judge and can go from "absolute asshole" to "white hat" and back again in matter of minutes :p

@CobaltVelvet Yeah, but for now they did nothing.
I won't find that funny if they are actually hurting the people who used the service.

matrix thing, re: lmao Show more

matrix thing, re: lmao Show more

re: matrix thing, signing keys in prod Show more

re: matrix thing, signing keys in prod Show more

lolhats Show more

lolhats Show more

@CobaltVelvet
THe com makes me think "What, people not well documented and not reading securiy warning? I'm choked (not)"

@CobaltVelvet what's wrong with you. I'd have done exactly the same things.

in fact, that's what I used to do, back when I would regularly break IRC bots.

@SoniEx2 what's wrong with you then. did you interpret the laugh as me saying it's unacceptable? don't do that

@SoniEx2 well i'm not making fun of them. (or anyone) just contemplating and sharing a well executed attack

@SoniEx2 @CobaltVelvet

Reading this thread, especially you two:

Wow. People on the Fediverse are, like, self-aware and willing to get along and stuff. :flan_hearts:

I'm still stunned every time I see it.

@CobaltVelvet
What's Flywheel in this context? All I can find is a taxi app and a building management app. :blobconfused:

@Jo @hirnbrot "Agent flywheel (OS X Build Slave)" from their (now down) wiki

Sign in to participate in the conversation
Octodon

Octodon is a nice general purpose instance. more