Dailydave mailing list archives
Exploits matter.
From: dave <dave () immunityinc com>
Date: Tue, 06 Oct 2009 10:12:40 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I spent some time after yesterday's CANVAS release, which included the SMBv2 CANVAS exploit (Release note here: https://forum.immunityinc.com/board/thread/39/canvas-release-6-51/ ) looking at exploit statistics. Like Morpheus, I wanted to put some numbers on a feeling you may have been having. That feeling is this: Exploits against Windows are hard now. It takes an average of 3 person-months per exploit now. That's a long time. Or in other words, that's a lot of money. But if you are like me, you are thinking "But it's still worth it". And here's why: Without exploits, you have no way to know what matters. Or, more realistically, what doesn't matter. I.E. in this case, 64 bit computers are not going to be exploited with SMBv2 any time soon, of at all. Since enterprises skipped Vista and use 64 bit for their Windows 2008 servers, SMBv2 didn't hurt as badly as you would expect. The summary is this: You may think increasing exploit costs is a simply good thing. But the side effect of relying on mitigations as opposed to software assurance is that it is getting extremely expensive to avoid being drowned in the noise. - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkrLUFgACgkQtehAhL0gherhJgCdH0rueH+25i6seTgikS7CE19e UdwAn1Tf31lo5c9qOs9zk8fdFukSnvNW =KSMa -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Exploits matter. dave (Oct 06)
- Re: Exploits matter. dan (Oct 07)
- Re: Exploits matter. dave (Oct 07)
- Re: Exploits matter. Matt Olney (Oct 07)
- Re: Exploits matter. Fuzzy Hoodie-Monster (Oct 08)
- Re: Exploits matter. Matt Olney (Oct 09)
- Re: Exploits matter. dave (Oct 07)
- Re: Exploits matter. Tom Parker (Oct 07)
- Re: Exploits matter. security curmudgeon (Oct 07)
- Re: Exploits matter. c0lists (Oct 07)
- Re: Exploits matter. security curmudgeon (Oct 07)
- Re: Exploits matter. c0lists (Oct 07)
- Re: Exploits matter. dan (Oct 07)