Linked by Thom Holwerda on Thu 25th Mar 2010 22:20 UTC
Privacy, Security, Encryption It's that time of the year again; that time of the year where news outlets get to indulge in sensationalist headlines about how Mac OS X got hacked in twenty seconds. Yes, CanSecWest just held its Pwn2Own contest again, and they fell like drunk 16-year-olds this time (don't read too much into that one, please).
Permalink for comment 415308
To read all comments associated with this story, please click here.
RE: Windows 7 secure? Ha!
by ephracis on Thu 25th Mar 2010 23:25 UTC in reply to "Windows 7 secure? Ha!"
Member since:

*I* even managed to bust the ASLR on Vista (and Win7). It was as easy as finding a register that you could use to calculate the offset in memory. I believe that the implementation in Vista has been documented in "Hacking Exposed" or maybe it was "Shellcoders handbook". Anyway, use the same principal and you bust ASLR in Win7.

And *I* am not even that good... just read a few books and copy-pasted some code just to try it, basically. I wouldn't be surprised if ASLR and DEP has been "unofficially" cracked for a while by now. Probably Chrome as well. Never underestimate the blackhats. Though, gotta give it to the people in Pwn2Own. They are sure doing us all a favor by finding these exploits.

I'm just worried about the exploits out there that hasn't been "officially" found yet.

By the way, are they using only vanilla installations? How about with antivirus/etc installed, is it just as easy for them?

Edited 2010-03-25 23:26 UTC

Reply Parent Score: 4