On Fri, Oct 02, 2015 at 04:14:26PM +0200, Lodewijk andré de la porte wrote: > Maybe not owned, but at least without accidentally-press-publish protection. > > (if it's this easy to mispublish a test update, how hard would it be for an > employee to publish an exploit?)
Feel free to forward this to whomever it may concern. As I blogged, why should their "alleged test updates" contain .gov/.mil/.edu domains? As an aside, the "garbage text" might just be some easy to break ASCII? friendly cypher/obfuscation. (certainly sufficiently long OTP would decrypt it to whatever, but something short is not expected to decrypt it to (l33t?) English IMHO).
