[Ti] Intel Mac Mini?
Bob Jacobsen
Bob_Jacobsen at lbl.gov
Sat Feb 25 14:55:29 PST 2006
At 4:45 PM -0600 2/25/06, Chris Olson wrote:
>On Feb 25, 2006, at 4:35 PM, Bob Jacobsen wrote:
>
>>Is there a CERT advisory?
>
>http://www.us-cert.gov/cas/techalerts/TA06-053A.html
>
>However, you can take the CERT advisory with a grain of salt. We've
>determined that it extends well beyond Safari to Launch Services
>(launchd) and the default bash shell. We've found that turning off
>"Open Safe Files After Download" in Safari does NOT "fix" it. We've
>developed a full exploit of the vulnerability that will execute
>outside Safari in normal workflow.
>
>Again, wanna' try it?
Why should I?
I strongly question the motives and ethics of somebody who would
distribute something that _deliberately_ causes damage when the same
point can be made by distributing something that doesn't.
Bob
--
Bob_Jacobsen at lbl.gov +1-510-486-7355 fax +1-510-643-8497 AIM, Skype JacobsenRG
More information about the Titanium
mailing list