I agree that it is not a true backdoor, but I am simply pointing out that the goal is accomplished by hoarding 0-days or creating an actual backdoor. The 0-day you were not reporting gave you escalated access to iOS…
We can debate the meaning of words, but the goal of a backdoor from the perspective of the government is to gain access to a system. The effect of a backdoor is accomplished through a literal backdoor or a figurative…
A unreported zero day is a de facto backdoor. The chain you mentioned has similar flaws as the current strategy. Step 3 would be incredibly difficult. It would be similar to detecting a virus signature, which are easily…
I am actually in a similar boat. I have done a lot of java work, and was active on the security side of things in my previous role. I mostly worked on compliance, but I did some pen testing. I can see compliance not…
Yes, that book completely changed my world view. I still think about it consistently almost 6 years later. He took a very empirical approach to a problem that is often discussed using less than thorough methods.
This is really cool. I saw that jjs was bundled with java 8, and saw this possibility. I wonder if it is compatible with node js frameworks like express. I think that node has a lot of native code to implement various…
I agree that it is not a true backdoor, but I am simply pointing out that the goal is accomplished by hoarding 0-days or creating an actual backdoor. The 0-day you were not reporting gave you escalated access to iOS…
We can debate the meaning of words, but the goal of a backdoor from the perspective of the government is to gain access to a system. The effect of a backdoor is accomplished through a literal backdoor or a figurative…
A unreported zero day is a de facto backdoor. The chain you mentioned has similar flaws as the current strategy. Step 3 would be incredibly difficult. It would be similar to detecting a virus signature, which are easily…
I am actually in a similar boat. I have done a lot of java work, and was active on the security side of things in my previous role. I mostly worked on compliance, but I did some pen testing. I can see compliance not…
Yes, that book completely changed my world view. I still think about it consistently almost 6 years later. He took a very empirical approach to a problem that is often discussed using less than thorough methods.
This is really cool. I saw that jjs was bundled with java 8, and saw this possibility. I wonder if it is compatible with node js frameworks like express. I think that node has a lot of native code to implement various…