[aprssig] Arbitrary Code Execution Over APRS

John Vause jdv at iglou.com
Tue Apr 11 23:35:15 EDT 2023 

I moved on from WinAPRS and XP/Win2K years ago to Xastir running on a 
Raspberry-Pi.

On 4/9/2023 10:51 PM, Mobilinkd LLC wrote:
> Open source provides the APRS community the opportunity to fix the 
> defect when found.
>
> /Unfortunately, the author no longer has an environment configured to 
> develop WinAPRS, so the bugs are unlikely to ever be fixed./
>
> Kind Regards,
>
> Rob Riggs WX9O
> Mobilinkd LLC
>
>
> On Sun, Apr 9, 2023 at 3:00 PM Jeff Hochberg <jeff at w4jew.com> wrote:
>
>     The article is misleading. It makes it sound like APRS is the
>     issue when in reality it’s WinAPRS running on Windows XP.
>
>     The author goes on to say the vulnerability exists in WinAPRS on
>     Windows 10 “just not as reliably and with a lot of extra effort
>     required”.
>
>     I love the argument that open source software is inherently more
>     secure. Vulnerabilities exist in all software. Open source
>     provides people with the ability to review code themselves to
>     determine if it’s vulnerable.
>
>     I would venture to say that 9 out of 10 people wouldn’t know what
>     to look for. Someone tells them open source software is more
>     secure so they just trust it.
>
>
>     On Sun, Apr 9, 2023 at 3:45 PM Jeff Hochberg <jeff at w4jew.com> wrote:
>
>         Interesting article
>
>         https://hackaday.com/2023/04/07/arbitrary-code-execution-over-radio/
>
>         -- 
>         ———
>
>         Jeff Hochberg
>         W4JEW
>         470-484-8010
>         jeff at w4jew.com
>
>     -- 
>     ———
>
>     Jeff Hochberg
>     W4JEW
>     470-484-8010
>     jeff at w4jew.com
>     _______________________________________________
>     aprssig mailing list
>     aprssig at lists.tapr.org
>     http://lists.tapr.org/mailman/listinfo/aprssig_lists.tapr.org
>
>
> _______________________________________________
> aprssig mailing list
> aprssig at lists.tapr.org
> http://lists.tapr.org/mailman/listinfo/aprssig_lists.tapr.org

--
*    John Vause KF4ERV                                    *
*   "I am determined to defend my rights and maintain my  *
*    freedom or sell my life in the attempt."             *
*    -  Major General Nathanael Greene Continental Army   *
*                                                         *


-- 
This email has been checked for viruses by AVG antivirus software.
www.avg.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/aprssig_lists.tapr.org/attachments/20230411/1c9c1e16/attachment.html>

More information about the aprssig mailing list