lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Oct 2006 10:09:13 -0600 (MDT) From: "Bruce Ediger" <eballen1@...st.net> To: "full-disclosure" <full-disclosure@...ts.grok.org.uk> Subject: Re: "Fire and forget" exploits? On Fri, 20 Oct 2006, Brendan Dolan-Gavitt wrote: > It seems like this kind of exploit is dying out, particularly as > different flavors of Linux proliferate, each with their own slightly > different libc and userland; in the Windows world, however, we still > find "universal" exploits that work on NT4/2k/XP over a variety of > service packs. Doesn't this implicitly support Dan Geer et al's argument about software monoculture? In fact, wouldn't the "linux monoculture" concept constitute a bit of a misnomer? Each "slightly different" userland and libc would constitute a different flavor, right? Nevertheless, the received wisdom remains that "If linux took over from Windows tomorrow, all the hackers would concentrate on linux flaws, and we'd be in the same position." -- Bruce Ediger 720-932-1954 eballen1@...st.net _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists