LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Security quotes of the week

Security quotes of the week

Posted Jun 5, 2012 19:00 UTC (Tue) by Cyberax (✭ supporter ✭, #52523)
In reply to: Security quotes of the week by hummassa
Parent article: Security quotes of the week

>The default user already has administrative access to the machine!
Not on Windows Phones.

You can access only public API accessible from C#, but nothing more. You can't run arbitrary native code or tinker with raw devices. Oh, and Microsoft can remotely uninstall any of your side-loaded programs.

>Now I will have to think you are just trolling me. Are you? Sorry I have fallen for it.

Linux proponents should look around more often.

(Log in to post comments)

Security quotes of the week

Posted Jun 5, 2012 19:22 UTC (Tue) by hummassa (subscriber, #307) [Link]

> You can access only public API accessible from C#, but nothing more. You can't run arbitrary native code or tinker with raw devices. Oh, and Microsoft can remotely uninstall any of your side-loaded programs.

If you are not kidding, then you really drank too much kool-aid.

http://www.wp7roottools.com/index.php/guides/native-code

(how to make your app access native-code and bypass policy on mango)

Let me try to explain it to you: what you are proposing (total lockdown) is virtually impossible in an environment so "tinkerable" as the one you'll find in a general purpose computing device.

And a smartphone is a general purpose computing device.

On Windows, every successful malware of the last ten years knew how to disable antivirus protection before trying to infect the machine. And they all do that with administrative privileges on.

There is no 100% locked-down Windows, not even in the Xbox or on Windows Phones. They all have been unlocked, and the time to unlock a new version is still on the league of a couple of months of pouding by a loose team of volunteers (in opposition to, for instance, a nicely-paid and focused team of Uncle Sam's employees)

There is no 100% locked-down OpenBSD.

There is no 100% locked-down Linux.

Does this mean we should give up? No. We should try to plug all the holes. But because (1) the system is not programmed in an overflow-safe language (buffers and integers), (2) the system is not programmed in a security-correctness-proofing way like seL4 [*], and (3) we don't have the manpower or the right tools right now to do (1) and (2), we have to make compromises.

Security quotes of the week

Posted Jun 5, 2012 19:49 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]

Can you actually read what you post?

All unlock methods require developer access, which is granted on per-device basis and is available only on unlocked devices. Basically, on devices where Microsoft allowed it to work.

There's no 'jailbreak' in the sense of iPhone jailbreaks where a bug somewhere in iOS is exploited to gain root access.

>Q: I've a Lumia 800 or 710 can I Interop-Unlock it?
>A: The short answer is yes if you have a Lumia 710 - you must firstly downgrade your bootloader - and "maybe" for the Lumia 800, because only some of them can be Interop-Unlocked at the moment.
I know because I actually have an 'unlucky' Lumia 800 which can't be unlocked.

>There is no 100% locked-down Windows, not even in the Xbox or on Windows Phones.
XBox 360 is also unhackable. It's unlikely to be hacked before its useful market life ends.

Security quotes of the week

Posted Jun 5, 2012 19:53 UTC (Tue) by hummassa (subscriber, #307) [Link]

> XBox 360 is also unhackable. It's unlikely to be hacked before its useful market life ends.

Just told you, it has already been hacked. The thing is there, on top of the table, running sideloaded games AND connected to Microsoft Live or whatever.

Security quotes of the week

Posted Jun 5, 2012 20:03 UTC (Tue) by jimparis (subscriber, #38647) [Link]

> XBox 360 is also unhackable. It's unlikely to be hacked before its useful market life ends.

Do you mean "hacked again"? Because it was already hacked once. If you never really change a platform but just keep plugging the security holes as they become publicized, then sure, eventually you'll have plugged most of them.

http://www.securityfocus.com/archive/1/461489
http://free60.org/King_Kong_Hack

Security quotes of the week

Posted Jun 5, 2012 22:22 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]

It was hacked only using JTAG (hardware debug interface), not via software hacks.

Ok, I stand corrected - it might be possible to hack XBox with hardware access enabled.

However, recent WP phones are still not hacked. MS's protection seems to be working.

Security quotes of the week

Posted Jun 5, 2012 22:47 UTC (Tue) by jimparis (subscriber, #38647) [Link]

> It was hacked only using JTAG (hardware debug interface), not via software hacks.

That's just not true. Please, read the links.

The "King Kong exploit" utilized the ability to read/write arbitrary system memory using shaders on the GPU. This is done by modifying the unsigned shaders on a King Kong game demo. It does require that you modify the firmware on your 360's DVD-drive to be able to run a burned disc, but it's just a SATA drive and modifying firmware involves plugging into a PC and running an updater.

From there, it's purely software to exploit a software hole in the hypervisor's system call interface and gain full access.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds