Editing Talk:2166: Stack
Please sign your posts with ~~~~ |
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 5: | Line 5: | ||
:I would say that the thin layers are actually boundaries between major parts of the stack. The lower one seems to be a boundary between hardware/firmware and (system & application) software, the upper one a boundary between a software product/system/framework as released/sold and the same system as installed/configured at a particular site (the "customer" layer suggests that to me) -- [[User:Malgond|Malgond]] ([[User talk:Malgond|talk]]) 16:17, 21 June 2019 (UTC) | :I would say that the thin layers are actually boundaries between major parts of the stack. The lower one seems to be a boundary between hardware/firmware and (system & application) software, the upper one a boundary between a software product/system/framework as released/sold and the same system as installed/configured at a particular site (the "customer" layer suggests that to me) -- [[User:Malgond|Malgond]] ([[User talk:Malgond|talk]]) 16:17, 21 June 2019 (UTC) | ||
::I was thinking something along those lines, but I thought it was strange there was one inserted between the compromises by a current and a past employee. (A compromise by a past employee was likely implemented while they were employed, maybe as a backdoor they can access after leaving the company.) [[User:Ianrbibtitlht|Ianrbibtitlht]] ([[User talk:Ianrbibtitlht|talk]]) 17:34, 21 June 2019 (UTC) | ::I was thinking something along those lines, but I thought it was strange there was one inserted between the compromises by a current and a past employee. (A compromise by a past employee was likely implemented while they were employed, maybe as a backdoor they can access after leaving the company.) [[User:Ianrbibtitlht|Ianrbibtitlht]] ([[User talk:Ianrbibtitlht|talk]]) 17:34, 21 June 2019 (UTC) | ||
− | :::I think this stack is most supposed to be some form of website. The customer (a site visitor/user) is exploiting a Javascript vulnerability. The former employee is exploiting a deeper vulnerability but still through the browser/otherwise through the web (e.g. an URL-based exploit, like adding "/../"s to url to access files that aren't supposed to be part of the site) that they know about because they worked on it. The current employee is compromising using their access to the code, the database, or the server, hence the division. [[User:Schpeelah|Schpeelah]] ([[User talk:Schpeelah|talk]]) 17:58 | + | :::I think this stack is most supposed to be some form of website. The customer (a site visitor/user) is exploiting a Javascript vulnerability. The former employee is exploiting a deeper vulnerability but still through the browser/otherwise through the web (e.g. an URL-based exploit, like adding "/../"s to url to access files that aren't supposed to be part of the site) that they know about because they worked on it. The current employee is compromising using their access to the code, the database, or the server, hence the division. |
− | + | [[User:Schpeelah|Schpeelah]] ([[User talk:Schpeelah|talk]]) 17:58, 21 June 2019 (UTC) | |
Not to be confused with the [https://www.explainxkcd.com/wiki/index.php/1636:_XKCD_Stack XKCD Stack]. --[[Special:Contributions/162.158.182.232|162.158.182.232]] 15:52, 21 June 2019 (UTC) | Not to be confused with the [https://www.explainxkcd.com/wiki/index.php/1636:_XKCD_Stack XKCD Stack]. --[[Special:Contributions/162.158.182.232|162.158.182.232]] 15:52, 21 June 2019 (UTC) | ||
Isn't the title text a reference to [https://www.bleepingcomputer.com/news/security/open-mongodb-databases-expose-chinese-surveillance-data/ when china had some surveillance databases publicly visible]? [[User:Rerere284|Rerere284]] ([[User talk:Rerere284|talk]]) 17:48, 21 June 2019 (UTC) | Isn't the title text a reference to [https://www.bleepingcomputer.com/news/security/open-mongodb-databases-expose-chinese-surveillance-data/ when china had some surveillance databases publicly visible]? [[User:Rerere284|Rerere284]] ([[User talk:Rerere284|talk]]) 17:48, 21 June 2019 (UTC) | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |