Dailydave mailing list archives
Re: This guy cracks me up. (MindsX)
From: H D Moore <hdm-daily-dave () digitaloffense net>
Date: Tue, 5 Sep 2006 00:31:10 -0500
John, Your arrogance and complete naivete in all things security has finally gotten to me. Replies are inline: On Monday 04 September 2006 17:41, John Gruber wrote:
If so, do you have an exploit against the built-in AirPort card and driver that even vaguely resembles the video demonstration you showed at the Black Hat conference?
If he had one, he can't share it, since it is owned by Secureworks, not by Johnny. I saw their Black Hat presentation, I know both of them personally, and I would stake my reputation that neither one of them is blowing smoke when they say they have a working exploit. More than likely, you will never see this exploit, but the bug details will be posted by Secureworks once the patch is released by Apple. Secureworks sells IDS services, sharing exploit code goes against their own disclosure policy (just like sharing bug details before a patch does).
Are you therefore saying that Lynn Fox's statement that you'd shown them "no evidence" was an outright lie?
Who cares? The only entities with real information about the Apple driver bug are Johnny, David, Secureworks, and Apple. This is how it will stay until the patch is released. Johnny published the technical details to reproduce the bugs he personally found. If this doesn't display some level of "evidence", no amount of bloggery and "challenges" will.
2) Responding to mac bloggers isn't my idea of a good time. Nothing I could say would ever convince them.You could easily convince me by showing me, or someone I trust, a stock MacBook getting hijacked or otherwise attacked.
Lets try a different scenario. You could easily convince me that you aren't a moron by flying to Austin (TX) and taking a standard IQ test in front of me. If you don't show up by next week, I will have proved that you indeed are a moron, and will post to my blog to make it seem credible. If you do show up and score 100 or higher, I will pay for your airfare, otherwise you walk home. Sound fair?
This isn't even a personal attack against them; it's that they lack the technical skills required to understand this problem.Letting aside for now the idea that I couldn't possibly understand the details of "this problem", I fail to see why that would prevent you from answering a few basic questions about your findings.
The details certainly matter, but what matters more are the basic implications.
The implications are obvious if you understand the details. If you don't understand what remote code execution at ring-0 means, its not Johnny's job to educate you (nor mine). It also not Johnny's job to feed you with quotes to post on your blog.
My frustration is that neither you nor Maynor have answered the simple yes/no question of whether you've found an exploit against the stock MacBook AirPort card and driver.
Welcome to the world of vulnerability disclosure, disclosure policies, and corporate politics. Johnny posted enough details to back his claim about the Centrino driver issues (a flaw that probably affects more systems than Apple has actually shipped). The Apple driver bugs will have to wait for public patch release. If you don't like it, tell Apple to fix their code faster.
So this attack crashes the machine?
Code execution at ring-0, do you understand it?
Even if you've been threatened, legally, by Apple, and thus feel you can't or shouldn't reveal any technical details regarding what you have found, why not at least state specifically the nature of the legal threat(s) against you?
Gee, if a large company made legal threats against you, and one of the terms of out-of-court settlement was to not comment on it publicly, what would you do? Rise to the challenge of some self-righteous blogger and be sued into oblivion? I don't know whether this is the case, but use some common sense please. -HD _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: This guy cracks me up. (MindsX) johnny cache (Sep 03)
- Re: This guy cracks me up. (MindsX) Lyndon Sutherland (Sep 04)
- Re: This guy cracks me up. (MindsX) Blue Boar (Sep 04)
- <Possible follow-ups>
- Re: This guy cracks me up. (MindsX) John Gruber (Sep 04)
- Re: This guy cracks me up. (MindsX) Alexander Sotirov (Sep 05)
- Re: This guy cracks me up. (MindsX) H D Moore (Sep 05)