[quote]"Hey this printer driver is trying to talk to the internet," and you go "that's a bit suspicious, why is my printer driver trying to talk to the internet?"[/quote]
Spoken like someone who hasn't had the misfortune of having a printer made in the last decade. It's probably just loading the newest version of the ad for genuine printer ink. Or automatically updating to the newer, slightly more shit version of itself.
We are entering a new golden age of virus's and malicious software.
[QUOTE=Sims_doc;51317061]We are entering a new golden age of virus's and malicious software.[/QUOTE]
golden age was long ago. it was much better when they were just funny but ultimately harmless, when they were just something bored computer scientists did to mess with their buddies
I miss the times when you just had porn adware on your computer, so you knew.
I never know if I have something now.
[QUOTE=Sims_doc;51317061]We are entering a new golden age of virus's and malicious software.[/QUOTE]We are entering a much scarier age of malicious software.
[QUOTE=Reflex F.N.;51317696]We are entering a much scarier age of malicious software.[/QUOTE]
Oh, We've long since entered that friend.
[QUOTE=helifreak;51317060]Spoken like someone who hasn't had the misfortune of having a printer made in the last decade. It's probably just loading the newest version of the ad for genuine printer ink. Or automatically updating to the newer, slightly more shit version of itself.[/QUOTE]
Or like HP did, updating so 3rd party ink doesn't work anymore
[QUOTE=butre;51317133]golden age was long ago. it was much better when they were just funny but ultimately harmless, when they were just something bored computer scientists did to mess with their buddies[/QUOTE]
Back in the "golden age" there was seriously dangerous stuff. Before it became a technical standard for browsers to be locked down it was entirely possible to get a virus that wipes the CMOS by just visiting a Web page.
The early days of LiveScript/Javascript were seriously terrifying.
[QUOTE=haloguy234;51318027]The early days of LiveScript/Javascript were seriously terrifying.[/QUOTE]
Now what's truly frightening is some those exploits still exist today because the people patching that stuff don't know about certain exploits from that period.
[QUOTE=Sims_doc;51318075]Now what's truly frightening is some those exploits still exist today because the people patching that stuff don't know about certain exploits from that period.[/QUOTE]
Can you back that claim up? I have huge doubts that developers of say V8 don't know about exploits from ye olden days of js.
Or do you mean "theoretically", in which case that's just cheap.
[QUOTE=helifreak;51317060]Spoken like someone who hasn't had the misfortune of having a printer made in the last decade. It's probably just loading the newest version of the ad for genuine printer ink. Or automatically updating to the newer, slightly more shit version of itself.[/QUOTE]Honestly, I've never seen a driver itself connecting to the internet, it's usually the bloatware that the driver is packaged with.
[QUOTE=haloguy234;51318027]Back in the "golden age" there was seriously dangerous stuff. Before it became a technical standard for browsers to be locked down it was entirely possible to get a virus that wipes the CMOS by just visiting a Web page.
The early days of LiveScript/Javascript were seriously terrifying.[/QUOTE]
I'm talking about much earlier than javascript
I see they're already making strats for Sombra
Video won't load for me, but is this about that atom table thing? Because THAT IS NOT A VULNERABILITY.
[editline]6th November 2016[/editline]
it is NOT undetectable by antimalware
It is literally JUST a method of code injection, like DLL injection. You don't inject to take input. You can't inject into drivers. It can most definitely be detected. You cannot hide it into a printer driver, and you cannot inject it into chrome because they block win32k. Ughhhhh misinformationnnn
[editline]6th November 2016[/editline]
Even if you could, you couldn't get the chrome passwords because how chrome does it.
All injection methods use windows APIs, like, this video angers me so much
[QUOTE=Map in a box;51320499]Video won't load for me, but is this about that atom table thing? Because THAT IS NOT A VULNERABILITY.
[editline]6th November 2016[/editline]
it is NOT undetectable by antimalware
It is literally JUST a method of code injection, like DLL injection. You don't inject to take input. You can't inject into drivers. It can most definitely be detected. You cannot hide it into a printer driver, and you cannot inject it into chrome because they block win32k. Ughhhhh misinformationnnn
[editline]6th November 2016[/editline]
Even if you could, you couldn't get the chrome passwords because how chrome does it.
All injection methods use windows APIs, like, this video angers me so much[/QUOTE]
I was incredulous based on the video as well, but checking the [url=https://breakingmalware.com/injection-techniques/atombombing-brand-new-code-injection-for-windows]blog post[/url] and the Github for the exploit was much more informative.
The main thing to get from the full exploit is that it is capable of injecting and running code [i]without[/i] using any of the following: File system IO, LoadLibrary, WriteProcessMemory, CreateRemoteThread and VirtualAllocEx. This is why it's "undetectable" -- antiviruses do not hook the necessary functions to detect it. And hooking them for each process in the system would likely decrease overall system performance significantly.
And no, Chrome is not immune.
Chromium has recent changes that will make it so it should be, they might not be on live yet. And it's very much so detectable - - there are known avs that intercept apcs.
[editline]7th November 2016[/editline]
And no it would not hamper stability because Antiviruses already hook plenty.
Sorry, you need to Log In to post a reply to this thread.