Readit News logoReadit News

Deleted Comment

Deleted Comment

bramhaag commented on How we rooted Copilot   research.eye.security/how... · Posted by u/uponasmile
n2d4 · a month ago
The important part:

  > Now what have we gained with root access to the container?

  > Absolutely nothing!

  > We can now use this access to explore parts of the container that were previously inaccessible to us. We explored the filesystem, but there were no files in /root, no interesting logging to find, and a container breakout looked out of the question as every possible known breakout had been patched.
I'm sure there are more ways to acquire root. If Microsoft pays out for one, they have to pay out for all, and it seems pretty silly to do that for something that's slightly unintended but not dangerous.

bramhaag · a month ago

  > a container breakout looked out of the question as every possible known breakout had been patched
This is the part that concerns me. It only encourages an attacker to sit on an exploit like this until a new container breakout is discovered.

bramhaag commented on How we rooted Copilot   research.eye.security/how... · Posted by u/uponasmile
bramhaag · a month ago

  > We reported the vulnerability to Microsoft in April and they have since fixed it as a moderate severity vulnerability. As only important and critical vulnerabilities qualify for a bounty award, we did not receive anything, except for an acknowledgement on the Security Researcher Acknowledgments for Microsoft Online Services webpage.
I guess it makes sense that a poor little indie company like Microsoft can't pay bug bounties. Surely no bad things will come out of this.

bramhaag commented on Do not download the app, use the website   idiallo.com/blog/dont-dow... · Posted by u/foxfired
esseph · a month ago
TOTP is able to be intercepted on the device.
bramhaag · a month ago
Yes, and that's also true for SMS messages and your passwords. That is why having MFA is important.
bramhaag commented on Do not download the app, use the website   idiallo.com/blog/dont-dow... · Posted by u/foxfired
creatonez · a month ago
The Discord web app is nearly identical to the desktop app. The main things you are missing are global push-to-talk and rich presence (i.e. dicord spies on your process list and tells other people what games you are playing). I'm always surprised more people don't use it.
bramhaag · a month ago
I use the web app on my phone as well, and it's... usable. The mobile app is quite slow, probably because React Native apps are far from being native, so in that regard the experience is the same. Being able to block all enshittified features is quite nice.
bramhaag commented on Do not download the app, use the website   idiallo.com/blog/dont-dow... · Posted by u/foxfired
wouldbecouldbe · a month ago
I understand but it’s not always with bad intentions.

In the Netherlands we have a system called DigiD to login into to most government websites like your taxes and city, etc.

When I contracted for the city of Amsterdam I learned they’ve been pushing hard for the DigiD app to two factor authenticate instead of text message, because of contracts Digid charges a lot per text message validation and none for app.

bramhaag · a month ago
In this case there is also a perceivable benefit for the user. SMS 2FA is vulnerable to sim swapping, this is not possible when TOTPs are delivered in-app. The app is also FOSS [1], so even if you're paranoid you can still inspect what data is sent.

There are also just some things you cannot realistically do in the browser (or over SMS) without having to ship specialised hardware to 18 million people, like reading the NFC chip of your passport. This is needed for DigiD Substantieel and Hoog, which are mandated by the eIDAS regulations.

[1] https://github.com/MinBZK/woo-besluit-broncode-digid-app/

bramhaag commented on How to Firefox   kau.sh/blog/how-to-firefo... · Posted by u/Vinnl
bramhaag · a month ago
I wish Firefox wasn't so insecure.

On Android, although a built-in isolatedProcess API [1] is available for them to use, there is no sandboxing. No sandboxing on the web in 2025 (!!!). This has been an issue for so many years, yet Mozilla refuses to address it [2]. Chromium does do proper sandboxing on Android, and additionally restricts what syscalls a process can access. Other alternatives, such as Vanadium have even stronger sandbox implementations [3]

On desktop, it's a similar story. Site isolation has had numerous bad issues that haven't been fixed for many years [4][5][6], and especially the Linux builds have had bad sandbox escape vulnerabilities that Chromium is not susceptible to. This is mostly due to architectural differences, like [7] and [8].

The idea of someone being able to take over your computer by just visiting a site is scary. It's beyond me why Mozilla does not prioritise security over yet another sidequest that will slowly bankrupt them.

[1] https://developer.android.com/guide/topics/manifest/service-...

[2] https://bugzilla.mozilla.org/show_bug.cgi?id=1565196

[3] https://grapheneos.org/usage#web-browsing

[4] https://bugzilla.mozilla.org/show_bug.cgi?id=1505832

[5] https://bugzilla.mozilla.org/show_bug.cgi?id=1484019

[6] https://bugzilla.mozilla.org/show_bug.cgi?id=1707955

[7] https://bugzilla.mozilla.org/show_bug.cgi?id=1653444

[8] https://bugzilla.mozilla.org/show_bug.cgi?id=1322426

bramhaag commented on 'Gentle parenting' my smartphone addiction   newyorker.com/culture/inf... · Posted by u/fortran77
politelemon · a month ago
Thank you. Are there any equivalent analogues for desktop browser doom scrolling?
bramhaag · a month ago
Leechblock NG [1] allows you to block sites on a schedule or add time limits.

[1] https://www.proginosko.com/leechblock/

b

u/bramhaag

KarmaCake day736June 18, 2023
About
https://bramh.me

You can find me on any of these platforms: https://keyoxide.org/0F5C4286BFB0837F2F9DA590499DE67900B12A11

[proof: openpgp4fpr:0F5C4286BFB0837F2F9DA590499DE67900B12A11]

View Original