Free Republic
Browse · Search
Smoky Backroom
Topics · Post Article

To: PugetSoundSoldier; antiRepublicrat; RachelFaith; stripes1776
Can you admit that an arbitrary code execution exploit was used to completely root a phone with no interaction from the customer other than going to a website? That an ACE exploit can totally root your OS?

I JUST DID, PUG! I would use a much stronger epithet for you, but I am trying hard to be civil to you—you don't deserve it, considering your name calling and insults to me, but this forum does.

READ WHAT I WROTE!

Why do you want people to think you are an idiot, incapable of reading what was written? If I wrote that an exploit NO LONGER WORKS—and admitted that it DID work—don't you think that is an ADMISSION? GOOD GRIEF! Quit MISREPRESENTING WHAT I SAID! Oh, and your little statement about it not being possible to attack OSX this way? Sorry, you're wrong, it's happened in the past. And there are many, many more ACE exploits that will compromise OSX, per Apple's own statements about those holes.

Reporting "vulnerabilities" with a POSSIBLE ACE is not an EXPLOIT... when not one exploit has ever been reported is not "it's happened in the past," Puget, as much as you wish it has happened... or scream and shout that it HAS HAPPENED.

That's like saying that just because you can breakdown the glass door to the bank, you can also then just walk into the closed and locked vault. The theoretical (and that's all that it is) vulnerability merely opens the door for an event TO possibly happen, because one part of the defenses may have been compromised. But the ACE is STOPPED by another line of protection in place designed to prevent this exact scenario. In this event it is stopped by the fact that the malicious file (from your link) MUST be in the data stack for PREVIEW to act on, because it is DATA... and the Data stack is a NON-EXECUTE memory location and the OS prevents anything in the Data stack from executing code. ERGO, the malicious code in the "PDF opened by Preview" cannot execute.

That is a fact... regardless what the standard boiler plate legal phrasing in the CVE report says. Unless you can show me an actual EXPLOIT using this vulnerability in the wild, you cannot claim "it's happened in the past." The CVE itself merely states: "Successful exploitation may allow execution of arbitrary code..." They phrase it that way for a specific reason. They state it that way because the listing agency DOES NOT KNOW THAT IT WILL, and includes that line in all CVEs to cover their legal asses. Again, Pug, words mean things... and in this instance the word "may" is very important... it does not say "WILL!" Tell the truth, and quit claiming a "vulnerability" is an "exploit." The difference is the difference between truth and FUD.

228 posted on 09/16/2010 4:37:33 PM PDT by Swordmaker (This tag line is a Microsoft product "insult" free zone!)
[ Post Reply | Private Reply | To 191 | View Replies ]


To: Swordmaker

Please call me Puget or PugetSoundSoldier.

And an ACE exploit is just that - it does allow arbitrary code execution to the point of running any code the hacker deigns. It’s now iPhones are cracked.

But thanks for admitting that ACEs exist and they can - and do - allow full root access to the OS.


229 posted on 09/16/2010 5:22:59 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 228 | View Replies ]

Free Republic
Browse · Search
Smoky Backroom
Topics · Post Article


FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson