this post was submitted on 11 Apr 2024
469 points (96.1% liked)
Programmer Humor
32410 readers
523 users here now
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Another speculation from the suse team was a private company with intent to sell the exploit to state ~~across~~ actors
I think there's lots of known backdoors that are not publicly disclosed and privately sold.
But given the history of cves in inclined to believe most come from well intentioned developers. When you read the blogs from the Google security team for example, it's interesting to see how you need to chain a couple exploits at least, to get a proper attack going. Not in this case, it would make it very straightforward to accomplish very intrusive actions.