Hacker News new | past | comments | ask | show | jobs | submit login

[deleted]



as I said it's not ideal.

the only point of entry onto the machine is via the auth service, so if you get in that way you have access to it.

it's not a matter of injecting code, it's literally one line to run spin up gdb attached to the process, and then one/two more more lines inside gdb to put a breakpoint on the line and print the variables on the stack when it's hit.

add in the fact that something like 95% of our users reconnect every 24 hours, so you get the vast majority very quickly.

yes, if the admins go rogue then we're screwed, but the same is true nearly always as they're the guys that set up the defences in the first place.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: