[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1031960219.3070.10.camel@alice>
From: gml at phrick.net (gml)
Subject: RE: remote kernel exploits?
Oh i never said anything about "lo-tech/no-tech" and I wasn't referring
to social engineering. My emphasis was on the "buffer overflow" we tend
to not look farther than trying to find flaws in software. I think I was
aiming myself mainly at the security companies who lurk on mailing lists
trying to find their next big score. There seems to be a big emphasis on
"what will the next bug be and who can find it first" and not just on
this list i mean everywhere and of course the media loves that. I'm
also not saying this is a bad thing I enjoy a overflow as much as the
next guy, I'm just not bent on it. Lately I am seeing a rise in
interest in worms and other autonomous agents I think that's good, too
bad this sort of research tends to be held close by the anti-virus
companies. Of course I understand the approach of locate and fix, i
mean i'm a big believer in opensource and this is one of the reasons.
The fact that the source code is available for auditing/tweaking is
wonderful.
On Fri, 2002-09-13 at 17:42, Nick FitzGerald wrote:
> > Personally I could really care less about "0-day exploits". There are a
> > thousand ways to penetrate a machine that are more effective then
> > relying on finding that one obscure piece of code. Why doesn't anyone
> > ever discuss interception, people seem to bent on the latest
> > vulnerability. Then again what do I know. Maybe it IS all about
> > "0-day".
>
> Technologists, not surprisingly, tend to focus on problems that can
> be fixed by tweaking the technology. Social engineering and many of
> the useful/successful interception methods of "attack" are not
> particularly solvable by technologists (the ethics of human NDA
> research tend to "get in the way" here... 8-) ).
>
> As the people on this list are in some sense mainly technologists,
> the bias you point out in the concerns discussed here is quite
> understandable. You are, of course, right that there are many
> low-tech/no-tech attack methodologies but the people on lists such as
> this are not the people who will "fix" them, so they're not likely to
> get as much air-time here.
>
>
> Regards,
>
> Nick FitzGerald
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists