Browsing Author: Chris Brook

Mozilla Falls Short on Firefox ASLR Implementation

Categories: Slideshow

Like Apple’s Safari, the open-source Mozilla Firefox browser does not properly implement ASLR, a key anti-exploit mitigation that can limit the damage from hacker attacks.  Nils, the U.K.-based researcher who compromised a Windows machine running Firefox for the second year in a row told me it’s “somewhat trivial” to bypass Firefox’s ASLR implementation because there are some .dll files that does not properly implement the address space layout randomization mitigation.

Read more...

Monetary Value of Vulnerabilities Still High

Categories: Slideshow

The Pwn2Own contest is probably the best theoretical situation to show the damage that can be caused by skilled, dedicated attackers.  However, throughout the contest, many researchers say the cash and hardware prizes were not enough to get them to give up “high-value” browser vulnerabilities.  The contest sponsors paid $10,000 for every winning browser vulnerability but researchers say a reliable zero-day browser vulnerability/exploit is valued at ten times that amount.  

Read more...

Apple Safari Still Easiest to Hack

Categories: Slideshow

For the third year in a row, security researcher Charlie Miller successfully compromised a fully patched MacBook Pro machine with a Safari vulnerability and exploit.  Despite Apple’s best efforts at making it difficult to exploit the Mac OS X, Miller’s exploits show that Safari is still easy pickings because it lacks the mitigations found in Microsoft Windows.  For example, Safari does not implement ASLR properly and does not have a sandbox to limit the damage from a hacker attack.    

Read more...

iPhone Sandbox Model Not Enough

Categories: Slideshow

The iPhone sandbox has always been held up as a major roadblock to thwart hackers from doing damage on the device.  But, as European researchers Vincenzo Iozzo and Ralf Philipp Weinmann proved, a hacker can hijack a lot of sensitive data without ever leaving the iPhone sandbox.

Read more...

Despite Hack, IE 8 Most Protected Browser

Categories: Slideshow

Despite the survival of Google Chrome and the fall of Internet Explorer 8 (running on Windows 7), all the browser hackers at the contest maintained that Microsoft’s browser is by far the most difficult to exploit.  For starters, IE 8 is the only browser to fully — and properly — implement ASLR (see explanation from Nils).

Read more...

ASLR + DEP Bypass Puts Hackers Ahead

Categories: Slideshow

When Microsoft shipped Windows Vista,  the addition of security technologies like ASLR (Address Space Layout Randomization) alongside DEP (Data Execution Prevention) and SafeSEH were held up as major roadblocks to hacker attacks.   With every new service pack of OS upgrade, these mitigations got stronger and stronger but, at Pwn2Own, attackers found ways to bypass and defeat these mechanisms.   In typical cat-and-mouse fashion, this shows that the skilled, dedicated hackers with the right motivation will always find ways to stay ahead of the security technologies.

Read more...

Dedicated Attackers Will Always Win

Categories: Slideshow

Despite the multitude of anti-exploit mitigations built into modern operating systems (ASLR, DEP, Sandboxing), hackers were able to compromise every major target this year.  This is confirmation that dedicated attackers with the right (financial) motivation, will almost always find a way to break into computer systems.  It also highlights the difficulties businesses face when trying to thwart targeted attacks that combine zero-day vulnerabilities/exploits with clever social engineering lures.   The dedicated targeted attacker will, in almost every case, win.

Read more...

10 Lessons From The Pwn2Own Hacker Contest

Categories: Slideshow

The recent CanSecWest Pwn2Own contest saw successful hacking attacks against Microsoft Internet Explorer 8, Mozilla Firefox and Apple’s Safari and iPhone products.  Now that the dust has settled and the vendors are starting to patch the vulnerabilities, Threatpost editor Ryan Naraine takes a look at the real-world implications of the contest and the lessons learned.

Read more...