|
|
|
|
|
|
by TACIXAT
2311 days ago
|
|
|
>Does it have to be sophisticated and impressive to be advanced? Yes. I think this is where our opinions differ. It is always a joke to be reading a blog post about an advanced attacker and the exploit is, as you say, the user clicked a jar with a pdf icon. I agree completely about things that add value to corporations. This is why I am not working corporate security at a startup. I do not care so much about implementing U2F policies or server authentication methods, even though these are much more impactful for the business. I work for a small company, work on less impactful things (in regards to corporate security), and enjoy myself considerably more. If I could stomach the other stuff I would make more money, but I prefer to enjoy my work and hack on obscure things. Your namesake with eternalblue is quite advanced (even though it was n-day). That stuff is interesting. Reverse engineering that stuff is interesting. I think these things prepare people to do that sort of work. |
|
|
You like impressive exploits and vulnerability research,which is good,that upstream work is useful in downstream "core" security whether it be for corporations (a 2 person startup is one) or consumers.