Page 3 of 3 FirstFirst 123
Results 21 to 22 of 22

Thread: X Server Security Disaster: "It's Worse Than It Looks"

  1. #21
    Join Date
    Jun 2012
    Posts
    16

    Default

    Quote Originally Posted by Luke View Post
    Looking at the other end of the chain would not need an xserver vulnerability to to this, a hole in closed-source Flash would be quite enough-and would be given to the NSA before it was fixed. Flash and Java are also the two biggest targets for Windows exploits! If this is an issue, avoid flash, use HTML5 instead of flash and do not install Java. Also a browser vulnerability found by the attacker first would be usable, as would a hole in the codec used by the video for playback. A good reason to use Gstreamer and not Cisco's binary for H264, and not to use closed browsers like Opera. In short, Wayland won't fix this, as there are are at least three other places an attack could be mounted.

    In short, the chain of vulnerabilities for a video escape sequence attack works like this: Network card, Flash (if used), browser, Xorg, video driver, kernel system calls. A chain is only as strong as its weakest link. If you run Flash and Java over Chromium on Wayland, you have only slightly reduced your attack cross-section.
    Chrome/-ium has been sandboxing flash with seccomp-bpf since version 20 and all render processes since version 23 so it would probably be very difficult to use a flash exploit for anything useful

  2. #22
    Join Date
    May 2013
    Posts
    639

    Default Not all browsers sandbox Flash

    Quote Originally Posted by Staffan View Post
    Chrome/-ium has been sandboxing flash with seccomp-bpf since version 20 and all render processes since version 23 so it would probably be very difficult to use a flash exploit for anything useful
    I cited Chrome/Chromium because it is more popular with Windows users that Firefox and might have a higher attack profile. Personally I prefer Firefox for privacy reasons. I would expect browser attacks to target a particular browser, or target Flash, or target Java

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •