Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

MS Mulling Changes to Thwart .ANI-type Attacks

Zonk posted more than 7 years ago | from the thinking-around-the-problem dept.

Security 99

Scada Moosh writes "ZDNet has a story about the lessons Microsoft learned from the recent animated cursor (.ani) attacks and some of the broad changes being made to flag this type of vulnerability ahead of time. The changes include a possible addition to the list of banned API function calls, more aggressive checks for buffer overruns and enhancements to existing fuzz testing tools. '[Michael] Howard said Microsoft will "rethink the heuristics" used by the /GS compiler to flag certain issues. "Changing the compiler is a long-term task. In the short-term, we have a new compiler pragma that forces the compiler to be much more aggressive, and we will start using this pragma on new code," he added. Two other Windows Vista security mechanisms -- ASLR and SafeSEH -- were also in place to catch code failures but, in the case of the .ani bug, Howard said the attackers were able to wrap vulnerable code in an exception handler to find ways around those mitigations.'"

cancel ×

99 comments

Maybe... (0)

Anonymous Coward | more than 7 years ago | (#18905455)

Just get rid of them.

There's nothing like remoting into a clients pc and trying to figure out which end of the dancing dinosaur i'm supposed to use as the pointer.

Re:Maybe... (4, Funny)

Anonymous Coward | more than 7 years ago | (#18905477)

Is it a male dinosaur?

Re:Maybe... (1)

flyingfsck (986395) | more than 7 years ago | (#18908013)

...apparently not. That is why the poor geek has no idea which is the business end...

Ha ha, just in time for Vbootkit. (0, Troll)

twitter (104583) | more than 7 years ago | (#18905503)

Nothing is new with the Vista security model. Check out boot kits [theregister.co.uk] and how they are able to do things like elevate command.com to system, open telnet servers and other goodies from 1500 bytes in the boot sector. Forever Pwned.

All you ever wanted to know (-1, Troll)

Anonymous Coward | more than 7 years ago | (#18905583)

About twitter, but were afraid to ask.

http://slashdot.org/comments.pl?sid=49657&cid=5011 656 [slashdot.org]
http://slashdot.org/comments.pl?sid=180946&thresho ld=1&cid=14972959 [slashdot.org]
http://slashdot.org/comments.pl?sid=129735&thresho ld=5&cid=10823036 [slashdot.org]
http://slashdot.org/comments.pl?sid=112229&cid=952 1025&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=137420&cid=114 89094&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=155076&cid=130 11391&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=113493&thresho ld=5&cid=9614809 [slashdot.org]
http://slashdot.org/comments.pl?sid=164775&cid=137 51004 [slashdot.org]
http://slashdot.org/comments.pl?sid=126301&thresho ld=5&cid=10572437 [slashdot.org]
http://slashdot.org/comments.pl?sid=119108&thresho ld=5&cid=10056927 [slashdot.org]
http://slashdot.org/comments.pl?sid=135403&cid=112 99129&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=136181&thresho ld=5&cid=11374447 [slashdot.org]
http://slashdot.org/comments.pl?sid=134005&thresho ld=5&cid=11203454 [slashdot.org]
http://slashdot.org/comments.pl?sid=159878&thresho ld=0&cid=13384602 [slashdot.org]
http://slashdot.org/comments.pl?sid=166661&cid=138 99128&threshold=2 [slashdot.org]
http://slashdot.org/comments.pl?sid=168164&cid=140 19967 [slashdot.org]
http://slashdot.org/comments.pl?sid=168163&cid=140 20030&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=172399&thresho ld=1&cid=14355804 [slashdot.org]
http://slashdot.org/comments.pl?sid=172869&cid=143 89115&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=175800&cid=146 12128&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=153489&thresho ld=-1&cid=12876883 [slashdot.org]
http://slashdot.org/comments.pl?sid=118246&cid=999 7235&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=100963&cid=863 3073&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=182119&cid=150 55046 [slashdot.org]
http://slashdot.org/comments.pl?sid=112831&thresho ld=5&cid=9567128 [slashdot.org]
http://slashdot.org/comments.pl?sid=108477&cid=922 6590&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=93270&cid=8010 985&threshold=4 [slashdot.org]
http://slashdot.org/comments.pl?sid=94140&cid=8079 321 [slashdot.org]
http://slashdot.org/comments.pl?sid=88645&cid=7676 279&threshold=5 [slashdot.org]
http://slashdot.org/comments.pl?sid=116521&thresho ld=5&cid=9861962 [slashdot.org]

Re:All you ever wanted to know (1, Troll)

twitter (104583) | more than 7 years ago | (#18906107)

Thanks, I'm not half as organized with my Slashdoting as you are!

Re:Ha ha, just in time for Vbootkit. (0)

Anonymous Coward | more than 7 years ago | (#18905903)

I can't see anything in that article that would stop that exact same attack working on Linux.

Re:Ha ha, just in time for Vbootkit. (0, Troll)

twitter (104583) | more than 7 years ago | (#18906287)

I can't see anything in that article that would stop that exact same attack working on Linux.

Go ahead and make one then. I'm sure Mr. Gates would promise to pay you well and then stab you in the back, but you would have proved your point.

Re:Ha ha, just in time for Vbootkit. (0)

Anonymous Coward | more than 7 years ago | (#18909907)

Um, what the fuck kind of response is that? I tell you what, I'll release my Linux Bootkit when you release the one you wrote for Vista.

Just because I can't do it personally, doesn't it can't be done you stupid fucking lunatic.

Re:Ha ha, just in time for Vbootkit. (1)

pushing-robot (1037830) | more than 7 years ago | (#18909455)

I can't see anything in that article that would stop that exact same attack working on Linux.
I can think of one. I doubt you could convince many Linux users to run, with root privileges, a small binary executable that has no readily available source and no trusted community vouching for the program.

Not even if you called it FREE XXX SLUTZ NOW.JPG.exe.

Re:Ha ha, just in time for Vbootkit. (0)

Anonymous Coward | more than 7 years ago | (#18910017)

You can't rely on users not being stupid. If the adoption of Linux becomes widespread then that is not a mistake that anybody can make.

Re:Ha ha, just in time for Vbootkit. (0)

Anonymous Coward | more than 7 years ago | (#18906081)

Twitter, this technique will work with ANY OS, including Linux. The way to prevent this is to use a computer with a TPM chip, but I'll bet you are against that because then "evil M$ controls your system and takes away your freedom".

