Bugtraq mailing list archives
Re: 0day: PDF pwns Windows
From: Crispin Cowan <crispin () novell com>
Date: Mon, 24 Sep 2007 14:59:21 -0700
Chad Perrin wrote:
On Sat, Sep 22, 2007 at 10:34:07PM -0700, Crispin Cowan wrote:A "private 0day exploit" (the case I was concerned with) would be where someone develops an exploit, but does not deploy or publish it, holding it in reserve to attack others at the time of their choosing. Presumably if such a person wanted to keep it for very long, they would have to base it on a vulnerability that they themselves discovered, and did not publish.In the case of that "private zero day exploit", then, nobody will ever know about it except the person that has it waiting in reserve -- and if someone else discovers and patches the vulnerability before the exploit is ever used, it never becomes a "public" zero day exploit. In other words, you can always posit that there's sort of a Heisenbergian state of potential private zero day exploitedness, but in real, practical terms there's no zero day anything unless it's public. The moment you have an opportunity to measure it, the waveforms collapse.
Its a little less abstract than that. Consider that the United States government might want to worry about whether some foreign nation is banking a large pool of private 0day exploits in preparation for war. Such a nation might farm these private 0day exploits by employing a pool of vulnerability researchers and exploit developers, and just not published the results. This is a perfectly viable way to produce what amounts to Internet munitions. The recent incident of Estonia Under *Russian Cyber Attack*? <http://www.internetnews.com/security/article.php/3678606> is an example of such a network brush war in which possession of such an arsenal would be very useful. Crispin -- Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/ Director of Software Engineering http://novell.com AppArmor Chat: irc.oftc.net/#apparmor
Current thread:
- Re: 0day: PDF pwns Windows, (continued)
- Re: 0day: PDF pwns Windows Crispin Cowan (Sep 21)
- Re: [Full-disclosure] 0day: PDF pwns Windows Steven Adair (Sep 21)
- Re: [Full-disclosure] 0day: PDF pwns Windows Chad Perrin (Sep 21)
- Re: [Full-disclosure] 0day: PDF pwns Windows Wayne D. Hoxsie Jr. (Sep 21)
- Re: [Full-disclosure] 0day: PDF pwns Windows bugtraq (Sep 21)
- Re: 0day: PDF pwns Windows Crispin Cowan (Sep 21)
- Re: [Full-disclosure] 0day: PDF pwns Windows coderman (Sep 21)
- Re: 0day: PDF pwns Windows Casper . Dik (Sep 21)
- Re: 0day: PDF pwns Windows J. Oquendo (Sep 21)
- Re: 0day: PDF pwns Windows Crispin Cowan (Sep 24)
- Re: 0day: PDF pwns Windows Chad Perrin (Sep 24)
- Re: 0day: PDF pwns Windows Crispin Cowan (Sep 24)
- Re: [Full-disclosure] 0day: PDF pwns Windows J. Oquendo (Sep 25)
- Re: 0day: PDF pwns Windows Lamont Granquist (Sep 25)
- Re: 0day: PDF pwns Windows Roland Kuhn (Sep 25)
- RE: 0day: PDF pwns Windows Thor (Hammer of God) (Sep 25)
- defining 0day Gadi Evron (Sep 25)
- Re: defining 0day Brian Loe (Sep 25)
- Re: defining 0day Gadi Evron (Sep 25)
- Re: defining 0day Brian Loe (Sep 25)
- Re: defining 0day Adrian Griffis (Sep 25)
- Re: defining 0day Brian Loe (Sep 25)