[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[liberationtech] Foxacid payload

To: coderman <[email protected]>
Subject: [liberationtech] Foxacid payload
From: [email protected] (Georgi Guninski)
Date: Mon, 21 Jul 2014 18:21:48 +0300
Cc: [email protected], liberationtech <[email protected]>
In-reply-to: <CAJVRA1RjtY+5rMhmPeB_L8C8br1iVtbgv4YJJ=u1-N0xcMC5fQ@mail.gmail.com>
References: <[email protected]> <[email protected]> <CAJVRA1RjtY+5rMhmPeB_L8C8br1iVtbgv4YJJ=u1-N0xcMC5fQ@mail.gmail.com>

On Thu, Jul 17, 2014 at 12:32:26PM -0700, coderman wrote:
> On Thu, Jul 17, 2014 at 12:19 PM, Andy Isaacson <[email protected]> wrote:
> > ...
> > And once you've patched this bug, FOXACID will update to issue another
> > 0day.
> >
> > It's worth doing, for sure!  Patching bugs makes us all incrementally
> > safer.
> >
> > But don't pretend that patching the specific attack your adversary is
> > currently using will disable or even seriously inconvenience the
> > adversary.
> 
> 
> this is exactly why some who have received these payloads are sitting
> on them, rather than disclosing.
> 
> it is more useful to mitigate privately, and observe how/when an
> exploit is used,
>  than burn it publicly for zero effective security improvement.
> 
> (the less scrupulous would sell to highest bidder for other clandestine hacks)
> 
> 
> better ideas welcome!
> 
> 
> best regards,


/me agrees with this.

how would the dear NSA respond to
a target who ``borrowed'' the sploits,
trolls them and advertises vulnerable
to the borrowed sploits configuration,
yet the borrowed sploits don't work?
(the advertised configuration is not
at all vulnerable to the borrowed
sploits).

References:
- [liberationtech] Foxacid payload
  - From: [email protected] (coderman)

Prev by Date: potential leak on Torpedo
Next by Date: [Cryptography] miniLock seems pretty interesting
Previous by thread: [liberationtech] Foxacid payload
Next by thread: CPunks @ HOPE
Index(es):
- Date
- Thread