I found a cross site scripting vulnerability in Bing.com that was kind of hilarious. Searching for:
</script><script>arbitrary js</script>
in the main search box would execute the code on the results page. I mean, holy shit. I could not believe it. I emailed their whitehat service and they fixed it but I never received a bounty.
That is not actually the origin of the term "zero day"; "zero day" is a tongue-in-cheek #hack expropriation of #warez jargon, where "zero days" refers to the number of days from the official release date of a piece of pirated software.
The article isn't trying to explain the origin of "zero day". The article is defining it in the context that it's used for the benefit of their readers.
> That vulnerability in Internet Explorer was known as a “zero-day” because Microsoft, the targeted software maker, had zero days notice to fix the hole when the initial attacks exploiting the bug were discovered.
So is that the point you were originally trying to make instead of discussing etymology? While we're quibbling prescriptively about terminology, I'd argue that the IE exploit patched earlier this week was in fact a zero day since it was not public knowledge.
> The vulnerability underlying CVE-2013-3897 was found internally at Microsoft and would have been fixed in MS13-080. However, in the last two weeks, attacks against the same vulnerability became public, but since the fix was in the code already, it enabled Microsoft to address the vulnerability, CVE-2013-3897, in record time.
how I remember it, crackers used the term before the warez groups did. it meant having a crack for software on the same day it was released.
in warez it was a folder on the ftp server that would list all the latest releases from that day, to save you from navigating all the /pub/whatever folders over your slow 14.4k connection and so that the distributors would only have to grab from one place.
and somehow in this history the pronunciation changed from "oh day" to "zero day" and was re-appropriated as an infosec term.
edit: just read the definition in OP, it is hilarious.
I mean, it carries the implication of not giving vendors time to fix, in a way, but that's not at all what it means. There are plenty of zero days vendors know about but haven't patched yet.
I thought it referred to the time elapsed between the pirated release being made, and your having access to it. How high up the chain you are. Hence the inevitable escalation to 0hour, 0sec as bandwidth increased over the years.
I always thought it was like "patient 0". The day-counting started once the exploit was first exploited, meaning the first to exploit it was doing so on the 0th day.
This is a huge payout. It's my assumption for such a big payout this security researcher was able to develop or extend upon some of the advanced exploitation techniques we see today.
I think, for such a huge payout, and for what they said they would pay this amount for is a _new_ tactic to defeat Microsoft's DEP[0] ASLR[1] and ROP[2]. All of these defence mechanisms have been broken before, but as I mentioned Mr. Forshaw has probably developed a novel new technique to defeat these checks.
Lastly, and probably least likely, I know academia and MS Research have been working on ways to sandbox applications. It's possible he has developed a way to break out of the sandboxes.
All of this is speculation, I hope soon we will have access to what he was able to accomplish.
It will also hopefully help more people to responsibly disclose vulnerabilities, rather than selling them on the black market. A pat on the back is nice, but nothing says thank you like cold, hard cash!
Sure. But when the amount is small/trivial, you simply give credit to to the finder or you send them a t-shirt, you may then be tempted to find alternatives to get a cash incentive.
I'm honestly quite amazed. When Chrome first came out, I remember asking my teammates why we were wasting money on developing a browser, thinking it would never be more than a niche product. Another reason why I'm not Google's CEO, apparently.
Think strategically. It doesn't really matter what the user base of Chrome or Android are. What they do is raise the bar. Competitors and alternatives need to be at least that good.
Javascript performance was pretty dismal until Chrome came around, and then everyone had to up their game. Until Android, mobile platforms were tightly controlled walled gardens (although Windows Mobile was amongst the least worse). Now everyone wants Google Mail, Maps and Search on their mobile devices.
Google ultimately makes money through usage and the platform + apps/browser don't matter that much financially. Without Chrome and Android, there is a strong possibility of being cut out completely.
" It doesn't really matter what the user base of Chrome or Android are. What they do is raise the bar. Competitors and alternatives need to be at least that good."
