Speaking as a Mac user and security researcher, your post is completely retarded.
1) OSX is no more or less inherently secure than Windows. 2) It's currently far more profitable for me to discover a flaw in MS than it is in OSX. Almost 10x more actually.
The best part is the response from Lennart Wistrand yesterday on the MS Security Response blog.
"As it turns out, these crashes are not exploitable but are instead Windows performance issues that could cause some WMF applications to unexpectedly exit." -- Lennart Wistrand
http://blogs.technet.com/msrc/archive/2006/01/09/4 17198.aspx
Why would you end up with duplicates? If someone finds a vulnerability in the Linux kernel, that's a single vul across any one uses the affected Linux kernel. If someone finds a vulnerability in sudo, you don't count it once for each operating system who uses the affected sudo.
Also, why wouldn't you expect this? There are 293847239827 UNIX/Linux-based applications written by clueless newbie programmers and published to Freshmeat. Why wouldn't you expect more vulnerabilities on the OSS side of the house? There are far more OSS software developers who dev for UNIX/Linux than there are for Windows. If "Jeffs Super File Manager for Linux" is discovered to have a format string vulnerability, would it suprise you? Probably not, but it would certainly count as a vulnerability in Linux software.
Don't get your panties in a bunch. The results are as expected.
The exploit was published by HD Moore after reverse engineering some malware. HD Moore is absolutely a very prominent researcher and hacker. Secondly the person(s) who discovered the vulnerabilty and wrote the initial malware to exploit it are also hackers. Even by the historical definition. Intent has no bearing on the term. Skill does. And you can't tell me discoverying a 0day affecting any MS platform doesn't require skill. There are tens of thousands of researchers out there right now who can't.
Actually that's not true at all. This vulnerability was discovered by some analysis HD Moore performed on a spyware infection which broke through a completely patched XP SP2 system a couple days ago. It was reverse engineered and made into a Metasploit plugin.
Get your facts straight.
Quite a few typos there. Let me say that again:
You're completely missing my point. I know the potential vectors of exploitation with XSS, I'm merely stating that an XSS can exist and still have no security implications. While XSS and security vulnerability are generally used together, they do not necessarily have to exist together.
You're completely missing my point. I know the potential vectors of exploitation with XSS, I'm merely stating that an XSS can and have no security implications. XSS and security vulnerability while used together in most circumstances are not synonymous.
Did I mention cookies? It's a single page with a single variable. Nothing is going on in the background. There is no authentication, there are no sessions to manage.
I'm not sure what your motivation is here... are you trying to protect the image of Yahoo?
Tell me this.. If I create a simple web page which a single user supplied variable which is rendered as HTML *and* this variable is vulnerable to XSS attacks, where is the security vulnerability?
I'm not saying it's a technical challenge. I'm saying that the impact is dramatically reduced by having to take that step verus something like an XSS vul in the GMail interface which could be exploited by a malicious email.
I have and it's not serious. At best it's a medium risk. It's not like you can exploit the XSS vul without any user intervention. You still have to get the user to go to the malicious URL. That immediately says to me, 'not serious'. But I guess you're down with infosec marketing propaganda.
Now we're going to start posting every freaking XSS we find? This is a VERY low impact XSS vul. Hell it's not even persistent. Who freaking cares? Are we going to post the slew of recent Yahoo XSS bugs too? WHat about the bug in Google Analytics which allowed you to iterate through all the customer domains?
Slashdot Mirror
Broadband + = Problem Solved
Speaking as a Mac user and security researcher, your post is completely retarded.
1) OSX is no more or less inherently secure than Windows.
2) It's currently far more profitable for me to discover a flaw in MS than it is in OSX. Almost 10x more actually.
Because it doesn't make financial sense to invest R&D into OSX Malware... Yet.
