Cart
|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: they should've used XML
 On Wed, 2016-07-20 at 15:16 -0400, Simon St.Laurent wrote: > Well, no, probably they shouldn't have, but this mention of ASN.1 and > a potentially major security flaw reminded me of long-ago > conversations here about the value or lack thereof of (relatively > generic) binary formats. > > http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-pho > nes-and-networks-at-risk-of-complete-takeover/ I don't think we can promise that EXI implementations are more secure than ASN.1 implementations. But maybe you saw one of the talks given at Usenix where the researchers unlock a car remotely using a cellphone, then make it start the engine. The vulnerability they used (as I recall) involved buffer overruns in Web services implementations. Liam -- Liam R. E. Quin <liam@w3.org> The World Wide Web Consortium (W3C) 
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] |
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! 
Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||
