Don't troll people, troll!
On Tue, Nov 2, 2010 at 3:09 PM, T Biehn <[email protected]> wrote: > a+ troll. > > -Travis > > > On Sun, Oct 31, 2010 at 9:24 AM, Christian Sciberras <[email protected]>wrote: > >> Only thing, there's the danger of someone using stolen certificates. >> But I'm sure there's another fix for that. >> >> In my opinion, all in all, you're creating a yet another overly complex >> system with as yet more possible flaws. >> Don't forget tat each new line of code is a potential attack vector which >> affects any system. >> >> Just my 2 cents... >> >> Chris. >> >> >> >> On Sun, Oct 31, 2010 at 1:09 PM, Mario Vilas <[email protected]> wrote: >> >>> Just signing the update packages prevents this attack, so it's not that >>> hard to fix. >>> >>> On Sat, Oct 30, 2010 at 5:02 PM, <[email protected]> wrote: >>> >>>> On Sat, 30 Oct 2010 04:43:14 +0800, Jacky Jack said: >>>> > It's now a time for vendors to re-consider their updating scheme. >>>> >>>> And do what differently, exactly? >>>> >>>> OK, so it's *possible* to fake out the iTunes update process. But which >>>> is easier >>>> and more productive: >>>> >>>> A) Laying in wait for some random to think "Wow, I should update iTunes" >>>> and >>>> hijack the process. >>>> >>>> B) Send out a few hundred thousand spam with a ' >>>> From:[email protected]<from%[email protected]> >>>> ' >>>> with a link to a site you control and feed the the sheep some malware. >>>> >>>> Evilgrade looks like a nice tool to have if you're doing a pen test or a >>>> targeted attack and can somehow get the victim to do an update (possibly >>>> social >>>> engineering), but for any software vendor feeding software updates to >>>> Joe >>>> Sixpack this threat model is *so* far down the list it isn't funny. >>>> Simply >>>> compare the number of boxes pwned by (A) and (B) - how many people have >>>> gotten >>>> pwned because somebody hijacked their update from Symantec or wherever, >>>> compared to the number pwned because they got a popup that said "Your >>>> computer >>>> is infected, click here to fix it"? >>>> >>>> Remember - just because a new tool useful for an attacker shows up, does >>>> *not* >>>> mean it's a game changer for the industry at large. >>>> >>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ >>>> >>> >>> >>> >>> -- >>> HONEY: I want to… put some powder on my nose. >>> GEORGE: Martha, won’t you show her where we keep the euphemism? >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > > -- > FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C > http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on > http://pastebin.com/f6fd606da >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
