undefined | Better HN

0 pointswalterbell11y ago0 comments

In this OS, are chroots enough to "withstand zero-day attacks in userspace", e.g. in combination with other hardening features?

0 comments

3 comments · 2 top-level

unwind11y ago· 1 in thread

I had to look up "zero-day attack", but it really meant what I thought it did, i.e. a previously unreported ("fresh") exploit (http://en.wikipedia.org/wiki/Zero-day_attack).

I don't understand this usage, which makes it sound as if zero-day attacks are a technical term, a category of attacks. Can anyone clarify?

It's more of a business term, e.g. http://en.wikipedia.org/wiki/Vupen

fleitz11y ago

Yes, the lack of a network stack prevents the most common attacks, and drastically reduces the usefulness of gaining control of the system.

j / k navigate · click thread line to collapse