687 off defences like the stack canaries. The fourth again makes it |
687 off defences like the stack canaries. The fourth again makes it |
688 a bit easier to read the code. The final option makes the |
688 a bit easier to read the code. The final option makes the |
689 stack executable, thus the example in Figure~\ref{C3} |
689 stack executable, thus the example in Figure~\ref{C3} |
690 works as intended. While this might be considered |
690 works as intended. While this might be considered |
691 cheating....since I explicitly switched off all defences, I |
691 cheating....since I explicitly switched off all defences, I |
692 hope I was able convey that this is actually not too far from |
692 hope I was able convey the point that this is actually not too far from |
693 realistic scenarios. I have shown you the classic version of |
693 realistic scenarios. I have shown you the classic version of |
694 the buffer overflow attacks. Updated variants do exist. Also |
694 the buffer overflow attacks. Updated variants do exist. Also |
695 one might argue buffer-overflow attacks have been solved on |
695 one might argue buffer-overflow attacks have been solved on |
696 computers (desktops or servers) but the computing landscape of |
696 computers (desktops or servers) but the computing landscape of today |
697 nowadays is wider than ever. The main problem nowadays are |
697 is much wider than that. The main problem today are |
698 embedded systems against which attacker can equally cause a |
698 embedded systems against which attacker can equally cause a |
699 lot of harm and which are much less defended. Anthony Bonkoski |
699 lot of harm and which are much less defended. Anthony Bonkoski |
700 makes a similar argument in his security blog: |
700 makes a similar argument in his security blog: |
701 |
701 |
702 \begin{center} |
702 \begin{center} |