Security is the bits you disable before you ship
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Mar 15 01:07:05 EST 2005
>From a news.com story about features of gcc 4.0, available at
http://news.com.com/Key+open-source+programming+tool+due+for+overhaul/2100-7344_3-5615886.html
Key open-source programming tool due for overhaul
Published: March 14, 2005, 10:46 AM PST
By Stephen Shankland
Staff Writer, CNET News.com
[...]
GCC 4.0 also introduces a security feature called Mudflap, which adds extra
features to the compiled program that check for a class of vulnerabilities
called buffer overruns, Mitchell said. Mudflap slows a program's
performance, so it's expected to be used chiefly in test versions, then
switched off for finished products.
So you have an interesting definition of a security feature as "the bit you
disable before the product goes into the environment where it'll be subject to
attack".
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list