Sure, nobody’s saying it’s an inscrutable mystery but if your goal is to inform a wide audience it’s considered good form to expand all but the most common acronyms. It’ll even get you more internet points than petty smugness.
I think they've almost certainly seen it written out, just not as an acronym. I figured out what it stood for based on context and knowing the full phrase, but I don't recall actually seeing the LPE acronym in recent memory. Whereas with CVE it's the opposite: I almost never see it written out, and even now find it non-obvious what the E stands for, bizarrely enough.
That’s very optimistic. I’d bet there are an order of magnitude more people wondering how exposed they are than security researchers reading this.
https://duckduckgo.com/?q=LPE+security&ia=web
wow
Sure, nobody’s saying it’s an inscrutable mystery but if your goal is to inform a wide audience it’s considered good form to expand all but the most common acronyms. It’ll even get you more internet points than petty smugness.
1 reply →
I've read many CVEs (somehow that acronym is ok... heh) but have never seen LPE despite being familiar with the concept.
That seems literally borderline impossible.
I think they've almost certainly seen it written out, just not as an acronym. I figured out what it stood for based on context and knowing the full phrase, but I don't recall actually seeing the LPE acronym in recent memory. Whereas with CVE it's the opposite: I almost never see it written out, and even now find it non-obvious what the E stands for, bizarrely enough.
You should re-evaluate your probabilities, I too have heard frequently of CVEs, but never of an LPE.
5 replies →
I could see it for someone who is only somewhat in tune with security work today.
Back in the day those of us breaking into shitty php sites didn't use LPE, we used "privesc", IIRC.
Content at the OP link http://copy.fail seems fairly different from any normal CVE I’ve seen.