Homebrew Another Web Browser Freeze

[loco365]

Ok, let me just add in this bit of info to put it into perspective about the whole 'sandbox' dilemma.

A few years ago a researcher had found a way to run some code inside of a virtual machine that cause malicious code to be run inside the host OS. Although this is comparing apples to oranges, a virtual machine is certainly one form of sandboxing. All that there needs to be is just one possible exploit in the sandbox and for someone to find it and then unsigned code can be run. It is not an easy task, especially on the 3DS, but I would not be surprised if that is how the first exploit becomes publicly available.

That'd be interesting. I never thought of a sandbox mode like that. Perhaps it is possible, but I think it's more unlikely.

 

[DeadlyFoez]

Ok, let me just add in this bit of info to put it into perspective about the whole 'sandbox' dilemma.

A few years ago a researcher had found a way to run some code inside of a virtual machine that cause malicious code to be run inside the host OS. Although this is comparing apples to oranges, a virtual machine is certainly one form of sandboxing. All that there needs to be is just one possible exploit in the sandbox and for someone to find it and then unsigned code can be run. It is not an easy task, especially on the 3DS, but I would not be surprised if that is how the first exploit becomes publicly available.

That'd be interesting. I never thought of a sandbox mode like that. Perhaps it is possible, but I think it's more unlikely.

It is certainly extremely unlikely without some other previous hack being found first. At least on the PC there is shit loads of tools that let you debug and examine everything so it is easier to find things like this. But Team Twiizers, their first exploits on the wii and the dsi were hardware exploits that would not be easy for the average user to do. So they find these hardware exploits and from it they examine and learn the system and then find software exploits that they can easily release to the masses.

TT knew about a hardware exploit on the dsi long before they release sodokuhax, and like with the wii, they found the twiizer exploit long before they created the twilight hack. All this hardware hacks they kept to themselves until they had a consumer friendly solution. Thats the way it always will be.

A browser exploit may be long down the road, but it certainly is possible and more likely that anything else since HTML does not need to be signed at all to be displayed.

 

[loco365]

QUOTE(Team Fail @ Sep 15 2011, 05:55 PM)

QUOTE(DeadlyFoez @ Sep 14 2011, 08:24 PM)
Ok, let me just add in this bit of info to put it into perspective about the whole 'sandbox' dilemma.


A few years ago a researcher had found a way to run some code inside of a virtual machine that cause malicious code to be run inside the host OS. Although this is comparing apples to oranges, a virtual machine is certainly one form of sandboxing. All that there needs to be is just one possible exploit in the sandbox and for someone to find it and then unsigned code can be run. It is not an easy task, especially on the 3DS, but I would not be surprised if that is how the first exploit becomes publicly available.

That'd be interesting. I never thought of a sandbox mode like that. Perhaps it is possible, but I think it's more unlikely.


It is certainly extremely unlikely without some other previous hack being found first. At least on the PC there is shit loads of tools that let you debug and examine everything so it is easier to find things like this. But Team Twiizers, their first exploits on the wii and the dsi were hardware exploits that would not be easy for the average user to do. So they find these hardware exploits and from it they examine and learn the system and then find software exploits that they can easily release to the masses.

TT knew about a hardware exploit on the dsi long before they release sodokuhax, and like with the wii, they found the twiizer exploit long before they created the twilight hack. All this hardware hacks they kept to themselves until they had a consumer friendly solution. Thats the way it always will be.

A browser exploit may be long down the road, but it certainly is possible and more likely that anything else since HTML does not need to be signed at all to be displayed.

True, but that leaves me with some questions. If HTML isn't signed in order to run, how can code be injected via HTML? Or, even better, how can HTML be used to display content beyond the web browser?

 

[nano351]

QUOTE(Team Fail @ Sep 15 2011, 05:55 PM)

QUOTE(DeadlyFoez @ Sep 14 2011, 08:24 PM)
Ok, let me just add in this bit of info to put it into perspective about the whole 'sandbox' dilemma.


A few years ago a researcher had found a way to run some code inside of a virtual machine that cause malicious code to be run inside the host OS. Although this is comparing apples to oranges, a virtual machine is certainly one form of sandboxing. All that there needs to be is just one possible exploit in the sandbox and for someone to find it and then unsigned code can be run. It is not an easy task, especially on the 3DS, but I would not be surprised if that is how the first exploit becomes publicly available.

That'd be interesting. I never thought of a sandbox mode like that. Perhaps it is possible, but I think it's more unlikely.


It is certainly extremely unlikely without some other previous hack being found first. At least on the PC there is shit loads of tools that let you debug and examine everything so it is easier to find things like this. But Team Twiizers, their first exploits on the wii and the dsi were hardware exploits that would not be easy for the average user to do. So they find these hardware exploits and from it they examine and learn the system and then find software exploits that they can easily release to the masses.

TT knew about a hardware exploit on the dsi long before they release sodokuhax, and like with the wii, they found the twiizer exploit long before they created the twilight hack. All this hardware hacks they kept to themselves until they had a consumer friendly solution. Thats the way it always will be.

A browser exploit may be long down the road, but it certainly is possible and more likely that anything else since HTML does not need to be signed at all to be displayed.

True, but that leaves me with some questions. If HTML isn't signed in order to run, how can code be injected via HTML? Or, even better, how can HTML be used to display content beyond the web browser?

It's kind of like how exploiting a save game works. You give some stuff that'll exploit a bug in the interpreter that'll let you execute unsigned code. There isn't likely to be anything you can do with HTML though but with javascript it could be possible to inject some code but if it's sandboxed we're kind of screwed.

 

[Owenge]

Come to the future!!!