funsec mailing list archives

Re: 2013 predictions...

From: Dan White <dwhite () olp net>
Date: Mon, 10 Dec 2012 09:31:52 -0600

On 12/10/12 10:17 -0500, Rich Kulawiec wrote:

On Sun, Dec 09, 2012 at 12:25:50PM -0600, Dan White wrote:

Mobile offers homogeneous targets, but also targets which can be fixed,
overnight, by vendors with deep pockets.


I don't see how, but maybe I'm not reading this as intended.  If malware
has asserted control of a mobile device, can't it prevent the fix from
being downloaded?  (Or, alternatively, simply lie to the user about
the status of the download?)


I suppose that's a risk. I would hope that what ever vulnerability, or user
confusion, led to the installation of malware, would not also affect the
ability of the vendor to push a new fix. However, if the malware gets root,
all bets are off.

--
Dan White
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

2013 predictions... Nick FitzGerald (Dec 07)
- Re: 2013 predictions... Jeffrey Walton (Dec 08)
  - Re: 2013 predictions... Rob, grandpa of Ryan, Trevor, Devon & Hannah (Dec 09)
- Re: 2013 predictions... Rich Kulawiec (Dec 09)
  - Re: 2013 predictions... David Harley (Dec 09)
- Re: 2013 predictions... Dan White (Dec 09)
  - Re: 2013 predictions... Blanchard, Michael (InfoSec) (Dec 10)
  - Re: 2013 predictions... Rich Kulawiec (Dec 10)
    - Re: 2013 predictions... Dan White (Dec 10)
- Re: 2013 predictions... Ned Fleming (Dec 10)