By the way twitter, how do you feel about how "M$" enjoyed a 60% jump in revenue on Vista and new office sales in the last quarter? Looks like Vista is doing well!

Re:Ha ha, just in time for Vbootkit. (0)

Anonymous Coward | more than 7 years ago | (#18906129)

By the way twitter, how do you feel about how "M$" enjoyed a 60% jump in revenue on Vista and new office sales in the last quarter? Looks like Vista is doing well!

Considering how flat MS' sales were getting... I'm not sure this is much of an indicator how well Vista is being adopted. But hey - yay for the fanbois and early adopters. :P

Re:Ha ha, just in time for Vbootkit. (0)

Anonymous Coward | more than 7 years ago | (#18906315)

Considering how flat MS' sales were getting...
jesus christ, they just grew their revenue by more than the total Google revenue everybody is gaga about. Trying to downplay that because it doesn't fit with our preconceptions just makes us look like the raving lunatics.

Re:Ha ha, just in time for Vbootkit. (0)

Anonymous Coward | more than 7 years ago | (#18907893)

jesus christ, they just grew their revenue by more than the total Google revenue everybody is gaga about.

Great. Is it sustainable? If you look at the initial sales figures for the Zune - it was a raging success! After the early adopters and fanbois got their copy... sales went south.

Amazing - not everything Microsoft touches turns to gold. Maybe this even applies to the very foundations of their financial strategy - the OS and Office Productivity. I know, I know. That's just crazy talk. Anyone who doesn't report impending success for Microsoft is a raving lunatic. Let's invoke Jesus and Google to stress the point.

Re:Ha ha, just in time for Vbootkit. (0)

Anonymous Coward | more than 7 years ago | (#18911363)

Hmm, well so far there has been year over year revenue growth for Microsoft's entire existence. Yes, yes, it is sustainable.

Channel stuffing. 2007 is the year of Linux. (0, Troll)

twitter (104583) | more than 7 years ago | (#18906939)

An AC pest taunts,

By the way twitter, how do you feel about how "M$" enjoyed a 60% jump in revenue on Vista and new office sales in the last quarter? Looks like Vista is doing well!

They stuffed their channels and I don't expect the next quarter to look very good. Studies that show that only one in ten people are planning to use Vista better and that a large percentage of businesses never plan to move to Vista are more in tune with reality. The fact that M$ has not and will not fix their security model makes me think those numbers will go south. Give the channels another quarter of crappy sales and all hell will break lose for M$ as they are forced to admit they overbought Vista. The partners have been starved for six years, this is supposed to be their best year ever. Their investors will demand better and 2007 will be the year of Linux.

Taunts like that are fun. Keep it up, M$ marketdroids!

Re:Channel stuffing. 2007 is the year of Linux. (0)

Anonymous Coward | more than 7 years ago | (#18907053)

They stuffed their channels and I don't expect the next quarter to look very good.
Awesome. Just like you thought this quarter wouldn't.

Re:Channel stuffing. 2007 is the year of Linux. (0)

Anonymous Coward | more than 7 years ago | (#18908085)

Taunts like that are fun. Keep it up, M$ marketdroids!
Sorry to cut in on your fantasies of fighting the Evil Empire, but I strongly suspect "M$ marketdroids" have better things to do than spam /. . In any event, if a marketdroid were here, slashdotters be doomed because Microsoft knows our weakness [penny-arcade.com] .

Re:Ha ha, just in time for Vbootkit. (1)

dedazo (737510) | more than 7 years ago | (#18906111)

Wow twitter, so what you are telling me here is that if I allow my operating system to be compromised, it will be compromised?

You will never know. (0, Troll)

twitter (104583) | more than 7 years ago | (#18907031)

so what you are telling me here is that if I allow my operating system to be compromised, it will be compromised?

Yes, but there will be no trace of it on your hard drive, anti-virus writers don't check BIOS, so you will never know people are logging into your system and taking what they want. Ha ha.

But no, what your AC sock puppets have claimed is not true - this won't work on gnu/linux. It only works for Vista by exploiting M$ specific flaws. Those flaws were originally designed to lock you out of your kernel and it looks like they have done exactly that. Show me the gnu/linux demonstration and I might believe you. Right now, all claims of such are the usual FUD. "... but, but M$ is the best, every thing else must suck as badly," all the M$ turds always cry but it never comes to pass. It sucks to be you, dedazo.

Re:You will never know. (1)

dedazo (737510) | more than 7 years ago | (#18907511)

Please explain to me how it's going to get into my "BIOS" with Vista-specific flaws, and then we'll chat. You can use all the dollar signs you want, but do me a favor and try to make at least a bit of sense.

Re:You will never know. (0)

Anonymous Coward | more than 7 years ago | (#18907527)

It only works for Vista by exploiting M$ specific flaws.

Yeah I heard that mapping code to memory from the BIOS or boot sector before the operating system boots is a really bad specific Microsoft flaw. I didn't know Linux was able to avoid using the BIOS and boot sector before it was even loaded. I guess Microsoft's programmers are really behind the times.

there will be no trace of it on your hard drive, anti-virus writers don't check BIOS

Well I guess if I'm stupid enough to write strange code into my BIOS flash area then I deserve to be compromised. I guess they didn't explain how hard it actually is to flash strange code into the BIOS area without killing your motherboard. Good thing Linux allows me to set the jumper on my motherboard that prevents flashing the BIOS in the first place. Windows would never do this.

so you will never know people are logging into your system and taking what they want. Ha ha

Once again you demonstrate that Linux is superior because it's impossible to patch a monolithic open source kernel's memory and use it's API calls. Only Windows would contain such a flaw.

Thanks Twitter, you've really shown me the way. Now I too realize how kewl and secure Linux is and how M$ sucks.

Re:You will never know. (1)

SEMW (967629) | more than 7 years ago | (#18908637)

But no, what your AC sock puppets have claimed is not true - this won't work on gnu/linux. It only works for Vista by exploiting M$ specific flaws. Those flaws were originally designed to lock you out of your kernel and it looks like they have done exactly that.
Umm, no. Rootkits existed for Windows long before Vista and kernel patch protection. Rootkits exist for Linux. Rootkits exist for MacOS. Newsflash: if you compromise a system at the kernel level, your system is -- wait for it -- compromised. Obviously.

