mailing list archives
Re: Bigger burger roll needed
From: bkfsec <bkfsec () sdf lonestar org>
Date: Thu, 06 Oct 2005 11:10:43 -0400
Micheal Espinola Jr wrote:
But, Curmudgeon's right... you can't just say "yeah, the OS can't handle
malformed data, but that's not their problem."
I'm not and have not been referring to hackers what-so-ever. I'm
referring to poorly written drivers.
You guys are all over the place. I'm done.
On 10/4/05, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:
On Tue, 04 Oct 2005 08:16:34 EDT, Micheal Espinola Jr said:
Without getting into specifics that no longer matter, surely they
could have did their part better to handle malformed input - but who
was malform'ing the input in the first place?
That's right. Blame the hackers. Sounds like a sound bite from a Ballmer keynote
One of the primary rules of coding is never trust the input. And that
is a very valid point. The same flaws in code that cause exploits also
cause crashes by their very nature. It's not "all over the place", it's
a fact of system design. If they can't avoid mishandling input, then
people's expectations will be low. See how it all comes together?
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/