8 comments

[ 4.7 ms ] story [ 32.1 ms ] thread
Honestly, I can't tell if this is satire just from reading the article.

Had to google the CVE number to find out that it's just a incredibly unprofessional "named CVE" announcement page, or as I like to call them "I found a bug and this is going on my resume".

Link to the actual CVE page: https://access.redhat.com/security/cve/cve-2018-1111

EDIT: I can't decide if the absurdism of the site is hilarious or annoying. Whoever put this site together must be proud.

Oh. My. Gosh.

> Powered by 0day.marketing > 0day marketing services for security researchers

This is literally the single most unprofessional vulnerability announcement I've seen in my 15 years in the field.

How does it offend me? let me count the ways:

1) a song?

2) 'Details' links to a tweet without any actualy said 'details'

3) a song?

4) The page appears to be completely unassociated with the actual researcher who found the vulnerability

The more I look at this the more I think this has to be a parody. Someone please tell me it's a joke.

Ok, it's a joke. Right? Please?

It's a joke. Here's how it was done:

1. Write a song.

2. Find a real and recent CVE.

3. Make a website that satirises branded security vulns and refer to said real CVE.

4. Don't forget about that song. It's catchy!

Why is every security exploit or bug getting a name, marketing website, and branding? This one even has a song... What?
Wow, these comments make me sad - this is pretty clearly satire (although the vulnerability is real and pretty scary). Did the "DynoRoot!!!1111" really not give this away? :)