(no title)
gwu78 | 8 years ago
If you are suggesting that developers, regardless whether they develop mobile apps or ransomware, will start relying less on DNS, I respectfully disagree.
Someone else in this thread commented how reliance on DNS makes systems "fragile". With that I strongly agree.
The same old assumptions will continue to be made, such as the one that DNS, specifcally, ICANN DNS, is always going to be used.
How to break unwanted software? Do not follow the assumptions.
For example, to break a very large quantity of shellcode change the name or location of the shell to something other than "/bin/sh".[1]
Will shellcoders switch to a "robust statistical model" instead of hard coding "/bin/sh"?
Someone once said that programmers are lazy. Was he joking?
1. Yes, I know it may also break wanted third party software. When I first edited init.c, renamed and moved sh I was seeking to learn about dependencies. I expected things to break. That was the point: an experiment. I wanted to see what would break and what would not.
kccqzy|8 years ago
Even though the POSIX standard says:
> Applications should note that the standard PATH to the shell cannot be assumed to be either /bin/sh or /usr/bin/sh, and should be determined by interrogation of the PATH returned by `getconf PATH`, ensuring that the returned pathname is an absolute pathname and not a shell built-in.
> For example, to determine the location of the standard sh utility:
command −v sh