Assuming one has additional browser vulnerabilities, sandbox escapes and privile... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		armitron on July 27, 2017 \| parent \| context \| favorite \| on: Remotely Compromising Android and iOS via a bug in... Assuming one has additional browser vulnerabilities, sandbox escapes and privilege escalation bugs. "Broadpwn" doesn't exploit main processor __anything__ by itself.

kybernetikos on July 27, 2017 [–]

Does the broadcom processor normally have access to main memory? If so, I would have to consider that a complete attack absent any mitigation technology.

londons_explore on July 27, 2017 | [–]

No. It's a pci express device (or SDIO/usb for older chips). All modern platforms have IOMMU's for those, and every decent OS will enable it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact