Re: [Lit.] Buffer overruns
From: David Wagner (daw_at_taverner.cs.berkeley.edu)
Date: 01/31/05
- Next message: David Kastrup: "Re: Theory versus implemention, I'm puzzled"
- Previous message: Larry Hammick: "Re: Theory versus implemention, I'm puzzled"
- In reply to: infobahn: "Re: [Lit.] Buffer overruns"
- Next in thread: infobahn: "Re: [Lit.] Buffer overruns"
- Reply: infobahn: "Re: [Lit.] Buffer overruns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 31 Jan 2005 09:11:34 +0000 (UTC)
infobahn wrote:
>Okay, has it given correct output for all inputs so far given to it?
>If so, then we can form a working hypothesis that it is working. Until
>proven otherwise, naturally.
That might work fine for dealing with random failures. But it
falls apart horribly when the task is security. The attacker comes along
and finds some cleverly chosen input that cause your program to give
an incorrect output for the first time. You had all sorts of confidence
based on past history, but you got hosed anyway. In short, any confidence
derived from this procedure is misplaced. The history is a poor predictor
of the future when you're dealing with an adversary.
- Next message: David Kastrup: "Re: Theory versus implemention, I'm puzzled"
- Previous message: Larry Hammick: "Re: Theory versus implemention, I'm puzzled"
- In reply to: infobahn: "Re: [Lit.] Buffer overruns"
- Next in thread: infobahn: "Re: [Lit.] Buffer overruns"
- Reply: infobahn: "Re: [Lit.] Buffer overruns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
