[aprssig] Arbitrary Code Execution Over APRS

Mobilinkd LLC mobilinkd at gmail.com
Sun Apr 9 22:51:18 EDT 2023


Open source provides the APRS community the opportunity to fix the defect
when found.

*Unfortunately, the author no longer has an environment configured to
develop WinAPRS, so the bugs are unlikely to ever be fixed.*

Kind Regards,

Rob Riggs WX9O
Mobilinkd LLC


On Sun, Apr 9, 2023 at 3:00 PM Jeff Hochberg <jeff at w4jew.com> wrote:

> The article is misleading. It makes it sound like APRS is the issue when
> in reality it’s WinAPRS running on Windows XP.
>
> The author goes on to say the vulnerability exists in WinAPRS on Windows
> 10 “just not as reliably and with a lot of extra effort required”.
>
> I love the argument that open source software is inherently more secure.
> Vulnerabilities exist in all software. Open source provides people with the
> ability to review code themselves to determine if it’s vulnerable.
>
> I would venture to say that 9 out of 10 people wouldn’t know what to look
> for. Someone tells them open source software is more secure so they just
> trust it.
>
>
> On Sun, Apr 9, 2023 at 3:45 PM Jeff Hochberg <jeff at w4jew.com> wrote:
>
>> Interesting article
>>
>> https://hackaday.com/2023/04/07/arbitrary-code-execution-over-radio/
>>
>> --
>> ———
>>
>> Jeff Hochberg
>> W4JEW
>> 470-484-8010
>> jeff at w4jew.com
>>
> --
> ———
>
> Jeff Hochberg
> W4JEW
> 470-484-8010
> jeff at w4jew.com
> _______________________________________________
> aprssig mailing list
> aprssig at lists.tapr.org
> http://lists.tapr.org/mailman/listinfo/aprssig_lists.tapr.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/aprssig_lists.tapr.org/attachments/20230409/5708b659/attachment.html>


More information about the aprssig mailing list