I'd give them the title 'destroyer'. "It's easier to destroy than to create."![]()
Like Jedi, not all developers are good; some are "dark". LOL
I'd give them the title 'destroyer'. "It's easier to destroy than to create."![]()
WOW!!!
Safari on snow leopard!
IE8 on windows 7!
Firefox on windows 7!
All PWNed on day one and all within minutes. I guess there is nothing left to debate about.
TippingPoint does not release details of the vulnerabilities exploited for Pwn2Own, but instead purchases the rights to the flaws and exploit code as part of the contest. It then turns over information to the appropriate vendors, who all had representatives on hand.
Only after the vendor has plugged the hole does TippingPoint disclose details of each flaw.
If history is any indication, vendors will push out patches for the exploited vulnerabilities fairly quickly. In 2008, for example, Apple took just three weeks to patch the Safari bug that Miller used to win $10,000 at his inaugural Pwn2Own.
These are pwned in minutes because these guys have spent weeks or longer writing their exploits into their own websites. Yes, the "cracked in mere minutes!" is a great headline, but it doesn't really represent the truth.WOW!!!
Safari on snow leopard!
IE8 on windows 7!
Firefox on windows 7!
All PWNed on day one and all within minutes. I guess there is nothing left to debate about.
These are pwned in minutes because these guys have spent weeks or longer writing their exploits into their own websites. Yes, the "cracked in mere minutes!" is a great headline, but it doesn't really represent the truth.
No story on Macrumors of how the iPhone was cracked?
ZDNet: TippingPoint ZDI acquired the exclusive rights to the flaw information. The company will report the issue to Apple and will withhold details until a patch is released.
We won't know for a while
Wheres the MR post?!
So many words, so little content. I am a programmer, experienced enough to demand proof, not conjecture, before accepting a claim of a 'zero-day exploit'. I originally said "I want some proof he can learn something useful from his 'technique', he hasn't got any such proof."I'm assuming you're not a programmer. I can see why this approach doesn't make sense to a non-programmer, but it is valid. (I think his 30 vulnerabilities are proof that it does something.)
SNIP
If Miller can show how his so-called 'exploits' can compromise the system rather than merely providing a denial of service against Preview then I will stop giggling.
And now we can add 10 more (ZDI fixes) in QuickTime 7.6.6.11 instances of the string working with TippingPoint's Zero Day Initiative appear in that kbdoc!!!!!!!11