|
Full Disclosure
mailing list archives
Re: newest category of security bugs considered elite ?
From: Marsh Ray <marsh () extendedsubset com>
Date: Tue, 04 May 2010 14:55:19 -0500
On 5/1/2010 1:23 PM, Georgi Guninski wrote:
ok, we had a flame.
what is the newest category of sekurity bugz that is considered elite?
I had to think about this a few days.
My nomination for 'most leet' is the exploitation of hardware on the die
of the chip:
“Tarnovsky’s examination process involved subtle use of hardware-based
liquid chemical and gas technologies in a lab setting to probe with
specialized needles to build tungsten bridges.”
http://blackhat.com/html/bh-dc-10/bh-dc-10-speaker_bios.html#Tarnovsky
http://www.computerworld.com/s/article/9151158/Black_Hat_Researcher_claims_hack_of_chip_used_to_secure_computers_smartcards
Hardware hacking is a magnificent example of something everyone has
always known was possible and largely pretended didn't exist.
basically, int. over., BO are generally considered elite yet barely new.
XSS probably is not elite by 3l33t majority opinion.
i was looking in the past and my heart was not beating fast ;-)
Runner up is the category of research enabled by USRP:
http://www.ettus.com/products
Particularly the GSM rainbowing and OpenBTS efforts:
http://reflextor.com/trac/a51
http://events.ccc.de/congress/2009/Fahrplan/events/3654.en.html
http://www.theregister.co.uk/2009/12/28/gsm_eavesdropping_breakthrough/
http://openbts.sourceforge.net/
You asked about 'sekurity bugz'. Not sure if these are the bugz you are
looking for, :-) but its an answer to some question.
- Marsh
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
