IOS Rookit: the sky isn't falling (yet)

• Previous message (by thread): IOS Rookit: the sky isn't falling (yet)
• Next message (by thread): IOS Rookit: running hacked binaries certainly places you at risk!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 27 May 2008, Sean Donelan wrote:
> On Tue, 27 May 2008, Gadi Evron wrote:
>>> Perhaps the above should be simplified.
>>> 
>>> Running a hacked/modded IOS version is a dangerous prospect.
>>> 
>>> This seems like such a non-event because what is the exploit path to load 
>>> the image? There needs to be a primary exploit to load the malware image.
>>> 
>>> *yawn*
>> 
>> I guess we will wait for the next one before waking up, than.
>
> If you let people load unauthorized images on your equipment, you
> probably have bigger problems than potential rootkits.  It may be a better 
> use of resources to prevent people from installing unauthorized images on 
> your hardware versus debating all the things an unauthorized image could do 
> after it is installed.
>
> Other things you could install rootkits on, if you can load
> unauthorized images on the device:
>
>   Anything with a CPU and loadable images.
>
> Even old fashion printing presses are vulnerable to the old fashion
> version of a rootkit.  If you could replace the printing press plates
> with unauthorized plates, you could change what the printing press
> printed.  Modifying printing plates is the easy part, getting the
> unauthorized printing plates on the printing press is the trick.

Sean, you are right. My point is that these things exist and we should not 
limit our assessment to what's available in presentations, which is the 
current rootkit. The next one and the ones after that is what matters.

 	Gadi.

• Previous message (by thread): IOS Rookit: the sky isn't falling (yet)
• Next message (by thread): IOS Rookit: running hacked binaries certainly places you at risk!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]