Hacker News new | past | comments | ask | show | jobs | submit login

I don't disagree, however with no actual exploit (in the wild or POC according to RH), no confirmation of the ability to execute code on the actual host, so yes important but doesn't really justify the whole name and landing page ordeal.

Not because it's not important, but because it just desensitizes the whole impact of vulnerabilities the caliber of Heartbleed or Shellshock which did affect a large chunk of the servers and machines connected to the internet at the time.

Now they claim it's bigger than heartbleed, but with no exploit, and no clear statement on what actual in use implementations are affected, Amazon already have came out saying that VENOM has never affected their implementation of Xen, if Digital Ocean and Rackspace come out with the same statement it just makes this whole "bigger than HB stance" is silly.

And as far as the corporate/enterprise world goes, well VMware, CISCO, and MSFT hypervisors have a much bigger share out there and their hypervisors are not affected so again no much of a bite there.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: