undefined | Better HN

0 pointsSonnigeszeug11mo ago0 comments

So always wait for others to do something?

Don't just download it on your windows home pc with your private data of course.

0 comments

petee11mo ago

In some cases, yes.

An unknown threat, potentially from the supposed nation-state target itself, has a very high risk.

I'm not versed in creating ultra-sterile lab conditions -- things can escape VMs, escape your network, nothing is impossible. Do I instead bring it to my employers systems and let them take the risk? And to what benefit, when I can just wait?

SonnigeszeugOP11mo ago

Cloud VM. Costs you a dollar per hour and has fast download speed.

We are experts on HN. If we don't do it, others with less knowledge might or not might.

And no, a archive file doesn't just include a zero day. A zero day is very valuable.

petee11mo ago

Fair enough, my morning brain didn't think cloud, though i guess one could argue you're still passing off the risk onto someone else. Either way, its not my expertise

1 more reply

tbrownaw11mo ago

> I'm not versed in creating ultra-sterile lab conditions -- things can escape VMs, escape your network, nothing is impossible.

I suppose it is a bit hard to find hardware without integrated wifi these days. Maybe taking a sbc (pi or whatever) and wrapping it in tinfoil would work?

petee11mo ago

You could always cut the pcb lines if you want that guarantee.

I'm aware I'm being cautious to the point of paranoia, but anything with the Russian gov is just not something I feel like learning about the hard way, even if I think I'm able to make such a safe environment

j / k navigate · click thread line to collapse

0 comments

petee11mo ago

In some cases, yes.

An unknown threat, potentially from the supposed nation-state target itself, has a very high risk.

SonnigeszeugOP11mo ago

Cloud VM. Costs you a dollar per hour and has fast download speed.

We are experts on HN. If we don't do it, others with less knowledge might or not might.

And no, a archive file doesn't just include a zero day. A zero day is very valuable.

petee11mo ago

Fair enough, my morning brain didn't think cloud, though i guess one could argue you're still passing off the risk onto someone else. Either way, its not my expertise

1 more reply

tbrownaw11mo ago

> I'm not versed in creating ultra-sterile lab conditions -- things can escape VMs, escape your network, nothing is impossible.

I suppose it is a bit hard to find hardware without integrated wifi these days. Maybe taking a sbc (pi or whatever) and wrapping it in tinfoil would work?

petee11mo ago

You could always cut the pcb lines if you want that guarantee.

j / k navigate · click thread line to collapse