It’s not every day that a security researcher acquires the ability to generate counterfeit HTTPS certificates, track email activity, and execute code of his choice on thousands of servers—all in a single blow that cost only $20 and a few minutes to land. But that’s exactly what happened recently to Benjamin Harris.
https://arstechnica.com/security/2024/09/rogue-whois-server-gives-researcher-superpowers-no-one-should-ever-have/
Dan Goodin /
npub1z3…8qvzu
2024-09-11 13:49:25
Author Public Key
npub1z3lwfekw80j4ngzg6ky3ks202xr6uwnd4jttxzsd4euc9l55euvq48qvzuPublished at
2024-09-11 13:49:25Event JSON
{
"id": "5a74769e8100c55e7fe727c52f63742c6180fc84533766cd82556f40e161aeb1",
"pubkey": "147ee4e6ce3be559a048d5891b414f5187ae3a6dac96b30a0dae7982fe94cf18",
"created_at": 1726062565,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/@dangoodin/113119236291747287",
"web"
],
[
"proxy",
"https://infosec.exchange/users/dangoodin/statuses/113119236291747287",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/dangoodin/statuses/113119236291747287",
"pink.momostr"
],
[
"-"
]
],
"content": "It’s not every day that a security researcher acquires the ability to generate counterfeit HTTPS certificates, track email activity, and execute code of his choice on thousands of servers—all in a single blow that cost only $20 and a few minutes to land. But that’s exactly what happened recently to Benjamin Harris.\n\nhttps://arstechnica.com/security/2024/09/rogue-whois-server-gives-researcher-superpowers-no-one-should-ever-have/",
"sig": "b7b2b2169db99c0805efb484eb1a5d9f58c66e6e04a548604f49525751608189248cebaac7c0d6add8327ee44679a57b32df3c1cfa93589a0b2ab2adc3c5da0b"
}