>> Opinions on binary vs. source code (and design!) analysis, anyone? > Analyzing source code is independent of machine architecture.
Only if the code is (supposed to be) architecture-independent. If the code is deliberately architecture-dependent, static analysis needs to know that, and know which the salient properties of its target architecture(s) is(are), in order to do a proper job. > Efforts which merely change attacker behavior are a waste of time. I disagree. It depends on the effort required to provoke the change, the change in attacker behaviour, and the tradeoffs involved in the threat model. To pick a historic example, fixing the "rlogin -l -froot" bug "merely" changed attacker behaviour to password guessing, but in most environments it was nevertheless a win. /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML [EMAIL PROTECTED] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________