Hacker News new | ask | show | jobs
by easy_rider 4987 days ago
Untill proven otherwise this totally violates full Disclosure policies. I know they are like 'gentleman agreements' but this feels bad, and looks bad, like the author is only out for some internet fame. I can not believe that he in any way tried to contact Microsoft, but clearly took his time on this publication.
3 comments
bdonlan 4987 days ago
I kind of get the feeling that the author doesn't really know what he's doing. The actual exploit code is a fragment of what looks like a 'hello world' sort of console IO test. The 0xC0000000 he goes on and on about is just GENERIC_READ | GENERIC_WRITE, which is a totally legal combination. And he disassembles his own code for no particularly good reason.

Given all of this, it's not really a surprise that he's not clear on responsible disclosure policies (this doesn't really violate 'full disclosure policies' - he's fully disclosing it, after all!). It sounds like he was just playing around with things, found a way to crash his own machine by accident, and decided to post it online.

I also note that the code is incomplete, and looks reasonably straightforward and correct from casual inspection. I wonder if the real cause is elsewhere?

link
maxdeliso 4987 days ago
I haven't exactly pinpointed the cause of the problem, I just noted that that call was the last point in my code to get executed before the system was hosed.

Also, the code is complete: check the tarball listed at the end of the page.

link
easy_rider 4986 days ago
> this doesn't really violate 'full disclosure policies'

Well he kinda marked it down like he was.. talking about compiling an exe and all to crash any Vista/7 in 30 secs.

link
santaragolabs 4987 days ago
There are tons of developers who've got no experience dealing with (potential) security issues or have any idea about the "gentleman agreements" that are prevalent in the security- versus the IT-industry. So it could very well be that he has no idea what he's doing.

Then again; every 12 months or so the debate regarding full/responsible/no disclosure flares up again in the security-/IT-industry after another public outcry regarding one specific bug, company or patch. In the end nothing is resolved and we still continue to rely on gentleman agreements.

link
maxdeliso 4987 days ago
<secure@microsoft.com>: host microsoft-com.mail.protection.outlook.com[207.46.100.11] said: 550 5.7.1 Service unavailable; Client host [66.175.217.21] blocked using Blocklist 1; To request removal from this list please forward this message to delist@messaging.microsoft.com (in reply to RCPT TO command)
link