[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Truth matters when writing software and selecting leaders

From: Jacob Bachmeyer
Subject: Re: Truth matters when writing software and selecting leaders
Date: Sun, 04 Apr 2021 18:38:26 -0500
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20090807 MultiZilla/ SeaMonkey/1.1.17 Mnenhy/

Martin wrote:
In a perfect world if everything is reproducible than all the compilations are deterministic. It means that for a given environment your source code will always produce the same binaries. Briefly DDC method is using mix of different environments in order to analyze the binary patterns of the same source code.

The downside of this is that we are right back to a binary monoculture, and an exploit that works on one machine would be trivially guaranteed to work everywhere. We really need some kind of controlled randomization that allows provably equivalent executables to be produced, but such that exploits relying on hardcoded offsets will only work on a limited subset.

-- Jacob

reply via email to

[Prev in Thread] Current Thread [Next in Thread]