this post was submitted on 07 Apr 2025
28 points (100.0% liked)
Cybersecurity
7137 readers
209 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Most file systems have a very limited footprint of metadata. Static information. And they are usually following basic POSIX standards, to ensure that file transfers between mediums are as cross-compatible as possible.
This Alternative Data Stream is now creating this entirely new variable data stream for hackers to hide shit in. No longer can just you scan a file's data to make sure nothing malicious is in there. Now you need complex logic to be able to both read this new stream, interpret the flags and other metadata, and take all of those different pieces of information and figure out if it's even worth opening the damn file.
Data is data. Keep data in the data layer. Everything else is secondary, and should be kept tiny.