Email or username:

Password:

Forgot your password?
All posts Kate's posts Post Back to profile
Kate Temkin

I swear, half the CVEs I hear about are “if your computer is connected to the internet and someone sends you a text message, they now have your power of attorney”

and the other half is “if a trained thief were to sneak into your house and replace your hard drive with an identical copy, an attacker with an exact predictive model of that drive could interrogate the SSD wear leveling algorithm and reduce the search space for your bitlocker password by up to 12 bits _without you even noticing_”

10 Dec 2023 at 18:59 | Open on chaos.social
9 comments
Mika E.

@ktemkin OMG and if you ask for a proof of concept to clarify if they really do have to break into your house, the “reporter” gets so fucking pissed off.

Do not miss that part.

10 Dec 2023 at 19:24 | Open on tech.lgbt
timthelion

@ktemkin You forgot the 30% of CVEs which are 'if you turn on these three flags that were deprecated in 2009 and point your program at a non trusred server the program would run slightly slower. LOOK ITS A DOS ATTACK CAN I PLEEZZ HAVE A CVE ON MY RESUME PLZZ!!!!'

10 Dec 2023 at 19:44 | Open on emacs.ch
Björn Lindström

@ktemkin so now you know the difference between High and Critical? :-/

10 Dec 2023 at 20:04 | Open on social.sdfeu.org
milas

@ktemkin that second one sounds like a real 9.8 CVSS to me

10 Dec 2023 at 20:41 | Open on social.notaphish.fyi
Aaron Kuhn
hjakku
@ktemkin If someone were to break into my house with the intent to harm me, my PC would be the least of my concerns
10 Dec 2023 at 20:55 | Open on pleroma.0x68756773.moe
Yves Jeanrenaud
Fritz Adalis

@ktemkin
For the first one, is it springing or durable power of attorney?

10 Dec 2023 at 21:02 | Open on infosec.exchange
M.O.M.O.

@ktemkin@chaos.social and the other half is named “The End of All SSDs”

10 Dec 2023 at 21:02 | Open on mk.absturztau.be
Go Up