undefined | Better HN

0 pointstw042y ago0 comments

For some random server, sure. For a state sponsored attack? Having an embedded exploit you can use when convenient, or better yet an unknown exploit affecting every linux-based system connected to the internet that you can use when war breaks out - that's invaluable.

0 comments

eru2y ago

Yes, but even states have only finite resources, so even for them compromising an account would be cheaper.

(But you are right that a sleeper would be affordable for them.)

treflop2y ago

Having one or two people on payroll to occasionally add commits to a project isn't exactly that expensive if it pays off. There are ~29,000,000 US government employees (federal, state and local). Other countries like China and India have tens of millions of government employees.

microtonal2y ago

And they might as well be working on compromising other projects using different handles.

eru2y ago

Not all government employees are equally capable.

1 more reply

dgellow2y ago

It’s a very cheap investment given the blast radius

j / k navigate · click thread line to collapse