Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
averageRoyalty
59 days ago
|
parent
|
context
|
favorite
| on:
Ask HN: What is in C-00000291*.sys?
More importantly, the companies that enabled auto update from a vendor to production rather than having a validation process. This sort of issue can happen with any vendor, penalising the vendor won't help with the next time this happens.
gquere
59 days ago
[–]
Was there a way to not enable these channel updates? If so, would you still check all the mandatory security measures when being audited?
averageRoyalty
58 days ago
|
parent
[–]
The way is to not install third party software with kernel level access that you can't stop pulling remote updates.
How does that pass a security audit in the first place?
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: