Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

First, servers generally run on operating systems. No one with any serious knowledge would use the phrase run on software. Second, does this guy have any actual tech knowledge at all? He doesn't list what operating system they are running or what security updates he is expecting. It doesn't sound great but I assure you I've probably seen worse on systems used by the literal federal government to conduct official business and store sensitive information on. All government cares about is having remediation plans in place.


> Second, does this guy have any actual tech knowledge at all? He doesn't list what operating system they are running or what security updates he is expecting.

"This guy": https://en.wikipedia.org/wiki/Peiter_Zatko


Then he should be in an even better position to specify what the actual issues are in details and not some abstract garbage. You could summarize the information there as.. "Momma, servers bad. Need encryption. Need updates."


They are intentionally vague for legal and security reasons.


What legal and security reasons exactly?


Publishing a detailed report of infrastructure and specific CVEs would be irresponsible and malicious. If that is off the table the only thing left is ambiguity. Also, the audience is important. They are going for maximum outrage, not glassy eyes.


They could probably sue him under his employment contract for breach of confidentiality


We won't know until we see the documents. Right now it is a bunch of basic accusations that don't provide much depth.


Operating systems are software.


My first thought was the hypervisor layer.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: