Scanning Formats (TIFF vs. JPEG)
THX1138 at dakotacom.net
Fri Aug 18 13:39:29 CDT 2006
Chuck Guzis wrote:
> On 8/18/2006 at 5:59 PM Jules Richardson wrote:
>> As an aside: I've never quite understood these OS image vunerabilities.
>> Doesn't any modern OS provide sufficient protection such that a process
>> can't just stomp all over memory at random? Unless the problem is just a
> Sloppy programming (really, there's no excuse for not including
> bounds-checking when decoding)is a big part of the picture. In Windows'
> case, a lot of the vulnerabilities seem to be a combination of sloppy
> coding and including "features" that have vulnerabilities inherent. (e.g.
> OLE in browser applets, executables in email attachments...) Of course, if
> a set of object libraries with inherent vulnerabilities in them is used,
> bugs get re-used too.
*MY* concern is how do you let FOREIGN code into your world
AND still protect things? I.e. I can do my best to keep
*my* code bug-free... but, I can't keep "your" code bug-free!
Yet, I need to keep my *system* invulnerable to bugs that you
let creep in. :-( (writing good OS's requires considerably more
forethought than writing good *apps*! :< )
More information about the cctech