Tuesday, January 19, 2010

How Google was Cracked by the Chinese

Microsoft contends on its security blog that a heretofore unknown vulnerability is responsible for the EPIC breaches at Google. Logic would let one surmise that this is likely the same attack vector used to breach DoD contractors' systems too, to get to the supposedly unclassified specificatons of the F-22 Raptor as well as some submarine technology.

Affected are IE 6, 7, and 8, most revisions, according to their security advisory. Apparently a dangling pointer is to blame - these are hard to find unless they cause stability issues.

Food for thought: anyone with the resources to rip apart binary code to craft one of these exploits has significant funding, and significant backing. The only other option is a source code leak at Microsoft.

Everyone else who "trusted their vendor" really needs to rethink it. And anyone who still thinks closed source is more secure, well, there is some cheap swampland someone will sell you...

Labels: , , , ,


Blogger Julia Wong said...

What do you think of the IPad?

They are building their own chips and writing their own machine code around it. Supposedly, "everything starts from scratch" for this new piece of machine, do you think it will make it more "unbreakable", I mean for a bit longer time?

4:58 AM  

Post a Comment

<< Home