Joanna Rutkowska

@rootkovska ↗

Deleted No

Hibernated No

Last Checked Nov. 19, 2022

Created

Wed May 22 08:18:34 +0000 2019

Likes

Retweets

Source

Twitter for iPad

View Raw Data

JSON Data

View on Twitter

Likely Available

Joanna Rutkowska @rootkovska

@esizkur @natashenka Thx. I wonder what privs does that daemon have? — PolitiTweet.org

Posted May 22, 2019

Preceded By

Joanna Rutkowska @rootkovska

@natashenka So, given the attack apparently causes the *device* to crash, does that mean the VVM process is not sandboxed in any way? One would expect these to be two independent issues: 1) to exploit some process that does complex networking protocol, and 2) to actually crash the system? — PolitiTweet.org

Posted May 22, 2019

Followed By

Joanna Rutkowska @rootkovska

I wish computer systems vulnerabilities had inverse dynamics: RCEs (which we will never get rid off) should be *cheaper* and less concerning than LPEs (sandbox escapes). This has been an underpinning principle for us building @QubesOS. — PolitiTweet.org

@kaepora @natashenka these days, a 0click RCE is worth several times what a LPE is worth, so whatever sandboxing is… https://t.co/vAPMIloGhg

Posted May 22, 2019