Bernd,
IIRC, the iPhone gets mounted, however, you'll only have access to
pictures videos (3gs). I wouldn't consider that a security flaw -
this behaviour is standard for almost any device being mounted via
USB.
Question:
iPhone OS 3.1.3? Jailbreaked / original firmware?
I'll check it tonight
Gregor Schneider writes:
Bernd,
IIRC, the iPhone gets mounted, however, you'll only have access to
pictures videos (3gs). I wouldn't consider that a security flaw -
this behaviour is standard for almost any device being mounted via
USB.
Question:
iPhone OS 3.1.3? Jailbreaked /
Sent from my HTC
-Original Message-
From: Thor (Hammer of God) t...@hammerofgod.com
Sent: 15 May 2010 21:59
To: full-disclosure@lists.grok.org.uk full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Windows' future (reprise)
No, It's Tim Mullen. No Bill here.
No, I don't
On Tue, 18 May 2010 10:24:42 +0200, Gregor Schneider said:
IIRC, the iPhone gets mounted, however, you'll only have access to
pictures videos (3gs). I wouldn't consider that a security flaw -
this behaviour is standard for almost any device being mounted via USB.
The fact that most devices do
On 18/05/10 09:24, Gregor Schneider wrote:
Question:
iPhone OS 3.1.3? Jailbreaked / original firmware?
I'll check it tonight with a 3G, iPhone OS 3.1.1, Jailbreak and come
back to you.
Hi Gregor,
I updated my blog, hope this helps:
Dear List,
I'm writing on behalf of the Check Point Vulnerability Discovery Team to
clarify this issue. Here is our advisory and the specific timeline:
Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/
GhostScript 8.70 and lower stack
CVE-2010-1454: SpringSource tc Server unauthenticated remote access to JMX
interface
Severity: Critical
Vendor:
SpringSource, a division of VMware
Versions Affected:
tc Server Runtime 6.0.19.A, 6.0.20.A, 6.0.20.B, 6.0.20.C, 6.0.25.A
Description:
A problem has been identified in the
Happens they are completely unrelated stories. Also happens that I won't
fall for someone's hysteria from using windows.
By the way, I don't know you, but I would depend on the _fact_ that I've
been using a product without a hitch rather then someone's claims that the
said product will fall in a
On Tue, May 18, 2010 at 11:39 AM, valdis.kletni...@vt.edu wrote:
The fact that most devices do it doesn't mean it's not a security flaw.
-1
AFAIK the USB-protocol does not contain any authorization /
authentication-mechanism:
http://www.beyondlogic.org/usbnutshell/usb3.htm
Please correct
That is because it is a hardware protocol. But that doesn't mean
applications can't have their own protocol, or use a standard one such as
TLS.
As a comparison, it is like https/ssl vs tcp/ip protocol.
Cheers.
On Tue, May 18, 2010 at 2:02 PM, Gregor Schneider rc4...@googlemail.comwrote:
On
On Tue, 18 May 2010 14:02:53 +0200, Gregor Schneider said:
AFAIK the USB-protocol does not contain any authorization /
authentication-mechanism:
-1 (as you put it).
1) Google broken as designed sometime.
2) Google for secure USB flash drive. Oddly enough, the lack of said
mechanism doesn't
On Tue, 18 May 2010 14:38:47 +0200, Christian Sciberras said:
That is because it is a hardware protocol. But that doesn't mean
applications can't have their own protocol, or use a standard one such as
TLS.
Or get even simpler - design the device with the rule: Don't even bother
talking on the
Cassidy MacFarlane would like to recall the message, [Full-disclosure]
Windows' future (reprise).
www.grantmanagement.co.uk
www.gmhelp.co.uk
Please consider the environment before printing this email and any attachments.
This message and any files transmitted with it are confidential and
Hello Full-Disclosure!
I want to warn you about security vulnerability in different browsers.
