ljknews wrote: > My guess is that if a company actually is capable of analyzing > binary code they only do it for the highest volume instruction > sets. > They certainly will focus on larger markets first. If you want them to focus on *your* market, make it worth their while :) SUSE Linux does a lot for the Z series mainframe market because they are willing to pay for it. The market for, say, Motorola 88000 CPUs is relatively sparse :)
> My guess is that attackers will go after machines they feel are > less protected. > I fully disagree with that. There are 2 kinds of attackers: 1. Bottom feeders. These people troll for very common vulnerabilities with scanners and worms, trying to build botnets. There are *plenty* of people with unprotected x86 machines, so that is what they target, regardless of any optional technology add-ons people develop for that platform. 2. Targeted attackers. These people are professionals, and they are going after a specific target. They don't select targets on the basis of vulnerability, they select the target for external reasons having nothing to do with the defenses deployed. In between would be criminals of opportunity who seek targets that are both valuable and soft. But that is really just a more sophisticated variant of #1. As a defender, you need to care about the strength of your defense in proportion to the value of your assets. If your assets are not particularly valuable, then only deploy the basic defenses to shed the ankle biters in class 1. If your assets are more valuable, then deploy more thorough/expensive defenses until the cost of the defenses exceeds the calculated risk to your assets. Crispin -- Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/ Director of Software Engineering, Novell http://novell.com Hacking is exploiting the gap between "intent" and "implementation" _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________