I’m not at all suggesting this is what is happening right now, but my inner conspiracy theorist wonders if one day attack announcements/security updates will be used by governments to get masses of people to install exploits for them.
Or a “leaked” NSA presentation that says “we’re having really tough time cracking rot13”.
We know that’s not true. The NSA actually alerted people very early in computing that rot13 wasn’t safe, and recommended some key changes to it without explanation back in the 60s. That’s why we now tend to use 3rot13 instead, which performs the rot13 operation two extra times.
Hehe. I didn’t realise there was an RFC for 3rot13 :)
Yeah, probably should be. I didn’t see that one. @Irene @jcs?
I think they should actually be unmerged as the two articles, while sharing a subject have 2 very different focuses. The Citizen Lab article provides much more information as the Lookout article is a relatively short intro, followed by a link to the actual technical analysis and the Citizen Lab article. When I see merged articles I expect them to be very similar in the amount of information they provide, however the Citizen Lab article provides much, much more information and is far more technical than the Lookout post. See the following sentence from the last section of the Lookout article (links from article).
Our reports provide in-depth information about the threat actor as well as their software and the vulnerabilities exploited — Citizen Lab has tracked the actor’s political exploits around the world, while Lookout has focused on the technical details of the malware from the beginning of the exploit chain to its use.
If the merge reason was “article has links to the other article for more information” I would be more inclined to agree, but I think the articles provide significantly different takes on the story. Or, instead of unmerging, I would suggest making the Million Dollar Dissident article the main one as it was published earlier and contains far more information.