The Computer Science of Insecurity

Slashdot

+ - The Computer Science of Insecurity -> 0

Submitted by mikejuk on Thursday December 29, 2011 @10:47AM

mikejuk writes "After security by obscurity we now have security by computer science! The idea explained at this year's 28th Chaos Computer Congress (28C3) by Meredith Patterson was simply that, if you build input languages and protocols that are too powerful, from the point of view of grammar, then you deserve all you get. If a protocol is Turing-complete then recognizing valid input is formally undecidable. Only by reducing the sophistication to context free or regular grammars can we protect against "creative" uses of software. See the video of the presentation — you wont be bored."
Link to Original Source

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

The Computer Science of Insecurity

Load All Comments

Search 0 Comments Log In/Create an Account

Comments Filter:

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

FORCE YOURSELF TO RELAX!

The Computer Science of Insecurity More Login

The Computer Science of Insecurity