classic opsec mistake - eviltoast

cross-posted from: https://discuss.tchncs.de/post/10692187

so, the company was Vastaamo. was because it got bankrupt after the breach, and GDPR violations.

the “hacker”(or rather cracker) was extradited from France to Finland.
you can read about how terrible the company’s security was here: https://tietosuoja.fi/en/-/administrative-fine-imposed-on-psychotherapy-centre-vastaamo-for-data-protection-violations

or watch mental outlaw’s video on the matter, or the Wikipedia article on the breach.

now there are several things that shouldn’t have happened (e.g.: don’t do these things on your main OS, have root access disabled, etc.), but I’ll leave that to you experts.

  • NaoPb
    link
    fedilink
    English
    arrow-up
    14
    ·
    11 months ago

    I’m always worried when making .tars that I’m doing something wrong when the file also has a . file inside. I know this is probably nothing but it makes me think of something like this.

    • petrol_sniff_king@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      11
      ·
      11 months ago

      . and … are how terminals navigate around file systems.

      The command cd . means “change directory (cd) to here (.)”

      cd .. means “change directory to here, but one level up: my parent directory.”

      So following that model, winrar and maybe older versions of 7zip used folders called ‘.’ as navigational tools within the archive browser. If you double-clicked through them, you’d see where they go.

      I don’t know how much of this you knew, but the point is it shouldn’t freak you out too see them.