"holy balls. this is incredible
the [libssh] vulnerability literally works like this:
me: "can i log in?"
server: "no. you need a password."
me: "hacker voice i'm in"
server: "login successful. you're in""
@noelle who says you can't bolt on security
@noelle computer... Bad
@noelle my favorite suggestion for the branding of this vuln https://mobile.twitter.com/eXDeeNZ/status/1052273538214707200
@noelle that's... uh... not ideal
@noelle this is... a Jedi mind trick?
@noelle Oh my god.
@noelle when i saw that post i made a funny noise that everyone around me heard, rofl
@noelle I'm in!
libssh: password please
hacker: c'mon man, we cool bro
libssh: ok, fine, but just this one time.
Its actually worse. They don't even need to ask for a password. Its the equivalent of "it's alright, they know me here."
@noelle SSH: the sound you make to the server during authentication as you slip on by.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!