(scalewithlee.substack.com)

600 points scalewithlee | 1 comments | 25 Apr 25 13:48 UTC | HN request time: 0.201s | source

Show context

Y_Y ◴[25 Apr 25 14:13 UTC] No.43793778[source]▶

Does it block `/etc//hosts` or `/etc/./hosts`? This is a ridiculous kind of whack-a-mole that's doomed to failure. The people who wrote these should realize that hackers are smarter and more determined than they are and you should only rely on proven security, like not executing untrusted input.

replies(6): >>43793862 #>>43793868 #>>43793954 #>>43794072 #>>43794473 #>>43802345 #

eli ◴[25 Apr 25 14:28 UTC] No.43793954[source]▶

>>43793778 #

Is a security solution worthless if it can't stop a dedicated attacker? A lot of WAF rules are blocking probes from off-the-shelf vulnerability scanners.

replies(4): >>43794116 #>>43794355 #>>43795518 #>>43796747 #

ndsipa_pomu ◴[25 Apr 25 15:08 UTC] No.43794355[source]▶

>>43793954 #

It's merely security theater.

It reminds me of when airports started scanning people's shoes because an attacker had used a shoe bomb. Yes, that'll stop an attacker trying a shoe bomb again, but it disadvantages every traveller and attackers know to put explosives elsewhere.

replies(1): >>43795550 #

geoffpado ◴[25 Apr 25 16:28 UTC] No.43795550[source]▶

>>43794355 #

“attacker had used a shoe bomb”

It’s even dumber than that. An attacker tried and failed to use a shoe bomb, and yet his failure has caused untold hours of useless delay for over 13 years now.

replies(1): >>43796609 #

1. kevin_thibedeau ◴[25 Apr 25 17:52 UTC] No.43796609[source]▶

>>43795550 #

Now you have to buy your liberty with pre-check.

↑

Writing "/etc/hosts" breaks the Substack editor