[7618] in bugtraq
Re: A way to prevent buffer overflow exploits? (was: "Any user can
daemon@ATHENA.MIT.EDU (Aaron Schwartzbard)
Tue Aug 11 21:44:52 1998
Date: Tue, 11 Aug 1998 18:42:57 -0400
Reply-To: Aaron Schwartzbard <aschwart@RSTCORP.COM>
From: Aaron Schwartzbard <aschwart@RSTCORP.COM>
X-To: Ty Abonil <abonilts@muss.cis.mcmaster.ca>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.SOL.3.96.980810145231.23735A-100000@muss.CIS.McMaster.CA>
On Mon, 10 Aug 1998, Ty Abonil wrote:
> > > We can avoid this by making computer systems unique - the trick is to
> > > do this while providing a uniform interface to users. We discussed
> > > several approaches in:
> >
> > This stops the script kiddies, and O(zero) more, where O(zero) reaslly is
> > my attempt to sum up the advantages of security through obscurity.
>
> Aain, I agree. Merely saying that we should have a different system for
> everyone will not solve tha problem, in fact I believe that the situatin
> will be worse of. A person running a system today can turn to thousands
> of people for help on Usenet, the web, or other resources on the internet.
> Books are available for almost all systems. This is becasue everyone runs
> similar systems. If everyone was running their own flavour of something
> then the problem of security might have been solved, but then what I think
> would be a much bigger problem would arise- systems which don't run
> well/efficiently, not because of crackers, but becasue of admins that have
> to track down every bug themselves, with no where to turn to..
I believe we are discussing two different things here. The original post
is not discussing security through obscurity or creating millions of
different programs with different interfaces (and thus, an administrative
nightmare) to perform one task. What the original post was discussing (I
believe) is the benefit of diversification.
There is no mention of "obscuring" any details of how the diversification
is to be accomplished. It's kind of like basing an encryption key on a
(pseudo-)random number. All algorithms are well know to all. The security
comes from a large random number space.
Diversification has a big drawback -- it is difficult to maintain a
diverse system because different componants require different action to
perform similar tasks. This is diversification on an external level.
However, diversification also has a benefit. Every time an
application-specific bug is found, it is diversification that allows us
to avoid all the nastyness of the Morris worm. But that diversification
occurs on an internal level.
Now, if we could find a way couple the beneficial internal
diversification with the uniform external behavior, we could provide a
robust environment in which a person could, in fact, "turn to thousands
of people for help on Usenet, the web, or other resources on the
internet."
The real solution would be for everyone to write perfect code all the
time. Until that day, we need to face the fact that if we want to make
systems more uniform externally, yet still robust, we need to find ways
to diversify them internally. (Pretty ironic -- the road to uniformity is
diversification.)
As with any solution, this is not a panacea, but I do believe that it does
deserve some attention.
>
> Ty.
>
--
Aaron Schwartzbard
aschwart@rstcorp.com
