项目管理者联盟 | 中国工程管理网 | 中国研发管理网 | 会员中心 | 资料库 | 论坛 | 博客 |
|
|
|
标题:绿霸-密西根大学分析报告
楼主
|
|
wml PMB:1819 省份:江苏 行业:综合应用 注册:2004/8/5 |
http://www.cse.umich.edu/~jhalderm/pub/gd/ Conclusion Our brief testing proves that Green Dam contains very serious security vulnerabilities. Unfortunately, these problems seem to reflect systemic flaws in the code. The software makes extensive use of programming techniques that are known to be unsafe, such as deprecated C string processing functions including sprintf and fscanf. These problems are compounded by the design of the program, which creates a large attack surface: since Green Dam filters and processes all Internet traffic, large parts of its code are exposed to attack. If Green Dam is deployed in its current form, it will significantly weaken China's computer security. While the flaws we discovered can be quickly patched, correcting all the problems in the Green Dam software will likely require extensive rewriting and thorough testing. This will be difficult to achieve before China's July 1 deadline for deploying Green Dam nationwide.
|
回复 | 引用 发表时间:2009/6/12 8:18:34 |
xiongke168 PMB:1 省份:四川省 行业:房地产 注册:2009/6/17 |
标题:Re:绿霸-密西根大学分析报告
1 楼
|
回复 | 引用 回复时间:2009/6/17 17:04:47 |
! 您尚未登录,不能回复主题。 现在 登录 注册 |
|