Security Researchers Exploit Amazon Echo's Chromium Bug, Win $60,000 Bounty (techcrunch.com) 6
An anonymous reader quotes TechCrunch:
Two security researchers have been crowned the top hackers in this year's Pwn2Own hacking contest after developing and testing several high profile exploits, including an attack against an Amazon Echo. Amat Cama and Richard Zhu, who make up Team Fluoroacetate, scored $60,000 in bug bounties for their integer overflow exploit against the latest Amazon Echo Show 5, an Alexa-powered smart display.
The researchers found that the device uses an older version of Chromium, Google's open-source browser projects, which had been forked some time during its development. The bug allowed them to take "full control" of the device if connected to a malicious Wi-Fi hotspot, said Brian Gorenc, director of Trend Micro's Zero Day Initiative, which put on the Pwn2Own contest...
When reached, Amazon said it was "investigating this research and will be taking appropriate steps to protect our devices based on our investigation," but did not say what measures it would take to fix the vulnerabilities -- or when.
The same researchers also compromised Sony and Samsung smart TVs, and the Xiaomi Mi9 smartphone, according to ZDNet, which also reports that "Nobody wanted a piece of the Facebook Portal, and nor did they want to hack Google's Home assistant.
"Security researchers chose to go after the easier targets, like routers and smart TVs, known for running weaker firmware than what you'd usually find on a smart speaker or home automation hub."
The researchers found that the device uses an older version of Chromium, Google's open-source browser projects, which had been forked some time during its development. The bug allowed them to take "full control" of the device if connected to a malicious Wi-Fi hotspot, said Brian Gorenc, director of Trend Micro's Zero Day Initiative, which put on the Pwn2Own contest...
When reached, Amazon said it was "investigating this research and will be taking appropriate steps to protect our devices based on our investigation," but did not say what measures it would take to fix the vulnerabilities -- or when.
The same researchers also compromised Sony and Samsung smart TVs, and the Xiaomi Mi9 smartphone, according to ZDNet, which also reports that "Nobody wanted a piece of the Facebook Portal, and nor did they want to hack Google's Home assistant.
"Security researchers chose to go after the easier targets, like routers and smart TVs, known for running weaker firmware than what you'd usually find on a smart speaker or home automation hub."
Re: (Score:2)
$100,000 Bounty for making Rust be sane about over (Score:2)
I'll offer the same bounty to anyone who can get the Rust leadership to decide on a sane way of handling integer overflow like this, and stick to it. So far they've changed it at least three times, and they've said they plan to change it again, so no matter how hard a programmer tries to write secure software the next version of the Rust compile screws it up and makes another exploitable bug.
There is perhaps no perfect best way to handle integer overflow. Whatever choice you make will require programmers t
Integer Overflows (Score:2)
The sane way to handle them is the way that old Visual Basic does, You automatically trap them, throwing an exception. Just like a null pointer or array index overflow etc.
In theory this should not involve any run time overhead as the check is in hardware, just like null pointers are. In practice I do not think the 386's have the trap so there is a small overhead in checking the overflow bit, and so a need for fast-unchecked operations occasionally.
RISK V is appalling, with no overflow bit at all. I sup