Domain: contextis.com
Stories and comments across the archive that link to contextis.com.
Comments · 10
-
Re:Likelyhood of attack?
It could be exploited without a direct connection by spoofing the source IP address of a server the client is already talking to and generating a reasonable fake packet matching others recently received by the client. So if you could get access to hardware between the client/server you could exploit this on the client.
More details here: https://www.contextis.com/blog/frag-grenade-a-remote-code-execution-vulnerability-in-the-steam-client
-
Re:The idiocy of the reporting
There are already internet enabled light bulbs and they have Security issues. Now in this case it appears that its just breaking into the bulbs mesh network and the manufacturer has released a fix, but most users won't apply it and what happens if they drop the product or just go out of business? The threat could easily more like the WiFi Kettle hack
-
Behind the shield
On the right hand side of the title text, behind the thing that looks like a shield and the thing that looks like a dashpot connected to a screen door, is a link. It's there.
http://www.contextis.com/resou...
(On my terminal the link is actually behind those two icons. I'm sure the icons are useful for something, but I'm not exactly sure what. The icons also partially obscure the "from the whatchamacallit dept" text, and I'm not exactly sure what that's good for, either.)
Slashdot is a classy site!
-
Re:So, if one actually wanted to RTFA...
It's at the right of the title
http://www.contextis.com/resou... -
Re:So, if one actually wanted to RTFA...
Probably this:
http://www.contextis.com/resou... -
Re:So, if one actually wanted to RTFA...
-
Content
Well, in case anyone was interested - http://www.contextis.com/resou...
-
Re:I told you so.
The updates are signed, but the metadata is not.
But shit from the metadata can be executed.http://www.contextis.com/media...
Configuring SSL for WSUS (NOT the default, and NOT as simple as it should be) mitigates this by protecting the metadata from simple MITM attacks.
-
So we need something better
It seems that WebGL is basically an experiment how to implement a subset of OpenGL that can be part of a webpage. This experiment more or less ended in a standard which allows the website to use the graphics card to it's full extend.
As shaders are turing-complete and we do not have a secure IOMMU in every computer but the real possibility of access a lot of memory which the website should not be allowed to. Yesterday a new exploit was published which underlines this point (Exploit from contextis.com) So this boils down to a nice idea for some internal stuff, kind of downloading an executable and showing the results right in your browser. If we do not want to repeat ActiveX for the GPU instead of the CPU and all it's problems with blacklists, etc. there are very few viable alternatives. Either something like Java or Google's native client which provide a more or less secure sandbox or a good security architecture in the graphics driver which prevents these exploits.
Until one of these security measures are in place it is hard not to agree that WebGL is a big security risk and should not be used for websites out of your control.
-
Their concerns do make sense
the graphics there sums it up nicely: http://www.contextis.com/resources/blog/webgl/ Web > Browser > graphics driver > kernel, and we all know graphics drivers are full of bugs/holes, and that even killing and restarting them is not a solution if the browser keeps bombarding them with spurious request. DOS and intrusion must be very easy that way.
It's also true that MS are picking an argument they like, and that they have, in the past and even now, created plenty of exploit avenues.
I think we need to move from a mindset where performance and features reign supreme, to one where security is a major concern. That's bad news, cause security is much harder to evaluate than MIPS or texels/s (and reviewers/commentators like easy work). And people need to be educated: assuming Intel/ATI/nVdia chose to devote resources to creating a "safer" driver, with 30% lower performance (I pulled that figure out of a dark and smelly place), who would choose that safer one, over the faster one ? In a sense, MS can't be totally blamed: they have been giving us what we wanted: perfs and features.