Thread: Kindle Touch 5.0 Jailbreak
View Single Post
Old 01-17-2012, 05:57 PM   #101
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Quote:
Originally Posted by yifanlu View Post
I've said this many times before. We have payloads. Not exploits. The tar bug is an exploit. Using it in various ways are different payloads. I don't troll, I like to point out misinformation so they don't get spread and raise expectations.

The fastboot/USB download is NOT an exploit. It's a door left open on purpose (or by accident) for developers. An exploit is using a bug in some code to execute unsigned code.

If amazon fixes the tar bug. They FIX the tar bug, not just one specific payload. Now there is the chance that your payload will still work (actually, seeing amazon's record, it's a high chance) but we can't depend on it. For example, the pervious update fixed two other payloads for the mp3 bug including one that allows HTML injection on the device name.

Anything else is beyond my knowledge, which is why I started out with "AFAIK"
"Exploit" is a big word with a lot of meaning (even in the computer security industry). A door left open on purpose or by accident may be exploited by those who wish to use it to their own advantage. For example, even in many high security environments, the back or side door is often kept unlocked for the convenience of cigarette smokers who can no longer smoke inside. Exploring such unlocked doors more often than not brings you to areas with no security, no guards and no cameras (inside the firewall, so to speak). It helps to dress the part, and to carry a clipboard. People avoid eye contact when they think you are there to watch THEM. Social engineering is a fine example of a human behavior exploit. I used this many times for "legimate" purposes. And while on the subject of "inside the firewall", my parts have begun arriving for three of these:
http://www.minipwner.com/index.php/w...-the-minipwner

I have some well-publicized and well-known computer exploits behind me, from the days when your parents were still children. I have become very careful in what I do and where I publish my "adventures" since the creation of the DMCA and the Patriot Act (and caution comes with age and maturity as well). I have only used my "geekmaster" handle since I first "exploited" the Geek Squad logo to suit my own purposes shortly after they were founded in 1994, and I have been very low-key about it. I still own two of the original black Geek Squad T-shirts acquired strictly for "social engineering" purposes.

Back when I was your age, I was a founding member of the "Malicious Users Group" a/k/a MUG. It was university-sponsored, and the university even bought the pizzas during our all-night hacking sessions. Our group had about 40 members (by invitation only). My user ID was MUG0002. The only caveat was that we allow the university to monitor our "sponsored" hacking sessions, and we were to report all vulnerabilites found during those official sessions so they could "harden" their system. Great times were had by all (except the poor university computer center programmers who had to keep fixing the same problems over and over again).

Our domain was a little-known computer access point with a handful of "glass teletypes" that connected at 300bps, when all the other students had to use ASR-33 teletypes that only did 110bps (10 characters per second). Of course, it was still fun to use a teletype now and then, if only to make the 40-some other teletypes in the room go dead silent while mine chattered away printing out startrek game maps, while locking out even the computer operators. This was done by escalating priveleges above what even computer operators and systems administrators had.

During a consulting gig at a large well-known "big-iron computing" company, I became buddies with the director of technical support when he came to me white-faced, saying "you didn't REALLY delete the systems validations file did you?". He was afraid to reboot the mainframe for routine maintenance, fearing it might not come up again. I showed him how a lowly user could insert official messages into the system logs. He was relieved.

One of my projects was featured on the cover of Scientific American, but my boss stole all the credit. This may be a contributing factor for my feeling violated when people claim credit for my ideas.

Anyway, enough fun for now. I know what an exploit is. Perhaps I helped to define it.

P.S. There were exploits before code signing even existed.
Last edited by geekmaster; 01-17-2012 at 07:25 PM.
geekmaster is offline   Reply With Quote