Madshrimps Forum Madness

Madshrimps Forum Madness (https://www.madshrimps.be/vbulletin/)
-   WebNews (https://www.madshrimps.be/vbulletin/f22/)
-   -   All source code is vulnerable to old bidis (https://www.madshrimps.be/vbulletin/f22/all-source-code-vulnerable-old-bidis-209785/)

Stefan Mileschin 3rd November 2021 07:00
All source code is vulnerable to old bidis
 
University of Cambridge boffins urge panic

Virtually all compilers are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected.

Boffins at the University of Cambridge discovered a bug that affects most computer code compilers and many software development environments.

The problem is a component of the digital text encoding standard Unicode, which allows computers to exchange information regardless of the language used. Unicode currently defines more than 143,000 characters across 154 different language scripts .

However, Unicode's bi-directional or "Bidi" algorithm, which handles displaying text that includes mixed scripts with different display orders, such as Arabic -- which is read right to left -- and English (left to right) has a pretty big issue. Computer systems need to have a deterministic way of resolving conflicting directionality in text and it uses a function called the "Bidi override," which can be used to make text work in any direction.

https://fudzilla.com/news/53801-all-...e-to-old-bidis


All times are GMT +1. The time now is 13:48.

Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO