Wikipedia

Talk:Exploit (computer security): Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
RainR (talk | contribs)
1,038 edits
m rv
Critique of current article, and suggestions on how it could be improved by someone with the neccessary security knowlage.
Line 10:
 
:Well, nobody objected in a few months, so moved it is. --[[User:Fubar Obfusco|FOo]] 04:24, 4 Feb 2005 (UTC)
 
== Numerious problems ==
 
I really feel that this article could be brought up to the level of wikipedia's other computer related articles, but as I am not a hacker or person skilled in computer security, I do not feel comfortable attempting to do this myself. A number of problems that concerned me about this article follow. I have restrained myself to improving the initial definition to be a bit more broad and complete.
 
The first problem is the distinction between a remote and local exploit. While these are terms that should be discussed, as they are in common usage, not all exploits will fall into one of these two catagories and is therefore not a universal classification.
 
I feel that a more general description of an exploit should include that an exploit is something that "exploits" a programming bug, setup bug, or abuses a feature. Does anyone have any comments on this? Immediately talking about common types of exploits misses that these are all types of bugs, and that exploit finding is really a subset of bug finding.
 
It's pedantic of me to point this out, but the term super-user is unix/linux/bsd/*nix specific. Going back to my broader definition, I would like to use a hypothetical example. Many (all?) elevators in the United States have telephones in them for communication with the elevator's users durring an emergency. An unintended or incidental behavor exists however, in that in some elevators it is possible, given the correct phone number, to call the phone inside the elevator and listen to people inside. I would consider this an unintended use of an elevator feature, and therefore an exploit. This does not include getting extra access to a computer, any of the vulnerablity types mentioned, and appears to be outside the current stated scope of the article. Would this be considered an exploit?
 
I really think that this article could be brought up to the level of one of wikipedia's computer science articles, include broad examples, and include a holistic aproach to viewing exploits as a subset of bug finding.
 
-- Unfortunetly not anonymous user, November 7, 2006
Add topic
Retrieved from "https://en.wikipedia.org/wiki/Talk:Exploit_(computer_security)"