Re: How to develop a random number generation device

On Sep 11, 6:43 pm, krw <k...@xxxxxxxxxx> wrote:
In article <pan.2007.09.11.16.28.29.359...@xxxxxxxxxxx>,
nob...@xxxxxxxxxxx says...

On Tue, 11 Sep 2007 07:44:01 -0700, John Larkin wrote:

Cool. When can we expect buffer overrun exploits to be impossible
under Windows?

When it stops letting you run arbitrary machine code.

Many have said that Windows is useless. Your proposal would seal
that.

Nothing the OS does can prevent machine code from overrunning a buffer.

Absolute nonsense. Perhaps buffer overruns can't be prevented using
C++, but they *can* be prevented.

A C++ compiler could be created that inserted checking code in every
operation that may overrun. Every buffer would have to have its
length recorded somewhere.

The OS can let your program single step and check what every
instruction does.

The OS can always leave a dead page after every malloc() block so you
get a segment fault on stepping off the end.




The only thing that the OS can do in this regard is to either restrict
what machine code you can run (e.g. cryptographic signing), and/or run
untrusted code in a heavily-restricted environment so that a buffer
overrun cannot be "exploited".

..or do what decent OSs do; protect tasks from each other.



Given that:

a) this would make Windows totally incompatible with most existing
software, and

No change.

b) about the only thing that Windows has in its favour is the mass of
existing Windows software,

M$ broke that with VIsta and still didn't fix buffer overruns.

I don't expect this to happen any time soon.

I don't either. Quality and security aren't priorities.

--
Keith


.

Relevant Pages

  • Re: How to develop a random number generation device
    ... Perhaps buffer overruns can't be prevented ... Compilers are constrained by the language. ... Windows is no worse than any other OS when it comes to buffer overruns. ... C was designed as a systems programming language, ...
    (sci.electronics.design)
  • Re: How to develop a random number generation device
    ... Perhaps buffer overruns can't be prevented ... That's a non-issue with modern OSes and modern CPUs (for ... Well, Windows is not a modern OS, and x86 is not a modern processor. ... to execute data. ...
    (sci.electronics.design)
  • Re: Of mice and men
    ... > With Windows there is a small finite number of configurations. ... The reason that it is relatively small is that Windows software cannot ... Buffer overruns on Windows have been exploited to load malicious code ... The security impact of loading malicious code is much more significant, ...
    (comp.lang.cobol)
  • Re: Of mice and men
    ... >> With Windows there is a small finite number of configurations. ... but I know how buffer overruns work. ... > With Linux it is likely that many different distros or versions are ... >> Security by obscurity is not a defense. ...
    (comp.lang.cobol)
  • Re: How to develop a random number generation device
    ... When it stops letting you run arbitrary machine code. ... Many have said that Windows is useless. ... existing Windows software, ... M$ broke that with VIsta and still didn't fix buffer overruns. ...
    (sci.electronics.design)