Forums: Secure Applications - Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Secure Applications are programmers really to blame?

#1 Guest_tonikgin_*

  • Group: Guests

Posted 12 July 2004 - 01:46 PM

I got to thinking again recently about security on the physical layer, and came to a few points. Programmers can only work within the guidelines of the hardware given to them, today most hardware devices are still relitavely simple or blind when it comes security. The 32-bit architechture compared w/ 64-bits provides little doubt that buffer attacks against memory processes are only a little more secure on a 64-bit architechture. We have commercially available routers being to make themseleves available w/ capabilities to prevent or minimized the affects of DoS attacks. What I am getting too, is that i think we need to stop sticking to mainstream ideas when developing hardware componets. Hardware makers for computer companies need to invest in new technologies for the consumers and retail. Ones that give the programmer more power to develop complex applications and processes that render or perform flawlessly under little to no stress, while also having more control over security. </rant>
0

#2 User is offline   Logan 

  • Specialist
  • Icon
  • Group: Specialist
  • Posts: 1,596
  • Joined: 29-February 04

Posted 12 July 2004 - 06:59 PM

more complex = more problems...

when it comes to saying a buffer can only hold, say, 20 characters, and then doesn't make sure it actually is =< 20, what is hardware gonna do to pervent programmer's error? or maybe there's an HTTP exploit that directly sends commands to shell, hardware's just doing what it's told...
mostly all i can think of that hardware can stop is generic overflows... and they are taking preventive measures for those (ex.. amd made a processor to "stop buffer overflows").. there are very many types of attacks hardware can't do anything with though

good thinking though
Logan's Web Services
0

#3 User is offline   hks3207 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 58
  • Joined: 21-October 05

Posted 23 October 2005 - 10:14 PM

Actually my opinion here would be that if the companies do the hardware more sofisticated, yah it would probably be more secured, as it will be more expensive as it could have more failures which could lead to more bugs too if they dont take extreme care of the new piece of hardware..


And btw i think that's the programmer's point there, to make the hardware secure .. they could actually code something to prevent the connections on X port or do not allow connections other than in X port you know something like that, but as tweakz said, the more complex, the more hard, the more time it would take and that is for sure.. the more problems it could bring + the company could just be wasting big money investing on a new product when they could just upgrade they're old one with some fixes that won't cost them as much and would make them win much more ;)
0
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users

  • Share



Our Sponsors:


SwiftLayer Affiliate Web Hosting