DLL?
Does this mean it's Windoze only?
A Georgian security researcher is due to present details of an unpatched vulnerability in Google's Chrome browser at the Malcon security conference in India over the weekend. Years ago the circumstances of Ucha Gobejishvili's presentation would hardly have raised an eyebrow but that was before Google began offering up to $60, …
Don't knock it. Now they've got the irrelevance of the 8 version sorted out, the Skype devs have been freed up to do other things.
New version for Android shipped and actually works[1]. Yippee.
[1] That's "works" as in doesn't go titsup.com rather than connect if you flip tails rather than heads, has video that actually moves and can be used with the device's internal mic without the other end needing the volume wound up past 11.
I'm not surprised at the callowness of some of the high profile conference participants - it all means so much more when you are in your teens and there are more spare hours where for your own sanity you need to keep your brain distracted from the contents of your trousers.
In my day it was Prestel or the school EcoNet but I'm sure the fundamentals are not too different.
And they won't be wowed & distracted by four colour digital images of Midge Ure at Live Aid.
If it's the same Ucha Gobejishvili that discovered these beauties, then Google probably haven't stopped laughing since his speech was announced:
https://code.google.com/p/chromium/issues/list?can=1&q=reporter%3Alongrifle0x
He's been trolling Google with these all year. Exploits discovered include making the status bar say something that isn't the URL of the link you're hovering over, by using the Javascript API that lets you do that.
Most of the "exploits" this researcher has found aren't exploits. The only reason he is even newsworthy at the moment is because he claims to have an exploit (very likely he doesn't going by his track record) but doesn't want to sell it or get a reward for it.
The Firefox 13 "remote DoS" he came up with is running Javascript on a page and just creating a massive variable to use up memory.
A previous security report he made about Chromium is the same. Running Javascript and using up lots of memory so that tab will crash. You can find all his other reports on the Chromium bug tracker and they're all invalid reports as they're not security flaws.
The video converter "buffer overflow" involves creating a brand new DLL with his exploit code in. Why bother writing a buffer overflow if you've already got the ability to create and run a DLL in that process?
The one place he does have some success is with SQL injection and XSS flaws. He's clueless about actual buffer overflows and other code execution flaws.
He says he's holding off on publishing details because the issue is dangerous, though paradoxically he doesn't seem to be working with Google in helping to develop a fix. He doesn't appear to be working with exploit brokers either. Gobejishvili's general reticence is shrouded in some mystery.
Some bugs are dangerous and cannot be fixed. Then do things move on to the organisation of exploitation. One then can fully understand and commend reticence for shrouding mysterious discoveries.
Such times in CyberSpace are as a loded pause to consider one's general position and specific direction of wished travel.
I think (4) has a bit of a problem. If he details it at a conference and Google then use the information to find and fix the problem, he's a bit stuffed there.
What were you thinking? The vuln's his IP[1] and he could sue if they fix it without paying him?
[1] If there are any IP lawyers reading, there is a world of difference between sarcasm and a bloody brilliant idea. Not that you're likely to understand that.......