this post was submitted on 28 Aug 2023
785 points (97.9% liked)

Technology

59689 readers
5511 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 34 points 1 year ago (4 children)

It always warms my heart when a single person is able to outsmart large multi-million/billion dollar tech companies like Nvidia and Rockstar. Really shows how piss poor these companies security can be.

I would definitely look to hire that kid with a high wage just to make sure he doesn't hacke me again, if I were one of the companies he hacked into. Companies should really think about trying to hire these hackers because then the threats against them might go down ever so slightly.

[–] [email protected] 29 points 1 year ago* (last edited 1 year ago) (1 children)

Counterpoint: he got caught. Whatever his offensive capabilities are, his security posture is evidently lacking. Recruiting a glass cannon like that might not work out if you're looking for help with security hardening.

[–] [email protected] 21 points 1 year ago* (last edited 1 year ago) (1 children)

Counter-counterpoint: he could work as a pentester, where his sole purpose is to just break into things.

Leave the policy making and actual hardening to someone else.

[–] [email protected] 6 points 1 year ago (1 children)

Then comes the issue of a rogue pentester selling his clients zerodays into black market for crypto. Don't know if the myth of being hired by government agencies is true.

[–] [email protected] 2 points 1 year ago

I know nothing about anything but I definitely believe the government would do it. If anyone has the power to keep the hackers acting nice it's the government. Especially if they write your paychecks.

[–] [email protected] 18 points 1 year ago

I would definitely look to hire that kid with a high wage just to make sure he doesn’t hacke me again, if I were one of the companies he hacked into. Companies should really think about trying to hire these hackers because then the threats against them might go down ever so slightly.

I understand your thought, but some people just want to watch the world burn and you definitely don't want to bring that sort inside.
This guy seems to be driven, capable and lacking the common sense to know when to stop.

[–] [email protected] 4 points 1 year ago (1 children)

Its kind of inevitable, you know that meme about the overlap between the smartest bears and the dumbest tourists? Well the same is true for secure working practices and the dumbest/laziest employees. Any system too secure will also be enough of a pain in the ass that some people will start doing stupid shit that nullifies that security.

[–] [email protected] 2 points 1 year ago

For others like me interested in the exact example; it's about the difficulty of designing a trash can that smart bears cannot open and dumb tourists still can. You cannot create something too secure if you still want dumb people to use it as well, due to the overlap.

The quote is not really saying dumb people will break / nullify security, like I read in the above comment, but more that they just will not be able to operate it.

[–] [email protected] 1 points 1 year ago

Companies should really think about trying to hire these hackers because then the threats against them might go down ever so slightly

some companies do.