View Full Version : Google Chrome finally PWNED
Oxwivi
May 11th, 2011, 06:17 AM
Pwner's words: http://www.vupen.com/demos/VUPEN_Pwning_Chrome.php
earthpigg
May 11th, 2011, 06:35 AM
For security reasons, the exploit code and technical details of the underlying vulnerabilities will not be publicly disclosed. They are exclusively shared with our Government customers as part of our vulnerability research services.
ummm
Rasa1111
May 11th, 2011, 06:43 AM
ummm
Seriously....
what the ef..
NovaAesa
May 11th, 2011, 06:48 AM
It doesn't add up. My understanding is that Vupen is a white-hat security company. But they aren't letting Google know the specifics of the attack. I can understanding keeping the specifics of an attack secret while the product is being patched, but to just keep it secret doesn't seem very white-hat to me.
There's no proof of their claim, I call BS PR stunt until they show some real evidence.
chrisbay90
May 11th, 2011, 07:04 AM
It doesn't add up. My understanding is that Vupen is a white-hat security company. But they aren't letting Google know the specifics of the attack. I can understanding keeping the specifics of an attack secret while the product is being patched, but to just keep it secret doesn't seem very white-hat to me.
There's no proof of their claim, I call BS PR stunt until they show some real evidence.
Where in OP's link does it say that? Unless you as an absolute and strict statement "exclusively shared with our Government customers". I think we need to wait to hear google's response to this.
Oxwivi
May 11th, 2011, 07:06 AM
Even if they do share it with Google, there should be some indication like "we're working to fix this vulnerability" or something.
earthpigg
May 11th, 2011, 07:27 AM
glad im not the only one that this smells fishy to.
Oxwivi
May 11th, 2011, 07:38 AM
Anyway, I think it's a real vulnerability, cause it was done in a challenge, but "sharing with out government customers" does not sound good. Google already does loads of tracking, and now possibly governments as well?
K_45
May 11th, 2011, 07:41 AM
I'd imagine Google will find out . . . Google always finds out.:P
Rasa1111
May 11th, 2011, 08:08 AM
VUPEN, which sells vulnerability and exploit information to business and government customers, does not plan to provide technical details of the attack to anyone, including Google.
Yep, We will not share with google, or anyone else! (except with our govt. customers) :lol:
http://www.zdnet.com/blog/security/google-chrome-hacked-with-sophisticated-exploit/8626
Lucradia
May 11th, 2011, 08:59 AM
Gears is being removed from the next version of Chrome, so if it has anything to do with Gears, it's not going to matter.
Powered by vBulletin® Version 4.2.2 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.