← Back to context

Comment by debugnik

3 days ago

Fair, then I obviously think Xe may have a kinda misguided understanding of their own product. I still stand by the concept I stated above.

6 comments

debugnik

Reply
rhaps0dy  3 days ago

latest update from Xe:

> After further investigation and communication. This is not a bug. The threat actor group in question installed headless chrome and simply computed the proof of work. I'm just going to submit a default rule that blocks huawei.

  • scratchyone  3 days ago

    this kinda proves the entire project doesn't work if they have to resort to manual IP blocking lol

    • troyvit  2 days ago

      It doesn't work for headless chrome, sure. The thing is that often, for threats like this to work they need lots scale, and they need it cheaply because the actors are just throwing a wide net and hoping to catch it. Headless chrome doesn't scale cheaply so by forcing script kiddies to use it you're pricing them out of their own game. For now.

    • Aachen  2 days ago

      Doesn't have to be black or white. You can have a much easier challenge for regular visitors if you block the only (and giant) party that has implemented a solver so far. We can work on both fronts at once...

      2 replies →