The Squeeze

[Dave Aitel <dave () immunityinc com>]

So in general my feeling on 0days is that they come from new attack
surfaces. Finding those new attack surfaces takes a lot of initial time
- months in many cases. Usually it requires a lot of painful strip
mining. For example, you may end up having to implement an entire USB
stack from scratch in Python, or learn how X.25 works, or become the
world's expert in an old IBM mainframe technology.

And generally it involves at least two people. This is why hackers
really like Lev's "The Magicians
<http://www.amazon.com/The-Magicians-Novel-Lev-Grossman/dp/0452296293>"
book series because he does manage to capture a bit of this process/feeling.

From the outside, of course, it's anaconda-like. At some point the team
crosses a threshold and then the cracks start forming and you've
implemented all of X.500 but you're basically drowning in 0day at that
point, and it's just a matter of picking up the pieces you want to use
to construct your exploit.

Anyways, it's good to see. Best show on earth, as they say.

From a strategy point what it means is this: Once a team is pretty far
ahead, they can generally stay ahead by continually dropping the low
level 0day to keep anyone else's investment in the subject matter from
having any return.

-dave

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave