[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dailydave
Subject:    [Dailydave] Elephants and information leaks
From:       Dave Aitel <dave.aitel () gmail ! com>
Date:       2018-11-14 20:31:35
Message-ID: CAAVrE9TbbXPU8n-OaHyrr24-Qr0ahXcsGSxCYvwjxoF6y8YJQQ () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


https://immunityproducts.blogspot.com/2018/11/recent-kernel-memory-disclosure-bugs-in.html


We don't usually detail publicly the amount of engineering that goes into a
CANVAS exploit. But above is a blogpost about some of our recent work. If
you are a CANVAS Early Update customer, the Windows effort is available for
download - otherwise if you are a CANVAS customer, you already have the
Linux exploit. :)

For various other reasons, I'm going to this conference in a couple weeks:
http://carnegieendowment.org/2018/12/05/international-policy-conference-on-government-vulnerability-management/jzma
                
. It's an "International policy conference on government vulnerability
management" or, in other words, a chance for various interest groups to
lobby that the only sane and responsible thing to do with vulnerabilities
is what they would prefer, and that ideally it should be enshrined in law
and international treaties. Should be fun, considering how few of them are
the type of people to read the papers linked above. :)

-dave


[Attachment #5 (text/html)]

<div dir="ltr"><div dir="ltr"><div dir="ltr"><a \
href="https://immunityproducts.blogspot.com/2018/11/recent-kernel-memory-disclosure-bu \
gs-in.html">https://immunityproducts.blogspot.com/2018/11/recent-kernel-memory-disclosure-bugs-in.html</a><br></div><div \
dir="ltr"><br></div><div>We don&#39;t usually detail publicly the amount of \
engineering that goes into a CANVAS exploit. But above is a blogpost about some of \
our recent work. If you are a CANVAS Early Update customer, the Windows effort is \
available for download - otherwise if you are a CANVAS customer, you already have the \
Linux exploit. :)</div><div><br></div><div>For various other reasons, I&#39;m going \
to this conference in a couple weeks:</div><div><a \
href="http://carnegieendowment.org/2018/12/05/international-policy-conference-on-gover \
nment-vulnerability-management/jzma">http://carnegieendowment.org/2018/12/05/international-policy-conference-on-government-vulnerability-management/jzma</a> \
. It&#39;s an &quot;International policy conference on government vulnerability \
management&quot; or, in other words, a chance for various interest groups to lobby \
that the only sane and responsible thing to do with vulnerabilities is what they \
would prefer, and that ideally it should be enshrined in law and international \
treaties. Should be fun, considering how few of them are the type of people to read \
the papers linked above. \
:)<br></div><div><br></div><div>-dave</div><div><br></div><div><br></div><div><br></div></div></div>



[Attachment #6 (text/plain)]

_______________________________________________
Dailydave mailing list
Dailydave@lists.immunityinc.com
https://lists.immunityinc.com/mailman/listinfo/dailydave


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic