Author: Dann Corbit
Date: 11:22:48 06/29/04
Go up one level in this thread
On June 28, 2004 at 20:59:09, Angrim wrote: >On June 28, 2004 at 20:37:00, Dann Corbit wrote: > >>On June 28, 2004 at 19:50:19, Peter Berger wrote: >> >>>But I am really quite sure that potential crashes of your movei chess program >>>don't fall into this category for various reasons. I can imagine an attack >>>against Movei running on a chessserver - but how is this threat going to be >>>worked on to threaten someone's computer? >> >>Very simple. Write a rogue engine that sends the overrun to any opponent named >>"movei*" > >no chess server that I have used has the option for one player to >send an arbitrary string of character to the oponent and pretend that >it is a chessboard. Have you actually examined all the source code for FICS? How about the source code for ChessMaster online? And for all the other online chess systems? The chances for an exploit are not high. But if one does exist, then the damage could be tremendous. It is not difficult to code defensively, and it is a very good habit to cultivate. > Which is what your suggestion would require. >Now a chess server coder could possibly add such an attack, assuming >that your interface program didn't do any sanity checking, but that >is taking paranoia pretty far. There are literally thousands of virus and worm attacks. Some nitwits seem to spend all their waking hours looking for, and finding, exploits. I am guessing that one could be found if enough effort were put into it. Would you like to be responsible for a literal billion dollars in damage when 15 minutes of code review could have totally prevented it?
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.