Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What is the significance of the headline? It seems like the editors are trying to play into popular stereotypes for clicks, because reading through the disclosure log, it seems like a straightforward process marred by some minor email/communication issues. No real attempt at "suppression/censorship", as the headline implies. What am I missing?


Tencent initially misclassified the issue as not a security risk. Shortly after, they reconsidered and asked the researchers not to make it public.


Yes, what could be wrong with some keyboard input addon that sends every keypress to Tencent, and on top of that, in a manner trivial for a passive eavesdropper to decode?

We used to call these things "keyloggers".


The severity of the vulnerability has nothing to do with this sensationalized headline.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: