Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DLL hijacking with Autorun on a USB drive

From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Sun, 5 Sep 2010 16:14:11 +0200 (CEST)
On Thu, 2 Sep 2010 Valdis.Kletnieks () vt edu wrote:


Yeah, but hacking a Harvard architecture is still balls harder than
hacking a von Neumann architecture. ;)


It depends. Can Harvard architecture stop a careless program from loading 
a malicious DLL? From interpreting parts of data files as programs in 
some kind of script language?


On Thu, 2 Sep 2010, coderman wrote:


there are some useful mitigations around these inevitable failures,
  http://qubes-os.org/Architecture.html is an example of isolation
rather than correctness i've liked since NetTop wrapped RSBAC policy
around vmware guest isolation...


Actually, you prove my point. Qubes OS does not try to separate code and
data. It does not rely on the code (other than its own) behaving as
expected. It throws everything in an isolated box and makes sure nothing
leaves the box and enters another one without your explicit approval.


-- 
Pavel Kankovsky aka Peak                          / Jeremiah 9:21        \
"For death is come up into our MS Windows(tm)..." \ 21st century edition /

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: