Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Two thoughts for the day:

From: "Thomas Ptacek" <tqbf () matasano com>
Date: Fri, 25 Apr 2008 14:05:38 -0500
It's also backtested, so who knows how realistic the data set they're
working with is? It's "automated", and large data sets (all MSFT
security patches) are available. Presumably, if this system worked as
well as the press says it works, they could have run it against many
more patches and had a more compelling paper. That they didn't tells
you something.

Smarter people than me disagree with this point, but I'll make it
anyways: there isn't necessarily a 1:1 mapping between patches and
exploitable code paths. So I kind of disagree with the premise, too.

On 4/25/08, jf <jf () danglingpointers net> wrote:

2. The work presented ignores the most time consuming portion of the

 > exercise, being the attack vector discovery.  It only automates the
 > portion which takes a negligable amount of time when compared to the
 > rest of the work needed to produce a viable exploit.



indeed, they keep saying 'exploit' when they mean 'dos poc', which is
 indeed impressive in itself, but only mildly useful.


 _______________________________________________
 Dailydave mailing list
 Dailydave () lists immunitysec com
 http://lists.immunitysec.com/mailman/listinfo/dailydave




-- 
---
Thomas H. Ptacek // matasano security
read us on the web: http://www.matasano.com/log
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: