Charlie Miller of Independent Security Evaluators, and Dino Dai Zovi demonstrated an RTSP tunneling exploit in Second Life at the ShmooCon, a computer hacking conference. The demo is an exploit that will steal money from Second Life users.
Sounds like unless quicktime fixes their problem, the only solution linden labs may have to fix the exploit is to either remove this feature, or allow the user to download it to client before playing, instead of streaming from whatever sever this media is on.
1 comment:
Sounds like unless quicktime fixes their problem, the only solution linden labs may have to fix the exploit is to either remove this feature, or allow the user to download it to client before playing, instead of streaming from whatever sever this media is on.
Post a Comment