| ▲ | uhx 10 hours ago |
| > Checking if a real vulnerability can be triggered is a trivial task compared to finding one Have you ever tried to write PoC for any CVE? This statement is wrong. Sometimes bug may exist but be impossible to trigger/exploit. So it is not trivial at all. |
|
| ▲ | avemg 9 hours ago | parent | next [-] |
| I'm tickled at the idea of asking antirez [1] if he's ever written a PoC for a CVE. [1] https://en.wikipedia.org/wiki/Salvatore_Sanfilippo |
| |
| ▲ | tptacek 8 hours ago | parent | next [-] | | This happens over and over in these discussions. It doesn't matter who you're citing or who's talking. People are terrified and are reacting to news reflexively. | | |
| ▲ | antirez 5 hours ago | parent | next [-] | | Hi! Loved your recent post about the new era of computer security, thanks. | | | |
| ▲ | emp17344 6 hours ago | parent | prev [-] | | Personally, I’m tired of exaggerated claims and hype peddlers. Edit: Frankly, accusing perceived opponents of being too afraid to see the truth is poor argumentative practice, and practically never true. |
| |
| ▲ | jedberg 7 hours ago | parent | prev | next [-] | | I actually like when that happens. Like when people "correct" me about how reddit works. I appreciate that we still focus on the content and not who is saying it. | | |
| ▲ | tptacek 7 hours ago | parent [-] | | That's not really what happened on this thread. Someone said something sensible and banal about vulnerability research, then someone else said do-you-even-lift-bro, and got shown up. | | |
| ▲ | jedberg 7 hours ago | parent [-] | | That's true in this particular case, but I was talking more about the general case. |
|
| |
| ▲ | LeFantome 8 hours ago | parent | prev [-] | | Sure he wrote a port scanner that obscures the IP address of the scanner, but does he know anything about security? /s Oh, and he wrote Redis. No biggie. | | |
|
|
| ▲ | antirez 10 hours ago | parent | prev | next [-] |
| Firstly I have a long past in computer security, so: yes, I used to write exploits. Second, the vulnerability verification does not need being able to exploit, but triggering an ASAN assert. With memory corruption that's very simple often times and enough to verify the bug is real. |
|
| ▲ | freedomben 10 hours ago | parent | prev | next [-] |
| I'm not GP, but I've written multiple PoCs for vulns. I agree with GP. Finding a vuln is often very hard. Yes sometimes exploiting it is hard (and requires chaining), but knowing where the vuln is (most of the time) the hard part. |
|
| ▲ | e12e 9 hours ago | parent | prev | next [-] |
| Note the exploit Claude wrote for the blind SQL injection found in ghost - in the same talk. https://youtu.be/1sd26pWhfmg?is=XLJX9gg0Zm1BKl_5 |
|
| ▲ | orochimaaru 8 hours ago | parent | prev [-] |
| oh no. Antirez doesn't know anything about C, CVE's, networking, the linux kernel. Wonder where that leaves most of us. |
