Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Bigger burger roll needed
From: Micheal Espinola Jr <michealespinola () gmail com>
Date: Thu, 6 Oct 2005 11:33:01 -0400

I do see how it all comes together, and I agree as a whole.  I'm
certainly not excusing MS of their responsibility to the matter.

My comments only referred to legitimate use of the OS, using
supporting software and drivers, in which case you should be able to
depend on proper coding from every party involved.  Running
software/drivers that were properly written for the OS should provide
a failure free platform, and it does.  That was my only point to
egregious comments to Windows being BSOD prone.  It could be a
balancing act at times, but it could be done if done right.

Yes, absolutely, any OS should be able to handle bad data without
crashing.  I think its apparent that MS is no longer ignorant (or
perhaps naive) about the issue, and I honestly can't remember the last
BSOD I got.  It's been years.

On 10/6/05, bkfsec <bkfsec () sdf lonestar org> wrote:
But, Curmudgeon's right... you can't just say "yeah, the OS can't handle
malformed data, but that's not their problem."

One of the primary rules of coding is never trust the input.  And that
is a very valid point.  The same flaws in code that cause exploits also
cause crashes by their very nature.  It's not "all over the place", it's
a fact of system design.  If they can't avoid mishandling input, then
people's expectations will be low.  See how it all comes together?
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]