Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How many actual zerodays are there that don't require you to ALSO be doing something dumb per year? It seems exceedingly rare. I understand the argument if you're talking about like, a server running some CMS or whatever, sure that's gonna get pwned because it's a big target so it's worth going after. Your natted personal machine? You're fine unless you're running executable off random russian sites (and even then you're probably fine if you're getting your shit from reputable shady sites)


There was that Windows IPv6 no click zero day within the last couple of weeks


good thing i disable IPv6 at home because it's an annoying pita and i run no machines with windows in the cloud, checkmate :P

on a more serious note though I don't think machines with ipv6 enabled that are behind a NAT are likely to be vulnerable to this, i suppose maybe wormable if you can natpunch through some p2p voip or gaming service, it's the sort of patch i would probably install if i were made aware of it (if i had ipv6 enabled), but being made aware of it doesn't like, leave me worried, and i don't consider it to be likely to affect me unpatched


>I don't think machines with ipv6 enabled that are behind a NAT are likely to be vulnerable to this

Would you be interested in educate yourself about IPv6?

https://ipv6.he.net/certification/


No, I'd rather just keep turning it off. Though if you're interested in telling me why I'm wrong concisely instead of being snarky I'll read that.


NAT and IPv6......you really should educate yourself about it IPv6 is not "that" new...trust me (bro). You know, keep learning is a big part of life ;)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: