On 5/1/2010 1:23 PM, Georgi Guninski wrote: > ok, we had a flame. > > what is the newest category of sekurity bugz that is considered elite?
I had to think about this a few days. My nomination for 'most leet' is the exploitation of hardware on the die of the chip: “Tarnovsky’s examination process involved subtle use of hardware-based liquid chemical and gas technologies in a lab setting to probe with specialized needles to build tungsten bridges.” http://blackhat.com/html/bh-dc-10/bh-dc-10-speaker_bios.html#Tarnovsky http://www.computerworld.com/s/article/9151158/Black_Hat_Researcher_claims_hack_of_chip_used_to_secure_computers_smartcards Hardware hacking is a magnificent example of something everyone has always known was possible and largely pretended didn't exist. > basically, int. over., BO are generally considered elite yet barely new. > XSS probably is not elite by 3l33t majority opinion. > > i was looking in the past and my heart was not beating fast ;-) Runner up is the category of research enabled by USRP: http://www.ettus.com/products Particularly the GSM rainbowing and OpenBTS efforts: http://reflextor.com/trac/a51 http://events.ccc.de/congress/2009/Fahrplan/events/3654.en.html http://www.theregister.co.uk/2009/12/28/gsm_eavesdropping_breakthrough/ http://openbts.sourceforge.net/ You asked about 'sekurity bugz'. Not sure if these are the bugz you are looking for, :-) but its an answer to some question. - Marsh _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/