Show me the gnu/linux demonstration and I might believe you.
Google is your friend. A quick Google gives: SucKIT, Rial, heroin, afhrm, Synapsis, adore, knark, itf, kis as some exanples. That's almost certainly not a comprehensive list, and I've no idea whether it's current. And, of course I'm certainly not saying "Linux is less secure than Windows" or "Linux is insecure" by this list -- Windows has many rootkits too (I'm guessing considerably more than Linux, but I have no figures); and if you practice good security policy, you should never be infected -- on any OS.

Re:You will never know. (1)

The Bungi (221687) | more than 7 years ago | (#18915069)

this won't work on gnu/linux

http://nostarch.com/download/rootkits_ch2.pdf [nostarch.com]

All I have to do is send you a TAR file with an already chmod'ed ELF binary and get you to unpack it and run it. And why not? Windows users do that all the time. Heck, they get infected by executables in password-protected ZIP files, even after Winzip and Windows ask them TWICE whether they want to run it or not. And Outlook by default won't even let them open it.

But maybe when all those people switch to "GNU/Linux" they'll automagically have their IQ upgraded by 70 points. Right?

Takeaway message: Non Free is Stagnant. (1)

Erris (531066) | more than 7 years ago | (#18913029)

Nothing is new with the Vista security model. Check out boot kits [theregister.co.uk]

So while M$ contemplates fixing ancient flaws, the virus writers have discovered brand new ways to 0wn Windoze. Great, they are running circles around them.

Look at what they did to Twitter [slashdot.org] . I count no fewer than 10 modpoints blowing him off the discussion within 12 hours. He must have struck a nerve.

Re:Takeaway message: Non Free is Stagnant. (1)

Macthorpe (960048) | more than 7 years ago | (#18917377)

You're still the same person. Whether it's MPD or just idiocy, I don't really care.

What is a banned API call? (4, Interesting)

solafide (845228) | more than 7 years ago | (#18905555)

Does the banning of an API call mean that the call is still there, it just can't be officially used? Couldn't it still be used deviously to exploit it? Shouldn't we just remove the function from the API, not prevent the compiler from compiling code with that function being used?

Re:What is a banned API call? (1)

Rob T Firefly (844560) | more than 7 years ago | (#18905637)

OMG, I have a great idea! Why don't we just ban viruses?

Re:What is a banned API call? (3, Informative)

Rosyna (80334) | more than 7 years ago | (#18905683)

Take a gander at Microsoft's list [microsoft.com] . If the Safe options are on, the API is not available.

It's all kinds of sexy... but basically, it removes functions in which programmers have frequently used incorrect or for which there is no absolutely correct way to use them and still validate user supplied data.

Re:What is a banned API call? (1)

AaronLawrence (600990) | more than 7 years ago | (#18911387)

Interesting. Has the main parts of Linux distributions (i.e kernal, KDE, Gnome code) been thoroughly worked through to use secure APIs in the same way?

Re:What is a banned API call? (2, Informative)

VertigoAce (257771) | more than 7 years ago | (#18905913)

A banned API is one that is likely to cause security vulnerabilities. There are replacements for most of them that are less likely to have problems, but they aren't part of the official C standard library.

Microsoft's build tools will treat any calls to banned APIs [microsoft.com] as errors. They aren't removed from the system because they are used by many existing applications. For example, both strcpy and strncpy are banned at Microsoft. Yet many people have been using strncpy as a replacement for strcpy, so it needs to be in the CRT library.

Re:What is a banned API call? (1)

drinkypoo (153816) | more than 7 years ago | (#18905927)

For example, both strcpy and strncpy are banned at Microsoft.

Kind of makes you wonder why there are so many buffer overflows in Windows, doesn't it?

Re:What is a banned API call? (2, Funny)

0xABADC0DA (867955) | more than 7 years ago | (#18906341)

Probably because instead of the banned strncpy Microsoft are using strcpyEx, which includes an extra parameter "iAllowDeny". When set to 1, this prevents buffer overflows. But because of the unfortunate name, some programmers think it will 'allow' exploits so they set it to 0.

If only Microsoft would add a C++lippy to MSVC to clear up these kinds of things.

Re:What is a banned API call? (1)

Keeper (56691) | more than 7 years ago | (#18906787)

I'd be willing to bet that most use the functions defined in StrSafe.h...

Re:What is a banned API call? (0)

Anonymous Coward | more than 7 years ago | (#18909691)

HRESULT StringCchCopyNEx(
        LPTSTR pszDest,
        size_t cchDest,
        LPCTSTR pszSrc,
        size_t cchSrc,
        LPTSTR *ppszDestEnd,
        size_t *pcchRemaining,
        DWORD dwFlags
);

Yes I was giving MS some credit with "strcpyEx". The reality is so much worse and not the slightest bit funny . And people wonder why windows is so insecure... good lord just look at that. If I had to work with this kind of crap I would puke, use up my sick days as compensation for being scarred with the memory, and then quit in disgust.

Then I'd stop eating pork and walk the earth, like cain in kung fu. Because if the above isn't clearly a sign that something is horribly wrong then you're missing the miracle my friend.

Re:What is a banned API call? (1)

ConceptJunkie (24823) | more than 7 years ago | (#18907955)

Clippy sez:

You appear to be writing a buffer overflow. Would you like to:

1. Switch to a certified safe string copy function?
2. Cause Vista to pop up a security dialog every time your function is run?
3. See more information on currently unpatched Windows exploits?
4. See tips on how to acquire fame and fortune as a virus writer?

Re:What is a banned API call? (1)

TheRaven64 (641858) | more than 7 years ago | (#18910821)

Over in OpenBSD-land, when you link a program that uses either strcpy (which doesn't do range checking) or strncpy (which doesn't do adequate truncation checking), you get a big warning saying that they are unsafe. The preferred replacement is strlcpy, which is found in most libc implementations (I just checked FreeBSD, OpenBSD, OS X, and Solaris, and it was there for all of them). The main exception is glibc, where the strlcpy patch was rejected as 'inefficient BSD crap.' Apparently security is not important to GNU users. Some software (e.g. OpenSSH, Dovecot, etc) that began life on non-GNU platforms simply includes a copy of the safe versions from OpenBSD's libc, which helps but adds to bloat for all GNU (primarily Linux) users.

Re:What is a banned API call? (1)

pyrbrand (939860) | more than 7 years ago | (#18908987)

A banned API means that no MS code is allowed to call that API. An example, as noted, is strcpy which if you don't properly check string lengths before hand (and even then, in multi-threaded code if the length of the from parameter is increased in between your check and your call to strcpy) you have the potential for a buffer overflow. So, no MS code will use that function. However, lots of existing code calls strcpy and standards committees tend to get ansi (get it?) if you go around "deprecating" or removing pieces of their standards. Imagine the anti-competitive hate mail and lawsuits MS would get into if they removed strcpy and broke every C/C++ app out there that uses it (a lot I'm guessing, especially if it's old enough to have ignored the whole buffer overrun security thing, or if it's newer and implements its own checking to make sure the call is safe - single threaded, checks lengths).

Don't balme the compiler (1)

WrongSizeGlass (838941) | more than 7 years ago | (#18905575)

They should concentrate on better design, coding and testing methods rather than blaming the compilers.

Re:Don't balme the compiler (0)

Anonymous Coward | more than 7 years ago | (#18907797)

It's exactly what they are focusing on.

Where did you get that they are 'blaming the compiler'? /GS is a command line switch of the compile that is used for validating and testing code,
so testing methods is very much what they are focusing on. They are building it in the compiler.

they are using the compiler, not blaming it.

Default deny policy (3, Insightful)

sd.fhasldff (833645) | more than 7 years ago | (#18905603)

While risking being out of sync with Slashdot's schizophrenic stance on Microsoft-bashing, let me lower my hammer on this one:

"The changes include a possible addition to the list of banned API function calls"

That's exactly the problem with security under Windows! (okay, there are other problems as well)

Microsoft needs to apply a "default deny" policy to all aspects of Windows' security and this sort of thing wouldn't be a problem in the first place. There shouldn't be a list of BANNED calls, there should be a list of safe ALLOWED calls.

I'm not saying that other operating systems couldn't do a better job too, but security is one (huge) area where Microsoft really and truly sucks - and it isn't something they can solve overnight, either. It seems ingrained in their philosophy and permeates all aspects of Windows (and other products).

Re:Default deny policy (1)

dedazo (737510) | more than 7 years ago | (#18905697)

Actually what they need to do is get rid of all that legacy crap code they have that assumes everyone on the internet is a good friend. "Banning" APIs and coming up with workarounds to fundamental design problems (seriously, an animated cursor??) is simply piling band-aids on top of each other until they forget which one did what.

Unfortunately for Microsoft, they have a hell of a lot of that sort of code in Windows and a lot of their products. The ones they've really re-engineered like IIS6 or written from scratch with security in mind like .NET are doing just fine. That should tell them something.

Re:Default deny policy (1)

mandelbr0t (1015855) | more than 7 years ago | (#18905781)

There shouldn't be a list of BANNED calls, there should be a list of safe ALLOWED calls.
I think this is similar to the GCC concept of hiding symbols. The only real issue is when compiling legacy code which links directly to those hidden symbols, linking will fail. Obviously, that's the point. I think, then, that the Microsoft approach is lazy: they're more worried about "legitimate" legacy code no longer working well with later compilers than they are about actually hiding the offending API calls from userspace all together.

Re:Default deny policy (1)

alienmole (15522) | more than 7 years ago | (#18905845)

I'm not saying that other operating systems couldn't do a better job too, but security is one (huge) area where Microsoft really and truly sucks - and it isn't something they can solve overnight, either. It seems ingrained in their philosophy and permeates all aspects of Windows (and other products).
It's the PC heritage, going back to the days when no-one in the non-Unix PC world gave the slightest thought to security, because you could get away with it back then. It's a difficult mindset to change, because if you don't learn to program thinking in secure terms, security tends to be an afterthought, which of course doesn't work so well.

No, it's a M$ thing. (0, Troll)

twitter (104583) | more than 7 years ago | (#18907247)

It's the PC heritage, going back to the days when no-one in the non-Unix PC world gave the slightest thought to security, because you could get away with it back then.

They did not get away with it. Macro viruses blew out computer labs and people's systems and caused all manner of havoc.

Worse, M$ knew better and everyone told them so. They had Xenix, they helped make OS/2, they knew what they were doing, they just decided to hold on their DOS legacy. It was then and still is a matter of negligence. Other people did not and still don't have the same kinds of problems. Xenix, Minux, Linux, BSD, even Apple and Palm did better. People are still telling them so.

The only reason there's a perception that these are "computer" or "PC" problems is that M$ runs a billion dollar a month marketing program. That billion bucks includes astroturf, public corruption, bribes and everything they can think of to get people to tell you that M$ is the best, it has all the features everything else does and everything else has all their problems. This is a tremendous disservice to the public.

Re:No, it's a M$ thing. (1)

alienmole (15522) | more than 7 years ago | (#18908287)

Perhaps "PC heritage" was the wrong term. I was really thinking "microcomputer heritage", going back to the days of the S-100 bus, Apple, and the countless other pre-PC machines. That was before hard disks were common, let alone LANs, and macro viruses were not an issue until much later. Many of the people involved at that time were busy reinventing things from scratch, starting at the most rudimentary level. They mostly ignored any lessons that might have been had from software on bigger iron, because they had no experience with it.

Microsoft was a part of that time and inherited that attitude and ran with it, but it didn't originate the attitude. There's no question that later, they should have known better in a technical responsibility sense. In a pure business sense, though, it may have worked in their favor in various ways to ignore security.

As for Xenix, Microsoft acquired a license to that from SCO, they didn't develop it in-house. Despite Gates himself pushing it, it didn't gain traction. Any lessons that might have been learned from it were lost because not enough people within Microsoft were exposed to it.

My point is that Microsoft's approach to security isn't entirely a conscious choice: they began creating their monoculture back in a time when security wasn't a serious issue, so to move beyond that is difficult, because they don't really know any other world than the one they created.

Re:Default deny policy (1)

Cid Highwind (9258) | more than 7 years ago | (#18907683)

If you think /. gets enraged by windows security holes, just wait until they propose locking out all software that isn't blessed by Microsoft in advance!

