PeterRE: https://mstdn.social/@hkrn/116284264915152671
lol oh my god i feel **so fucking smug** right now, it's incredible. my whole body is tingling.
gemelen@peter
I could also see from the description on what's stolen by the credential collecting part - almost all tools and their config files are those that don't follow XDG directories structure.
So, if an attacked computer configured properly, these credentials are just not there to be stolen. That's kinda hilarious.
An example: even if I have to have a .ssh in root of the homedir, it's a symlink into the .config/ssh, where no keys are present in the ~/.config/ssh (and config file is parameterised, so it doesn't include key paths, for example).
I could also see from the description on what's stolen by the credential collecting part - almost all tools and their config files are those that don't follow XDG directories structure.
So, if an attacked computer configured properly, these credentials are just not there to be stolen. That's kinda hilarious.
An example: even if I have to have a .ssh in root of the homedir, it's a symlink into the .config/ssh, where no keys are present in the ~/.config/ssh (and config file is parameterised, so it doesn't include key paths, for example).