Apple Security Flaw Could Allow Attackers to Circumvent Encryption - basically don't check Gmail wit - Polidicks

Apple Security Flaw Could Allow Attackers to Circumvent Encryption - basically don't check Gmail wit

37 replies, posted
In This Thread

[QUOTE=The Baconator;44042547]what are MS and Apple's responses to these?[/QUOTE] None. Most attacks like this that require a bit of 'special' circumstances don't get patched until major updates usually. For example, the piss easy way to kill any Windows computer if you can get access to it's router, is just tell it to keep generating IPv6 addresses; it will cause memory leaks and freeze the machine until you hard reboot it. Or that you can spoof some of the MS authentication protocol on a MS domain network, or something of that nature.

If the fix for this requires changing only one line of code why has it taken Apple nearly a week to release a patch

[QUOTE=glitchvid;44043545]None. Most attacks like this that require a bit of 'special' circumstances don't get patched until major updates usually. For example, the piss easy way to kill any Windows computer if you can get access to it's router, is just tell it to keep generating IPv6 addresses; it will cause memory leaks and freeze the machine until you hard reboot it. ...[/QUOTE] Wouldn't a router announcing random prefixes cause issues like that on every system? I don't think anything would support an unlimited amount, but you'd have to give a system an awful lot to come anywhere near the memory limit.

It's obvious to anyone with half a brain that no OS is free from bugs, exploits and malicious software. Still it's pretty funny stuff like this goes wrong for Apple users are the most smug bunch of turds on this planet, and they claim their products are completely flawless.

[QUOTE=TheDecryptor;44046329]Wouldn't a router announcing random prefixes cause issues like that on every system? I don't think anything would support an unlimited amount, but you'd have to give a system an awful lot to come anywhere near the memory limit.[/QUOTE] From what I remember ( was trying to find the talk, but no luck): The Router was telling the machine to generate IPV6 addresses, on windows versions older than 7 / server 08 r2, it would just eat the CPU usage until the machine froze. On other machines (and all windows) if you ASSIGNED IPV6 addresses, and did it fast enough, you would fill the RAM; the exploit works on: OS X, (All) windows, and a lot of Linux releases other than Ubuntu. Still trying to find the video;but as I recall it was something about attacking on a different layer of the OSI model. [editline]February 4th 2014[/editline] I think this is it: [media]http://www.youtube.com/watch?v=IDqvkBOo_EA[/media]

Yeah, the thumbnail shows he's generating random prefixes, that will break anything unless it has an internal limit against how many/how often it will "join" a prefix. It also doesn't help that by default most setups will generate 2-3 addresses for each prefix, but it's done for a reason.

[QUOTE=sYnced;44023534]its a good thing macs hold a small percentage of laptops, im typing this from my windows 8 laptop and it wors flawlessy, i recommend everyone windows 8[/QUOTE] Nobody cares shut up tia

[QUOTE=TheCreeper;44027516]Clearly everyone should be using [URL="http://www.openbsd.org/"]OpenBSD[/URL]. I recommend it to everyone.[/QUOTE] Fuck yes OpenBSD posters! Now I can finally express myself.

Sorry, you need to Log In to post a reply to this thread.