Default deny is a nice idea, but I haven't yet seen an implementation that doesn't require an expensive verisign certificate (MS signed drivers), a PhD in computer science (SELinux), or making the user click "Accept" until his mouse hand curls up into a raptor claw (Vista UAC)...

Re:Default deny policy (1)

Allador (537449) | more than 7 years ago | (#18908273)

Just to add to this, getting a cert to sign your code isnt that expensive, even for the smallest of ISV's. On the order of $200 (per year if you need to sign new code, which is the case for most ISV's).

And MS doesnt sign the cert, or make any decision about who can or cannot get one. They simply created one trusted root, gave signing-certs to 8 or 10 cert-vendor companies, who then will sell you a cert that is signed from a trusted root.

It's theoretically possible for MS to revoke any given cert signed from that trusted root, but as far as I know, its only happened once to a malicious group who spoofed another company's name.

Overall, getting your apps signed is simple, painless, and SOP for any ISV that makes windows software.

Re:Default deny policy (1)

flyingfsck (986395) | more than 7 years ago | (#18907933)

"You pressed any key!"
"Allow or deny?"

Windows security is a sad joke. Unfortunately few people realize that.

Re:Default deny policy (1)

SEMW (967629) | more than 7 years ago | (#18908711)

The problem with getting your information about Vista from Apple's propoganda is that when you're trying to evangelise to Windows users, they realise that what you're saying is crap, and ignore you -- even if whatever you're evangelising is genuinely more secure than what they're using (which it obviously definitely is with Linux as compared to Windows).

("What triggers a UAC prompt" [edbott.com]

Related news (5, Funny)

140Mandak262Jamuna (970587) | more than 7 years ago | (#18905615)

Old Bill's Livery and Horse Trading post announced that they have decided to strengthen the windows of the stable because horses were being stolen with surprising regularity. When the reporters queried the wisdom of strengthening the windows while the door is wide open and unlocked, Old Bill's assistant Steve threw the straw bales he was sitting on at the reporters.

In context (1)

aero6dof (415422) | more than 7 years ago | (#18905621)

In this context, I hope what you mean by mulling is: slapping forehead exclaiming "that was dumb!"

Impossible (1)

El Lobo (994537) | more than 7 years ago | (#18905651)

A modern operating system is so complex that the bad guys will always find a way to break it. Especially Windows, being the most popular and widly used out there is constantly examined under a magnifying glass. Every single part of the system is tested and studied to try to find out an exploit.

Some years ago, hackers were just challenging the system, and it was a cool thing to find an exploit, but today, big money is involved here and there are large criminal associations working on this.

So if the cursor is fixed, tomorrow it could be the wallpaper or the system sound...

Incremental approach. (3, Insightful)

RightSaidFred99 (874576) | more than 7 years ago | (#18905687)

The main problem is that complex software is just hard to secure. And not just complex MS software - they are not the only ones suffering these kinds of vulnerabilities.

This incremental approach will eventually result in operating systems that are secure to all but the most sophisticated local attacks. You can't stop the attack where someone just downloads something and blindly runs it. Unlike most people, I don't think computer OS's and apps will always be as insecure as they have been for the last 15 years since the explosion of the Internet to the masses.

It may take another 5 years, but I think we're getting there. Vista isn't perfect, but it's a step closer.

Re:Incremental approach. (0)

Anonymous Coward | more than 7 years ago | (#18905895)

The main problem is that complex software is just hard to secure..............Vista isn't perfect, but it's a step closer.

Uh, no. Vista is a step in the WRONG direction. Microsoft as a company is going in the wrong direction.

Re:Incremental approach. NOT ANY SAFER (1)

Nom du Keyboard (633989) | more than 7 years ago | (#18906219)

This incremental approach will eventually result in operating systems that are secure to all but the most sophisticated local attacks.

And since those attacks are For Sale for $3000 to $5000 on the Internet, everyone with intent to do serious, widespread damage will still be using them.

Ding, ding, ding! all the M$ talking points. (-1, Troll)

twitter (104583) | more than 7 years ago | (#18907475)

What an apology! Let's cut it up into all of it's distortions and slanders:

The main problem is that complex software is just hard to secure.

Ding! Lie: It has problems because of all the cool things it does for you.
Reality: It's bad features and bad designs, not complexity. Most systems do much more than Vista does but do not have the same kind of problems. Linux, Mac, Solaris all have servers user features M$ is still trying to catch up to but none of the problems. The only complexity contained in M$ code is anti-competitive gotchas and digital restrictions, which are like anti-features.

And not just complex MS software - they are not the only ones suffering these kinds of vulnerabilities.

Ding! Slander: Everyone else sucks too
Reality: Yeah right. Show me a virus for another OS that survives outside of a lab. Once again, no one but M$ users have these problems.

You can't stop the attack where someone just downloads something and blindly runs it.

Ding! Distortion: blame the user.
Reality: The fault we are talking about involves no user action other than surfing a web page. This is a design and poor code issue, not a user problem. Strangely enough, Apple does just fine selling systems to people who don't ever want to know anything about computers.

Vista isn't perfect, but it's a step closer.

Ding! Lie: M$ is working hard and is very close to having a secure system.
Reality: M$ slapped a bunch of code together to make Windoze. They spent the last six years putting digital restrictions in it instead of fixing things. Microsoft is all marketing.

Desperation (0)

Anonymous Coward | more than 7 years ago | (#18907599)

*Sniff* Desperation definitely has its own unique smell.

I think the FSF trollards are out in force because they just realized that blabbering about how "M$" sucks and Vista was going to "fail" for over a year accomplished exactly nothing.

Damn, how it must hurt that after all those late-night "M$ WINDOZE SUXXORZ LOLOL" sessions you have absolutely nothing to show for it. RMS promised you paradise and 70 virgins... but all you have is your basement and your imaginary $15/month girlfriend. Ouch.

Re:Ding, ding, ding! all the M$ talking points. (1)

Bungie (192858) | more than 7 years ago | (#18907679)

Linux, Mac, Solaris all have servers user features M$ is still trying to catch up to but none of the problems.

I thought I remembered a specific Solaris telnet exploit [slashdot.org] not too long ago that was incredible oversight by Sun. I guess that must have really been a Microsoft telnet daemon?

So? (1)

twitter (104583) | more than 7 years ago | (#18908835)

I thought I remembered a specific Solaris telnet exploit not too long ago that was incredible oversight by Sun.

You win! I give up and admit the equality of Solaris and Windoze security models. Swarms of Sun powered bots will soon take down the internet.

Re:So? (0)

Anonymous Coward | more than 7 years ago | (#18909735)

willy, you should like totally add yourself here [wikipedia.org] . You have truely revolutionized the perception of free software among so many people that I don't doubt for a second anyone will have a problem with that.

Re:Ding, ding, ding! all the M$ talking points. (1)

RightSaidFred99 (874576) | more than 7 years ago | (#18909657)

Normally I'd argue, but it would be like arguing with a retard over whether the moon is made of cheese or not. You say a bunch of things, but you're just blathering a bunch of fat, geeky dweeb nonsense.

Fortunately people like you who are incapable of adapting to new technology and get emotional about operating systems get weeded out. Face it, brother, you're a dinosaur.

For starters.... (2, Insightful)

Himring (646324) | more than 7 years ago | (#18905721)

Don't allow IE to load a cursor with a .jpg extention....

Wait, sounds familiar (1)

UnknowingFool (672806) | more than 7 years ago | (#18905725)

The changes include a possible addition to the list of banned API function calls, more aggressive checks for buffer overruns and enhancements to existing fuzz testing tools.

You know if Bill Gates was any kind of leader, he would call for his programmers to scrutinize their code for these kinds of security issues. Oh wait! He did 5 years ago. [usatoday.com] It's great to know that MS has spent the last 5 years innovating such features.

Use non-overflowing buffers, heaps etc. (1)

G4from128k (686170) | more than 7 years ago | (#18905729)

Write it the right way once, call it often, and it's fixed. Please outlaw code that reinvents insecure versions of routines for basic data structure.

In this day and age of OOP and libraries, there's no excuse but negligence for crappy code.

Re:Use non-overflowing buffers, heaps etc. (1)

Howitzer86 (964585) | more than 7 years ago | (#18905911)

In the case of Windows, things are so bad that they will have to start fresh.

Windows - be careful! (2, Funny)

codergeek42 (792304) | more than 7 years ago | (#18905735)

Always remember to practice SafeSEH by using the CON dev. :)

Great news... (0)

Anonymous Coward | more than 7 years ago | (#18905825)

...so this means that Windows will be even more bloated and slower than it already is? Very nice.

Just get rid of them! (0)

Anonymous Coward | more than 7 years ago | (#18905889)

Wouldn't it be simpler to just get rid of animated cursors?

What Microsoft REALLY Needs To Do... (3, Insightful)

Zero_DgZ (1047348) | more than 7 years ago | (#18905901)

...Is re-evaluate what the true purpose of the operating system is, and stick to it instead of tacking so much nonsense to the abomination that today we call Windows.

Microsoft made a big to-do about "focusing on security" in the development of Windows Vista, but instead spent all this time A) spackling over the screwball security holes that the superfluous bits of the last version of the operating system created, and B) bolting on more superfluous bullshit.

The pattern of flagrant Windows/Microsoft security breaches has traditionally involved the fracal-like fuzz of superfluous features surrounding Windows. It simply tries to be too much. How many times have we heard about some hole in Internet Explorer that lets l33t h4xx0rs walk in and screw with your OS? Animated cursors opening security holes. ET-phone-home Windows Media player opening security holes. IIS subsystems on home user's computers opening security holes... Ad infinitum.

You want a web browser on your PC? Install a web browser. It shouldn't be your OS'es job. You want animated cursors? Install a cursor manager. It shouldn't be the OS'es job. You want media players? Install a media player. It shouldn't be the OS'es job. Are we seeing the fucking pattern here, yet? If Microsoft could focus on the core of the operating system, making it the platform and the framework that the rest of your computing experience happens on instead of trying to make it the damn "multimedia/computing experience" itself I'll wager a significant portion of these stupid, smack-on-the-forehead sort of problems would go away. And if and when they did crop up, users affected could just patch or uninstall the affected browser/media player/cursor manager/whatever instead of having it permanently tied into their OS for the rest of time (heaven forbid, for example, users reinstalling Windows into it's stock, unpatched state).

Re:What Microsoft REALLY Needs To Do... (1)

f0dder (570496) | more than 7 years ago | (#18906041)

BS.. cuz if linux does it, if Apple does it.. it's called innovation?? Look Microsoft tried to appease the EU w/Windows w/o WMP and guess what, nobody bought it!!

Re:What Microsoft REALLY Needs To Do... (1)

mandelbr0t (1015855) | more than 7 years ago | (#18906147)

In theory, your idea would work well. You would install an OS and a command shell from a vendor and get everything else from somewhere else. That's what DOS and early Linux distros were like.

However, a key piece to overall system stability is integration testing. Debian does TONS of integration testing. Hence, stable is stable. The problem with leaving the integration testing to the user is that you turn a simple "poke-me" appliance into one of those annoying machines that geeks are always tinkering with. There's nothing wrong with providing pre-compiled software packages with an OS: it means that whoever is distributing your OS has saved you the trouble of verifying that your choice of web browser will run on the specific kernel and system libraries you've installed.

The problem, however, is that integration testing turned into vertical marketing. Great, wonderful, you've tested IE to work with Windows (well, ok that's a stretch...), but in the meantime, you've also ensured that no other browser will work with your OS. That's the abusive monopoly being anti-competitive again. While there's no reason to distribute more than the kernel and a command shell with an OS, there's stuff that I need as soon as I get to my first desktop. I need a web browser installed, else I have to download and install one myself (using what program?) Mail client? check. Media player? nice to have.

Providing packages that work with your OS is not a real problem. There being only one distributor that has packages that work with your OS is a huge problem.

Re:What Microsoft REALLY Needs To Do... (1)

flyingfsck (986395) | more than 7 years ago | (#18907977)

The truth is that Vista is a home user OS. It was designed to play games and show movies. It was not designed to be used in a business, or to be used for any serious purpose beyond playing Donkey Kong and watching Mickey Mouse cartoons...

Re:What Microsoft REALLY Needs To Do... (1)

SEMW (967629) | more than 7 years ago | (#18908731)

Not really. When the MS first brought in Windows NT, it was solely a business OS -- home users had 3.1/9x. It's only since WIndows XP that the consumer line has used the NT codebase as well (Vista is NT 6.0).

