erAck · @erAck
218 followers · 5335 posts · Server social.tchncs.deTrojan Source:
Invisible Vulnerabilities
https://trojansource.codes/
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
https://krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-security-of-all-code/
https://access.redhat.com/security/vulnerabilities/RHSB-2021-007
has a diagnostic script to detect BiDi in source code.
#WhatYouSeeIsNotWhatYouGet #Security #TrojanSource #WYSINWYG #Unicode #BiDi
#bidi #unicode #WYSINWYG #TrojanSource #security #WhatYouSeeIsNotWhatYouGet
derfopps · @derfopps
62 followers · 461 posts · Server digitalcourage.socialApparently, virtually all modern software can be attacked by injecting #Unicode's right-to-left/ltr #BidiOverride characters into comments and strings.
https://krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-security-of-all-code/
#TrojanSource #SupplyChainAttack
#supplychainattack #TrojanSource #BidiOverride #unicode