Re: [Full-Disclosure] Owned by an iPod
From: Dragos Ruiu (dr_at_kyx.net)
To: "Rosalina Hamar" <email@example.com>, firstname.lastname@example.org Date: Fri, 22 Oct 2004 10:53:55 -0700
On October 21, 2004 10:22 pm, Rosalina Hamar wrote:
> i heart about that demonstration a couple of weeks ago. now
> it's an official announcement at parsec.jp . since there is not
> much technical info on that issue in the announcement, i googled
> around and found a link to an interesting post about the IEEE1394
> OHCI interface on kerneltrap  back in 2002.
> shish ...
>  http://pacsec.jp/advisories.html
>  http://kerneltrap.org/node/view/145
More technical information on this vulnerability,
and some of the other vulnerabilities, fixes and
techniques from the conference will be published
after the conference.
Though, frankly I'm surprised that the information
in the advisory isn't a big enough pointer on how
to do it.
We are also currently looking at some of the wireless
stuff too, from amongst the set of presentations which
deal with threats, to see if it warrants an advisory, as
there are a few significant new things there as well...
-- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, Japan Nov 11-12 2004 http://pacsec.jp pgpkey http://dragos.com/ kyxpgp _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html