Hacker News new | past | comments | ask | show | jobs | submit login

I think the point was that most of the visitors to mysql.com are developers and system administrators, and compromises to their machines can probably be leveraged into compromises of other sites. I doubt we've heard the last of this.



The problem is, how do you both

(1) Avoid obvious detection in the compromised software?

(2) Put in something that you can actually use for exploits? You have access to many hosts, but how many different configurations are there?

The only thing I can think of is have profiles for several popular packages (e.g. wordpress), and package-specific behavior for them.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: