Dailydave mailing list archives
Re: Top10 Blowing Chunks :>
From: Dave Aitel <dave () immunityinc com>
Date: Wed, 18 Sep 2013 12:14:29 -0400
From an attacker's perspective this is the defender attacking the exploit supply chain - where there are two parties, one which writes the exploits and the other which uses them, it's hard to cycle new targets into the mix. Hence, the target that is most prolific is the one that has been QA'd and tested. If you are three rev's back, you are likely to still be vulnerable, but not tested against, and hence, not owned. This is a problem for people who use products like CANVAS, MSF, CORE, etc. - none of us can afford to target or QA every possible configuration of IE, for example. The counter-example is a tightly integrated attack and R&D team. In this case older is definitely not better. Many of your top-tier hackers are fully integrated like this (sometimes in just one person), and the combination is pretty devastating no matter what you're running, imho. -dave On 9/18/2013 6:23 AM, dan () geer org wrote:
Wolfgang, Once upon a time it was shown that the most attacked versions of software tended to be one revision off of current, leading to the strategy that you should keep up or stay well behind (like a herd animal either staying in the center of the herd or hiding in the bush but *never* being in the trailing edge of the herd as that's where the predators were). Coupled with the observed propensity of so many software houses to have upgrades that add all-but-gratuitous features, it seemed almost preferable to take the hide-in-the-bush strategy if you had any technical skill at all. Expand on this in whatever direction you can, if you like. --dan _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Top10 Blowing Chunks :> Dave Aitel (Sep 03)
- Re: Top10 Blowing Chunks :> Wolfgang Kandek (Sep 05)
- Re: Top10 Blowing Chunks :> Dave Aitel (Sep 09)
- Re: Top10 Blowing Chunks :> Albert R. Campa (Sep 10)
- Re: Top10 Blowing Chunks :> dan (Sep 18)
- Re: Top10 Blowing Chunks :> Dave Aitel (Sep 18)
- Re: Top10 Blowing Chunks :> Wolfgang Kandek (Sep 19)
- Re: Top10 Blowing Chunks :> Dave Aitel (Sep 09)
- Re: Top10 Blowing Chunks :> Wolfgang Kandek (Sep 05)