quotes from wired interview with Mike Lynn
"
WN: So this new version of the operating system that they're coming out with, that's in beta testing.
Lynn: It's actually a better architecture ... but it will be less secure.... That's why I felt it was important to make the point now rather than sweep it under the rug. I think it's something that we can fix....
"
"
But at the same time, now that I think they already are, I will say it's not as bad as you probably think it is. Not yet ... because the version that makes this an unstoppable critical problem is not out yet.
"
What exactly does this mean?
You might want to read lynn-cisco.pdf. This means that today to
exploit heap overflows you need to know the offsets per release, supposedly
tomorrow the offsets will be static per releasese in new (in some terms better)
architecture, which will make exploiting heap overflows much more feasible.
without getting *too* off topic...
...here's what the junior kernel hacker in me doesn't quite understand
- doesn't software like ProPolice and it's brethren mitigate this type
of vulnerability specifically? What, precisely, prevents Cisco from
implementing such code in with their architecture?
aaron.glenn
"mitigate vulnerability" != "prevent vulnerability".
As long as it's a von Neumann architecture rather than a Harvard architecture,
there's potential issues. Note that many mitigation strategies are basically
attempts to make it more Harvard-like....
Whether mitigation is sufficient is a topic for another list..