What stuck out to me about the script that harvested information, was that it only looked in hardcoded, default paths. It wouldn't be able to attack your firefox data, for example, if you used a Firefox flatpak which stored it's data in .var/app. It wouldn't be able to extract your .profile or .bashrc, if your profile contained only a single line to source ~/.config/profile in it, instead of real contents. If your ETH tokens were held in ~/.cryptowallet/eth instead of the standard location, nothing could be stolen.
It speaks to how a simple obscure change like "changing the default storage location of a program" can sometimes help you avoid very simple attacks.
Is something as stupid as changing a default storage location the panacea to supply chain attacks or a replacement for proper security sandboxing? No.
But I guess it's better than nothing.
Stay tuned!
========================
Follow pyamsoft around the Web for updates and announcements about the newest applications!
Like what I do?
Send me an email at: pyam.soft@gmail.com
Or find me online at: https://pyamsoft.blogspot.com
Follow my Facebook Page
Check out my code on GitHub
=========================
========================
Follow pyamsoft around the Web for updates and announcements about the newest applications!
Like what I do?
Send me an email at: pyam.soft@gmail.com
Or find me online at: https://pyamsoft.blogspot.com
Follow my Facebook Page
Check out my code on GitHub
=========================