One of the programming challenges at SPOJ involves writing code in.bf, where input validation is practically infeasible. While there wasn't a chance for arbitrary code, an unexpected value could still disrupt the program. With other esoteric programming languages, input validation would be a luxury, and it's no surprise that something theoretical would come out.
When I followed a few links, I came across a sample exploit [github.io], but I don't see why it's an exploit, nor do I understand what said machine is trying t
I don't think this is a matter of utility but novelty. They said there is no patch and I wonder if it's a matter of fundamental hardware design. I am not to familiar with the architecture but I have a feeling it's virtually single user, so either the user is effectively already by default a super user or the system has minimal design in terms of user access. In such an environment, the exploit is really just the novelty of finding it. It likely affects no more than hobbists and at best it could be used to run a program from another user/department when you already have physical access...
Late April Fools (Score:2)
One of the programming challenges at SPOJ involves writing code in .bf, where input validation is practically infeasible. While there wasn't a chance for arbitrary code, an unexpected value could still disrupt the program. With other esoteric programming languages, input validation would be a luxury, and it's no surprise that something theoretical would come out.
When I followed a few links, I came across a sample exploit [github.io], but I don't see why it's an exploit, nor do I understand what said machine is trying t
Re: Late April Fools (Score:2)
I don't think this is a matter of utility but novelty. They said there is no patch and I wonder if it's a matter of fundamental hardware design. I am not to familiar with the architecture but I have a feeling it's virtually single user, so either the user is effectively already by default a super user or the system has minimal design in terms of user access. In such an environment, the exploit is really just the novelty of finding it. It likely affects no more than hobbists and at best it could be used to run a program from another user/department when you already have physical access...