Comment by labawi
6 years ago
Firefox, chrome, linux ... all are full of unnecessary complexity. The point being - we need daily patches to keep it from falling apart.
I have links (or lynx) on an old SuSE, maybe even a Mandriva CD. Would they be massively pwnable?
Hard to say, but not necessarily a great example; exploits on software are a function both of attack surface / complexity and installed userbase (i.e. nobody bothers to see if lynx is pwnable because a zero-day against that browser will be worth, what, twenty bucks to gain access to the five people who use it?).
Perhaps. Perhaps not. As a thought experiment:
How long would it be safe to go without browser updates with a browser of complexity/capabilies of links, if 50% of people used it?
With many people combing through it, would it become effectively unexploitable?
Probably not very long. Even with a small attack surface, if half the world uses it, the zero-days are valuable. Links is still vulnerable to
* application-layer attacks (it is still an HTTP client and HTML parser, and the protocols themselves are complicated to implement soundly, even if the newest features aren't included)
* protocol attacks (is links immune to buffer-overruns triggered by intentionally-malformed queries? Probably not, since it has no total-soundness verification. And the source code isn't open-source so )
* dependency attacks (it uses svgalib [https://www.cvedetails.com/vulnerability-list/vendor_id-84/p...], and every third-party library is a potential attack vector)
* good old-fashioned UI spoofing (is links' UI design immune to allowing web pages to show an image that tricks the user into thinking they're looking at the links UI itself?)
In this thought experiment, any successful attack has massive value so we can expect bad actors to be hammering on the system and finding most such exploits available on the application.
1 reply →