IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Not quite nonsensical
Malware running in kernel mode has free access to everything. If it can inject itself in a driver chain, all data that flows trough there is accessible.

But implying Linux was the enabling cause of the Ashley Madison hack is pure FUD. Nothing definite about the breach point has been released, AFAIK, but if the perps are to be believed, the root account password on all servers was Pass1234. With friends like that, you do not need kernel vulnerabilities :-/
New O_o
I know it wasn't a financial system, but seriously...? Because no-one would ever want to hack into something like that...

smh...
Regards,
-scott
Welcome to Rivendell, Mr. Anderson.
New Sure, but...
This is a semantic argument on my part, and maybe I've got it wrong, but I would argue that a virus running in a protected kernel mode on a processor is still a virus and not a kernel itself. Maybe the author had to try to simplify the discussion, but the way I read what was written is (roughly):

"Because Linus is stubborn and in over his head when it comes to security, his kernel can take over a nuclear power plant and kill millions of people."

:-/

The password thing is all too believable...

Thanks.

Cheers,
Scott.
New Why even bother hacking the kernel?
That's hard - both to do and to exploit once you've done it.

Much easier to rely on the fact that either the application stack is vulnerable or, even more likely, a human being fucked things up.
New Indeed
     WP: Linus on Linux kernel security and more. - (Another Scott) - (27)
         Re: WP: Linus on Linux kernel security and more. - (pwhysall) - (1)
             Interesting. I wonder how new that is. :-( -NT - (Another Scott)
         I believe it's been proven that you cannot have a system that can be verified to be virus-proof. - (boxley) - (19)
             And don't turn it on -NT - (drook)
             Fred Cohen in 1987. - (Another Scott)
             And that only works if you trust the compiler, too. :-) -NT - (malraux) - (16)
                 back in those days we built the compilers :-) -NT - (boxley) - (14)
                     Ah, but what did you compile them with? - (malraux) - (13)
                         Oooh. Nice. Thanks muchly. (Interesting comments too.) -NT - (Another Scott)
                         assembler, required for a cs degree in 1992 - (boxley) - (11)
                             Who wrote the assembler? - (pwhysall) - (10)
                                 Beat me to it. - (malraux) - (1)
                                     FTW! - (Another Scott)
                                 I wrote the assembler for the machine code but ya got me using a hex editor -NT - (boxley) - (7)
                                     Did you poke the holes out of the paper tape with a pin? No? Pussy -NT - (drook) - (6)
                                         that was before my time sorry -NT - (boxley)
                                         Where does using a Flexowriter fit? - (a6l6e6x) - (4)
                                             You ... win? - (drook) - (1)
                                                 Alex and Skip win all those argies hands down -NT - (boxley)
                                             :-) - (Another Scott) - (1)
                                                 Well, it was the TX-0 computer, and a historical machine. - (a6l6e6x)
                 Just the compiler? - (scoenye)
         Not quite nonsensical - (scoenye) - (4)
             O_o - (malraux)
             Sure, but... - (Another Scott)
             Why even bother hacking the kernel? - (pwhysall) - (1)
                 Indeed -NT - (scoenye)

The recommended age to have a Ouija board is 8+ years. So you have to be 21 to drink alcohol but only 8 to summon the devil.
98 ms