It's going to take something special to win the hearts of the #HackadayPrize judges. Build something that matters:… https://t.co/JFNhmCMYYJ -- https://twitter.com/hackaday/status/852544549587169280
About the Subgraph attack:
1. The main problem that @micahflee exploited is the unfortunate decision made by Subgraph OS to keep Gnome/Nautilus in the TCB *and* letting this complex software process *untrusted* files,
2. The specific Nautilus bug (handling of .desktop files) is just *one* example of what could go wrong in this case,
3. We can think of other potential problems (e.g. Thumbnails processing)
4. More details: https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/
Hacking and building stuff with love. Interested in Languages and Protocol Reverse Engineering, Machine Learning and beers
Mamot.fr est un serveur Mastodon francophone, géré par La Quadrature du Net.