Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's not trivial, and even so that's not a reason to discredit this particular vulnerability just because others also exist.

What is the point of downplaying local privilege escalation vulnerabilities just because it's a hard scenario to defend against?



> It's not trivial

In my experience, it is in fact pretty trivial.

I'm not saying it shouldn't be fixed, I'm saying it isn't nrealy as big a deal as people are making it out to be. The infosec community likes to latch on to any little vulnerability it can and act like the sky is falling even if, when taken in context, said vulnerability is only a problem in narrow use cases or requires the target to pretty much already be completely exploited.


> The infosec community likes to latch on to any little vulnerability it can and act like the sky is falling

That's because while a given potential exploit might not be a huge deal, a collection of exploits become greater than the sum of their parts, so if you're security-minded, then you want as few of those parts as possible.


Sure, but you always have tradeoffs for implementation time, interface friction, etc. You need to scope things properly so people know how to prioritize them and, in my experience, infosec people are really bad at that. They're so ready to hype up whatever they found that they don't really care how it relates to the real world.


> In my experience, it is in fact pretty trivial.

If you are talking about scenarios where full disk encryption is not enabled, then that is irrelevant. You may as well say that privilege escalation is trivial because some users don't put passwords on their account. The user obviously needs to take care of the basic expectancies first before worrying about vulnerabilities.


> If you are talking about scenarios where full disk encryption is not enabled, then that is irrelevant.

That's fair, I was making that assumption because it is true in literally every case I've come across. But consider that if you have local access to a logged in account you've already got access to unencrypted files for that user anyway. You don't even need admin.


Sure, but consider how this will impact corporate or educational environments (which in my experience DO usually use full disk encryption). I believe full disk encryption is also on by default for most new OEM machines.


When I see the words "trivial" or "orthogonal" in a comment on HN, I become suspicious of the content.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: