On Tue, 25 Jan 2005 14:56:13 EST, John Richard Moser said: > This puts pressure on the attacker; he has to find a bug, write an > exploit, and find an opportunity to use it before a patch is written and > applied to fix the exploit. If say 80% of exploits are suddenly > non-exploitable, then he's left with mostly very short windows that are > far and few, and thus may be beyond his level of UNION(task->skill, > task->luck) in many cases.
Correct. > If you can circumvent protection A by simply using attack B* to disable > protection A to do more interesting attack A*, then protection A is > smoke and mirrors. You however missed an important case here. If attack B is outside UNTION(task->skill, task->luck) protection A is *NOT* smoke-and-mirrors. And for the *vast* majority of attackers, if they have a canned exploit for A and it doesn't work, they'll be stuck because B is outside their ability.
pgp0Wvq3IXZWi.pgp
Description: PGP signature
