Dailydave mailing list archives
Hacking: As American as Apple Cider
From: Dave Aitel <dave () immunitysec com>
Date: Fri, 09 Sep 2005 16:10:59 -0400
Everyone's in a tizzy over this Ranum posting where he explains that hacking is not cool. But hacking is clearly cool. So I don't get it. I think if you take a strong enough position in any one direction on hacking you will be both profound and idiotic and I'm not sure where this posting lies.
http://www.ranum.com/security/computer_security/editorials/dumbRecently Immunity hired a top notch system administrator so we can afford to take a few more risks. I really do want to get our XML-RPC over Jabber server up. I'm going to put an OpenOffice server on one end of it and CANVAS will be able to connect to it and generate documentation automated by pyOpenOffice. That'll be the first step in having the CANVAS World Server where I build an open marketplace for exploit professionals to sell their time and enable them to remote help out wherever they want, without exposing their code itself to CANVAS. Theoretically you can drive a CANVAS connected to the CANVAS World Server from any language that can speak XML-RPC. You could write your exploits in Ruby, offer them over the CANVAS World Server, collect fifty bucks every time they get used by a client, and never have the client have to install anything. Or you could install your own CANVAS World Server and have your own documentation generator that does specific things just for you, and gets updated all in one place.
My Mac is supposed to arrive today. I get hundreds of people asking for CANVAS on the Mac every day. One thing about theoretically knowing about bugs before they go public is that you get a better feeling for how secure in general a system is. I call it "Noirtime". I.E. How much of Sinan Eren's time is finding a remote on this thing going to take. I think Mac OS X is around the level of Windows 2000. That's just my gut feeling.
http://zdnet.com.au/news/security/soa/Mac_community_must_wake_up_to_security/0,2000061744,39210762,00.htm -dave Obligatory RealityBas 02:34PM <bas> today i learned about algorithms, and sub algorithms, and how this relates to baking an apple pie/ 02:40PM <bas> the PROBLEM was 'we need to produce an apple pie' 02:40PM <bas> for this we had PRIMITIVES 02:41PM <bas> such as: pour, bake, put in, etc. 02:41PM <bas> then from our PRIMITIVES 02:41PM <bas> we made an ALGORITHM 02:41PM <bas> that described the STEPS, in SEQUENCE and REPETITION <dave> bas - how is our shellcode encryptor coming?
Current thread:
- Hacking: As American as Apple Cider Dave Aitel (Sep 09)
- RE: Hacking: As American as Apple Cider Paul Melson (Sep 09)
- Re: Hacking: As American as Apple Cider Isaac Dawson (Sep 09)
- <Possible follow-ups>
- RE: Hacking: As American as Apple Cider Kyle Quest (Sep 09)
- Re: Hacking: As American as Apple Cider Nick Drage (Sep 14)
- RE: Hacking: As American as Apple Cider Fergie (Paul Ferguson) (Sep 09)
- Re: Hacking: As American as Apple Cider Nate McFeters (Sep 09)
- RE: Hacking: As American as Apple Cider Kyle Quest (Sep 09)
- Re: Hacking: As American as Apple Cider Marcus J. Ranum (Sep 09)
- Re: Re: Hacking: As American as Apple Cider Dinis Cruz (Sep 11)
- Re: Re: Hacking: As American as Apple Cider Gadi Evron (Sep 11)
- Re: Re: Hacking: As American as Apple Cider Dinis Cruz (Sep 11)
(Thread continues...)
- RE: Hacking: As American as Apple Cider Paul Melson (Sep 09)