Hacker News new | comments | ask | show | jobs | submit login
DynoRoot1111 (CVE-2018-1111) (dynoroot.ninja)
20 points by ryanlol 8 months ago | hide | past | web | favorite | 8 comments

Oh. My. Gosh.

> Powered by 0day.marketing > 0day marketing services for security researchers

This is literally the single most unprofessional vulnerability announcement I've seen in my 15 years in the field.

How does it offend me? let me count the ways:

1) a song?

2) 'Details' links to a tweet without any actualy said 'details'

3) a song?

4) The page appears to be completely unassociated with the actual researcher who found the vulnerability

The more I look at this the more I think this has to be a parody. Someone please tell me it's a joke.

Ok, it's a joke. Right? Please?

It's a joke. Here's how it was done:

1. Write a song.

2. Find a real and recent CVE.

3. Make a website that satirises branded security vulns and refer to said real CVE.

4. Don't forget about that song. It's catchy!

I've got very high hopes for the associated ODAY coin https://xchain.io/asset/ODAY

Honestly, I can't tell if this is satire just from reading the article.

Had to google the CVE number to find out that it's just a incredibly unprofessional "named CVE" announcement page, or as I like to call them "I found a bug and this is going on my resume".

Link to the actual CVE page: https://access.redhat.com/security/cve/cve-2018-1111

EDIT: I can't decide if the absurdism of the site is hilarious or annoying. Whoever put this site together must be proud.

>Honestly, I can't tell if this is satire just from reading the article.

Perhaps you need to listen to the song? https://dynoroot.ninja/dynoroot.ogg

From Felix Wilhelm, the original reporter: https://twitter.com/_fel1x/status/996388421273882626

> Thanks to @0dayMarketing this bug has a name, logo and theme song now: http://dynoroot.ninja #dynoroot

Wow, these comments make me sad - this is pretty clearly satire (although the vulnerability is real and pretty scary). Did the "DynoRoot!!!1111" really not give this away? :)

Why is every security exploit or bug getting a name, marketing website, and branding? This one even has a song... What?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact