• tal@lemmy.today
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      7 months ago

      Apparently the backdoor reverts back to regular operation if the payload is malformed or the signature from the attacker’s key doesn’t verify. Unfortunately, this means that unless a bug is found, we can’t write a reliable/reusable over-the-network scanner.

      Maybe not. But it does mean that you can write a crawler that slams the door shut for the attacker on any vulnerable systems.

      EDIT: Oh, maybe he just means that it reverts for that single invocation.