Remote code execution vulnerability in Google they are not willing to fix

[jacquesm]

That only works if you don't casually toss away your layers.

[pclmulqdq]

There are a LOT of layers at Google, and they're very liberal about what you can do on your own machine. There are a lot of steps between there and the prod environment, and usually a bunch of auditing too. Once you're in prod, your server also basically can't do anything unexpected - for example, if you want to call out of the datacenter, you have to file a ticket, etc. All of this establishes an audit trail, too.

[robocat]

I presume there are a lot of honeypots too?

Hackers “discover” a password, but infrastructure is watching for that canary to sing, and they know exactly what machine or file was compromised.

Hackers “discover” an internal service with a known vulnerability, but attempting to use the apparent vulnerability (honeypot) triggers security.