besselheim's comments

This is the first time Hyper-V has been offered as a target in Pwn2Own, but it's had its share of host escape bugs over the years. The latest one was patched in this month's updates, just before the contest.

Doesn't seem that big a deal, it's an upsell for Microsoft's own file synchronization services, not some third party ad. And you can easily disable it.

Indeed, all commonly-used hypervisors have had host escape vulnerabilities reported over the years, including Xen as used in Qubes - see e.g. http://blog.quarkslab.com/xen-exploitation-part-3-xsa-182-qu...

Of relevance to Edge exploitation, Microsoft are currently working on a Qubes-like sandboxing model for Edge, based on Hyper-V (though it looks like it'll be aimed towards enterprise customers rather than consumer): https://blogs.windows.com/msedgedev/2016/09/27/application-g.... Will be interesting to see if that's part of the challenge in Pwn2Own 2018. Somewhat surprisingly, Hyper-V wasn't successfully exploited at this year's contest.

Seems rather like the ASN.1/DER based encodings already used in crypto to describe hash outputs, except using an integer rather than an OID to describe the hash type.

WSL is great, I use it every day and am very much looking forward to the next update.

Regarding future work, are there any plans to make the emulated Linux filesystem usable in the rest of Windows e.g. via a drive mapping?

I wonder if this is at all related to the recent 'Shadow Brokers' leaks.

Positive news that they caught him anyway, another Snowden-like espionage drama would be highly undesirable.

It's not really a ridiculous question.

The popular narrative of Snowden's actions and motivations doesn't add up when you look at all the available evidence.

It's quite reasonable for people to suspiciously probe the mythos built up around him.

Regarding point 4: what is your opinion on Edge and its exploit mitigation strategies, in comparison to Chrome?

The only effect it might have to slightly alter the overall bias of the site. Which is not necessarily a bad thing.

HN already has something of a negative bias towards the work of the various security services (that is, the mood is largely pro-Snowden and anti-NSA) - having a better balance of views may well be a positive effect.

Similarly for the pro-capitalist bias here, and what almost amounts to a religious veneration for VCs and the very wealthy. Then again, HN is a bit of a chimera in the topics it covers. So we do have some diversity of interests and opinions.

Anyone can sign up and comment here, and it's a public forum with no private messaging capability, so I don't really see what would be changed by your scenario.

Still, he'd have been better off staying quiet about it, in case he changed his outlook in years to come.

Who are these mythical self-made 0.0001%? All the ones I've heard about relied on family wealth and connections, inheritance, and most often worker exploitation.

The filthy rich do enjoy this ego-feeding narrative that it was all just talent and hard work that gave them a disproportionate slice of the world's wealth, but it's not borne out by the facts.

Sounds like he just turned down a rather nice job offer, and burned his bridges by being publicly disgruntled about it.

It should really be .gov.us rather than a top level domain.

Android apps can also contain native code. Indeed, WhatsApp includes such libraries, to help with Curve25519 encryption, video encoding, voice over IP, and other functionality.

I remember setting this up about a decade ago on some old electroplating control system front end. It worked very well - unlike the rest of the software on there.

Unfortunately the DOS program it was being used to remote was highly picky on the hardware being used, and would refuse to communicate with the PLC if the PC was too new. Due to the harsh environment of the plant, we'd go through two or three computers per year. So there was a lot of digging around for old hardware until we realised it would run reliably in DOSBox with a suitable CPU speed set.

After that, our use case for TINY was no more, and we just used a VNC server for Windows. Saved a great deal of site to site travel and plant downtime while it was set up though.

You can use the -quiet or -ign_eof options to disable this.

You could type them over openssl s_client instead.

I really don't see the resonance between these events.

The damage to signals intelligence capabilities, through the leaking of classified documents, was deliberately and maliciously done through the actions of Snowden himself, most likely in response to a bruised ego.

In contrast, the engineers involved in the Challenger shuttle did their very best to try to avert disaster - albeit to no avail - through their selfless adherence to professional ethics and engineering safety concerns.

The two scenarios couldn't be more different really.

I'm suspicious of his primary motivation being a distaste of global mass surveillance. This passage is especially damning:

> Snowden would later publicly claim that his "breaking point" - the final impetus for his unauthorised downloads and disclosures of troves of classified material - was March 2013 congressional testimony by Director of National Intelligence James Clapper.

> But only a few weeks after his conflict with NSA managers, on July 12, 2012 - eight months before Director Clapper's testimony - Snowden began the unauthorized, mass downloading of information from NSA networks.

Given that Snowden claimed his motivation was seeing Clapper "lie on oath", there's some irony in seeing Snowden caught in a lie about this claim, as at that point not only had he already downloaded and exfiltrated much of what he later leaked, but had already been in contact with Greenwald and Poitras for two to three months.