undefined | Better HN

0 pointssamus2y ago0 comments

> Wrong.

> Oxymoron.

Cheap words. Care to explain?

0 comments

3 comments · 1 top-level

drtgh2y ago· 2 in thread

Containers are portability tools, that can partially control a benign application, but in no way will contain a Trojan. The community warns such tools give a false sense of security.

As long as the Trojan is moderately advanced, there is nothing to stop it (currently, mouse and cat).

The only thing one can do is to detect signs of its activities, just routine.

When the least unexpected day one detect the signs, one notify to the work circle that the machine has been compromised for to rescind our permissions, it is tried to find out how entered and get an idea of the time during which the data leak has occurred, as anything relevant you did in that machine is on some public page on internet.

samusOP2y ago

That was exactly what I was referring to. One would have to at least use a VM to mitigate that danger, or completely airgap the system. Logging suspicious accesses for forensic purposes is surely useful, but expecting the user to review all these notifications won't improve security, unless this is intended to become their job.

drtgh2y ago

I ask kernel support for this kind of monitoring, and you have twice recommended tools that you know will not accomplish the task, even assuring it is not possible to bypass them, just in case in a big hypothetical ten or twenty years (Linux) an unformal petition in a forum were implemented, and just in case much later you were asked to use it in your job, knowing it is unlikely and that it is an operative system where all the services can be customized and disabled. I surrender.

1 more reply

j / k navigate · click thread line to collapse