被告了就把證據滅掉... XD

這個好讚,在告知安全漏洞後還是不更新選舉用伺服器,於是就被告了,而在被告以後選舉單位就把證據給幹掉 XD:「Georgia election server wiped after lawsuit filed」。

The lawsuit, filed on July 3 by a diverse group of election reform advocates, aims to force Georgia to retire its antiquated and heavily criticized election technology. The server in question, which served as a statewide staging location for key election-related data, made national headlines in June after a security expert disclosed a gaping security hole that wasn’t fixed six months after he reported it to election authorities.

然後現在還找不到是誰下令幹掉的...

It’s not clear who ordered the server’s data irretrievably erased.

執政者用的方法都差不多...

歡樂的 Samsung Security Hole...

話說 Zite 給的文章愈來愈歡樂了,大概是安全性的文章點多了就自動丟這類的出來。

像是這篇「[ROOT][SECURITY] Root exploit on Exynos」講安全漏洞的,作者猜測這些手機都有問題:

  • Samsung Galaxy S2
  • Samsung Galaxy Note 2
  • MEIZU MX
  • 使用 Samsung source code 的 Exynos processor

後門是 /dev/exynos-mem,這功能與 /dev/mem 一樣,只是... 所有人都可以讀寫 XD (於是任何程式都可以讀寫整台機器裡任何一個記憶體區塊內的資料)

然後文章後面提供一包 PoC source,可以生出 root shell... XDDD