this post was submitted on 13 Jun 2023
45 points (100.0% liked)

Programmer Humor

32455 readers
761 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
top 11 comments
sorted by: hot top controversial new old
[–] KelsonV@lemmy.world 6 points 1 year ago* (last edited 1 year ago)

I had to check....

https://github.com/notepad-plus-plus/notepad-plus-plus/releases/tag/v7.3.3

O_o

Edit:

Yeah, it was real! Back in 2017.

https://notepad-plus-plus.org/news/v733-fix-cia-hacking-npp-issue/

Checking the certificate of DLL makes it harder to hack. Note that once users’ PCs are compromised, the hackers can do anything on the PCs. This solution only prevents from Notepad++ loading a CIA homemade DLL. It doesn’t prevent your original notepad++.exe from being replaced by modified notepad++.exe while the CIA is controlling your PC.

[–] EinfachUnersetzlich@lemm.ee 6 points 1 year ago (2 children)
[–] ABoxOfNeurons@lemmy.one 0 points 1 year ago (1 children)
[–] EinfachUnersetzlich@lemm.ee 0 points 1 year ago (1 children)

I still don't really understand what happened.

[–] Orvanis@lemm.ee 2 points 1 year ago (1 children)

One of the DLLs Notepad++ uses was compromised/customized by the CIA. Any apps that then use that DLL essentially allowed it to start up and do data collection in the background. The users were unaware it was happening, because all they saw running was Notepad++ rather than random_program.exe

[–] tetris11@lemmy.ml 1 points 1 year ago

Though the developer could not get it to do that in his own testing

im sorry what?

[–] TeaHands@lemmy.world 2 points 1 year ago

Feel like I missed some news here

[–] Sleeping@iusearchlinux.fyi 2 points 1 year ago* (last edited 1 year ago)

Hold up. Is this real?

Edit: Holy **** that was real LMAO

[–] kosama@socel.net 1 points 1 year ago

@OsrsNeedsF2P I never looked that into the leaks. Like another article said it doesn't defeat encryption on chat apps but encryption means nothing if someone is already looking over your shoulder before you even hit send.

I think the Notepad++ dev put it best in his conclusion.

"Just like knowing the lock is useless for people who are willing to go into my house, I still shut the door and lock it every morning when I leave home. We are in a f**king corrupted world, unfortunately."