A decade ago, I and others started wittering on about the Microsoft monoculture - the fact that practically everyone was using the same OS, the same browser, the same office suite. This made crafting attacks much easier, because certain assumptions about what was on a given machine were almost certainly true.
Nowadays, with the rise of Firefox and, to a lesser extent, OpenOffice.org, you might think we’ve moved on. :
Although this document deals specifically with the Win32/intel platform, similar attacks can most likely be carried out on the many other platforms flash is available for. In particular, some of the methodology discussed might be useful for constructing a robust exploit on Unix platforms as well as several embedded platforms.
In other words, ecosystems need to be heterogeneous everywhere: as soon as you have a monoculture in some area, that becomes a weakness for the entire system to be attacked.
Share This
Random Posts
