Good morning:
Earlier today, Synapse updated with the following entry:
[GAME MANAGER SERVICE]
*IMPROVEMENTRS
-We've increased the security of Game Scanner: our engineers have identified the troublemakers and made sure they will no longer cause any further issues.
Can you give more detail on this? I've seen odd behavior with my Key Light Chroma the last few days, and this update has me concerned of a possible breach via Synapse on my end. Please explain the background, evidence and effective resolution by Razer on this issue.
Info request: We've increased the security of Game Scanner...?
I totally agree with this. If you're going to perform a security update, be ready for transparency and indicating the level of risk that users were facing pre-update (if any). If a breach occured, it's also required by law to report it to relevant authorities, and to notify users that may have been affected.
Userlevel 3
Turgenev
Good morning:
Earlier today, Synapse updated with the following entry:
[GAME MANAGER SERVICE]
*IMPROVEMENTRS
-We've increased the security of Game Scanner: our engineers have identified the troublemakers and made sure they will no longer cause any further issues.
Can you give more detail on this? I've seen odd behavior with my Key Light Chroma the last few days, and this update has me concerned of a possible breach via Synapse on my end. Please explain the background, evidence and effective resolution by Razer on this issue.
like this? any privilege escalation? the term "increase the security" simply means nothing and does not accurately describe the facts.
Guys, don't get your hopes up.. i expect they will ignore this thread. Especially if it was something like Remote Code Execution, where some hackers could control our device's RGB lighting to work towards a specific condition where broader RCE (that could compromise a system) occured, or to 'troll and show off' they are able to do that. I'm just guessing in the dark based on what Turgenev said, together with the patch note tone "We found the .. troublemakers .." and my own IT security background.
If it's something serious, they A) don't want us to worry about what might have happened,
want to prevent reputation damage (by keeping it under the sheets) and C) wait for most users to have received the security update, as spilling it can lead to bad people finding out and quickly abusing it again. It is also possible that A and B have the bonus effect of that they don't have to make it a big deal, so that they don't feel pressed to notify authorities of a data leak/breach/potential compromise of users, as is required by western law. Like, downplay it is something, or how severe it is.
I'm gonna reinstall my PC by tomorrow, unless transparency will take place, as i would fear for my data security due to a potential breach/infection that already occured before the update got sent.
Also, if this is really something bad, i hope Razer doesn't learn from the commotion and not put "security" in a patch note while remaining obscure, as that provides us even less opportunities to notice something may be amiss and call on Razer for clarification. If a company isn't interested in notifying users so they can take care of their potentially compromised security, and want to make severe incidents "not a thing", that can easily happen, but it's not what should happen.
If it's something serious, they A) don't want us to worry about what might have happened,
want to prevent reputation damage (by keeping it under the sheets) and C) wait for most users to have received the security update, as spilling it can lead to bad people finding out and quickly abusing it again. It is also possible that A and B have the bonus effect of that they don't have to make it a big deal, so that they don't feel pressed to notify authorities of a data leak/breach/potential compromise of users, as is required by western law. Like, downplay it is something, or how severe it is.I'm gonna reinstall my PC by tomorrow, unless transparency will take place, as i would fear for my data security due to a potential breach/infection that already occured before the update got sent.
Also, if this is really something bad, i hope Razer doesn't learn from the commotion and not put "security" in a patch note while remaining obscure, as that provides us even less opportunities to notice something may be amiss and call on Razer for clarification. If a company isn't interested in notifying users so they can take care of their potentially compromised security, and want to make severe incidents "not a thing", that can easily happen, but it's not what should happen.
Reply
Sign up
Already have an account? Login
Log in with Razer ID to create new threads and earn badges.
LOG INEnter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.