Re: Can somebody explain these ransomwear attacks?
Finding vulnerabilities and how to exploit them to run malware in closed source code is nigh on impossible. Anyone can read open source code. What is possible is to analyze patches to figure out what was fixed and then to attack those that didn't apply the patches. Even easier is old releases. Patches often have more than one fix, but a patch for an old release is almost guaranteed to be a fix for a single vulnerability. That makes it easier to analyze. Regards, Jakob.
On Sun, 27 Jun 2021 at 08:53, Jakob Heitz (jheitz) via NANOG <nanog@nanog.org> wrote:
Finding vulnerabilities and how to exploit them to run malware in closed source code is nigh on impossible.
I'm not entirely sure if I understood this statement right. Of course you are aware that every closed source project is breached by bored hobbyists given the slightest motivation. Ref: pwn2own or entirety of infosec history. We have no historic knowledge of how to build software that is robust enough to withstand an attack from someone motivated by boredom. We have a lot of finger pointing about 'code it right' and a lot of religious rituals which somehow are needed for infosec to succeed, and it still never does. Now let's assume there are some better motivations than boredom, and we must assume the quality of attacks is higher than what we see in things like pwn2own. How many dollars must the defender use per dollar used by the attacker? And is this leverage difference higher than the cost of realised risk? -- ++ytti
Finding vulnerabilities and how to exploit them to run malware in closed source code is nigh on impossible.
which explains why it never happens </snark> randy --- randy@psg.com `gpg --locate-external-keys --auto-key-locate wkd randy@psg.com` signatures are back, thanks to dmarc header butchery
participants (3)
-
Jakob Heitz (jheitz)
-
Randy Bush
-
Saku Ytti