Re: How to develop a random number generation device

In article <pan.2007.09.11.16.28.29.359000@xxxxxxxxxxx>,
nobody@xxxxxxxxxxx says...
On Tue, 11 Sep 2007 07:44:01 -0700, John Larkin wrote:

Cool. When can we expect buffer overrun exploits to be impossible
under Windows?

When it stops letting you run arbitrary machine code.

Many have said that Windows is useless. Your proposal would seal
that.

Nothing the OS does can prevent machine code from overrunning a buffer.

Absolute nonsense. Perhaps buffer overruns can't be prevented using
C++, but they *can* be prevented.

The only thing that the OS can do in this regard is to either restrict
what machine code you can run (e.g. cryptographic signing), and/or run
untrusted code in a heavily-restricted environment so that a buffer
overrun cannot be "exploited".

...or do what decent OSs do; protect tasks from each other.

Given that:

a) this would make Windows totally incompatible with most existing
software, and

No change.

b) about the only thing that Windows has in its favour is the mass of
existing Windows software,

M$ broke that with VIsta and still didn't fix buffer overruns.

I don't expect this to happen any time soon.

I don't either. Quality and security aren't priorities.

--
Keith
.

Relevant Pages

  • Re: Using C++ to wrap Java
    ... >launch a binary file containing machine code. ... Even with the way Windows ... The exe file format is data to the loader to ...
    (comp.lang.java.programmer)
  • Re: How to develop a random number generation device
    ... Many have said that Windows is useless. ... A C++ compiler could be created that inserted checking code in every ... existing Windows software, ... M$ broke that with VIsta and still didn't fix buffer overruns. ...
    (sci.electronics.design)
  • Re: How to develop a random number generation device
    ... Nothing the OS does can prevent machine code from overrunning a buffer. ... this would make Windows totally incompatible with most existing ...
    (sci.electronics.design)
  • Re: How to develop a random number generation device
    ... When it stops letting you run arbitrary machine code. ... neither Intel nor Microsoft was in the mainstream of ... computing when they kluged up x86 and Windows. ... The hardware only became capable of the basics of worthwhile ...
    (sci.electronics.design)
  • Re: What I Think Delphi Needs to Do to Survive
    ... and interfacing to the Windows and the Windows Debug Kernel. ... DLL = Machine Code with Exported Interface ... Interfacing to windows and kernel is machine code calls. ...
    (borland.public.delphi.non-technical)