Benjamin Scott wrote:
>
> Oh, get a grip. The *analogy* works. It is comparing *methods*, not
>*severity*. Nobody is suggesting crashed computers are the same as dead
>people!
>
> (I hate people who argue against the analogy while missing the point of
it
>in the first place....)
And I hate it when people make incorrect assumptions about what I do or
don't get...
In the software case at a minimum you eliminate some exploits and, at a
minimum, buy some time until someone figures out how to exploit the new
environment. I'm not a Unix programmer, but from the description I read it
looks like it would be harder to exploit a buffer overrun to penetrate a
system (as opposed to crashing an application or the system) with a
non-executable stack than with an executable stack. If that is the case
then you've gained something, even if there are still holes. And if it
isn't the case, you're still no worse off than if nothing had been done.
The reason the situation with the antibiotics is different is that you
eventually do end up in worse shape than if you had done nothing. Infections
that could have otherwise been successfully treated now can't be, resulting
in more severe illness or loss of life.
Jerry
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
