Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
Reverse engineering patches making disclosure a moot choice?
Robert Lemos, SecurityFocus 2005-07-01

When Microsoft released limited information on a critical vulnerability in Internet Explorer last month, reverse engineer Halvar Flake decided to dig deeper.

Comments Mode:
Reverse engineering patches making disclosure a moot choice? 2005-07-06
Anonymous (1 replies)
Re: Reverse engineering patches making disclosure a moot choice? 2005-07-08
Anonymous
Write code correctly the first time 2005-07-07
Karen (1 replies)
Re: Write code correctly the first time 2005-07-11
Anonymous (1 replies)
Re: Re: Write code correctly the first time? 2005-07-12
David (1 replies)
Re: Re: Re: Write code correctly the first time? 2005-10-14
Software Engineer
To test it's effectiveness, I reverse engineer my own company's digital filing security solution, and I tend to agree with David. Our core programmers have to make patches for things that didn't start out as an exploitable weakness. As our coders get better I get better, and potential hackers get better. So sometimes patches are made to defend against new types of attacks that only exist because someone wrote the code correctly the first time.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11235/32635#32635




 

Privacy Statement
Copyright 2008, SecurityFocus