[17069] in cryptography@c2.net mail archive
Security is the bits you disable before you ship
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Tue Mar 15 10:44:07 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com
Date: Tue, 15 Mar 2005 19:07:05 +1300
>From a news.com story about features of gcc 4.0, available at
http://news.com.com/Key+open-source+programming+tool+due+for+overhaul/2100-7344_3-5615886.html
Key open-source programming tool due for overhaul
Published: March 14, 2005, 10:46 AM PST
By Stephen Shankland
Staff Writer, CNET News.com
[...]
GCC 4.0 also introduces a security feature called Mudflap, which adds extra
features to the compiled program that check for a class of vulnerabilities
called buffer overruns, Mitchell said. Mudflap slows a program's
performance, so it's expected to be used chiefly in test versions, then
switched off for finished products.
So you have an interesting definition of a security feature as "the bit you
disable before the product goes into the environment where it'll be subject to
attack".
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
