Harry Sintonen, Senior Security Consultant / F-Secure
Harry Sintonen is a hacker for 30+ years, over a decade professionally. Disobey talkoholic.
I was lying in my hotel bed and thinking of some fancy new angles to play in $RANDOM security assessments. Perhaps a source code review of some of the common open source components might reveal something useful? I grabbed the source code of various packages and my favorite $EDITOR and spent some quality time with the code, some of which originated from early 80s. Soon I ran into something: It wasn’t obvious at first, but somehow I had a nagging feeling that something was off. And there it was: A gaping hole in a software package written in 1995, but based on earlier work from 1982. Back in 1982 security wasn't really a thing. Heck, even Morris worm happened 6 years later...
The vulnerability was there, but could it really be exploited in any sensible way? Achieving that required finding a second vulnerability and exploiting the combination of them. And of course we still needed to have the user to ignore some of the very basic best practices there is. Who would be stupid enough to do that? Answer: Pretty much everyone, myself included.
See how design faults in software used by millions can be used to take control of the victim's workstation.