Innaccurate Summary (2, Insightful)

ThinkFr33ly (902481) | more than 7 years ago | (#18905923)

Howard said the attackers were able to wrap vulnerable code in an exception handler to find ways around those mitigations.
This is incorrect.

Howard said that the vulnerable code happened to be wrapped in a very general try/catch block.

This try/catch block, which was in the vulnerable code already, and not injected by the attackers, potentially allowed the attackers to repeatedly try different memory locations looking for system call addresses that were randomized by ASLR.

Without this try/catch, the process would have crashed after the first failed attempt.

In other words, liberal try/catch policies can potentially expose security vulnerabilities by giving bad guys more than one chance to do their bad deeds.

Also, there were no reported instances of Vista being compromised. It is doubtful that the engineers of the various exploits targeted Vista, and therefor didn't take advantage of the try/catch issue to overcome ASLR since XP doesn't have ASLR. In addition, Protected Mode IE would have thwarted the attack even if they had.

Re: try/catch (0)

Anonymous Coward | more than 7 years ago | (#18906277)

Wow. I'm nearly speechless. If something breaks in testing and you just slap a try/catch around it to keep it from crashing, then you're just putting a bandaid on a gushing wound.

I subscribe to the school of thought that says all data is malicious unless proven otherwise. That means you don't just assume some random file contains an animated cursor -- you have to verify that it contains an animated cursor. If the file format is somehow impossible to verify, then the format itself is broken and should never be used.

RE:Innaccurate Summary (1)

Verte (1053342) | more than 7 years ago | (#18908605)

Protected mode IE does nothing to even slow the attack, the code can be run not as part of IE but as part of the graphics handler.

But I Thought... (2, Interesting)

Nom du Keyboard (633989) | more than 7 years ago | (#18906167)

Wasn't Vista rewritten from scratch, rather than using the old NT code base? Isn't this wh it took an extra 3 years to arrive? Isn't this where there are still major compatibility errors in Vista compared to previous NT and Win95/98/ME versions?

So what did they do here? Rewrite the .ANI handler by re-implementing the same bug as before?

Or were we just lied to again, by Microsoft?

Re:But I Thought... (4, Informative)

ThinkFr33ly (902481) | more than 7 years ago | (#18906213)

When did Microsoft ever claim to have rewritten Windows from scratch?

I guess it's easy to be mad at Microsoft for lying when you put those lies in their mouth yourself.

When have they stopped saying that kind of thing? (0, Troll)

twitter (104583) | more than 7 years ago | (#18907623)

When did Microsoft ever claim to have rewritten Windows from scratch?

They used to do it regularly. NT stood for "New Technology." I can't tell you how many times they declared the "death of DOS" even while they were using the same old 16 bit functions. ME, W2K and XP were all billed as radically new but were all more of the same rehashes.

Vista is more of the same. The wikipedia entry, which they pay people to write, claims, "hundreds of new features; some of the most significant include an updated graphical user interface and visual style dubbed Windows Aero, improved searching features, new multimedia creation tools such as Windows DVD Maker, and completely redesigned networking, audio, print, and display sub-systems." In short new everything, which clearly is not true. They go on to boast about security improvements that, once again, do nothing real for the user.

Re:When have they stopped saying that kind of thin (2, Insightful)

dedazo (737510) | more than 7 years ago | (#18907695)

They used to do it regularly. NT stood for "New Technology."

NT 3.0 was written from scratch. Please provide proof to the contrary, if you have it. Then, provide proof that *Microsoft* has claimed Vista is rewritten from scratch. And I said Vista, not Longhorn or anything else.

I can't tell you how many times they declared the "death of DOS"

I'd calculate that about the same number of times you've declared "M$ Winblows" was "dead".

But I could be wrong.

which they pay people to write

Please provide proof of this. If true, it means that Microsoft has subverted the WP editorial controls, because for a closely-watched topic like that one, no matter how many times you edit it, someone will put your changes under the microscope. The vast majority of the Microsoft articles on WP are closely watched and by definition maintained free of harmful edits.

So, let's see some proof of your claim.

Re:When have they stopped saying that kind of thin (1)

SEMW (967629) | more than 7 years ago | (#18908537)

The wikipedia entry, which they pay people to write, claims, "hundreds of new features; some of the most significant include an updated graphical user interface and visual style dubbed Windows Aero, improved searching features, new multimedia creation tools such as Windows DVD Maker, and completely redesigned networking, audio, print, and display sub-systems." In short new everything, which clearly is not true
Ummm, no. You seem to have a serious misconception about what exactly an operating system is. Multimedia features, searching features, even networking, audio print etc. subsystems do not an OS make. The kernal is still the NT kernel -- with some changes, but still broadly the same -- which is why Vista is NT 6.0. No-one at Microsoft has ever claimed otherwise; no Wikipedia editor has ever claimed otherwise.

Oh blow it. (-1, Troll)

twitter (104583) | more than 7 years ago | (#18908805)

Ummm, no. You seem to have a serious misconception about what exactly an operating system is. ... Vista is NT 6.0. No-one at Microsoft has ever claimed otherwise; no Wikipedia editor has ever claimed otherwise.

You can dance around with that nonsense all you want, we're talking about Windoze, which has more to do with marketing than CS definitions. The Wikipedia article and M$'s Vista page both talk about what Vista is, not an OS. Both of them lead the reader to believe that Vista, has replaced everything of importance to the user. I could really care less because, despite all hype and intentions, no one wants it.

Re:Oh blow it. (1)

SEMW (967629) | more than 7 years ago | (#18908957)

Both of them lead the reader to believe that Vista, has replaced everything of importance to the user.
I've just had a look at the Wikipedia pages again. They list, in quite some detail, exactly what has been changed and what is new, both on the surface [wikipedia.org] and underneath [wikipedia.org] . Is there anything there (most notably in the latter page, which describes the kernel & core OS changes) that you believe to be false? If so, and you have evidence, change the page and cite it, it is a Wiki. Even if there's just something on the page that you think goes beyond the remit of the sources there, raise it in the talk page or add a {{fact}} tag. Even if you believe [slashdot.org] that Wikipedia is controlled by Microsoft shills, you could always post it here; I'm sure the Slashdot editors wouldn't surpress your opinions [snurl.com] ...

