<div dir="ltr">The ars tech story points refers to this story by Google.<br><a href="https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html">https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html</a><br><br>They basically did a detailed security audit of stack using materials Broadcom/Cypress supplied, namely datasheets and softmac driver code.  Cynical speculation I read elsewhere is that 
Broadcom/Cypress' possible response would be to make the materials secret, i.e. 
only available with NDA.<br><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Apr 7, 2017 at 3:03 PM, txt.file <span dir="ltr"><<a href="mailto:txt.file@txtfile.eu" target="_blank">txt.file@txtfile.eu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">So we can reverse engineer the firmware now? Does this mean that we now<br>
have a softmac instead of a hardmac? ;-)<br>
<br>
Benjamin Henrion:<br>
<div class="HOEnZb"><div class="h5">> This Broadcom exploit made my day, the attacker can run code on the wifi chip:<br>
><br>
> <a href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/" rel="noreferrer" target="_blank">https://arstechnica.com/<wbr>security/2017/04/wide-range-<wbr>of-android-phones-vulnerable-<wbr>to-device-hijacks-over-wi-fi/</a><br>
><br>
> Love Broadcom closed source firmwares.<br>
><br>
> --<br>
> Benjamin Henrion <bhenrion at <a href="http://ffii.org" rel="noreferrer" target="_blank">ffii.org</a>><br>
> FFII Brussels - <a href="tel:%2B32-484-566109" value="+32484566109">+32-484-566109</a> - <a href="tel:%2B32-2-3500762" value="+3223500762">+32-2-3500762</a><br>
> "In July 2005, after several failed attempts to legalise software<br>
> patents in Europe, the patent establishment changed its strategy.<br>
> Instead of explicitly seeking to sanction the patentability of<br>
> software, they are now seeking to create a central European patent<br>
> court, which would establish and enforce patentability rules in their<br>
> favor, without any possibility of correction by competing courts or<br>
> democratically elected legislators."<br>
> ______________________________<wbr>_________________<br>
> Battlemesh mailing list<br>
> <a href="mailto:Battlemesh@ml.ninux.org">Battlemesh@ml.ninux.org</a><br>
> <a href="http://ml.ninux.org/mailman/listinfo/battlemesh" rel="noreferrer" target="_blank">http://ml.ninux.org/mailman/<wbr>listinfo/battlemesh</a><br>
><br>
<br>
</div></div><br>______________________________<wbr>_________________<br>
Battlemesh mailing list<br>
<a href="mailto:Battlemesh@ml.ninux.org">Battlemesh@ml.ninux.org</a><br>
<a href="http://ml.ninux.org/mailman/listinfo/battlemesh" rel="noreferrer" target="_blank">http://ml.ninux.org/mailman/<wbr>listinfo/battlemesh</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>Ben West<div><a href="mailto:ben@gowasabi.net" target="_blank">ben@gowasabi.net</a><br></div></div></div></div>
</div>