Stories
Slash Boxes
Comments

SoylentNews is people

Secure Apps Exposed to Hacking via Flaws in Underlying Programming Languages

posted by takyon on Tuesday December 12 2017, @03:51AM   Printer-friendly
from the fuzzy-illogic dept.

MrPlow writes:

Submitted via IRC for SoyCow8317

Research presented this week at the Black Hat Europe 2017 security conference has revealed that several popular interpreted programming languages are affected by severe vulnerabilities that expose apps built on these languages to attacks.

The author of this research is IOActive Senior Security Consultant Fernando Arnaboldi. The expert says he used an automated software testing technique named fuzzing to identify vulnerabilities in the interpreters of five of today's most popular programming languages: JavaScript, Perl, PHP, Python, and Ruby.

[...] The researcher released XDiFF as an open source project on GitHub. A more detailed presentation of the testing procedure and all the vulnerabilities is available in Arnaboldi's research paper named "Exposing Hidden Exploitable Behaviors in Programming Languages Using Differential Fuzzing."

Source: https://www.bleepingcomputer.com/news/security/secure-apps-exposed-to-hacking-via-flaws-in-underlying-programming-languages/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Secure Apps Exposed to Hacking via Flaws in Underlying Programming Languages | Log In/Create an Account | Top | 34 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Freeman on Tuesday December 12 2017, @06:13PM

    by Freeman (732) on Tuesday December 12 2017, @06:13PM (#608833) Journal

    Assuming you can write functional javascript, you can likely write a functional program. Personally, I've been dabbling with Python. It may not be the greatest language in the world, but it's quite fun to work with. I created my own little program to give me a call number cutter given a specific word. Works great! I got the idea from a Dewey Cutter program. My program saves me quite a bit of time when I have to come up with my own cutters. I took programming classes in College that went over Java and C++. (BS-Computer Information Systems) A year or so ago, I took the free Codecademy Python course and have been playing with it ever since. Python is very beginner friendly. Before that I had been dabbling with some C# in VirtualStudio and wrote a little program to replace a barcode generating program. Currently working on a game with my Wife, Brother, and Sister In-Law. I'm the "programmer" and overall lead designer, but I hardly have any artistic talent in me. Wife can draw awesomely, and got my brother /sister in-law into writing some story. This is so true as well: https://www.xkcd.com/627/ [xkcd.com]

    --
    Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2