Y
Hacker News
new
|
ask
|
show
|
jobs
by
vore
1450 days ago
You're running untrusted binaries anyway in the end, so I don't think this is anything more than a neat party trick.
1 comments
dementiapatien
1450 days ago
But this technique lets you serve malicious code to a small number of people using curl|bash, rather than hosting obviously-bad binaries that anyone can inspect and call you out on. It also lets you target the attack to specific users or IP blocks.
The previous HN discussion said it better than I can:
https://news.ycombinator.com/item?id=17636032
link
The previous HN discussion said it better than I can: https://news.ycombinator.com/item?id=17636032