Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
The Devil And The Deep Blue Sea
Jon Lasser, 2002-07-17

Why Microsoft's Palladium project threatens to send Linux and open-source into exile.

Comments Mode:
And the major security goals don't need hardware 2002-07-18
Nicholas Weaver (1 replies)
And the major security goals don't need hardware 2002-07-19
Anonymous
The Devil And The Deep Blue Sea 2002-07-18
Anonymous (6 replies)
The Devil And The Deep Blue Sea 2002-07-18
Anonymous
The Devil And The Deep Blue Sea 2002-07-19
Anonymous
The Devil And The Deep Blue Sea 2002-07-19
Anonymous (1 replies)
The Devil And The Deep Blue Sea 2002-07-23
Anonymous
The Devil And The Deep Blue Sea 2002-07-19
Anonymous
The Devil And The Deep Blue Sea 2002-07-19
Anonymous
The Devil And The Deep Blue Sea 2002-07-22
Anonymous
The Devil And The Deep Blue Sea 2002-07-18
Anonymous
Unbelieveable 2002-07-18
Anonymous (5 replies)
Unbelieveable 2002-07-19
Anonymous (2 replies)
Unbelieveable 2002-07-20
Anonymous
Unbelieveable 2002-07-21
Anonymous
Unbelieveable 2002-07-19
Anonymous
Unbelieveable 2002-07-19
Martin Schoch
Unbelieveable 2002-07-20
Anonymous
Unbelieveable 2002-07-20
Anonymous
The Devil And The Deep Blue Sea 2002-07-18
blacklight (1 replies)
The Devil And The Deep Blue Sea 2002-07-23
Anonymous
Take a chill pill 2002-07-18
Anonymous Bastard (3 replies)
take your own advice 2002-07-19
rsullivan@art-line.com (1 replies)
Re: take your own advice 2002-07-19
Anonymous Bastard (2 replies)
Re: take your own advice 2002-07-19
Anonymous (2 replies)
happy x86 processor world? riiiiight... 2002-07-19
Anonymous (1 replies)
happy x86 processor world? riiiiight... 2002-07-22
Anonymous
Re: take your own advice 2002-07-21
Anonymous
Re: take your own advice 2002-07-19
Anonymous
Re: Take a chill pill 2002-07-19
Jm4n
Take a chill pill 2002-07-21
Anonymous
And they expect JIT Java and .NET compilers to operate? 2002-07-19
Anonymous
The Devil And The Deep Blue Sea 2002-07-19
Anonymous (1 replies)
OSS version of Palladium 2002-07-20
Abri
The Devil And The Deep Blue Sea 2002-07-19
Anonymous
The Devil And The Deep Blue Sea 2002-07-19
SkyLeach
Palladium and buffer overflows 2002-07-19
Anonymous (6 replies)
I may be completely stupid here, but don't buffer overflows modify the application as it resides in memory? Everything I've seen on Palladium (which, admittedly, is little) seems
to indicate that it prevents unsigned or altered code from being launched, checking the executable's signature on startup. Would Palladium prevent a variant of Code Red, where a presumably trusted operating system component was overwritten in memory with malicious code? Or is Palladium supposed to constantly monitor running programs in memory for changes?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/96/15720#15720
Palladium and buffer overflows 2002-07-19
Anonymous
Palladium and buffer overflows 2002-07-19
Anonymous
Palladium and buffer overflows 2002-07-20
bufferoverwhelmed
Palladium and buffer overflows 2002-07-20
Anonymous
Palladium and buffer overflows 2002-07-21
Anonymous
Palladium would NOT stop buffer overflows... 2002-07-21
Nicholas Weaver
Pride goeth before a Fall 2002-07-19
Anonymous
Couldn't _anyone_ make a "signature stamp"? 2002-07-19
Mad Ivan
No evidence for these claims 2002-07-19
Tamperbell (2 replies)
No evidence for these claims 2002-07-22
Anonymous
No evidence for these claims 2002-07-23
Anonymous
The Devil And The Deep Blue Sea 2002-07-19
Anonymous
MSFT won't fix Outlook so we must lock hardware? won't work 2002-07-20
Anonymous
Alternate hardware 2002-07-20
Anonymous
The Devil And The Deep Blue Sea 2002-07-20
Anonymous
THE DEVIL AND THE DEEP BLUE SEE 2002-07-20
NSS ( Network Ssecurity Systems)
It's all about trust 2002-07-20
Anonymous
The Devil And The Deep Blue Sea 2002-07-21
Anonymous
The Devil And The Deep Blue Sea 2002-07-22
Anonymous
The Devil And The Deep Blue Sea 2002-07-22
Anonymous (1 replies)
The Devil And The Deep Blue Sea 2002-07-23
Anonymous
The Devil And The Deep Blue Sea 2002-07-22
Anonymous
The Devil And The Deep Blue Sea 2002-07-23
Anonymous (1 replies)
The Devil And The Deep Blue Sea 2002-07-23
Anonymous
I will never buy it and anyone who is smart won't either. 2002-07-23
Anonymous (1 replies)
I will never buy it and anyone who is smart won't either. 2002-07-25
Anonymous
And even money can be forged.... why not code? 2002-07-25
José Azevedo
Copyright and Anti-piracy laws 2002-07-29
Anonymous
It is time for "security enhanced linux" to be put on the front burner NOW! 2002-07-29
100% of distros should be 100% SE Linux







 

Privacy Statement
Copyright 2009, SecurityFocus