back to article Objective-C can fly the COOP, says subversive at Microsoft Research

Objective-C programmers should use message authentication codes to protect sensitive objects and data structures, according to research presented to this week's Usenix Annual Technical Conference (ATC). A Microsoft Research staffer, and software researchers from UC Irving in America and folks in Germany focused on a technique …

  1. Flocke Kroes Silver badge

    After a few seconds of thinking:

    old plan: update field in a structure.

    new plan 1: call existing method that updates field and sets authentication code.

    new plan 2: provide alternative accessor that does not check authentication code.

    new plan 3: provide alternative alternative authentication code that always passes.

    Perhaps using valgrind to find and fix memory corruption bugs would be more sensible.

    1. patrickstar

      Re: After a few seconds of thinking:

      Noone has ever succeeded in eliminating exploitable bugs in complex software written in memory-unsafe languages, using valgrind or anything else.

      In fact, one of the Firefox JS developers is also one of the guys behind Valgrind. Still, a steady stream of exploitable vulnerabilities are discovered (nowadays frequently as they are being exploited in the wild) in Firefox.

  2. Mark 85

    Microsoft Research.. I wonder if they research their own products for bugs and holes or is that the customer/users job? Interesting that they seem to be announcing bugs in competitors products.

    1. FrankAlphaXII

      Research is not QA. Finding bugs would be the QA department's job, preferably with some input from users who may also be able to reproduce it.

  3. tempemeaty
    Pirate

    Microsoft creator of a Malware OS

    Is it no surprise that a creator of a Malware OS is busy finding flaws in others' code? Isn't that what makers of malware do?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like