Full Disclosure mailing list archives
Re: To anybody who's offended by my disclosure policy-GET THIS GUYS
From: James Tucker <jftucker () gmail com>
Date: Fri, 17 Dec 2004 02:05:56 +0000
I don't have allot to say on this topic as a whole which I have not said before, so some of this is just repetition; maybe it'll be heard this time. DoSing browsers will almost always be possible, as with any other application, so long as you can load it up to process enough information. If the developers put range checks on every input the system would perform very slowly and would not scale up to future hardware capabilities. For mission critical applications this is fully necessary but to be quite honest, there isn't a perfect solution (there's no such thing as functional equivalence when it comes to software design). The 'exploit' in question may have some other ramifications than just processor usage, and if it does then fair enough; but frankly making something which simply occupies processor time is not hard, and would be just as easy to do with javascript as with anything else. The most difficult thing about this is to make the task the correct time that it will abuse the session managers priority matrix. For more detail on that see HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager along with any related technical docs. On Thu, 21 Oct 2004 11:26:14 +0200, Rafel Ivgi, The-Insider <rivgi () finjan com> wrote:
SkyLined is a great dude. Scerious guy!
scerious eh?
He is only worthy for RESPECT and no blame. There is no signed law against releasing such information and its funny someone is anyhow talking about this in FULL-DISCLOSURE list, which its entire concept is to disclose full details about vulnerabilities.
what vulnerability? If your talking about excess use of processor time then you are currently performing quite a nice PoC in making me feel that this mail is necessary!
By the way, for all of FireFox fans....FireFox has many open vulnerabilities which its vendor refuses to fix. Even after notifing and even after 4 month :-)...Moreover, they are just like MS claiming certain bugs are not bugs, talking "in the air" and without checking and under-blowing risk values. They even don't sign their exe's(which is a super minimal protection against man-in-the-middle replacing downloads) so microsoft windows can't say its a valid file from a valid vendor and not a virus.
You should know though as well as the rest of us that signing technologies are not perfect, and the man in the middle can stand to corrupt other data transfer too making signing somewhat pointless in this scenario.
For Example: <a href='http://theinsider.deep-ice.com/ctfmon.exe%00/hehe.exe.|||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||| '>test it</a> This has no effect on I.E...... Will cause LooserFox, ahh sorry, FireFox to ***BURN ALL YOU CPU!!! 100% FOREVER...***
Maybe you would find yourself receiving a little more respect if you showed some to the vendor and didn't call them losers? just an idea, surely you are good at social engineering too, but you don't seem to show it.
What i am saying is, it is now who codes the software, it is how you do.
So time codes software? Sorry, I know what you are trying to say, well this is the core of my point, if SkyLined is such a great bloke why doesn't he get the source from the CVS and actually send better code back, this is supposed to be what open source is all about. There is some hypocrisy in here somewhere which I hope you can find for yourself because I don't want to start that much of a battle, just please start being reasonable.
(if i was not in a job working frame, i would publishing things that will cause you all to say its shit)
What makes you think that these kinds of 'exploits' are not possible to be built for any other browser? Why do you consider Firefox worse than other browsers, in REAL justified terms? I don't want to read RAW HTML all the time just because there isn't a good piece of software out there to perform this job, I make an informed decision as to which one is going to serve my purpose best and I use that. I wish that all software could be perfect, but I have my eyers open to reality that this will not always be the case.
FireFox team claimed its an old bug.bla bla bla.and has no problem and no security risk...bla bla bla... and didn't fix it after 4 month...
Once again, if its so easy to fix, why haven't one of you geni done it yet?
Just like MS when they are not even commercial, than what they are? on the way to making money...to be the second size'd market share browser.
So the top two browsers in the world both have major security implications to their users, maybe this would suggest something to you about how easy it is to develop such a piece of software so that it works with most pages and will satisfy most customers. Do you really think that all these coders are so bad? Are you trying to suggest that when you code you never have to debug and it always comes out mathematically optimal? if so then why don't you go and pay someone to fix it with your vast capitol that you should be earning for your skills? After all you are the one who claims your only doing it to better the world for mankind.
GO SKYLINED!
If you really want people to consider you to be useful then try to actually fix what you break, other wise you have to realise that your actions are only destructive. In the case of Internet Explorer you don't get that option, but your attitude toward Firefox is a little strange at best.
Rafel Ivgi, The-Insider Security Consultant Malicious Code Research Center (MCRC) Finjan Software LTD E-mail: rivgi () Finjan com --------------------------------- Prevention is the best cure!
I suggest you listen to your own footer! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: To anybody who's offended by my disclosure policy-GET THIS GUYS GuidoZ (Dec 16)
- <Possible follow-ups>
- Re: To anybody who's offended by my disclosure policy-GET THIS GUYS devis (Dec 22)
- Re: To anybody who's offended by my disclosure policy-GET THIS GUYS James Tucker (Dec 23)