undefined | Better HN

0 pointssmarx0072y ago0 comments

How can you trust the webpage of a system that was recently attacked?

0 comments

If not attacked and the page says not attacked: trustworthy.

If not attacked and the page says attacked: not trustworthy.

If attacked and the page says not attacked: not trustworthy.

If attacked and the page says attacked: trustworthy.

As long as the page says "attacked", it seems likely they were attacked? Why would they state it themselves if it wasn't true, losing trust for no reason?

smarx007OP2y ago

It’s not a bad starting logic.

However, there is a thing called “defacing”. In the process, the attackers share false information implying that more damage was done than in reality.

My general rule is to stop trusting a compromised digital system until I hear from a person (journalist, in this case) confirming that the control over the system has been restored.

If journalists do not verify the facts themselves or via trusted (human) sources, it’s not journalism but syndication.

Realistically, the news was published yesterday and the notice is dated a week ago. I doubt that a company of IT experts would have failed to take a fake notice down. But I stand by my assessment of TechCrunch journalistic standards.

j / k navigate · click thread line to collapse