On Wed, Jul 10, 2013 at 5:00 PM, Tom Ritter <[email protected]> wrote: > ... if the tens of > thousands figure included 'soft targets': > [lots of soft targets...] > ...Then I could see a "tens of thousands figure". But if someone said > they had more than, say, 250 completely distinct, weaponized exploits > for a fully up to date target like Apache, Chrome, Windows 7/8, Apple > iOS, IE9 - I would be more skeptical.
also consider that exploitable vulnerabilities in all of the above (mainly soft, but also other target systems) identified by the large scale, customized fuzzing systems discussed in the interview are just the first stage in a useful, fully weaponized exploit. this piece may describe the collective set of vulnerabilities over time in the best interpretation possible; the implications are still clear: any commercial system you are using is likely exploitable now in multiple ways, and potentially in the future thousands of ways. as an observer, it is most interesting to me to see the evolution of focus of these exploits, and how they are utilized. the rare public glimpses into these efforts are interesting and instructive. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
