An important part of the solution to buffer overflows is for folks to ditch the C and C++ program languages.
Too bad the designers of the C language never thought about building a safe string data type into the language in the first place. A safe string data type could have also been added natively to the language 20 years ago when the problem of string buffer overflows was recognized. Richard -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Larry Seltzer Sent: Wednesday, September 19, 2007 9:41 AM To: [email protected] Subject: RE: [funsec] Internet security moving toward "white list" Not sure I get the Zone Alarm connection. And another gap in the white list idea is that the code in the PDF file that causes a buffer overflow in Acrobat runs in the permitted context of Acrobat. This isn't strictly a flaw in whitelisting, but it shows that you still need a full IPS and perhaps a signature model for it. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.eweek.com/cheap_hack/ Contributing Editor, PC Magazine [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gadi Evron Sent: Wednesday, September 19, 2007 9:16 AM To: Richard M. Smith Cc: [email protected] Subject: Re: [funsec] Internet security moving toward "white list" Can we say Zone Alarm? On Wed, 19 Sep 2007, Richard M. Smith wrote: > http://www.cbc.ca/news/background/tech/privacy/white-list.html > > Internet security is headed toward a major reversal in philosophy, > where a "white list" which allows only benevolent programs to run on a > computer will replace the current "black list" system, which logs and > blocks an ever-growing list of malevolent applications, internet > security giant Symantec Corp. says. > > The number of malicious software attacks, including viruses, Trojans, > worms and spam, is rising exponentially, dwarfing the number of new > benevolent programs being developed, making it increasingly difficult > for security firms to keep up. > > The solution, according to Symantec's Canadian vice-president and > general manager, Michael Murphy, is to reverse how protection against > such attacks is provided. Under the current system, a security firm > discovers a new threat, adds it to its black-list database and updates its customers' > anti-virus software to combat the problem. A "white list" would > instead compile every known legitimate software program, including > applications such as Microsoft Word and Adobe Acrobat, and add new ones as they are developed. > Every program not on the list would simply not be allowed to be > function on a computer. > > ... > > > > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
