Secure Coding mailing list archives
Managing the insider threat through code obfuscation
From: Ken at krvw.com (Kenneth R. van Wyk)
Date: Thu, 15 Dec 2005 10:09:08 -0500
On Thursday 15 December 2005 09:26, Jose Nazario wrote:
if the person can develop exploits against the holes in the code, what makes you think they can't fire up a runtime debugger and trace the code execution and discover the same things?
Nothing makes me think that at all; in fact, I was quite skeptical of the various product claims, which is why I wanted to hear about others' experience with them. Cheers, Ken -- KRvW Associates, LLC http://www.KRvW.com
Current thread:
- Managing the insider threat through code obfuscation Kenneth R. van Wyk (Dec 15)
- Managing the insider threat through code obfuscation Jose Nazario (Dec 15)
- Managing the insider threat through code obfuscation Kenneth R. van Wyk (Dec 15)
- Managing the insider threat through code obfuscation Dana Epp (Dec 15)
- Managing the insider threat through code obfuscation Kenneth R. van Wyk (Dec 15)
- Managing the insider threat through code obfuscation Matt Bishop (Dec 15)
- <Possible follow-ups>
- Managing the insider threat through code obfuscation Jeremy Epstein (Dec 15)
- Managing the insider threat through code obfuscation James Stibbards (Dec 15)
- Managing the insider threat through code obfuscation Jose Nazario (Dec 15)