usb chainsaw?

[deathwarder]

I found the usb chainsaw on the wiki and had a few questions:

1.Will it be on the next episode?

2.If so, when is the next episode?

3.How will is exploit linux?

4.Will it support os x?

[ChevronX]

Next ep, should be e ither 4th of 5th of november

[deathwarder]

what about my other questions?

[ChevronX]

Im afriad I dont know lol, I am not developing or paying much attention to those projects.

[Sparda]

It either won't effect Linux at all (since it requires the use of a windows bginary unless changed to specificly target Linux/BSD) or it will only effect certian distrobutions (namly, ones with automounting funationality).

[deathwarder]

It does say that it will work on many x86 systems, so shouldn't it at least work with most linux distro's? Or mac os x intel?

[Sparda]

It does say that it will work on many x86 systems, so shouldn't it at least work with most linux distro's? Or mac os x intel?

As far as I know it still requires the use of windows binaries to work, which can't be executed natively on Mac OS (any version), Linux (apart from Linspire) or BSD.

[deathwarder]

well,

"Still in early development, the USB Chainsaw is described as a all purpose physical access hacking device able to take advantage of many x86 based operating systems, including Windows and Linux. No other details are available at time of writing. Dev5 Project"

right from the wiki, that means at least linux will be supported.

[renegadecanuck]

1. Very unlikly since the Wiki says early development. I would be suprised if there was a proof of concept or anything yet.

2. I dunno

3. Same way it'll exploit Windows: scripts and 3rd party programs. Linux is not completly secure. It's still coded by humans, thus susceptible to flaws. My belife is that the magic that keeps Linux and MacOS from being exploited is lack of users.

4. No clue.

[univrsltransl8r]

Linux is not completly secure. It's still coded by humans, thus susceptible to flaws. My belife is that the magic that keeps Linux and MacOS from being exploited is lack of users.

This is 100% accurate. I believe the only reasons we haven't seen more malware for Linux and OSX is that there is simply not enough opportunity for gain due to:

1. Lack of popularity

2. Technical proficiency and savvy of those users (Linux).

If/when these OS's really get momentum, like Windows has, and are adopted by the technically ignorant masses, we will see just as many attacks on them.

[Sparda]

The only kinds of Linux set ups I can see it effecting are:

Linux distros that have automouning turned on (security risk, but convenient), but nothing will run automaticly.

Linux has been configured (in fstab) to allow normal users to mount /dev/sda, /dev/sdb and so on.

If neither of these situations are the case then I would say the only other way it would effect Linux is if you booted an OS off the thing.

[DLSS]

Linux is not completly secure. It's still coded by humans, thus susceptible to flaws. My belife is that the magic that keeps Linux and MacOS from being exploited is lack of users.

i actually think its for a large part due to the huge development community's some linux distro's have , if something is found it'll b patched .....

wich windows doesnt have ....

[Sparda]

I think you are all missing the point that the flaw that will be exploited here is more a design flaw rather then a software flaw. For this to work on Linux, either normal users must be permitted to mount /dev/sda (or applicable), or, there must be an automounter demon running which automaticly mounts devices.

[softdel]

Next ep, should be e ither 4th of 5th of november

Remember, remember the 5th of November.

This episode MUST have some fireworks in it :D or...A BIG PC COOKUP!! YEEEE HA!

[psychoaliendog]

Will it be on the next episode? :pirate: no one can be really sure, unless of course you were watching Darren edit the episode (because I have a sneaking suspicion that he is) But you would have to know Darren... to be at his place... to watch him edit... Arrrg! *coughlinkisinthesmilycough*

*goes about his business acting like nothing happened*

[softdel]

^What the bloody hell is that about?

Any ideas anyone? Maybe?

[univrsltransl8r]

Remember, remember the 5th of November.

I thought the exact same thing when I read that! I'm glad somebody said it. If they're not planning to blow anything up, I will be disappointed.

[psychoaliendog]

^What the bloody hell is that about?

Any ideas anyone? Maybe?

maybe it has something to do with this post?

[cooper]

Let me just say that "The USB <blah>" is getting old. The hacksaw was little more than a particular payload for the Switchblade. Presumably the Chainsaw will be similar. If so, they should really *NOT* do something like that for the episode following this one.

[Darren Kitchen]

Yes, you can watch the EditCam

No, the episode will not be released on the 5th of November. (It will come out sooner than that. Within hours-days actually)

Yes, the chainsaw exploits most operating systems running on x86 within certain conditions.

No, there isn't any proof of concept code yet.

Anyway, think outside the box. Who needs linux/windows/mac exploits when you have physical access to the drive.

Oh, and the name is simply a code name, likely for googleability.

[Sparda]

Yes, the chainsaw exploits most operating systems running on x86 within certain conditions.

Surly that means you are booting another OS off the USB flash... and, not stopping there, including EFI support so it will work on Intel macs?

[cooper]

Early ep. Hmmm. :D

Given earlier communications I expected it to be late. Nice.

[psychoaliendog]

Yes, you can watch the EditCam

Ohhh... I thought it may have been a easter egg of Christmas past (I thought that metaphor would have worked out better). And I didn't want to get whacked for giving away that the edit cam was still in service. So, as the old saying goes "When in doubt, act like a raving lunatic and people will just back away slowly"

[prasmax]

Maybe they decided to take a break from USB (Fill in the blank with a sharp and/or dangerous object). I am still anxious about the chainsaw through, I hope they have it in 2x05.

[renegadecanuck]

Yes, the chainsaw exploits most operating systems running on x86 within certain conditions.

Surly that means you are booting another OS off the USB flash... and, not stopping there, including EFI support so it will work on Intel macs?

If you have physical access to the computer, you can mount the drive under Linux, and run w/e from there. He never did say Switchblade-esque functionality.