Full Disclosure mailing list archives
Re: Microsoft Coding / National Security Risk
From: Valdis.Kletnieks () vt edu
Date: Wed, 24 Mar 2004 11:17:26 -0500
On Wed, 24 Mar 2004 10:10:28 GMT, Richard Hatch <r.hatch () eris qinetiq com> said:
So my idea is this: Take a team of really really good C/C++ coders with excellent security vulnerability knowledge and have them go through the source code for windows (starting with the core functionality and internet facing functionality maybe). Find these bugs (including methodical black-box testing against the binaries) and fix them.
How many "really good" C/C++ coders will it take to go through the 35 million lines of code in Windows XP in a reasonable amount of time? How many "really good" C/C++ coders are *available*? That's overlooking the fact that some things can't be fixed at the coder level. The average coder can fix a buffer overflow. The average coder can't fix a design flaw like the ones exploited in Liu Die Yu's "Six Step IE Remote Compromise" attack - those sorts of things require major architectural overhauls. To see what happens when you try that, go back and look at the furor when Microsoft finally closed the 'user@pass:host' hole in http requests - you run that sort of risk of breakage anytime you make an architectural change. It's issues like that which make the rule of thumb: "Security has to be designed in from the beginning, it can't be bolted on after the fact".
Attachment:
_bin
Description:
Current thread:
- Microsoft Coding / National Security Risk Richard Hatch (Mar 24)
- Re: Microsoft Coding / National Security Risk Luke Norman (Mar 24)
- RE: Microsoft Coding / National Security Risk joe (Mar 24)
- RE: Microsoft Coding / National Security Risk Frank Knobbe (Mar 24)
- RE: Microsoft Coding / National Security Risk joe (Mar 26)
- RE: Microsoft Coding / National Security Risk Frank Knobbe (Mar 24)
- Re: Microsoft Coding / National Security Risk John Sage (Mar 24)
- RE: Microsoft Coding / National Security Risk joe (Mar 26)
- Re: Microsoft Coding / National Security Risk Valdis . Kletnieks (Mar 26)
- RE: Microsoft Coding / National Security Risk joe (Mar 26)
- Re: Microsoft Coding / National Security Risk Valdis . Kletnieks (Mar 24)
- Re: Microsoft Coding / National Security Risk martin f krafft (Mar 24)
- <Possible follow-ups>
- Re: Microsoft Coding / National Security Risk borg (Mar 24)
- RE: Re: Microsoft Coding / National Security Risk joe (Mar 26)
- RE: Re: Microsoft Coding / National Security Risk madsaxon (Mar 26)
- Re: Re: Microsoft Coding / National Security Risk Szilveszter Adam (Mar 29)
- RE: Re: Microsoft Coding / National Security Risk joe (Mar 26)
- RE: Re: Microsoft Coding / National Security Risk Random Letters (Mar 24)
- RE: Re: Microsoft Coding / National Security Risk Steven Alexander (Mar 26)