Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

To be fair, you should never install a native program that you don't 100% trust. This could presumably be combined with other exploits - a JS vulnerability that gives you control of Chrome, for example - but if you're regularly running untrusted software on Windows (outside of a VM) you probably have bigger problems.


IMO it's not that clear-cut. A VM is safer than a webpage which is safer than an nacl-plugin, which in turn is safer than an UAP app. But in the end you risk privilege escalation for everything which isn't airgapped.


Right- it's still a big deal, but it isn't a clear and present danger in and of itself for responsible users


What makes you think so? How do you know how many exploits people are sitting on, but not using because they don't have a good sandbox escape exploit?

Well, now they do have an escape. That useless IE/Chrome exploit might be able to suddenly gain SYSTEM privileges.

You can get compromised by such attacks no matter how responsible you are.


What about the privilege escalation? I can take a lot of care of what I install, but what if some other person use my same computer and is not that careful.


There is no way to securely share a Windows install with untrusted users. Use real VMs.


I wouldn't necessarily dare to install untrusted software on a VM either.

VM escapes are a thing. They have a ton of emulated peripherals, like SATA, ethernet, audio, video/3d, USB HCI, etc. A lot of attack surface. There are still a lot of VM escape bugs to be found.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: