Date: Tue, 18 Feb 1997 08:59:27 +0000 From: Robin Melville <robmel@innotts.co.uk> To: "Jordan K. Hubbard" <jkh@time.cdrom.com>, Charles Mott <cmott@srv.net> Cc: David Greenman <dg@root.com>, freebsd-chat@freebsd.org Subject: Re: Countering stack overflow Message-ID: <l03010d00af2f1c5a4ea3@[194.176.130.2]> In-Reply-To: <29512.856242843@time.cdrom.com> References: Your message of "Mon, 17 Feb 1997 21:10:17 MST." <Pine.BSF.3.91.970217204736.3518C-100000@darkstar>
next in thread | previous in thread | raw e-mail | index | archive | help
At 9:14 pm -0800 17/2/97, Jordan K. Hubbard wrote: >...As regards the stack checking, I have to agree with David. It'd be >like having a rent-a-cop on duty at your apartment complex. He might >catch some truly blatant burglers, and maybe he also keeps the vandals >from spray-painting your car occasionally, but if some truly motivated >burgler really wants to get into your house then that rent-a-cop might >as well not even be there... I like this analogy. For all the spilt ink on the Unix (lack) of security it needs to be remembered that even banks get broken into. Although it's important to take reasonable measures to secure the premises, the real problem is not the lack of the newest electronic locks but the determination of the burglars. Much though it grieves me to say it, those extra-bright people who make it their business to break in and do damage to other people's equipment and data (viz the recent attack on the FreeBSD repository) need to be tracked down and dealt with by the law in the same way as burglars are. If the "blame" for unauthorised access rests on the victim, then we might as well all turn our homes into fortresses, wear suits of armour to go shopping, drive tanks, and give up using networked computers. While I can see that hackers gain intellectual satisfaction from their exploits, and maybe dweeb-macho acclamation from their peers, the majority of us use computers to do socially required work. Unix is an elegant, robust solution to a whole set of problems, and its longness in the tooth actually enhances that since generations of programmers have combed through it teasing out the bugs and enhancing it. We could throw it away in favour of something that would be hack-proof for a few weeks or months until new exploits were found, but it would be a long time before the new solutions would run a busy network machine for 100 days without crashing. Regards Robin.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?l03010d00af2f1c5a4ea3>