It's what amplifies the effects of malicious code to the point where it
can have devastating effects.
Here is another
paper from last year's WORM, this one describing a method called
synthetic diversity as a method for combating malicious code.
It's an
interesting read but I disagree with most of it for a number of
reasons:
- Synthetic diversity within a program can only go so far.
While the techniques may reduce the number of attack points within a
program, it won't remove them entirely. Add millions of users to that
situation and diversity within a program that does the same function,
time after time, becomes a bit shallow. - As always, adding
complexity isn't a good response to lessen vulnerabilities. The KISS
principle is better. - Diversity can only be provided via a small
number of methods. It wouldn't take long for the "bad guys" to adapt.
Even if more methods were developed, it would lead to an already
familiar type of arms race.
Anyone care to argue for or
against?
No comments:
Post a Comment