[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Backport of the integer overflow in the brk system call

On Thu, Dec 04, 2003 at 11:55:26AM -0800, Tom wrote:

> Yes, but the reason it would have been efficiacious in this *particular*
> instance is the hacker sniffed the password, and then logged on to
> Debian's servers later at his leisure from a different PC.  With a
> smartcard, he would have had to done it *on* the Dev's infected PC *while*
> the smartcard was plugged in.  In theory the smartcard would not be
> plugged in all the time, thus diminishing the attack surface.

Not really; he just has to set things up ahead of time.  This is like
claiming the attacker has to be present in order to sniff your password from
a telnet session (he doesn't; he just has to have been around at any time
before then in order to set up a sniffer).

 - mdz

Reply to: