PaulDotCom mailing list archives
Re: Embedded Malware
From: Jim Halfpenny <jim.halfpenny () gmail com>
Date: Wed, 26 Jan 2011 17:21:59 +0000
Your colleague is naive. See how many ways can you express in two words how application data can lead to compromise. Buffer overflow Format string Poor validation Heap corruption data = input = evil = data Jim On 25 January 2011 19:27, Subba Rao <kleanchap () tanucoo com> wrote:
I am having a serious discussion with one of my colleagues about embedded Malware. In our discussions, I have told him about about Malware in AVI and other media files which get spread from P2P networks etc. His argument is that Malware inside a media file is considered data. When you play the file, the application treats it like data and it should not effect the OS. His argument was not too strong but I need some information to show that embedded malware can be lethal to the OS. Any pointer in this subject area? Thank you in advance. Subba Rao _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Embedded Malware Subba Rao (Jan 26)
- Re: Embedded Malware d4ncingd4n (Jan 26)
- Re: Embedded Malware Jonathan Cran (Jan 26)
- Re: Embedded Malware Jim Halfpenny (Jan 26)
- Re: Embedded Malware Michael Salmon (Jan 26)
- Re: Embedded Malware Bruce Barnett (Jan 27)
- <Possible follow-ups>
- Re: Embedded Malware Ryan Sears (Jan 26)