[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Edlug Archive Mar 2004
Re: [edlug] Big blue v Big poo
On Mon, Mar 29, 2004 at 12:39:38PM +0100, Justin B Rye wrote:
> If there's a theoretical way for gnutetris.deb to give local users
> access to the group "games", that gets added to the Debian graph as
> soon as Steve Kemp spots it; if mstetris.exe does the same that
> doesn't even register as an exploit. And only mstetris.exe goes on
> the graph - any flaws in gnutetris.exe are Linus's fault.
This is half the problem when comparing security between Linux and
What is Linux? It's a kernel. What is Windows? Well is the base
system, plus IIS etc.
Flaws in Outlook are often attributed to Windows when really they
are flaws in an application, namely Office.
There have been very very few system holes discovered for either
Linux or Windows.
For Linux we have had recently the do_brk() flaw, the ptrace() hole,
something reported today involving systrace() and some older flaws.
For windows we've had the class of attacks regarding message handling
highlighted by the "MSShatter" paper, a couple of issues with the
messaging service and another general flaw with the handling of
(I guess we could include the IIS holes involving Unicode, or
Nimbda - but to be fair we'd then have to include Apaches
Generally speaking both systems have, in practice, had near identical
security. It's the applications on both sides which have had exploits.
I guess with my work finding holes in games has been almost too
easy, literally just picking the low hanging fruit. I've been
avoiding reporting some things recently just due to the sheer
repetitiveness of them. (Although I do have some great titles
queued up which I'm quite proud of "Abusing abuse" for instance ;)
At the moment I've been looking at different classes of attacks
rather than different applications. Integer overflows I find
fascinating and they're fun to spot!
# Debian Security Audit Project
You can find the EdLUG mailing list FAQ list at: