Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] In his own words: Confessions of a cyber warrior

David Goulet dgoulet at ev0ke.net
Wed Jul 10 09:20:59 PDT 2013


Jacob Appelbaum:
> Andreas Bader:
>> Eugen Leitl:
>>
>>> Grimes: How many exploits does your unit have access to?
>>>
>>> Cyber warrior: Literally tens of thousands -- it's more than that. We have
>>> tens of thousands of ready-to-use bugs in single applications, single
>>> operating systems.
>>>
>>> Grimes: Is most of it zero-days?
>>>
>>> Cyber warrior: It's all zero-days. Literally, if you can name the software or
>>> the controller, we have ways to exploit it. There is no software that isn't
>>> easily crackable. In the last few years, every publicly known and patched bug
>>> makes almost no impact on us. They aren't scratching the surface.
>>
>>
>> Tens of thousands zero-days; that sounds like totally shit. That guy
>> seems to be a script kiddie poser, nothing more.
>> Are there any real "hackers" that can issue a competent statement to that?
>>
> 
> I couldn't disagree more. This sounds consistent with the current arms
> race and also relates directly to the 0day markets that have been active
> for many many years. Remember though: buying 0day bugs or exploits for
> 0day is just one part of a much larger picture.

I have to agree here with you. The 0day market is booming and we have a very
unclear picture as of now on the magnitude of that market.

However, there is something weird in this guy statement. With my experience,
finding exploitable 0days for known software is not that trivial, it takes time
and effort. Now, creating a working exploit (preferably remotely of course) is
also very difficult!

He goes on stating:

"I would hack the software and create buffer overflow exploits. I was pretty
good at this. There wasn't a piece of software I couldn't break. It's not hard."

To be honest, for my self being a person that does security contest for years
now (Defcon, iCTF, csaw, etc...) and in security communities, someone speaking
like that is a bit of a red flag in terms of deep knowledge of software/OS
exploitation (especially OS exploits).

0day development is not an easy business (like he is picturing it). From friends
in the reverse engineering field (AV corp.), a *lot* of people are doing that
full time in Russia for malware development and word! it takes time, experience
and knowledgeable people.

In a nutshell, in my opinion, this interview looks more like a guy that wants to
flash rather then the real truth. There is SURELY true stuff in there but I
doubt seriously the part about the extent of 0day and bugs development. This is
just too fishy to be serious... anyway that should not mean we should not take
this seriously!

Cheers!
David

> 
> All the best,
> Jacob
> 
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech



More information about the liberationtech mailing list