Anatomy of a hack: 6 separate bugs needed to bring down Google browser

Anatomy of a hack: 6 separate bugs needed to bring down Google browser(arstechnica.com)

54 points by felipe_csl 13 years ago | 12 comments

slaven 13 years ago |

The scary part was the limitation that hackers weren't allowed to exploit Windows vulnerabilities. When you think of how many unpatched Windows 7 (or older) machines are out there it's no wonder botnets keep growing..

fennecfoxen 13 years ago | |

I thought the scary part was the pink my-little-pony wielding a battle-axe that Pinkie Pie chose as his ("his?" ... i assume) mascot. ;) But then, different things scare different people different ways, and maybe I've just become numb the Windows-scare already.

Zirro 13 years ago | | |

Actually, that "pink my-little-pony wielding a battle-axe"-pony is Pinkie Pie (http://mlp.wikia.com/wiki/Pinkie_Pie) ;)

She's known for being able to break the fourth wall (unlike the other ponies in FiM) and doing other "impossible" things, which I'm figuring the hacker may have connected to breaking out of a sandbox.

You may also want to see: https://secure.wikimedia.org/wikipedia/en/wiki/My_Little_Pon...

nodata 13 years ago | |

How many unpatched Windows 7 boxes are there? Do you have any numbers. I thought automatic updates were enabled by default on them.

lloeki 13 years ago | |

> the limitation that hackers weren't allowed to exploit Windows vulnerabilities

He guessed "some predictable addresses allocated by Windows" though. Not detracting from the achievement, but this could arguably be stashed in the non-Chrome side of things.

lmm 13 years ago | | |

It's normal, and necessary, for the operating system to provide access to standard library functions; the easiest way to do this is having them at well-known addresses. Admittedly windows could do address space randomization which would make the exploit harder, but it should still be possible even with that.

sparknlaunch12 13 years ago |

Where do many of these hackers come from? What is their background?

I ask, as wish to know at a high level what tools and code they are using to find and exploit Chrome.

unreal37 13 years ago |

The article makes it sound like since "6 separate bugs" were needed to bring down Chrome, it proves that its a more secure browser (than presumably IE or Firefox). But in 10 days a teenager found 6 bugs in Chrome in 2012? That doesn't sound more secure.

Xlythe 13 years ago | |

It's probably easier to find bugs the deeper you get. There's the assumption that you're authorized, and fewer people get that deep so exploits come up less. It's far from ideal, but most of the issues are listed as low (2) or medium (2). Only one is listed as high (though the last is undisclosed).

cooldeal 13 years ago | |

Yes, "Teen pwns Chrome in 10 days, how long will it take China?" can easily be the headline.