From: Georg Bauhaus <bauhaus@futureapps.de>
Subject: Re: Buffer overflow Article - CACM
Date: Sun, 13 Nov 2005 12:55:39 +0100
Date: 2005-11-13T12:52:51+01:00 [thread overview]
Message-ID: <43772913$0$21943$9b4e6d93@newsread2.arcor-online.net> (raw)
In-Reply-To: <2421265.tcOOYmdnmL@linux1.krischik.com>
Martin Krischik wrote:
> Is there an Online Version of that article? And if so: Would you mind if I
> copy/paste your Text to /. - That's only of you have no /. user yourself.
http://doi.acm.org/10.1145/1096000.1096004
The authors refer you to their site, in the final sentence of
their article. If you look at their "front page", the motivation of
their analyses will become clear. Please tr -d ' ' in
w w w . s m a s h gu a r d . or g
Some quotes:
"One way to prevent programs from having such vulnerabilities is
to write them using a language (such as Java or Pascal) that performs
bound checking. However, such languages often lack the low-level data
manipulation needed by some applications. Therefore, researchers have
produced "more secure" versions of C that are mostly compatible with
existing programs but add additional security features. Cyclone [5]
is one such C-language variant. Unfortunately, the performance cost
of bounds checking (reported in [5]) involves up to an additional
100% overhead."
"Dynamic protection techniques can be costly in terms of overhead,
but some researchers are trying to move that functionality into faster,
hardware-based protection schemes.
As these techniques move from academic laboratories into mainstream
software releases, computer users and software developers have become
aware of what they can do, and what they can't do."
next prev parent reply other threads:[~2005-11-13 11:55 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-13 5:14 Buffer overflow Article - CACM adaworks
2005-11-13 7:35 ` tmoran
2005-11-13 8:49 ` Martin Krischik
2005-11-13 11:55 ` Georg Bauhaus [this message]
2005-11-13 14:58 ` Florian Weimer
2005-11-14 13:44 ` Marc A. Criley
2005-11-14 19:13 ` Martin Krischik
2005-11-13 15:02 ` Florian Weimer
2005-11-13 15:44 ` Stephen Leake
2005-11-14 14:40 ` adaworks
2005-11-13 23:57 ` Jeffrey R. Carter
2005-11-14 6:51 ` Martin Dowie
2005-11-14 17:55 ` Jeffrey R. Carter
2005-11-15 9:14 ` Martin Dowie
2005-11-14 7:09 ` Pascal Obry
2005-11-14 8:35 ` Dmitry A. Kazakov
2005-11-14 20:57 ` Simon Wright
2005-11-15 8:49 ` Dmitry A. Kazakov
2005-11-15 14:03 ` Georg Bauhaus
2005-11-15 15:14 ` Dmitry A. Kazakov
2005-11-15 22:32 ` Georg Bauhaus
2005-11-16 1:21 ` Robert A Duff
2005-11-16 9:26 ` Dmitry A. Kazakov
2005-11-16 13:02 ` adaworks
2005-11-17 11:13 ` Martin Dowie
2005-11-14 17:58 ` Jeffrey R. Carter
2005-11-14 18:44 ` Larry Kilgallen
2005-11-25 5:56 ` Christopher Browne
2005-11-26 1:31 ` Jeffrey R. Carter
2005-11-27 21:36 ` adaworks
2005-11-28 12:12 ` Simon Clubley
2005-12-01 2:35 ` robin
2005-12-01 7:05 ` adaworks
2005-12-03 13:42 ` robin
2005-12-03 18:18 ` adaworks
2005-12-12 1:23 ` robin
2005-12-31 7:39 ` robin
2005-12-31 17:03 ` Georg Bauhaus
2006-01-01 12:12 ` Martin Krischik
2006-01-01 23:12 ` robin
2006-01-02 3:37 ` jimmaureenrogers
2006-01-12 22:10 ` robin
2006-01-03 9:52 ` Georg Bauhaus
2006-01-12 22:10 ` robin
2006-01-12 22:36 ` Georg Bauhaus
2006-01-13 19:53 ` Keith Thompson
2006-01-13 20:22 ` Dan Nagle
2006-01-14 17:50 ` Björn Persson
[not found] ` <12ces1lv5dvm6pifdapj11o1hrtlm6ec7q@4ax.com>
2006-01-13 23:28 ` robin
2005-11-30 15:27 ` robin
2005-11-14 10:17 ` Peter Amey
2005-11-29 8:16 ` Harald Korneliussen
2005-11-29 10:48 ` Peter Amey
2005-11-30 21:21 ` Brian May
2005-12-01 5:36 ` Jeffrey R. Carter
2005-12-01 9:01 ` Harald Korneliussen
2005-12-01 11:21 ` Martin Dowie
2005-12-01 17:58 ` Jeffrey R. Carter
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox