[liberationtech] Foxacid payload
coderman
coderman at gmail.com
Thu Jul 17 13:51:25 PDT 2014
On Thu, Jul 17, 2014 at 1:11 PM, coderman <coderman at gmail.com> wrote:
> ...
> - if you want to thwart FOXACID type attacks there are ways to do it
> without knowing specific payloads. (architectural and broad
> techniques, not fingerprints on binaries or call graphs)
some specific examples:
A: exploit reuse to arbitrary execution, persist via pivot
D: run vulnerable app in Throw away Qubes VM, log traffic for
inspection through gateway VM. exploit unable to persist, exploit
vector captured.
A: android intent misuse to elevate privs, then exfiltrate data.
D: "root" your device to restrict intent use and network communication
by application, preventing vulnerable app from being usefully
exploitable.
A: baseband exploit to device crypto key retrieval used
D: apply software defined radio to confirm compromise at baseband
level via suspect emissions, use SDR instead of proprietary radios to
communicate.
(you can't mitigate against a compromised baseband, in most cases.)
"convenience is the cost of privacy" - who said this? very true in
this instance.
More information about the liberationtech
mailing list