[Dailydave] The Squeeze
Dave Aitel
dave at immunityinc.com
Thu Oct 31 13:56:52 EDT 2013
So in general my feeling on 0days is that they come from new attack
surfaces. Finding those new attack surfaces takes a lot of initial time
- months in many cases. Usually it requires a lot of painful strip
mining. For example, you may end up having to implement an entire USB
stack from scratch in Python, or learn how X.25 works, or become the
world's expert in an old IBM mainframe technology.
And generally it involves at least two people. This is why hackers
really like Lev's "The Magicians
<http://www.amazon.com/The-Magicians-Novel-Lev-Grossman/dp/0452296293>"
book series because he does manage to capture a bit of this process/feeling.
From the outside, of course, it's anaconda-like. At some point the team
crosses a threshold and then the cracks start forming and you've
implemented all of X.500 but you're basically drowning in 0day at that
point, and it's just a matter of picking up the pieces you want to use
to construct your exploit.
Anyways, it's good to see. Best show on earth, as they say.
From a strategy point what it means is this: Once a team is pretty far
ahead, they can generally stay ahead by continually dropping the low
level 0day to keep anyone else's investment in the subject matter from
having any return.
-dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20131031/82c41055/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20131031/82c41055/attachment.sig>
More information about the Dailydave
mailing list