* Posts by robined

2 publicly visible posts • joined 30 Jun 2019

Disgruntled bug-hunter drops Steam zero-day to get back at Valve for refusing him a bounty

robined

A privilege escalation seems to me to be pretty critical

You say

"they each require the attacker to already have access to the target machine (if that’s the case you’re already in serious trouble, so what’s another flaw)"

If you're a normal user and can run things as an administrator (which is what privilege elevation is) then that's a pretty serious flaw. I'm not sure why you're treating it so cavalierly.

Scumbags can program vulnerable MedTronic insulin pumps over the air to murder diabetics – insecure kit recalled

robined

headline slightly *cough* misleading

Surely it should read more like: Scumbags sell super vulnerable insulin pumps to unsuspecting diabetics untill someone makes public aware and scumbags are forced to recall the faulty pumps