@GossiTheDog that "the user needs to print a document" does indeed make all the difference, stopping the from being completely automated to requiring user interaction.
Yes, you could add an evil printer with the same name as the real one (if you happen to know that name). There may be even some weird system with a cron sending job automatically to a printer. But all in all, printing is a (relatively) uncommon action (even on environments where it is popular), drastically lowering the impact.

However, I do wonder if that open port 631 couldn't be used to send a print job to that just-installed-evil-printer, dropping victim interaction altogether.

@tynstar in many cases (small sites) the website owner don't understand it, either. So they end up installing a generic and obnoxious banner which was not needed. Or they are just for some analytics they don't really look at.

Big companies have resources to do these things properly, though (even if they are often as clueless).

I would wish they understood however that they MUST make the options equally accessible. So, if they want to put some tracking 🍪 for a non-essential purpose (like sharing my whereabouts with their hundreds of partners so they can build a better profile which they then sell to more "partners"), they cannot promote "their" preference for the acceptance.

So, if they put a one-click Accept-all button, I must be able not to accept any of them in one click as well. Not five, not three, one as well (or alternatively, make the acceptance as longer as the other).

And let's not get started with those considering that it's legitimate to require a subscription for not getting tracked...

Cc: @Em0nM4stodon

@gizmomathboy just by changing /etc/os-release ?

That's crazy, I mean... intentional.
That looks like the software reading /etc/os-release and refusing to work with wrong values. Does it explicitly read it? Either that or something like reading /etc/os-release and then suffering a buffer overflow because the lines are longer than expected.

Anyway, do remember that it is possible to show a different /etc/os-release just to one program (through some tinkering with namespaces and mounts), in case you need to the keep the real data for the rest of the OS.

@bagder

Seeing they go back to 2009, I first thought they were not that bad. But thinking on it, I'm no longer sure if 74 mails in 14 years for an email address with such exposure should be considered small or big.*

2-3 "crazy mails" a year is probably acceptable, just a chuckle. And while you're thankfully not getting them daily, 2021 was clearly a busy year for people arriving at you. There's probably something that could be inferred from this (more systems using curl? A device that more prominently showed third-party licenses? More connected users?) since I doubt the rate of misguided people has varied.

Good thing you were not required to reply back to them.

(*) I'm quite sure your spam rates are horrific, though.

They have also published a blog entry: https://www.ivanti.com/blog/security-update-for-ivanti-connect-secure-and-ivanti-policy-secure-gateways

#CVE-2023-46805

@KyanHexagon @benmontour @GossiTheDog @cyberxduck @thegpfury