| New User, Welcome! Login |
I'm not saying
I believe Michal and I are having the conversation in a larger context.
What you found is valid on its own merit and got addressed, which is
great. But now think of the whole ECMAScript API and there are probably
dozens or hundreds of such functions that would expose similar issues.
There could be a lot of individual reports for each individual function,
or one concerted effort that looks at everything at once. (I'm not saying
you should have done this - after all it's your research - I'm just saying
that *somebody* could.) Extend this to things like web-connected
interpreters (PHP anyone?) and similar logic may well apply.
I'm sure that I've generated web pages with about 10,000 elements, so now
Perhaps it's more politically convenient to leave blind attacks in place
in order to push other agenda? It seems invariably those making the
all-or-nothing argument that 16 bits (in reality 30 bits if you get off
your ass and think about it) is not enough entropy no matter the
generator are all too often pushing DNSSEC in the very next sentence.
I'm not saying DNSSEC is good or bad, and it is designed to remedy more
than just blind attacks, but it's unethical to ignore a problem that can
be mitigated in the short term just so a new technology can be forced
down people's throats in the long term.
> Eh, you can see where it came from though. Design bugs like this are absolutely miserable to fix (see how we'll never get rebinding out of the browser) and letting identical IP's script against eachother lets an awful lot of legitimate traffic through while blocking almost all attacks.
>
> I'm not saying it's a preferred design, but let's reserve "horrible" for things that don't have quite the obvious thought process behind them.
"Horrible" in the sense it had significant consequences for the safety
of all Internet users, for at least a decade (ever since HTTP vhosts
became reasonably popular, which must be what, late 90s).
I don't really question the thought process - although it's
interesting to see that almost all attempts to redefine / reinvent SOP
>
> This was a pretty horrible design, so it's good to see it gone, though.
Eh, you can see where it came from though. Design bugs like this are absolutely miserable to fix (see how we'll never get rebinding out of the browser) and letting identical IP's script against eachother lets an awful lot of legitimate traffic through while blocking almost all attacks.
I'm not saying it's a preferred design, but let's reserve "horrible" for things that don't have quite the obvious thought process behind them.
Is this, in fact, gone now?
>
> /mz
> Perhaps it's more politically convenient to leave blind attacks in place
> in order to push other agenda? It seems invariably those making the
> all-or-nothing argument that 16 bits (in reality 30 bits if you get off
> your ass and think about it) is not enough entropy no matter the
> generator are all too often pushing DNSSEC in the very next sentence.
> I'm not saying DNSSEC is good or bad, and it is designed to remedy more
> than just blind attacks, but it's unethical to ignore a problem that can
> be mitigated in the short term just so a new technology can be forced
> down people's throats in the long term.
As far as I know there is no such conspiracy at ISC.
>>> Then again, you need administrator privs for this, so really, the same
>>> argument here applies as above. If you have this level of access, why
>>> not just use your administrator privileges more directly instead of
>>> trying to find some pointlessly circumspect method.
>>>
>>> I'm not saying you aren't on to something - there does appear to be some
>>> limited amount of instability in the smc.exe binary possibly to do with
>>> paramter validation or parsing or something - but I just can't see at
>>> this stage how it's useful, given that I've been unable to get any of
>>> these problems to affect the actual antivirus process running in the
>>> system account (that's the one that does the actual work), without
>>>>> Then again, you need administrator privs for this, so really, the same
>>>>> argument here applies as above. If you have this level of access, why
>>>>> not just use your administrator privileges more directly instead of
>>>>> trying to find some pointlessly circumspect method.
>>>>>
>>>>> I'm not saying you aren't on to something - there does appear to be
>>>>> some
>>>>> limited amount of instability in the smc.exe binary possibly to do
>>>>> with
>>>>> paramter validation or parsing or something - but I just can't see at
>>>>> this stage how it's useful, given that I've been unable to get any of
>>>> Then again, you need administrator privs for this, so really, the same
>>>> argument here applies as above. If you have this level of access, why
>>>> not just use your administrator privileges more directly instead of
>>>> trying to find some pointlessly circumspect method.
>>>>
>>>> I'm not saying you aren't on to something - there does appear to be
>>>> some
>>>> limited amount of instability in the smc.exe binary possibly to do with
>>>> paramter validation or parsing or something - but I just can't see at
>>>> this stage how it's useful, given that I've been unable to get any of
>>>> these problems to affect the actual antivirus process running in the
|
|
|
