← Back to context Comment by atgreen 6 hours ago Have a look at https://github.com/atgreen/rhel-block-copyfail 4 comments atgreen Reply JeremyNT 24 minutes ago I was aware of commercial antivirus vendors (Crowdstrike) doing something like this, but this is the first I've seen it published by somebody in the open!Have you considered writing up a blog post and submitting this to HN? cassianoleal 5 hours ago Thanks!From the sound of it, the same mitigations for Copy Fail 1 are also effective here. atgreen 5 hours ago No, they are different. I just bundled them together for convenience in this POC. The only real thing in common is that they both use eBPF. cassianoleal 3 hours ago Got it, thanks!
JeremyNT 24 minutes ago I was aware of commercial antivirus vendors (Crowdstrike) doing something like this, but this is the first I've seen it published by somebody in the open!Have you considered writing up a blog post and submitting this to HN?
cassianoleal 5 hours ago Thanks!From the sound of it, the same mitigations for Copy Fail 1 are also effective here. atgreen 5 hours ago No, they are different. I just bundled them together for convenience in this POC. The only real thing in common is that they both use eBPF. cassianoleal 3 hours ago Got it, thanks!
atgreen 5 hours ago No, they are different. I just bundled them together for convenience in this POC. The only real thing in common is that they both use eBPF. cassianoleal 3 hours ago Got it, thanks!
I was aware of commercial antivirus vendors (Crowdstrike) doing something like this, but this is the first I've seen it published by somebody in the open!
Have you considered writing up a blog post and submitting this to HN?
Thanks!
From the sound of it, the same mitigations for Copy Fail 1 are also effective here.
No, they are different. I just bundled them together for convenience in this POC. The only real thing in common is that they both use eBPF.
Got it, thanks!