Not too good. If I knew what the target processor were, I think I could arrange to do some damage to most general-purpose operating systems; they all have to do some of the same fundamental things.
This is a bit more sophisticated than what Thompson's compiler did, but it's the same basic idea. There are some basic operations (in particular on the MMU) that you can recognize regardless of their specific form and subvert in a progammatic manner such that it's highly likely that you can exploit the resulting weakness at a later date, I think.
remember
1) that it is more straight-forward to check assembler generated code since there is nearly a one to one correspondance between the assembler statement and the generated machine code
2) default assembly program generated listings shows assembler statement and the corresponding generate machine instruction
3) the assembler was widely used thru-out the world
4) the source of the assembler was available
5) there were things like the SLAC assembler enhancements (just down/up the road)
6) people available (like people that did SLAC mods) that had dealt with the source of the assembler
7) some organizations that extensively used such systems that did study some of these issues in more detail
8) people dealing with development and debugging assembler-based systems normally are operating between the assembler listings (showing one-to-one between assembler statement and generated machine instruction) and what appears in memory.
9) assembler program listing also summarizes code size .... and is also frequently
and commonly used in manual mapping to memory image.
It wouldn't have been impossible ... but quite unlikely. It is somewhat
easier in C-based programs since there are additional levels of indirection
and obfuscations between the statements in a C program and the
generated machine code.
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]