Dash 🇸🇬
So...how does this work with the anarchic Misuse of Computers Act? I will never submit any disclosure in SG for any vulnerability after the time 2 people got charged for "hacking" the PMO website through HTML injection via the Google Search Bar widget on their website.
----------------------
CSA as a CVE Numbering Authority (CNA)
https://www.csa.gov.sg/Tips-Resource/Resources/singcert/cve-numbering-authority
mustardsauce
@dashrandom wait, what? This is giving the same energy as the guy who got in trouble for breaking up a fight because he had the gall to *pour water* on the assailant
Dash 🇸🇬
@mustardsauce here is [mainstream media source](https://www.straitstimes.com/singapore/courts-crime/man-jailed-for-cyber-attack-on-pmo-website). And here is a more [technically inclined source](https://www.enterpriseitnews.com.my/singapore-prime-minister-office-website-intact-and-not-hacked/).
mustardsauce
@dashrandom shit… thanks for digging this up for me. I’m not technically-minded at all so what I’m getting from this is that the site *appeared* to have been hacked but that was only a farce? Trend Micro seems to back this up in their report.
Dash 🇸🇬
@mustardsauce the URL that the "hackers" shared was something like (you're gonna need to copy link cos Mastodon shrinks the full url) https://www.pmo.gov.sg/googlesearch?=https%3A%2F%2Fwww.thisismysitethatmakesitlooklikeyougothacked rather than just https://www.pmo.gov.sg so yeah, it wasn't even *barely* a hacking and more like making people think it was hacked.
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.