> Russian locale kill switch: Exits silently if system locale begins with "ru", checking Intl.DateTimeFormat().resolvedOptions().locale and environment variables LC_ALL, LC_MESSAGES, LANGUAGE, and LANG
So bold and so cowards at the same time...
> Russian locale kill switch: Exits silently if system locale begins with "ru", checking Intl.DateTimeFormat().resolvedOptions().locale and environment variables LC_ALL, LC_MESSAGES, LANGUAGE, and LANG
So bold and so cowards at the same time...
The worst thing is that you can't even tell if that's "real" or just a false flag.
Does it matter? Lots of groups do such checks at startup at this point, because every news outlet who reports on it suddenly believe the group to be Russian if you do, so it's a no brainer to add today to misdirect even a little.
My point is that it could still be Russia, as they know that we know it is used as a false flag.
My point is; what changes if we knew for a fact it was Russia or that it was someone else?
>My point is; what changes if we knew for a fact it was Russia or that it was someone else?
Is this a serious question?
Sounds serious to me
It's highly unlikely that the people behind an attack like this would come out (non-anonimously) and take credit. And it's unlikely they'll be caught. So does it matter to most peoplee if it's Russians, Americans, Iranians, North Koreans, or some other country?
If you're a 3-letter agency, you'd want to know and potentially arrest them, but as a random guy on the internet, or even a maintainer, I really don't think it matters.
So if it came out that the NSA was attempting to put backdoors in consumer password managers, it wouldn't change the context of the side channel attack? How about if it was a company (like Google)? It seemed like an unserious question because I can't understand how someone would think something like that wouldn't change the situation.
Does the nsa really need that ? 99% of our services are hosted on American servers, which the nsa already has full access.
Why would you steal the key when you're already in the house ?
And for the high profile, like some Iranian scientist who has the code to something important, they wouldn't use things like bitwarden.
I really see no use case when the nsa would need access to your bitwarden vault.
> So if it came out that the NSA was attempting to put backdoors in consumer password managers, it wouldn't change the context of the side channel attack?
Not really, we already know that NSA attempts shit like this all the time, if that came out, it'd be the same as the Snowden leaks meaning, a bunch of nerds going "Huh, who could have predicted this?". I don't see the point in it being Russia, China or the US, I'd like it as much if the US did it as Russia, so that's why I asked why it matters.
for most people, nothing.
for threat intel people, a lot.
If walks like a duck and quacks like a duck, then it is a russian spy masqueraded like a duck. Russia is at cold war with NATO.
"Discretion is the better part of valor", "Never point it at your own feet", "Russian roulette is best enjoyed as a spectator", and many other sayings seem applicable.
Smells like blackmail from another nation..
ah yes, because everyone sets locale on their npm publish github CI job.
obvious misdirection, but it does serve to make it very obvious it was a state actor.
> but it does serve to make it very obvious it was a state actor
Lol no, lots of groups do this, non-state ones too.
That isn't a smoking gun. I think it was the Vault7 leaks which showed that the NSA and CIA deliberately leave trails like this to obfuscate which nation state did it. I'm sure other state actors do this as well, and it's not a particularly "crazy" technique.
So, Russia is no longer a target for CIA?
What? All I'm saying is that attribution isn't easy to do in these cases.