<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>To mathematicians, exploits are proofs to theorems. To foreign
policy people who specialize in export control, they are "dual-use
items", and to people in information security they are simply
ground truths of our shifting domains. <br>
</p>
<p>To state it more simply: Vendor advisories lie to you. Or they
present "alternative truths", sometimes on purpose, sometimes not.
Exploits are your only way to dispel this action in a definitive
way. We spend a lot of time (usually about a month) on each CANVAS
exploit pushing it as far as we can, in order to make it "clicky
clicky" as we say internally. Some exploits (badtunnel for
example) can never really be made reliable in the field. Others,
like the apport exploit released this week, go beyond the public
POC in a way that makes it possible to easily use for penetration
tests against organizations that use Linux as their
workstation/desktop OS. Also this month, we released a version of
<a
href="https://technet.microsoft.com/en-us/library/security/ms15-076.aspx">MS15-076</a>,
which, while old, is useful as a way to understand how to exploit
that kind of bug primitive in the wild.</p>
<p>What's possible and what's probable are completely different
things, but it's good to get at least some data you can trust on
that sort of thing.</p>
<p>-dave</p>
<p><br>
</p>
</body>
</html>