Thursday, February 26, 2004
BBC NEWS | Technology | Hackers exploit Windows patches
"It's a myth that hackers find the holes" is the quote that stood out for me. Apparently some people are surprised to discover that hackers do not spend their every waking hour looking for holes in Windows - they take the far easier option of waiting for Microsoft to admit to a problem and then they reverse-engineer the patch to work out how to exploit it (of course, even once a patch is released, there will be thousands of machines that remain unpatched and hence vulnerable). Now, this doesn't surprise me at all - why waste time looking for holes when Microsoft periodically owns up to them. I guess what this story makes me worry about is that increased awareness of this type of hacking could lead to a secretive approach to dealing with vulnerabilities, one that in the end will be counter-productive and lead us back to the bad old days of companies like Microsoft (it's not just them) not even admitting there's a problem.
So what's the answer? Damned if you tell 'em, damned if you don't, it seems. One intriguing solution might be to re-design the software and even hardware to help prevent major hacks in the first place. For example, AMD & Intel now have plans for chips that keeps data and program instructions in two separate parts of memory, thus preventing the "buffer overflow" problem (see link for a better explanation than I could give here). Of course, buffer overflows aren't the only way to gain access to a machine, but it's a start. I wonder what else we could design chips to fend off... spam maybe? now that would be nice.
"It's a myth that hackers find the holes" is the quote that stood out for me. Apparently some people are surprised to discover that hackers do not spend their every waking hour looking for holes in Windows - they take the far easier option of waiting for Microsoft to admit to a problem and then they reverse-engineer the patch to work out how to exploit it (of course, even once a patch is released, there will be thousands of machines that remain unpatched and hence vulnerable). Now, this doesn't surprise me at all - why waste time looking for holes when Microsoft periodically owns up to them. I guess what this story makes me worry about is that increased awareness of this type of hacking could lead to a secretive approach to dealing with vulnerabilities, one that in the end will be counter-productive and lead us back to the bad old days of companies like Microsoft (it's not just them) not even admitting there's a problem.
So what's the answer? Damned if you tell 'em, damned if you don't, it seems. One intriguing solution might be to re-design the software and even hardware to help prevent major hacks in the first place. For example, AMD & Intel now have plans for chips that keeps data and program instructions in two separate parts of memory, thus preventing the "buffer overflow" problem (see link for a better explanation than I could give here). Of course, buffer overflows aren't the only way to gain access to a machine, but it's a start. I wonder what else we could design chips to fend off... spam maybe? now that would be nice.
(c) 2003-2005 Russell Beale
Atom
RSS