Proof (1)

The Bungi (221687) | more than 7 years ago | (#18909095)

Proof, flocktard. You were asked [slashdot.org] for proof. Semantic nitpicking of your own posts doesn't count. Prove that the contents of that WP entry are provided by "M$". Go ahead, we're all waiting. Just like those inexistent Linux botnets, the lawsuits that "destroyed" the Zaurus, your "job" at a "Fortune 100" company and all our other FUD.

Re:But I Thought... (2, Informative)

asifyoucare (302582) | more than 7 years ago | (#18907723)

I think that was the original intention, but my interpretation of events is that they found that .NET wasn't up to snuff, and rather than eat their own dog food but deliver a crappier product they did the 'Vista reset'. After the reset they re-used much of the code from XP.

Re:But I Thought... (1)

ThinkFr33ly (902481) | more than 7 years ago | (#18908267)

.NET wasn't up to snuff? Find me a single article that says anything even remotely like this.

The Vista reset was caused by a flawed attempt to include too many features at once combined with unsustainable development practices / management. It had absolutely nothing to do with .NET. Not to mention the fact that Vista is based off of the Windows 2003 Server codebase, not XP's.

Furthermore, there was never a plan to rewrite Windows from the ground up.

Informative, indeed.

Re:But I Thought... (1)

SEMW (967629) | more than 7 years ago | (#18908557)

After the reset they re-used much of the code from XP.
Wrong way round. As VertigoAce notes [slashdot.org] , it was the pre-reset builds which were based of XP; the post-reset ones were based on 2003 Server.

Re:But I Thought... (2, Informative)

VertigoAce (257771) | more than 7 years ago | (#18907661)

It was delayed largely because they reset the project in late 2004. The original Longhorn was based off of the XP codebase. When they reset development they started from the Windows 2003 codebase (which was based off of the XP codebase). At no point did they claim that they were starting from scratch.

Many of the compatibility problems are related to fixing bugs in the OS. Any time you change the behavior of the operating system you risk breaking some piece of code that relied on the old behavior. Notice that they fixed all of the known security bugs in XP, even though they haven't released patches for XP. With Vista, they can break compatibility to fix security flaws. Breaking apps that currently work on XP would cause major problems for companies.

Compiler issue? (1)

Applekid (993327) | more than 7 years ago | (#18906191)

I still can't get over why generating "safe" code is the job of the compiler, anyway. What's wrong with checking lengths and buffers before using them? What's wrong with paranoid programming?

Did Microsoft's new focus on security from the ground up with Vista really just amount to compiling all its system components with /GS? Pathetic.

Re:Compiler issue? (1)

kybred (795293) | more than 7 years ago | (#18909233)

I still can't get over why generating "safe" code is the job of the compiler, anyway.

It's not, but some compilers have options to add bounds checking in the compiled output. Usually this is done for testing then the code is compiled for release without the bounds checking. Also, there are tools like Purify [ibm.com] that also can do bounds checking and the like.

Flagging is not the problem (0)

Anonymous Coward | more than 7 years ago | (#18906215)

Flagging the vulnerability is not the problem, MS has shown that they knew about the problem as early as two years ago. It's actually fixing it instead of just marking it "WONTFIX" or "CANTFIX".
 
Clowns.

Sorry. (1)

Skiron (735617) | more than 7 years ago | (#18906239)

MS just don't get the security bit anyway - never will. 99% spam comes from MS boxes. Let alone a mouse cursor that lets the crackers do it.

Security broke dragging files to cmd.exe (5, Interesting)

Myria (562655) | more than 7 years ago | (#18906673)

Prior to Vista, you could drag files from Explorer to cmd.exe to have it type in the filename for you, exactly like on Mac. However, due to overzealous security changes by Microsoft, this does not work in Vista [microsoft.com] .

In NT, console windows are actually owned by the most privileged user-mode process in the system, csrss.exe. One of Vista's big security changes is that processes cannot send window messages to windows owned by processes of higher security clearance. This means that Explorer cannot send a message to console windows telling them that there is a file being dragged to it. Starting Explorer as Administrator does not help, because csrss.exe runs with higher privilege than that.

Rather than fix the insane design issue of csrss.exe owning console windows, they decided to leave it the way it is. Never mind that there have been exploits against csrss.exe through the console system in the past.

To give you an idea of how bad of a hack the console implementation is, kernel32.dll's WriteFile detects console handles, which are fake handles, and translates the call into an RPC call to csrss.exe. This breaks all kinds of stuff.

Re:Security broke dragging files to cmd.exe (1)

anss123 (985305) | more than 7 years ago | (#18907139)

I agree that cmd.exe is clunky. In Vista you can no longer put it in full screen either. Win+R, cmd.exe, alt+enter, alt+enter was an excellent way of resetting the video driver whenever it fucks up.

The problem with MS seems to be that they overlook 'worse case scenarios'. Shell extensions are nice, for instance, but how do you remove a faulty one? What do you do when the Add/Remove panel crashes or when the video card decides 2048x1600@85Hz is a nice display mode on your 1280@60Hz display?

On Linux the answer is to dive into text/xml files, perhaps outright delete the offending one, not pretty but it works. On Windows you have to figure out where the app stores it data, the format, and what can safely be removed/altered. (And there's no helpful comments in the registery!)

backwards (2, Interesting)

midnighttoadstool (703941) | more than 7 years ago | (#18907681)

Here we go again.

Another pointless discussion that doesn't acknowledge the depth of complexity of backwards compatability, and its commercial necessity.

Easy fix (1)

Opportunist (166417) | more than 7 years ago | (#18910225)

Hire people who know that it's a really, really, really bad idea to drop a structure onto the stack, especially if said structure is to be filled by user data. That should take care of the issue.

Instead of fixing the underlying problem, MS tries hard to "fix" the world around it. It's not an issue with the compiler, it's not an issue with API calls that can be "abused", it's an issue with badly written API functions. Grab the source of those friggin' libs and move the structures that you moronically created on the stack onto the heap. Yes, this would still allow a malformed structure filler (i.e. some file with bogus information to fill) to mess with your heap and possibly cause the program running it to crash, but it would make absolutely CERTAIN that such a malformed data file cannot be used to execute code contained within.
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...