[liberationtech] Foxacid payload

[coderman]

On Thu, Jul 17, 2014 at 1:11 PM, coderman <coderman at gmail.com> wrote:
> ...
> - if you want to thwart FOXACID type attacks there are ways to do it
> without knowing specific payloads. (architectural and broad
> techniques, not fingerprints on binaries or call graphs)


some specific examples:

A: exploit reuse to arbitrary execution, persist via pivot
D: run vulnerable app in Throw away Qubes VM, log traffic for
inspection through gateway VM.  exploit unable to persist, exploit
vector captured.

A: android intent misuse to elevate privs, then exfiltrate data.
D: "root" your device to restrict intent use and network communication
by application, preventing vulnerable app from being usefully
exploitable.

A: baseband exploit to device crypto key retrieval used
D: apply software defined radio to confirm compromise at baseband
level via suspect emissions, use SDR instead of proprietary radios to
communicate.
 (you can't mitigate against a compromised baseband, in most cases.)


"convenience is the cost of privacy" - who said this? very true in
this instance.
-- 
Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.