Good code, bad computations: A few days ago two graduate scholars Ryan Roemer and Erik Buchanan from California's San Diego University reveled the process of making a computer virus that has high automated capacity than was ever assumed.
A technique termed as return oriented programming could allow even accurately developed software (ie, good code) into an attacker’s friend and can easily be compromised (bad computations).
If we consider software program to be consisting of thousands of small functions then it would be easy to understand that this software can be used as a developer of computer virus. If the virus writers could change the software’s return address not to return to a function, then they could compromise the software and can lead it to any direction.
To put all these in another words, Return-oriented programming exploits start out like more familiar attacks on computers. The attacker takes advantage of a programming error in the target system to overwrite the runtime stack and divert program execution away from the path intended by the system's designers. But instead of injecting outside code—the approach used in traditional malicious exploits—return-oriented programming enables attackers to create any kind of nasty computation or program by using just the existing code.
A possible example of this could be that a Web browser could be made to record passwords entered by user and in turn can be sent to the attacker. Its like taking a huge book (the software) and picking out some matter out of it in a random order which is completely haphazard. This matter is the program which the wants to execute.
Researchers now believe that these types of exploits could be used in the forthcoming attacks. This is because the code is familiar with the environment and runs properly as seen from outside.
Why this is considered so dangerous is because most computer security defenses are based on the notion that protecting the computer from the introduction of malicious code is sufficient for its security. This assumption is the core of trusted computing and anti-virus soft wares. But with the advent of this threat this whole logic is put to fallacy.
