Dailydave mailing list archives

Re: ASLR+DEP = no problem. :>

From: "Larry Seltzer" <larry () larryseltzer com>
Date: Fri, 5 Feb 2010 09:44:25 -0500

First, it looks like insulting others is common, if not mandatory
practice on this list. Sorry if I don't do a good enough job, I'm new
here.

My first impression on seeing this (I'm still reading Dion's paper) was
that perhaps some sort of validator or IPS-like functionality in the
JIT, analyzing the input, could be effective, looking for malformations
and suspicious behavior. It couldn't be perfect and there would be a
performance hit.

My other thought was whether Java is just as vulnerable. I assume almost
all JVMs do JITing. Of course Java byte code is understood to be code
while Flash files are treated as "content". So it wouldn't be so easy,
for example, to send malicious Java to a locked Symbian cell phone
because it would have to be signed and users are generally more cautious
about code than "content".

Larry Seltzer
Contributing Editor, PC Magazine
larry_seltzer () ziffdavis com 
http://blogs.pcmag.com/securitywatch/

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

ASLR+DEP = no problem. :> dave (Feb 03)
- Re: ASLR+DEP = no problem. :> Thierry Zoller (Feb 04)
  - Re: ASLR+DEP = no problem. :> Moshe Ben Abu (Feb 04)
    - Re: ASLR+DEP = no problem. :> dave (Feb 04)
    - Re: ASLR+DEP = no problem. :> Matthew Wollenweber (Feb 04)
  - Message not available
    - Re: ASLR+DEP = no problem. :> Thierry Zoller (Feb 04)
    - Re: ASLR+DEP = no problem. :> Alexander Sotirov (Feb 04)
    - Re: ASLR+DEP = no problem. :> Nate Lawson (Feb 05)
    - Re: ASLR+DEP = no problem. :> Larry Seltzer (Feb 05)
    - Re: ASLR+DEP = no problem. :> Michal Zalewski (Feb 05)
    - Re: ASLR+DEP = no problem. :> Sergio 'shadown' Alvarez (Feb 04)
    - Re: ASLR+DEP = no problem. :> pageexec (Feb 04)
    - Re: ASLR+DEP = no problem. :> Berend-Jan Wever (Feb 05)