"Police state" search got censored in Italy

23 points by richsnipe 5h ago 9 comments

Ask HN: What career will you switch to when AI replaces developers?

5 points by DGAP 1h ago 5 comments

Ask HN: How do you obtain software development contracts?

16 points by codingclaws 3h ago 8 comments

Ask HN: Has AI breathed new life into Semantic (web) Technologies?

4 points by rottyguy 5h ago 3 comments

Getting tired of Helm – any better way to handle deployments in Kubernetes?

20 points by DeborahEmeni_ 1d ago 18 comments

I built a pixel art editor after playing Octopath Traveler II

114 points by Kobayashiii 5d ago 47 comments

Ask HN: Did Aliexpress stop shipping to US?

26 points by olalonde 1d ago 13 comments

Ask HN: Advice wanted – director distrusting of our team?

4 points by golly_ned 17h ago 5 comments

I made 4000 agent calls in Cursor last month. Each model has a personality

5 points by mike210 12h ago 2 comments

Ask HN: Who wants to be hired? (May 2025)

129 points by whoishiring 6d ago 372 comments

Ask HN: Have you used Claude Code? Is it any good?

6 points by mbm 18h ago 7 comments

Ask HN: Hackathons feel fake now

199 points by sepidy 2d ago 126 comments

Ask HN: Jaded with AI – Alternatives?

9 points by career_question 20h ago 6 comments

Ask HN: Who is hiring? (May 2025)

258 points by whoishiring 6d ago 386 comments

Ask HN: Can you exclude ~/Library except for your iCloud Drive in macOS backups?

2 points by amichail 16h ago 2 comments

Cloi – Local debugging agent that runs in your terminal

2 points by gcha 19h ago 1 comments

Canadian Startup Options Tax Planning

2 points by gillyuv2 20h ago 0 comments

What I discovered after months of professional use of custom GPTs

10 points by anammana 1d ago 3 comments

Ask HN: Has anyone managed to pass Meta's Access Verification?

24 points by hipgrave 2d ago 11 comments

Ask HN: How are you using MCP when coding?

4 points by mbm 23h ago 6 comments

Ask HN: How have you spent time outside work for the past couple of weeks?

7 points by alex77456 1d ago 14 comments

Sds vs. GB: C string libs, copy or coincidence?

3 points by nephewtom 1d ago 4 comments

Tell HN: Incorporated my software company today

25 points by namanyayg 4d ago 7 comments

Ask HN: Best underrated way to get a job in tech during a hiring slowdown?

15 points by tolarewaju3 3d ago 34 comments

Ask HN: Given a sufficiently complex argument, people deduce anything they like

4 points by ricardo81 2d ago 7 comments

Ask HN: Is archive.today/is/md/etc. compromised?

6 points by ementally 2d ago 8 comments

Ask HN: Does anyone know the the chan-style website that used postcards?

2 points by PonDiDancefloor 2d ago 1 comments

Why Apple still lets malformed media files reach decoders – and how to stop it

3 points by jamweba 2d ago 2 comments

Looking for an official extension of Temporal Prolog

6 points by youio 2d ago 0 comments

Ask HN: Anyone else roll eyes at startups that went from "X" to "AI-powered X"?

72 points by ronbenton 3d ago 49 comments

LeetCode for Front End Engineers

10 points by CGamble26 5d ago 8 comments

Ask HN: Anyone else give up on trying to get rich?

16 points by 999900000999 2d ago 35 comments

Ask HN: AI tools to help you learn faster (GitHub, books, PDFs)

15 points by ilmoi 4d ago 5 comments

VPNSecure deactivated all lifetime subscribers

16 points by vmrocha 5d ago 10 comments

iVentoy tool injects malicious certificate and driver during Win install

14 josephernest 8 5/6/2025, 9:26:35 PM github.com ↗

Comments (8)

josephernest · 19h ago

(I am not the person who found it, but I reproduced and I confirm his finding)

Another source:

https://security.stackexchange.com/questions/281238/iventoy-...

josephernest · 18h ago

Up to now, I confirm I can reproduce the following steps:

- download of official "iventoy-1.0.20-win64-free.zip"

- extraction of "iventoy.dat"

- conversion back to "iventoy.dat.xz" thanks to @ppatpat's Python code

- confirm that "wintool.tar.xz" is recognized by VirusTotal as something that injects fake root certificates

The next steps are scary, given the popularity of Ventoy/iVentoy :

> Analyzing "iventoy.dat.xz\iventoy.dat.\win\vtoypxe64.exe" we see it includes a self signed certificate named "EV" certificate "JemmyLoveJenny EV Root CA0" at offset=0x0002C840 length=0x70E. > vtoypxe64.exe programmatically installs this certificate in the registry as a "trusted root certificate"

Maxious · 16h ago

JemmyLoveJenny still lives!

https://www.bleepingcomputer.com/news/security/hackers-explo...

josephernest · 16h ago

Playing devil's advocate, could it be that they require a temporary access to a customized Windows driver (and thus they fake a trusted root certificate) to make Ventoy work? If that's the case, they should have documented it properly in the source...

Or do you think it's 100% malicious?

ziml77 · 12h ago

This year old issue regarding blobs in the repo with a ton of replies has not gotten responses from the author https://github.com/ventoy/Ventoy/issues/2795

Doesn't mean for sure it's malicious but them not even explaining why there's blobs like this is very suspicious.

Maxious · 8h ago

I think regardless of intent, it is a security vulnerability to install these ring 0 loopholes. Microsoft is cracking down on RGB lighting and anticheat software drivers similarly

sn0n · 13h ago

So... If I use ventoy should I worry?

*Starts looking for alternatives just cuz*

out-of-ideas · 9h ago

isnt iventoy different than ventoy?

also check if your system has the reg key listed in the issue

there's always https://www.supergrubdisk.org/super-grub2-disk/

and finally, if you are really concerned and dont want to re-install, you can always take export the registry key of your root certs of a ventoy installed system and compare against a system not loaded with ventoy

edit: can also use systemd to boot iso's (among many other things)