apicultor , 2 months ago @arstechnica >Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks? Because of shitty engineering and nobody giving a fuck about doing things right. It just isn't more exciting than that. Sorry. A great recent example is the shoddy Python in Palo Alto devices (CVE-2024-3400), and of course being run as root because why not: https://labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-cve-2024-3400/
@arstechnica >Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks?
Because of shitty engineering and nobody giving a fuck about doing things right.
It just isn't more exciting than that. Sorry.
A great recent example is the shoddy Python in Palo Alto devices (CVE-2024-3400), and of course being run as root because why not: https://labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-cve-2024-3400/