Hacker News new | past | comments | ask | show | jobs | submit login

'My image only has one vulnerability! (it's a terminal that's reachable from the public internet)'



'My image has zero vulnerabilities! (it's a proprietary terminal that's reachable from the public internet)'.

The flip side of "this reports too many vulnerabilities" is "this reports too few vulnerabilities", it should always be made clear we are talking only about publicly known vulnerabilities, which is a subset of all discovered vulnerabilities, which is a subset of all vulnerabilities.


Hi, I have a terminal that's reachable from the public Internet that lets you execute arbitrary code: http://rkeene.org:8080/




Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: