| ▲ | 999900000999 6 hours ago |
| Counterpoint. End users have a right to mitigate this issue on their systems. It is a really really bad look for Linux, puts a bit of water on all hype around switching from Windows. |
|
| ▲ | roxolotl 6 hours ago | parent | next [-] |
| It does? The disclosure even says the concern for single user systems is very low. If someone has access to your single user system, remote or otherwise, you’ve already lost on the sort of device people would be switching from windows to Linux on. |
| |
| ▲ | m3047 3 hours ago | parent | next [-] | | > The disclosure even says the concern for single user systems is very low. For single user systems (not rigorously defined, I presume it's the intersection of our two definitions which we might be talking about) the nature of the exploit is local privilege escalation, of which there could be many possible, and many mitigations / countermeasures against. This could have suddenly appeared from the ether of "unknown unknowns" for some people. Those people farther up the food chain still potentially have service accounts, maybe even user accounts for some purposes, perhaps "trusted" services which deliver them code which they deserialize and run once. (Have a pickle.) severity * impact * likelihood Not everyone looking to migrate from Windows 95 plans to run everything as root afterward. On the copy.fail site: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead 2>/dev/null || true
Not everybody needs or wants to wait for their distro, or plans to patch their IC firmware when a config change will do. | |
| ▲ | 999900000999 6 hours ago | parent | prev [-] | | Someone like an AI coding agent perhaps ? This is the type of thing Prompt injection was made for. No OS is perfect. The awkward rollout for this bug fix is proof of that. | | |
| ▲ | Filligree 5 hours ago | parent [-] | | Root access does not typically add anything interesting, for a desktop system. All the valuable stuff is already owned by the single user. |
|
|
|
| ▲ | windexh8er 5 hours ago | parent | prev | next [-] |
| Imagine an ignorant response like this from Apple? One of the most short sighted comments I've seen on HN in some time. And the double down! A true master class in misunderstanding the issue and the entire FOSS ecosystem in two sentences. |
|
| ▲ | vhantz 6 hours ago | parent | prev | next [-] |
| As opposed to all other operating systems with no CVEs ever? |
|
| ▲ | weavejester 6 hours ago | parent | prev | next [-] |
| Hype around switching from Windows servers? |
|
| ▲ | ddtaylor 5 hours ago | parent | prev | next [-] |
| What happens if someone does the exploit in WSL? |
|
| ▲ | johnbarron 6 hours ago | parent | prev | next [-] |
| >> puts a bit of water on all hype around switching from Windows. Said no one ever...present post excluded :-)) |
|
| ▲ | cbarnes99 6 hours ago | parent | prev | next [-] |
| You clearly have no idea how often windows has unpatched privesc exploits. |
|
| ▲ | jasonmp85 6 hours ago | parent | prev [-] |
| [dead] |
