No offence intended, but this is precisely the sort of attitude that makes
security researchers want to rain down 0days, to settle the smug-dust.
(Actually the main reason is not users, but companies that deny
vulnerabilities, or sit on them for years at a time. That's becoming a lot
less prevalent; Oracle is one of the last major dinosaurs in that camp).
If anyone on this list is in Edmonton AB, I'll bet them a beer or three, at
the bar of the winner's choice, that there will be a Rendezvous (Bonjour,
mDNSResponder, whatever they're calling it this week) vulnerability. This
looks to me like one of the juiciest targets: a relatively new piece of
software, installed practically nowhere outside of OS X, remotely listening
by default, and as Jay Beale has pointed out, even if you turn on the OS's
built-in firewall it's still not blocked. And, if memory serves (I'm not at
a Mac right now) it runs as root.
I have no inside info - I don't know anyone involved, and I am not aware of
any mDNSResponder vulnerabilities.
Cheers
Mark
On 12/20/06, jot wrote:
>
>
> > Coming to a Mac near you in January...
>
> It's coming, but whether it's coming to a Mac near me is questionable.
>
> My guess is that each "bug" will involve at least one of the
> following IFs:
>
> 1. User must be tricked into clicking a URL
> 2. User must be tricked into opening a malicious file
> 3. User must have a specific poor configuration on their system (such
> as those Dave mentioned)
>
> If that is the case, then the threat does not change for Mac users.
> There are already exploits available to attack those with such
> vulnerabilities.
>
> You *still* don't have to outrun the bear.
>
> jot
>
>
>
<div>No offence intended, but this is precisely the sort of attitude that makes security researchers want to rain down 0days, to settle the smug-dust. (Actually the main reason is not users, but companies that deny vulnerabilities, or sit on them for years at a time. That's becoming a lot less prevalent; Oracle is one of the last major dinosaurs in that camp).
</div>
<div> </div>
<div>If anyone on this list is in Edmonton AB, I'll bet them a beer or three, at the bar of the winner's choice, that there will be a Rendezvous (Bonjour, mDNSResponder, whatever they're calling it this week) vulnerability. This looks to me like one of the juiciest targets: a relatively new piece of software, installed practically nowhere outside of OS X, remotely listening by default, and as Jay Beale has pointed out, even if you turn on the OS's built-in firewall it's still not blocked. And, if memory serves (I'm not at a Mac right now) it runs as root.
</div>
<div> </div>
<div>I have no inside info - I don't know anyone involved, and I am not aware of any mDNSResponder vulnerabilities.</div>
<div> </div>
<div>Cheers</div>
<div>Mark</div>
<div> </div>
<div><span class="gmail_quote">On 12/20/06, <b class="gmail_sendername">jot</b> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br>> Coming to a Mac near you in January...<br><br>It's coming, but whether it's coming to a Mac near me is questionable.
<br><br>My guess is that each "bug" will involve at least one of the<br>following IFs:<br><br>1. User must be tricked into clicking a URL<br>2. User must be tricked into opening a malicious file<br>3. User must have a specific poor configuration on their system (such
<br>as those Dave mentioned)<br><br>If that is the case, then the threat does not change for Mac users.<br>There are already exploits available to attack those with such<br>vulnerabilities.<br><br>You *still* don't have to outrun the bear.
<br><br>jot<br><br><br></blockquote></div><br>
security researchers want to rain down 0days, to settle the smug-dust.
(Actually the main reason is not users, but companies that deny
vulnerabilities, or sit on them for years at a time. That's becoming a lot
less prevalent; Oracle is one of the last major dinosaurs in that camp).
If anyone on this list is in Edmonton AB, I'll bet them a beer or three, at
the bar of the winner's choice, that there will be a Rendezvous (Bonjour,
mDNSResponder, whatever they're calling it this week) vulnerability. This
looks to me like one of the juiciest targets: a relatively new piece of
software, installed practically nowhere outside of OS X, remotely listening
by default, and as Jay Beale has pointed out, even if you turn on the OS's
built-in firewall it's still not blocked. And, if memory serves (I'm not at
a Mac right now) it runs as root.
I have no inside info - I don't know anyone involved, and I am not aware of
any mDNSResponder vulnerabilities.
Cheers
Mark
On 12/20/06, jot wrote:
>
>
> > Coming to a Mac near you in January...
>
> It's coming, but whether it's coming to a Mac near me is questionable.
>
> My guess is that each "bug" will involve at least one of the
> following IFs:
>
> 1. User must be tricked into clicking a URL
> 2. User must be tricked into opening a malicious file
> 3. User must have a specific poor configuration on their system (such
> as those Dave mentioned)
>
> If that is the case, then the threat does not change for Mac users.
> There are already exploits available to attack those with such
> vulnerabilities.
>
> You *still* don't have to outrun the bear.
>
> jot
>
>
>
<div>No offence intended, but this is precisely the sort of attitude that makes security researchers want to rain down 0days, to settle the smug-dust. (Actually the main reason is not users, but companies that deny vulnerabilities, or sit on them for years at a time. That's becoming a lot less prevalent; Oracle is one of the last major dinosaurs in that camp).
</div>
<div> </div>
<div>If anyone on this list is in Edmonton AB, I'll bet them a beer or three, at the bar of the winner's choice, that there will be a Rendezvous (Bonjour, mDNSResponder, whatever they're calling it this week) vulnerability. This looks to me like one of the juiciest targets: a relatively new piece of software, installed practically nowhere outside of OS X, remotely listening by default, and as Jay Beale has pointed out, even if you turn on the OS's built-in firewall it's still not blocked. And, if memory serves (I'm not at a Mac right now) it runs as root.
</div>
<div> </div>
<div>I have no inside info - I don't know anyone involved, and I am not aware of any mDNSResponder vulnerabilities.</div>
<div> </div>
<div>Cheers</div>
<div>Mark</div>
<div> </div>
<div><span class="gmail_quote">On 12/20/06, <b class="gmail_sendername">jot</b> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br>> Coming to a Mac near you in January...<br><br>It's coming, but whether it's coming to a Mac near me is questionable.
<br><br>My guess is that each "bug" will involve at least one of the<br>following IFs:<br><br>1. User must be tricked into clicking a URL<br>2. User must be tricked into opening a malicious file<br>3. User must have a specific poor configuration on their system (such
<br>as those Dave mentioned)<br><br>If that is the case, then the threat does not change for Mac users.<br>There are already exploits available to attack those with such<br>vulnerabilities.<br><br>You *still* don't have to outrun the bear.
<br><br>jot<br><br><br></blockquote></div><br>
[ reply ]