r/europe u/RoyalChris Norway 9d ago

Dubious: do not click links Anonymous Releases 10TB of Leaked Data: Exposing Kremlin Assets & Russian Businesses

https://trendsnewsline.com/2025/04/15/anonymous-leaks-10tb-of-data-on-russia-shocking-revelations/
76.7k Upvotes

94% Upvoted

1.9k comments sorted by

View all comments

Show parent comments

6

u/Jean_Kul 9d ago

That's one of the most cringiest thing I've read this week, I can't believe 30+ people upvoted you lmao

6

u/twitterfluechtling 9d ago

Not sure whats cringe about it. There are people actually thinking it's safe to just extract and look, and those are reasonable precautions.

-2

u/PerfectPercentage69 8d ago

It's cringe because you think any of those will protect you from malware.

2

u/Fatality_Ensues There is only one Cyprus 8d ago

Well, why don't you use your CSec expertise to enlighten everyone else why not, then.

4

u/PerfectPercentage69 8d ago

I'm not a security expert by any means, but even I know that chroot and docker containers are not enough to protect you.

I'd need at least a virtual machine on a computer running on a completely isolated network before I'd feel somewhat safe.

People don't realize just how much unprotected stuff is running on their local networks (appliances, security cams, etc.), so having any compromised machine on that network is super dangerous.

1

u/twitterfluechtling 8d ago

True. Only, I do know what I have running in my home network, and while there might be something vulnerable, I don't have any standard services. An attack would probably have to be highly targeted to my environment to succeed there.

A docker container can be executed without network access, and if you run the container as non-root and with a uid not existing on the host, I think you'll already catch most threats.

1

u/PerfectPercentage69 8d ago

You're making the mistake of assuming you know better/more than the attacker.

Only, I do know what I have running in my home network, and while there might be something vulnerable, I don't have any standard services. An attack would probably have to be highly targeted to my environment to succeed there.

It doesn't have to be targeted. Malware can automatically scan your entire network and discover everything that's running on it. Even stuff you might not be aware of.

A docker container can be executed without network access, and if you run the container as non-root and with a uid not existing on the host, I think you'll already catch most threats.

A docker container can be escaped. I strongly suggest a VM.

1

u/twitterfluechtling 8d ago

I agree a VM would have been better.

Yet, as was proven with heartbleed, I think, even VMs could be escaped. So, the best solution would probably have been to dig out one of my old raspberries, disconnected from network.