jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/http://infosecdaily.net/
http://www.wormblog.com/
___
Secure Coding mailing list (SC-L)
SC-L@securecoding.org
List
p;a=1&t=txt by HD Moore
in short it's not quite as straightforward as it seems, but obviously
possible, and that has been one of the hindrences to people developing
attacks for the chip. unfortunately, there is no shortage of bugs to
exploit on most common PPC OSes (AIX, OS X mainly).
discover the same things?
the biggest threat internally isn't the one or two people per thousand who
can and will do this, it's the much larger number of people who wont use
exploit development techniques to access things they shouldn't. bytecode
obfuscation does nothing to
FYI ...
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/http://infosecdaily.net/
http://www.computerworld.com/securitytopics/security/story/0,10801,97988,00.html
By Grant Gross
DECEMBER 02, 2004
IDG NEWS SERVICE
WASHINGTON -- Software
and maybe
something interesting will pop up.
____
jose nazario, ph.d.[EMAIL PROTECTED]
http://monkey.org/~jose/ http://infosecdaily.net/
the first
time that model checking is practical and useful for detecting security
weaknesses at large scale in real, legacy systems.
____
jose nazario, [EMAIL PROTECTED]
http://monkey.org/~jose/ http://infosecdaily.net/
and taught.
____
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/http://infosecdaily.net/
aring students for this (ie language choices and
topic choices). enjoy.
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/http://infosecdaily.net/
buffer overruns. These would be minor irritations but for the world's
addiction to the weakly typed programming languages C and its derivative
C++.
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/http://infosecdaily.net/
means to learn
model building, study the language specification (spot the ambiguities is
a fun game to play) and start hacking tools.
dilligance, dilligance, dilligance.
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/http://infosecdaily.net/
complain and be annoyed when they
find their access suddenly fettered.
___
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/
http://infosecdaily.net/
from dawson engler's group:
http://www.stanford.edu/~engler/softmc03-talk.pdf
evaluates various checkers in various settings.
___
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/
12 matches
Mail list logo