Hacker News new | past | comments | ask | show | jobs | submit login

> a test update that was pushed to production unintentionally rather than malware

This position seems to be based on the assumption that malware is less likely to be subject to mistakes than MSFT.

Want to check with the PR dept? ;)

It's based on the assumption that it's more likely that someone made a harmless but embarrassing mistake than that someone shipped a major security bug in a critical system, which was then exploited by someone simultaneously skilled enough to hijack the Windows Update servers to deliver malware and incompetent enough to completely screw it up.

Random text but real TLDs also just smells like test data to me. Someone smarter than me could probably do the statistical analysis to determine if this is actually random or pseudo-random garbage typed by a person. Given the fairly long runs of all-caps and all-lowercase in the description, I'd guess a person typed this out (presumably as part of creating a test or test suite).

You could rephrase that as:

> A test update getting accidentally pushed out is more likely than a compromise of the Windows Update system.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact