Full Disclosure mailing list archives
RE: remote kernel exploits?
From: nick () virus-l demon co uk (Nick FitzGerald)
Date: Sat, 14 Sep 2002 10:42:08 +1200
Personally I could really care less about "0-day exploits". There are a thousand ways to penetrate a machine that are more effective then relying on finding that one obscure piece of code. Why doesn't anyone ever discuss interception, people seem to bent on the latest vulnerability. Then again what do I know. Maybe it IS all about "0-day".
Technologists, not surprisingly, tend to focus on problems that can be fixed by tweaking the technology. Social engineering and many of the useful/successful interception methods of "attack" are not particularly solvable by technologists (the ethics of human NDA research tend to "get in the way" here... 8-) ). As the people on this list are in some sense mainly technologists, the bias you point out in the concerns discussed here is quite understandable. You are, of course, right that there are many low-tech/no-tech attack methodologies but the people on lists such as this are not the people who will "fix" them, so they're not likely to get as much air-time here. Regards, Nick FitzGerald
Current thread:
- remote kernel exploits?, (continued)
- remote kernel exploits? memetic-engineer () australia edu (Sep 08)
- RE: remote kernel exploits? Yonatan Bokovza (Sep 10)
- RE: remote kernel exploits? Jacques A. Vidrine (Sep 10)
- RE: remote kernel exploits? Gommers, Joep (Sep 11)
- RE: remote kernel exploits? andy_mn () hushmail com (Sep 12)
- RE: remote kernel exploits? Andrew Thomas (Sep 12)
- RE: remote kernel exploits? HalbaSus (Sep 13)
- RE: remote kernel exploits? silvio () big net au (Sep 13)
- Message not available
- RE: remote kernel exploits? silvio () big net au (Sep 13)
- RE: remote kernel exploits? gml (Sep 13)
- RE: remote kernel exploits? Nick FitzGerald (Sep 13)
- RE: remote kernel exploits? gml (Sep 13)