The backdoor on Contec CMS8000 patient-monitoring devices could allow an IP address at an unnamed university to remotely download and execute unverified files, according to CISA.
The backdoor on Contec CMS8000 patient-monitoring devices could allow an IP address at an unnamed university to remotely download and execute unverified files, according to CISA.
everything has a backdoor… can we quit pretending that these zero day CVE are not back doors?
or we can’t start naming them unless it is Chinese doing it?
Knock it off with the propaganda.
This is literally a deliberate back door.
And no, we can’t call zero days backdoors because they are not same thing.
There are valid questions, many of which revolve around how and why it’s used.
Some systems have brain damaged approaches to diagnostics/logging, license enforcement, or remote service/update systems that create security holes but are not intentionally malicious.
Security is hard and we should remember Hanlon’s Razor.
I get lots of mileage out of Hanlon’s Razor, and I acknowledge the rampant incompetence that suggests its applicability, but digital security seems like about the least appropriate place to apply this rule of thumb.
As someone who has to deal with PCI compliance issues, there’s plenty of noob mistakes, out-of-date thinking and outright “let’s log this data for debugging purposes even though if any regulator found out they’d nuke us from orbit.”
Fair enough, I can imagine that pretty easily.
Please clarify this statement.
What happened at Tiananmen square?
People protested the chinaman regime, some people got killed but not on the actual square tho?
There is a famous picture of a man protesting in front of a tank.
If you think I am a tankie, just check my body of work on here lol
Y’all cant see past these basic concepts… Much more work to be done.