SoylentNews is people
SoylentNews
Arthur T Knackerbracket has found the following story:
Developer unknownv2 has released a proof of concept exploit for the Xbox One. The exploit leverages a series of known vulnerabilities in the Microsoft Edge Browser (CVE-2016-7200 and CVE-2016-7241). We have not confirmed if this exploit works here at wololo.net (yup, I still don't have an Xbox One...).
The Xbox One uses Microsoft's Edge browser. Pretty much the same browser that you used once on Windows 10, to download google Chrome.
In November last year, several critical vulnerabilities were found in the Edge browser, and disclosed by Microsoft as they patched them. A proof of concept was released for these vulnerabilities by developer Brian Pak, demonstrating how to use them in an exploit. This is known as the Chakra exploit, and a good read on the topic can be found here.
Hacker unknownv2 has built his Xbox One exploit on top of Brian Pak's proof of concept. In the developer's words:
The POC itself was mostly complete, but the first bug (CVE-2016-7200) it used was patched on the console. I used Json.Parse bug (CVE-2016-7241) to leak addresses instead and after a bit of tweaking with the values, I was able to get the correct address for the chakra.dll. From there, I modified the POC by changing the code addresses for the gadgets and the VirtualProtect function call to make the shellcode executable.
This is a userland exploit, similar to webkit exploits that many of us are familiar with.
-- submitted from IRC
(Score: 3, Touché) by Rosco P. Coltrane on Tuesday April 04 2017, @02:52PM (11 children)
The Xbox One uses Microsoft's Edge browser. Pretty much the same browser that you used once on Windows 10, to download google Chrome.
All this clever sentence says is that the author doesn't know realize both browsers are awful if you care about privacy - which, considering the subject matter, doesn't reflect too well on the guy's expertise.
(Score: 2) by Arik on Tuesday April 04 2017, @02:57PM
The reason they keep making junk like that is because people keep buying junk like that.
If laughter is the best medicine, who are the best doctors?
(Score: 4, Insightful) by Wootery on Tuesday April 04 2017, @03:45PM (9 children)
Privacy is something that Firefox could and should emphasise. Being not-for-profit, they're uniquely placed to be the browser for the privacy-aware, but doubtless they'll instead continue trying and failing to be Chrome.
(Score: 2) by Pino P on Tuesday April 04 2017, @04:55PM (6 children)
Privacy is something that Firefox could and should emphasise.
Which is why Firefox has a built-in tracking blocker [mozilla.org].
But walled-garden platforms like iOS and Xbox One typically have a blanket ban on third-party web browser engines. Firefox for iOS, for example, is little more than a skin for the same engine that Safari uses. Should people instead boycott iOS and game consoles entirely?
(Score: 2) by kaszz on Tuesday April 04 2017, @05:02PM (4 children)
Yes.
Because corporations should stay out of personal decisions on webbrowser. The only reason to not is to screw users.
(Score: 3, Informative) by Pino P on Tuesday April 04 2017, @05:49PM (3 children)
Allowing end users to use a wider selection of applications, including third-party web browsers, increases a device manufacturer's support costs. Restricting usable software decreases said support costs, and hardware manufacturers pass at least a portion of the support cost savings on to end users. This contributes to the lower price of a game console compared to a gaming PC, and this lower price encourages end users to buy a game console instead of a gaming PC.
$299 for a game console or $499 for a PC: what would most pick?
(Score: 0) by Anonymous Coward on Tuesday April 04 2017, @09:54PM (1 child)
I just want a general purpose computer that I control, thanks. Suckers who buy these game consoles are going to continue to be ruthlessly exploited by these scumbag companies.
$299 for a game console or $499 for a PC: what would most pick?
It's not just about price, but about freedom. But the ignorant, unprincipled masses would probably pick the former.
(Score: 2) by Pino P on Wednesday April 05 2017, @01:00PM
It's not just about price, but about freedom. But the ignorant, unprincipled masses would probably pick the former.
Therein lies the problem. Without enough of the general public being willing to buy a mass-produced product, the economies of scale for efficiently mass-producing it evaporate.
(Score: 2) by kaszz on Wednesday April 05 2017, @02:26AM
I want a computing platform and no-one to impede my decisions on usage. It's not the manufacturers responsibility to handle users bad decisions, just to inform them of the supported one. And it's also my right to use whatever software I'll see fit.
Which just reminds me why iPhone is such a shitty choice for web-browsing. Whenever there's a problem with the rendering.. you'r STUCK.
(Score: 2) by Wootery on Wednesday April 05 2017, @09:40AM
Sure, they'll bake-in a blocker, but Firefox security is an absolute disaster. A little more emphasis on that please, Moz, and less on dumbing-down the UI.
(Score: 3, Insightful) by urza9814 on Wednesday April 05 2017, @06:44PM (1 child)
"Could and should"? I think you mean DOES. When's the last time you looked at Mozilla? Their website might as well just redirect to the EFF these days. If you want to download Firefox you have to scroll past links to crypto tools and warnings about internet tracking. They've already rebranded themselves as the privacy browser, so I'd suggest giving Firefox another try if you haven't recently.
Mozilla: "Get Smart on the Web"
https://www.mozilla.org/en-US/teach/smarton/ [mozilla.org]
Mozilla Blog: Data Privacy Day
https://blog.mozilla.org/blog/2017/01/26/data-privacy-day/ [mozilla.org]
Adage.com: Mozilla's Holiday Brand Project Was a Data Privacy Pop-up in NYC
http://adage.com/article/privacy-and-regulation/mozilla-s-holiday-brand-project-a-privacy-pop-nyc/307425/ [adage.com]
Mozilla: Data Privacy Principles
https://www.mozilla.org/en-US/privacy/principles/ [mozilla.org]
Mozilla: Firefox: The Most Trusted Browser on the Web
https://www.mozilla.org/en-US/firefox/desktop/trust/ [mozilla.org]
Mozilla: Privacy Preferences and Do Not Track
https://support.mozilla.org/t5/Manage-preferences-and-add-ons/Settings-for-privacy-browsing-history-and-do-not-track/ta-p/1276 [mozilla.org]
Mozilla: Internet Health Report
https://www.mozilla.org/en-US/internet-health/ [mozilla.org]
Mozilla: Winter of Security 2016
https://wiki.mozilla.org/Security/Automation/Winter_Of_Security_2016#Winter_Of_Security_2016 [mozilla.org]
An argument could be made that a lot of those links are just PR stuff, but IMO getting the general public to give a damn is the most important (and most difficult) battle we need to win here. And they ARE doing good things on the code front as well, they've got better privacy features built-in to Firefox and as first-party plugins than any other browser that I know of.
I consider Mozilla to be one of our best allies in this particular war. Right up there with the EFF. And they need all the support we can give them for that -- there's a lot of very big companies with very deep pockets working against them.
(Score: 3, Informative) by Wootery on Wednesday April 05 2017, @07:20PM
Good links, thanks. I do stand by what I said about emphasis on security though. It's shit like this. [securityzap.com]