The best part is the response from Lennart Wistrand yesterday on the MS Security Response blog. "As it turns out, these crashes are not exploitable but are instead Windows performance issues that could cause some WMF applications to unexpectedly exit." -- Lennart Wistrand http://blogs.technet.com/msrc/archive/2006/01/09/4 17198.aspx
Why would you end up with duplicates? If someone finds a vulnerability in the Linux kernel, that's a single vul across any one uses the affected Linux kernel. If someone finds a vulnerability in sudo, you don't count it once for each operating system who uses the affected sudo. Also, why wouldn't you expect this? There are 293847239827 UNIX/Linux-based applications written by clueless newbie programmers and published to Freshmeat. Why wouldn't you expect more vulnerabilities on the OSS side of the house? There are far more OSS software developers who dev for UNIX/Linux than there are for Windows. If "Jeffs Super File Manager for Linux" is discovered to have a format string vulnerability, would it suprise you? Probably not, but it would certainly count as a vulnerability in Linux software. Don't get your panties in a bunch. The results are as expected.
Look how defensive the Slashdot community gets... So freaking funny.
Let's hope there's something worse than Highly Critical! HOOORAY FOR SLASHDOT. WHAT A GLORIOUS WAY TO END 2005!
PS!
LINUX RULES!(*@(@^ #$
PPS!
I'M GOING TO SPEND NEW YEARS EVE ON IRC IF ANYONE WANTS TO JOIN ME!(@&
The exploit was published by HD Moore after reverse engineering some malware. HD Moore is absolutely a very prominent researcher and hacker. Secondly the person(s) who discovered the vulnerabilty and wrote the initial malware to exploit it are also hackers. Even by the historical definition. Intent has no bearing on the term. Skill does. And you can't tell me discoverying a 0day affecting any MS platform doesn't require skill. There are tens of thousands of researchers out there right now who can't.
No, it's a buffer overload in Windows Picture and Fax Viewer.
Actually that's not true at all. This vulnerability was discovered by some analysis HD Moore performed on a spyware infection which broke through a completely patched XP SP2 system a couple days ago. It was reverse engineered and made into a Metasploit plugin. Get your facts straight.
I think they're talking about selecting an application before you install it...
Quite a few typos there. Let me say that again: You're completely missing my point. I know the potential vectors of exploitation with XSS, I'm merely stating that an XSS can exist and still have no security implications. While XSS and security vulnerability are generally used together, they do not necessarily have to exist together.
You're completely missing my point. I know the potential vectors of exploitation with XSS, I'm merely stating that an XSS can and have no security implications. XSS and security vulnerability while used together in most circumstances are not synonymous.
Did I mention cookies? It's a single page with a single variable. Nothing is going on in the background. There is no authentication, there are no sessions to manage.
I'm not sure what your motivation is here... are you trying to protect the image of Yahoo?
Tell me this.. If I create a simple web page which a single user supplied variable which is rendered as HTML *and* this variable is vulnerable to XSS attacks, where is the security vulnerability?
I never referred to it as a security hole. That was my whole point. XSS doesn't necessary have security implications.
http://lists.grok.org.uk/pipermail/full-disclosure /2005-December/040473.html
I'm not saying it's a technical challenge. I'm saying that the impact is dramatically reduced by having to take that step verus something like an XSS vul in the GMail interface which could be exploited by a malicious email.
How can you know if you don't like it if you haven't read it? By the time you know, it's too late.
I have and it's not serious. At best it's a medium risk. It's not like you can exploit the XSS vul without any user intervention. You still have to get the user to go to the malicious URL. That immediately says to me, 'not serious'. But I guess you're down with infosec marketing propaganda.
Do you work for Watchfire by chance?
Actually javascript isn't the source of the security issue, improper data sanitization was.
Now we're going to start posting every freaking XSS we find? This is a VERY low impact XSS vul. Hell it's not even persistent. Who freaking cares? Are we going to post the slew of recent Yahoo XSS bugs too? WHat about the bug in Google Analytics which allowed you to iterate through all the customer domains?
That's pretty impressive.
But I think everyone knows that already. :)
Who's more foolish; the fool, or the fool who follows him?
Except the GUI is actually intuitive, stable and nice looking.