Presentation on theme: "Question 1 Did you get root? We got the kernel, and from the kernel we got root. This is an often asked question and is actually the worst question we."— Presentation transcript:
Question 1 Did you get root? We got the kernel, and from the kernel we got root. This is an often asked question and is actually the worst question we have received. People asking this question have shown they are not familiar with OS architecture and device drivers. The answer is that once you have compromised a device driver you are running in ring-0, the highest privilege level on a processor. From this state and depending on how your shellcode is designed, you can do anything you want.
Question 2 What services were running? This attack happens at the network link layer. No IP packets were required for this attack.
Question 3 Ill pay you $10/$100/$1000 for a live demo! REALLY?? By doing a live demo we are in essence selling you a copy of the exploit. Its not for sale.
Question 4 Why was it a video? For the same reason we arent doing live demos. By doing this anyone in the audience with a sniffer will then have a copy of the exploit.
Question 5 How did you use a 3rd party card, there are no card slots? USB?!?!?!?!?!
Question 6 I saw some people quote you as saying the bug is in the built-in in card and other people quote you as saying as its not, who is right? They both are. The exploit shown in the video was targeting a specific third party driver and that same vulnerability does not affect the built in card. We are, however, doing ongoing research on the built-in card as well and have shared our findings with Apple.