According to the researcher, YellowKey appears unusual for a previously unknown security bug. Nightmare-Eclipse explained that the flaw can be reproduced by copying an attached "FsTx" folder...
They dont require physical access, but they require access to a non-root account on the machine. How often do you create accounts on your local machine for malicious actors to use?
When you do a new OS install, do you create a separate user account for guests and then share the login details with random people?
“Potential”? They are actively being exploited. And they don’t require physical access to the device.
The require the person to have already compromised you and be running software on your machine
At least one of them only needs a remote session and access to any account on the device.
Only doing a bit of heavy lifting there.
They dont require physical access, but they require access to a non-root account on the machine. How often do you create accounts on your local machine for malicious actors to use?
When you do a new OS install, do you create a separate user account for guests and then share the login details with random people?
Right, because it’s impossible to get a person’s credentials in this day and age.