For all you computer security types

[big_bad_al]

I'm sure all the CS people reading this (and maybe even some of the non-CS types!) are familiar with buffer overflow attacks, and know how to both protect against them and exploit them in other people's code, or at least have a vague idea about how to do it. However, fewer people have heard of format string attacks. Here's a fairly detailed

Comments

[macdaddyfrosh]

Have a look at "cross-site scripting vulnerabilites"; this is basically the same thing, if I understand your post (and "XSS", as they call them) correctly.

Which is to say, (a) NEVER TRUST YOUR USER, and (b) many languages have a "quote" or "escape" function on strings that will go through a string and escape all the control characters it contains.

That's a pretty stylish hack, I must say.

[big_bad_al]

They're similar in that both of them (along with buffer overflow attacks, SQL injection, and most other security problems) are caused by programs not validating their inputs.

XSS (as discussed in this very informative tech talk around minute 55) is a web-based vulnerability in which websites allow users to post arbitrary code on the site. As a general rule, websites with user logins put unique "session ID" cookies on users' machines to validate their sessions after they log in (and remove these cookies when they log out). If you can get someone else's cookie, you can log in as them (at least for a while) without that tedious business of actually logging in

[macdaddyfrosh]

I've got my terminology mixed up, then; I'm thinking of the case where you echo back user input on a web page, and the user inputs something fun that makes your page do things you didn't mean for it to. That way, you could, say, run arbitrary PHP code, and have an absolute ball screwing people up. Again, with the "validate your input" meme that it's good to see people echoing.

It's funny, because the first thing I thought when you said "...C++..." was "Prof. O'Neill would kill me if I used printf() in a C++ program", even though she's thousands of miles from here. ostreams and << all the way, was the message that got pounded into our heads. (Even though formatted printing this way is a pain in the assAn interesting side note is that lots of languages implement variations on printf(); strings in Python have __mod__ set up to take iterable structures and format them, for instance (more an "sprintf" than a "printf", strictly speaking

[big_bad_al]

Perhaps you're thinking of PHP include vulnerabilities?

What all have you been doing with OCaml lately?

[mockery0]

You don't really think assembly is better than C/C++ for something like a game, do you? How would you recommend writing a performance-intensive application that's shipping on three dramatically different hardware targets? (eg. Xbox, Playstation and PC...)

:)

I'm pretty sure C++ is still The Right Language to be using for games and other high-performance programs, although a well-integrated higher-level scripting language is nice for things like game logic if you can keep it lean and mean...

[jcmdev0]

You can write YOUR operating system in python.

[big_bad_al]

I'll grant that it would be slower and probably have poor memory use, but it would certainly be more secure (assuming you could get a boot loader to start up a python script in the first place).

[big_bad_al]

and come to think of it, I'd need to expunge all C++ code from the machine or else get it to run on a VM to avoid this problem. Perhaps it would be simplest to run VMware as my main OS? I'd rather not make an x86 interpreter for all the 3rd party code out there. Perhaps it would be best just to completely rewrite everything with security in mind.

\sheep{Perhaps I'll just suffer these security problems, since fixing them is a hard task.}

[jcmdev0]

There is a certain appeal to running a java os in a virtual machine. I have strong doubts that you will be able to replace the C glue once you get close enough to the raw silicon. (You still need to run the VMM on something).

I wouldn't be terribly upset if we threw out the x86 architecture. Aside from the economic impact of everyone upgrading, it would let us get rid of a mammoth pile of backwards compatibility garbage in hardware and software.

[code65536]

I'm still bitter at Python being a whitespace nazi. :P