• dan@upvote.au
    link
    fedilink
    arrow-up
    28
    ·
    7 months ago

    and it was only discovered accidentally, when someone was profiling some stuff, noticed SSH using a bit too much CPU power when receiving connections even for invalid usernames/passwords, and spent the time to investigate it more deeply. A lot of developers aren’t that attentive, and it could have easily snuck through.