RE: More on Shatter

["Mark Ribbans" <mark.ribbans () ctel com au>]

1. Important servers/workstations should NOT use win32
That's irrelevant, the point is that important machines DO, and will
continue, to use win32.

2. Currently there are plenty of remote vulnerabilities which leave you with
enough priviledge to do some nasty stuff on a Win32-box (OK, if someone will
create an automated Shatter version that could be used to gain more
priviledge on a "owned" win32 but than again... see reason no 1 :)
Can you be specific, more than likely they are not of the same genre as
Shatter and can easily fixed with a software patch?

3. As long as someone needs phisical access for this it's not really such a
serious problem.. usually when someone has phisical access to a computer he
can do mostly whatever he/she wants. Without using exploits...
Physical access is not required. Console access is required, there are many
companies offering terminal services to employees and such. Many of these
systems are server based which could lend itself to a domino effect, where
if one server is compromised then another is...yada yada

4. And probably the most important reason: Shatter is one of those mostly
harmless yet very neet exploits that you can impress your friends with... or
you can quickly hack your gf's account while she's changing her clothes (ok,
during this time you could also take her computer bring it to your place,
take out the hdd copy every file on it and then still have the time to go
back to her place and light up a cigarete. :))
Not if you are on a terminal server system. I don't agree that shatter is
mostly harmless; personally I think this is the tip of the iceberg.
Mark Ribbans
Ctel Technologies Pty Ltd