Re: New Binary Bruteforcing Method Discovered

From: Michal Zalewski (lcamtufat_private)
Date: Wed Mar 27 2002 - 14:23:20 PST

Next message: Jeff Schaller: "Re: Re New Binary Bruteforcing Method Discovered"

Previous message: Michal Zalewski: "Re: Re New Binary Bruteforcing Method Discovered"
In reply to: mixterat_private: "Re: New Binary Bruteforcing Method Discovered"
Next in thread: Matthew G. Marsh: "Re: New Binary Bruteforcing Method Discovered"
Next in thread: pr0ixat_private: "Re: Re: New Binary Bruteforcing Method Discovered"
Maybe reply: pr0ixat_private: "Re: Re: New Binary Bruteforcing Method Discovered"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 27 Mar 2002 mixterat_private wrote:

> ...what's related is what I talked about, using shared libs for pre-
> reporting (I agree, a simple technique) which in turn helps to document
> the external entry points (not always all) and focus on them.

I am not dismissing this idea :-) There is a lot of very good methods of
reconnaisance, analysis, etc, etc, but none of them will provide a
complete or even near-complete coverage of potential problems. This does
not mean we should stop using them, but we should certainly refrain from
making stupid claims (what the original poster did). As a matter of fact,
I am a frequent user of strace, ltrace and other run time tools, and even
authored one high-level project of this kind (Fenris, announced on
sectools a while ago). But I usually stay away from solutions marketed as
"total", "ultimate", "complete", "finds all...".

> Would you say that human beings can theoretically solve this problem as
> they can oversee all functions in source code (this problem seems to be
> a white-box auditing issue to me...) and hence theoretically extrapolate
> all states...?

Well, it is tricky ;-) People naturally look for formal, automated methods
of code analysis for two reasons: 1) humans make mistakes, 2) humans are
expensive and slow. Think about chess - there is just a very few players
in the world who can beat most powerful computers. Even they make
mistakes. And most of us are just average in this game, and will never win
with a powerful machine. The demand for affordable security is much higher
than the number of people with really excellent audit skills (and ones
that are will be really expensive to hire and will work for a very long
time on a huge project), plus there's no simple way to tell who is good
and who is not. For mission-critical applications it is not how many bugs
do you find, but how many bugs you miss :-)

AI in terms of simulating high-level conscious processes is not much
closer to becoming a reality than it was 20 years ago.

-- 
_____________________________________________________
Michal Zalewski [lcamtufat_private] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
          http://lcamtuf.coredump.cx/photo/

Next message: Jeff Schaller: "Re: Re New Binary Bruteforcing Method Discovered"
Previous message: Michal Zalewski: "Re: Re New Binary Bruteforcing Method Discovered"
In reply to: mixterat_private: "Re: New Binary Bruteforcing Method Discovered"
Next in thread: Matthew G. Marsh: "Re: New Binary Bruteforcing Method Discovered"
Next in thread: pr0ixat_private: "Re: Re: New Binary Bruteforcing Method Discovered"
Maybe reply: pr0ixat_private: "Re: Re: New Binary Bruteforcing Method Discovered"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Mar 27 2002 - 16:55:14 PST