| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Aug 2006 14:04:33 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: Michal Zalewski <lcamtuf@...ne.ids.pl> Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk, vulnwatch@...nwatch.org Subject: Re: [VulnWatch] Re: Concurrency-related vulnerabilities in browsers - expect problems Some interesting work. For those who haven't made the connection yet - concurrency issues probably go far beyond just web browsers. It's a safe bet that *any* software that's multi-threaded, multi-process, event-based, or asynchronous could have these sorts of issues. Traditional data manipulation techniques probably won't be effective in finding them. In other words - concurrency is a rich area for future research, and web browser bugs are probably the tip of the iceberg. - Steve
Powered by blists - more mailing lists