-information.eveilbigcorp.com would report
users-personal-information to Evil Big Corp's DNS server.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
Immunix 7.3 http://www.immunix.com/shop/
-
# Copyright(c) Immunix Inc., 2004
# $Id
unless there is
a very strong reason to do otherwise.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
* high security, high effort
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
the Pascal compiler easier
to implement and port. The innovation in Java was to take this ugly
kludge and market it as a feature :)
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
Andreas Saurwein wrote:
Crispin Cowan wrote:
However, where ever C made an arbitrary decision (either way is just
as good) PL/M went the opposite direction from C, making it very
annoying for a C programmer to use.
Does that mean it did not make any decision at all? What was the outcome
not overrunning buffers. Again, there's a lot of overlap.
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML[EMAIL PROTECTED]
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO
COBOL,
Pascal, PL/M, 68000 assembler, C, C++, FORTRAN, VAX assembler, Prolog,
LISP, and Maple. Its not like this list needs to be short.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
that a large, complex, and retrograde language
with no industrial growth is a suitable subject for undergraduate education.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
is that Hermes is among the sources that Java looted; some
of the typestate checking features ended up in the Java bytecode checker.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
and eliminating
coding error. You will find exactly those arguments in the preface to
the KR C book.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
.
* $C_OR_ASSEMBLER_ITS_REALLY_THE_SAME_THING is like a thermonuclear
missile, in that it is fast and powerful, but if you are not
careful, you can give yourself an ouchie :)
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
David Crocker wrote:
Crispin Cowan wrote:
The above is the art of programming language design. Programs written in
high-level languages are *precisely* specifications that result in the
system generating the program, thereby saving time and eliminating
coding error. You will find exactly those
---
Michael S Hines
[EMAIL PROTECTED]
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
Matt Setzer wrote:
It's been kind of quiet around here lately - hopefully just because everyone
is off enjoying a well deserved summer (or winter, for those of you in the
opposite hemisphere) break. In an effort to stir things up a bit, I thought
I'd try to get some opinions about good
could be designed either way; it would not
surprise me to see phone set peole architecting a phone so that the
keyboard is root. It is not exactly intuitive to treat a hand set as a
multi-user platform.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http
. But this
still does not completely eliminate XSS, as you cannot a priori know
about all the possible buffer overflows etc. of every client that will
come to visit, and basic HTML still allows for some freaky stuff, e.g.
very long labels.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com
, time-to-exploit depends on how intelligent the
fuzzer is in terms of aiming at the victim program's data structures.
There are many specialized fuzzers aimed at various kinds of
applications, aimed at network stacks, aimed at IDS software, etc.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com
static type checking difficult. The last data I remember on
Java is that turning array bounds checking on and off makes a 30%
difference in performance.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
.
Disclaimer: I worked on Hermes as an intern at the IBM Watson lab waay
back in 1991 and 1992. Hermes is my favorite type safe programming
language, but given the dearth of implementations, applications, and
programmers, that is of little practical interest :)
Crispin
--
Crispin Cowan, Ph.D. http
fault.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
would have to position these
moves as a security enhancement for the consumer, which AOL is doing
with bundled antivirus service as advertised on TV. ISPs could also
position a non-restricted account as an expert account and charge
extra for it.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
at - http://www.securecoding.org/list/charter.php
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
___
Secure Coding mailing list (SC-L)
SC-L@securecoding.org
and architecture is just a
continuous grey scale of degree.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Olympic Games: The Bi-Annual Festival of Corruption
so as to *mask* flaws by avoiding
single points of failure, doing things such as using 2 bolts (for
tables) and using access controls to limit privilege escalation (for
software).
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering
IE to invoke WMF decoding without asking the user.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Olympic Games: The Bi-Annual Festival of Corruption
is that the WMF API in
particular is vulnerable to malicious content.
None of which strikes me as surprising, but maybe that's just me :)
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Olympic Games
/
*From:* [EMAIL PROTECTED] on behalf of Crispin Cowan
*Sent:* Fri 2/3/2006 12:12 PM
*To:* Gary McGraw
*Cc:* Kenneth R. van Wyk; Secure Coding Mailing List
*Subject:* Re: [SC-L] Bugs and flaws
Gary McGraw wrote:
To cycle this all back around to the original posting, lets
/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Olympic Games: The Bi-Annual Festival of Corruption
, and you will see the user(s) making the correct decision(s).
Well, maybe. Users are notorious for not making the right decision.
AppArmor lets the site admin create the policy and distribute it to
users. Of course that assumes we are talking about Linux users :)
Crispin
--
Crispin Cowan, Ph.D
-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell
for the Linux
Kernel. Chris Wright, Crispin Cowan, Stephen Smalley, James Morris,
and Greg Kroah-Hartman. Presented at the 11^th USENIX Security
Symposium http://www.usenix.org/events/sec02/, San Francisco, CA,
August 2002. PDF http://crispincowan.com/%7Ecrispin/lsm-usenix02.pdf.
However
hearing the OSDI
presentation that described implementing JavaOS in the past tense.
So what was the real reason?
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
to dispute.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Necessity is the mother of invention ... except for pure math
___
Secure Coding mailing
coming out of a
discussion between him and I on a mailing list about 5 years ago.
Reliable software does what it is supposed to do. Secure
software does what it is supposed to do, and nothing else.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software E
mikeiscool wrote:
On 7/17/06, Crispin Cowan [EMAIL PROTECTED] wrote:
Goertzel Karen wrote:
I've been struggling for a while to synthesise a definition of secure
software that is short and sweet, yet accurate and comprehensive.
My favorite is by Ivan Arce, CTO of Core Software, coming out
mikeiscool wrote:
On 7/17/06, Crispin Cowan [EMAIL PROTECTED] wrote:
supposed to goes to intent.
I don't know. I think there is a difference between this does what
it's supposed to do and this has no design faults. That's all I was
trying to highlight.
The difference between supposed
February 28th - March 2nd in San Diego.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Hack: adroit engineering solution to an unanticipated problem
Hacker: one who is adroit at pounding
on,
just not enough. To make it more, one would have to convince the people
who are currently not doing it, or doing it badly, to do better, and
they (by definition) are not listening.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software
Ben Corneau wrote:
From time to time on this list, the recommendation is made to never user C++
when given a choice (most recently by Crispin Cowan in the re-writing
college books thread). This is a recommendation I do not understand. Now,
I'm not an expert C++ programmer or Java or C
. That
is a case for C.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Hack: adroit engineering solution to an unanticipated problem
Hacker: one who is adroit at pounding round pegs
Debugging with gdb http://gcc.gnu.org/java/gdb.html.
* For C#: There is a Mono Debugger
http://www.mono-project.com/Debugging, but it is not complete.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http
Al Eridani wrote:
On 11/9/06, Crispin Cowan [EMAIL PROTECTED] wrote:
Prior to Java, resorting to compiling to byte code (e.g. P-code back in
the Pascal days) was considered a lame kludge because the language
developers couldn't be bothered to write a real compiler.
Post-Java
David A. Wheeler wrote:
On 11/9/06, Crispin Cowan [EMAIL PROTECTED] wrote:
Prior to Java, resorting to compiling to byte code (e.g. P-code back in
the Pascal days) was considered a lame kludge because the language
developers couldn't be bothered to write a real compiler.
I believe
.
True, but that doesn't mean runtime portability isn't a good thing to aim for.
It means that compromising performance to obtain runtime portability
that does not actually exist is a poor bargain.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin
Robin Sheat wrote:
On Tuesday 14 November 2006 13:28, Crispin Cowan wrote:
It means that compromising performance
It's not necessarily a given that runtime performance is compromised. There
are situations where Java is faster than C (I've tested this on trivial
things).
Here
was widely popular.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Hacking is exploiting the gap between intent and implementation
___
Secure Coding
Surface Analysis of RTM Windows Vista
* Panel Red Teaming and Hacking Games: How Much Do They Really
Help?, moderated by Crispin Cowan, with panelists:
o John Viega, Kenshoto/Defcon CtF organizer
o Rodney Thayer, member of a winning Kenshoto/Defcon CtF team
o
features, just gets punished in the market place.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Hacking is exploiting the gap between intent and implementation
in Vista had
instead been put into features and ship-date, would it do better in the
marketplace?
Sure, that's heretical :) but it just might be true :(
Crispin, now believes that users are fundamentally what holds back security
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin
Ed Reed wrote:
Crispin Cowan wrote:
Crispin, now believes that users are fundamentally what holds back security
I was once berated on stage by Jamie Lewis for sounding like I was
placing the blame for poor security on customers themselves.
Fight back harder. Jamie is wrong
languages, say), then we would end up solving roughly 50% of the software
security problem.
The 50% being rather squishy, but yes this is true. Its only vaguely
what I was talking about, really, but it is true.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin
Steven M. Christey wrote:
On Mon, 11 Jun 2007, Crispin Cowan wrote:
Kind of. I'm saying that specification and implementation are
relative to each other: at one level, a spec can say put an iterative
loop here and implementation of a bunch of x86 instructions.
I agree
/DLAbsToc.jsp?resourcePath=/dl/proceedings/toc=comp/proceedings/sp/2007/2848/00/2848toc.xmlDOI=10.1109/SP.2007.3
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering http://novell.com
AppArmor Chat: irc.oftc.net/#apparmor
that approximate quality are always cheaper to
achieve than actual quality.
This is a very, very hard problem, and sad to say, but pitching articles
articles on principles to executives won't solve it.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin
CEO, Mercenary
55 matches
Mail list logo