Yes it does matter, at least some. No one even knows what the bar is if no one is using it.
Someone could put together a wickedly fast browser with fantastic privacy controls, release it tomorrow, but if no one used it, it wouldn't have any effect on major browser makers.
JS performance went up in other browsers due to Chrome only because Chrome was gaining users (even if the base was small at first), mostly because they were able to push Chrome from Google.com itself.
While MSIE may be 'good' browser (tastes may vary, I find the UI horrible) it's damaging to the web ecosystem to have MSIE leading the marketshare. It's advantageous for Microsoft to limit new features and keep interoperability between browsers low. As a result the entire web using public loses out on having new features and having a broader choice.
Chrome and Firefox are built on open source software, so when an issue occurs you can participate in the process of it being fixed.
html5test.com is a test of HTML 5 in the same way that w3schools.com is a school for the w3c. Just take a look at their FAQ http://html5test.com/about.html and you can almost instantly dismiss their scoring system.
So it depends on what your definition of "popular browser" is. Is it the browser that's used by most people? That would be IE. Is it the browser that most browsing happens? That would be Chrome. Of course, this is ignoring the fact that both Statcounter and Netmarketshare are not perfect and don't cover all or even most sites' logs.
As others have noted, W3schools only measures hits to the W3Schools site, which is not even close to be being representative of the web.
To be honest, I mostly wanted to comment to share my anecdote and make a Prince reference. I'm not really trying to make an argument one way or another for browser popularity.
BTW, I personally think the browsing-time metric is better than unique-users, because applying the latter metric to music would have had Rebecca Black as the most popular artist of 2011. Which conclusion, though true under some definitions, might not be quite as useful as other possible conclusions.
After I read that she donated the money from her YouTube to a charity to help Japan, she became my favorite pop artist of 2011. I do concede that you're right in general.
It's the second most used by a few percentage points, and in recent months trends have actually reversed -- Chrome is losing share and Internet Explorer is gaining.
I haven't been able to get Chrome stable in the past month or two and gave up and went back to FF after trying a few different things. I've missed my old buddy Firefox, he's grown up a lot.
The title of this submission: "Microsoft pays $100K bounty to hacker"
The title of the article: "Microsoft Corp pays US$100K bounty to hacking expert who uncovered Windows bug that could have been used to launch remote attacks"
To me, this level of editorializing approaches arbitrarily close to lying.
How exactly is it lying? Microsoft did pay a $100k bounty to a hacker. The HN headline just leaves out extra details (what the bounty was for), but doesn't change the meaning at all. Am I missing something?
No, they paid US$100k to a white-hat, someone who struggles against black-hat hackers. If a headline can't distinguish between white hats and black hats, educated writers normally add some words to clarify their meaning -- and they did. But the submitter omitted those words. Hence, lying.
So "hacker" to you means Middle East or third world? You do realize you're on a site called "Hacker News", right? There are hacker conventions held all around the Western world.
Your mock headline would be more accurate if it said "physicist models higgs boson". Hacker is a perfectly valid job title for a security researcher.
Isn't that rather racist? You assume that if the person isn't being called an "expert" then he's from Pakistan? Are you trying to imply that security researchers in Pakistan are third rate?
PS: A security researcher from Pakistan has been bagging a lot of Bug Bounties recently. Look up news on Rafay Baloch
Maybe if you're living in a vacuum or it's your first time on HN, but I think most readers here would automatically jump to the conclusion that he uncovered a bug. What we need on HN is LESS editing of link titles, in my opinion.
I think most here would understand "bounty" as "bug bounty", a reward for finding a bug. I personally didn't think any of it until I read your comment, but I get that the title could lead one to believe that the hacker extorted Microsoft.
I found a cross site scripting vulnerability in Bing.com that was kind of hilarious. Searching for:
in the main search box would execute the code on the results page. I mean, holy shit. I could not believe it. I emailed their whitehat service and they fixed it but I never received a bounty.