t.me/shareJim/244170
You're viewing a single comment thread. View all comments, or full comment thread.
Comments (60)
sorted by:
The trip code and the explanation are perfectly reasonable.
I'm not going to disagree with that. I'm just very skeptical.
Well I have been doing a bit more digging on this, and honestly I am reserving judgement at this point. Cautiously optimistic I guess but not convinced, like you.
I don't like the whitelisting part. Anyone with his password would be whitelisted. Otherwise, with the salt change factored in there would have to be 2 authentication mechanisms to allow a whitelisting to bypass the salt. If in fact that is what happened I wouldn't trust the 2nd auth method because you don't just crap out a new method and integrate it into the system. If Jim was able to get someone to do that, who knows if it is even secure.
My guess is he did something like what programmers tried to do with sql inputs to a web site. Once sql injection became a thing, programmers tried to put a list of characters that weren't allowed in a sql query (because they could allow data to be executed after a bad query). The problem with that is the programmers would have to get all possibilities in that list and they didn't always achieve that. If 8kun did something similar there could be security issues with that list.
A verification/delta/proof is needed before we 100% know it is Q. Q knows that because they have done that every other time they went dark.
Breaking - Q just posted again. His last line is:
Q knows. I expect a verification is coming soon.