nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqzsmqwsekvkxtykld4hty6wf37608m60vt2lxrt0kktgrqsk5m6ysyqr9vg (nprofile…r9vg) I run the vast majority of my stuff that opens a socket to the internet in VMs that I can reboot much more casually.
But also I'm mostly running single-user systems. very few kernel bugs are RCEs, those are major headlines and the kind of thing that *would* get me to do an out of cycle reboot. But something that lets you privesc to kernel while running as a normal user really doesn't matter to me.
If you pop my workstation you a) can get all of my files and data, root doesn't buy you much else and b) it's a dev box I almost always have a root shell open or am going to su/sudo in the next few minutes to do something you can keylog.
The goal is to prevent an attacker from getting code exec as my local user in the first place not preventing root once they do that.
Andrew Zonenberg
npub1cd…z9vpd
2026-04-30 16:58:54 UTC
in reply to nevent1q…hrkh
Author Public Key
npub1cddglts94qutscms0qpmk87lel9m8xku7q0wr20u2th5fxvvunqqxz9vpdSeen on
wss://relay.ditto.pubPublished at
2026-04-30 16:58:54 UTCEvent JSON
{
"id": "f7cfcf53f6136ea772cd86a51200a992a3785920ed649eccbcb877383aec1fa1",
"pubkey": "c35a8fae05a838b863707803bb1fdfcfcbb39adcf01ee1a9fc52ef44998ce4c0",
"created_at": 1777568334,
"kind": 1,
"tags": [
[
"p",
"1436074336658cb25bedadd64d3931f69e7de9ec5abe61adf6b2d03042d4de89",
"wss://relay.ditto.pub"
],
[
"p",
"eee5ad6518e05d777010543e26a8f2469cf321f303314125d44a34e08e66f230",
"wss://relay.ditto.pub"
],
[
"e",
"125495f78fe4ea31e4a405e3f2e6031ae46a2d569b5438738bb4774fe52c3324",
"wss://relay.ditto.pub",
"reply"
],
[
"proxy",
"https://ioc.exchange/users/azonenberg/statuses/116494718396675318",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.ditto.pub"
]
],
"content": "nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqzsmqwsekvkxtykld4hty6wf37608m60vt2lxrt0kktgrqsk5m6ysyqr9vg I run the vast majority of my stuff that opens a socket to the internet in VMs that I can reboot much more casually. \n\nBut also I'm mostly running single-user systems. very few kernel bugs are RCEs, those are major headlines and the kind of thing that *would* get me to do an out of cycle reboot. But something that lets you privesc to kernel while running as a normal user really doesn't matter to me.\n\nIf you pop my workstation you a) can get all of my files and data, root doesn't buy you much else and b) it's a dev box I almost always have a root shell open or am going to su/sudo in the next few minutes to do something you can keylog.\n\nThe goal is to prevent an attacker from getting code exec as my local user in the first place not preventing root once they do that.",
"sig": "64fe0e477641617db7997e37b227fba0ae0cbf7a83b734dd9a21daaa63918e15104ddb2cd38170243a6d616164fb7c09051c0bfd62718456d39906166cd4b6a9"
}