Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If we assume that Ms. Thompson is generally terrible at opsec, then presumably she is also terrible at offensive security, which leads to one of two conclusions:

Either:

A: She is being framed.

or

B: Capital One's security was (and probably still is) laughable.

She doesn't seem to be being framed. If Capital One's security is horrendous, they are unlikely to be exceptional... so we will see much more of this.



> If we assume that Ms. Thompson is generally terrible at opsec, then presumably she is also terrible at offensive security,

One can possess great technical skills and still be a braggart. Nothing about a lack of OPSEC implies she cannot exploit a vulnerable system.


This tweet alone seems to indicate she definitely did it...

https://twitter.com/0xA3A97B6C/status/1151901325598187521


Isn’t all of that anyway in AWS docs ? Would something like this stand as an evidence to implicate her in US courts?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: