[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Owned by an iPod
- To: "Rosalina Hamar" <rosalina@xxxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] Owned by an iPod
- From: Dragos Ruiu <dr@xxxxxxx>
- Date: Fri, 22 Oct 2004 10:53:55 -0700
On October 21, 2004 10:22 pm, Rosalina Hamar wrote:
> i heart about that demonstration a couple of weeks ago. now
> it's an official announcement at parsec.jp [0]. since there is not
> much technical info on that issue in the announcement, i googled
> around and found a link to an interesting post about the IEEE1394
> OHCI interface on kerneltrap [1] back in 2002.
>
> shish ...
> rosa
>
> [0] http://pacsec.jp/advisories.html
> [1] http://kerneltrap.org/node/view/145
More technical information on this vulnerability,
and some of the other vulnerabilities, fixes and
techniques from the conference will be published
after the conference.
Though, frankly I'm surprised that the information
in the advisory isn't a big enough pointer on how
to do it.
We are also currently looking at some of the wireless
stuff too, from amongst the set of presentations which
deal with threats, to see if it warrants an advisory, as
there are a few significant new things there as well...
cheers,
--dr
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan Nov 11-12 2004 http://pacsec.jp
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html