Who Knew Lynn's Technique and When Did They Know It?

So let's do a different experiment.

No later than February, 2004, some amount of Windows source was leaked onto the public Internet. Within a fortnight or so, exploits against that source appeared. Thus, we have a proof by demonstration that amateurs with only a fragment of the full source code can find what are unknown vulns, which for this purpose I will refer to as 0days.

In March, 2004, the Witty worm appeared approximately 72 hours after the vuln it exploited was disclosed. As we all know, the quality of the code, the number of simultaneous ignition points, and the tiny latency between release and full capture of available prey all set new records, the most important of which was that the quality of the code was too good to have been written from a standing start triggered by an otherwise unexpected vulnerability announcement. Thus we have a proof by demonstration that there is a non-zero stockpile of 0day vulns coded up as exploits while still in 0day status.

We also know that beginning at some time no later than early 2003, Microsoft Windows source code was licensed to numerous foreign governments, notably several with competent national laboratories. Thus we have proof by demonstration that source is available in full to competent entities whose mission is the maximization of effective weaponry of all calibres including electronic.

Thus we have proof by demonstration of the union of these three lemmas, viz., when source which is ordinarily hidden is revealed that the discovery of exploits will follow, that the skill required to do so is well below the skill level of a national lab, that unknown vulns will be coded up and used until such time as their usefulness is broken by public disclosure, and that those who possess 0days have no motivation to be source of said disclosure.

At the same time, the conservative assumption for security research is that any discovery is actually a re-discovery. Given the received wisdom that IOS source is variously circulating, the sole remaining question is thus how long has Lynn's technique been known, and by whom.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about IgnitionMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Dan Geer

Latest Videos

More videos

Blog Posts