Reminds me of gr"let's crash on integer overflows that aren't a security bug, and then ship poorly reviewed 'security' patches that create one such overflow by incorrectly using an unsigned type for a signed quantity, thus creating a local kernel panic DoS that anyone can trigger with a shell one-liner, also we don't count DoSes as CVEs so don't bother responsibly disclosing this but we're going to flame you on Twitter and embarrass ourselves so bad we end up deleting our Twitter account but at least we banned your dynamic IP address from our website and forum, take that!!!!!"security.
(Yes, this really happened after I crashed my grsecurity kernel Gentoo box years ago by pasting too much text into a terminal, then tweeted a repro. I stopped using grsecurity after that.)
Hector Martin /
npub1qk…9azpx
2024-07-19 11:04:48
in reply to nevent1q…3aeu
Author Public Key
npub1qk9x6yrvten3jqyvundn7exggm90fxf9yfarj5eaz25yd7aty8hqe9azpxPublished at
2024-07-19 11:04:48Event JSON
{
"id": "5f023a7450452cdd0b814268d66b5bf9fefad5c2e02354f9a2e3ed560057c16a",
"pubkey": "058a6d106c5e6719008ce4db3f64c846caf49925227a39533d12a846fbab21ee",
"created_at": 1721387088,
"kind": 1,
"tags": [
[
"p",
"058a6d106c5e6719008ce4db3f64c846caf49925227a39533d12a846fbab21ee"
],
[
"p",
"f778b57f922392d19d41513e79ce5e6da5e4c100272e304b509fab1029d888d6"
],
[
"e",
"f0a537dc4e0d210a94113028b32d19384443de03f925dcc0b572812d0b240de3",
"",
"reply"
],
[
"e",
"fa9d6ef9ac8552ce088e83926f2a2e750a20fe430f71755e0498db3a059fabda",
"",
"root"
],
[
"proxy",
"https://social.treehouse.systems/@marcan/112812824240990785",
"web"
],
[
"proxy",
"https://social.treehouse.systems/users/marcan/statuses/112812824240990785",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://social.treehouse.systems/users/marcan/statuses/112812824240990785",
"pink.momostr"
],
[
"-"
]
],
"content": "Reminds me of gr\"let's crash on integer overflows that aren't a security bug, and then ship poorly reviewed 'security' patches that create one such overflow by incorrectly using an unsigned type for a signed quantity, thus creating a local kernel panic DoS that anyone can trigger with a shell one-liner, also we don't count DoSes as CVEs so don't bother responsibly disclosing this but we're going to flame you on Twitter and embarrass ourselves so bad we end up deleting our Twitter account but at least we banned your dynamic IP address from our website and forum, take that!!!!!\"security.\n\n(Yes, this really happened after I crashed my grsecurity kernel Gentoo box years ago by pasting too much text into a terminal, then tweeted a repro. I stopped using grsecurity after that.)",
"sig": "61343aadc9b1ba20c1cb6b9b92f8903abccdbb833bed7521a9eb788791a58f2e843346d2664daf725f03cc4adc30f68a39600fd43f004610f37b50f1beba1e8c"
}