-
Advisory: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera
and other browsers
-
URL: http://websecurity.com.ua/4206/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:097
http://www.mandriva.com/security/
Je serai absent(e) à partir du 2010-05-17 de retour le 2010-05-24.
Je répondrai à votre message dès mon retour.___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
What messages warning you from using Windows? I certainly hope you do not have
me confused with the OP - I already used the term hysteria to describe his
ideas and subsequent recommendations. The entire premise is fatally flawed,
and the subsequent replies show a level of ignorance that I
On Sun, May 16, 2010 at 08:49:29PM -0400, valdis.kletni...@vt.edu wrote:
On Sun, 16 May 2010 23:49:00 BST, lsi said:
Malware is flooding at 243% (+/- error). This is consuming the
oxygen in your machine.
The basic error in your analysis is that although there may in fact be
snip
why
Thor,
Sorry, I didn't make my points clear enough. I was replying sarcastically to
Cassidy's remarks and asking him to prove his claims.
Regards.
On Tue, May 18, 2010 at 4:40 PM, Thor (Hammer of God)
t...@hammerofgod.comwrote:
What messages warning you from using Windows? I certainly hope
On Tue, 18 May 2010 18:00:52 +0300, Georgi Guninski said:
why flame about constants about detectable malware when the world missed
100% of the undetectable malware? :)
There are known knowns. These are things we know that we know. There are known
unknowns. That is to say, there are things that
All I saw was sent from my HTC from him. Maybe I'm glad I missed
it ;)
On May 18, 2010, at 8:15 AM, Christian Sciberras uuf6...@gmail.com
wrote:
Thor,
Sorry, I didn't make my points clear enough. I was replying
sarcastically to Cassidy's remarks and asking him to prove his claims.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:098
http://www.mandriva.com/security/
AFAIK the USB-protocol does not contain any authorization /
authentication-mechanism:
USB just defines the signaling protocol and interface.
After that, you can make the target device to whatever you want with the
corresponding driver on the host side. Take a look at any Sansa MP3
player ..
--On Tuesday, May 18, 2010 14:40:45 + Thor (Hammer of God)
t...@hammerofgod.com wrote:
What messages warning you from using Windows? I certainly hope you do not
have me confused with the OP – I already used the term “hysteria” to
describe his ideas and subsequent recommendations. The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:099
http://www.mandriva.com/security/
===
Ubuntu Security Notice USN-939-1 May 18, 2010
xorg-server vulnerabilities
CVE-2009-1573, CVE-2010-1166
===
A security issue affects the following Ubuntu releases:
On Mon, May 17, 2010 at 6:28 AM, Bernd Marienfeldt be...@linx.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
I've recently upgraded to Ubuntu Lucid Lynx (10.04 LTS) and been
surprised by the iPhone 3GS (3.1.3 - 7E18) mounting behavior:
Fully switch off the iPhone 3GS and
The iPhone uses proprietary protocols over USB for file operations, syncing
and the like -- only real authentication that I can recall (and I got it
working to begin with ;)) was that the session with lockdownd (kind of a
broker for starting services, etc.) eventually goes SSL... there is also
Actually, no. It doesn't have to pair to read and write to internal storage.
You only have access to the pictures dir and other files they may have put on
the external storage section, but you can plug it into any system that has
drivers and access it.
t
-Original Message-
From:
Truly? Wait, are you going through AFC or some other way? It was my
understanding that iPhone internal storage never comes up any other way...
Doesn't lockdownd require that your computer be paired before even going SSL
to start services?
On May 18, 2010 4:23 PM, Thor (Hammer of God)
Nope, I just plug it into a USB port on a computer and it comes right up. Did
it on 2 Win7 boxes that I’ve never plugged the phone into before and a
Win2008R2 box to double check. The R2 box didn’t automatically install
drivers, but it would have worked had I done so…
t
From: Zach C.
31 matches
Mail list logo