Slashdot Mirror

← Back to Stories (view on slashdot.org)

MIT System Fixes Software Bugs Without Access To Source Code

Posted by Soulskill on from the copies-solutions-from-stack-overflow dept.

jan_jes writes: MIT researchers have presented a new system at the Association for Computing Machinery's Programming Language Design and Implementation conference that repairs software bugs by automatically importing functionality from other, more secure applications. According to MIT, "The system, dubbed CodePhage, doesn't require access to the source code of the applications. Instead, it analyzes the applications' execution and characterizes the types of security checks they perform. As a consequence, it can import checks from applications written in programming languages other than the one in which the program it's repairing was written."

7 of 78 comments (clear)

  1. Hmmm .... by gstoddart · · Score: 5, Insightful

    And to whom do you file the bug report again?

    I can just imagine it now "Yeah, we run this cool thing called CodePhage which patched the software, but now it broke". They'll laugh at you and hang up.

    This sounds like an automated system for mangling together random bits of software and hoping you still have something usable.

    "The longer-term vision is that you never have to write a piece of code that somebody else has written before," Rinard says. "The system finds that piece of code and automatically puts it together with whatever pieces of code you need to make your program work."

    Sounds totally cool. Also sounds like complete fiction.

    --
    Lost at C:>. Found at C.
    1. Re:Hmmm .... by xxxJonBoyxxx · · Score: 4, Insightful

      >>>> system finds that piece of code and automatically puts it together with whatever pieces of code you need to make your program work
      >> sounds like complete fiction
      I think we already do with with libraries and dependencies...just not at the executable level.

    2. Re:Hmmm .... by Pieroxy · · Score: 3

      The problem is that it gives a false sens of security. Your favorite bank can now fire those two last skilled people and get 10 more dumb indians (note: not all indians are dumb) to piss off shitty code. Just run their "CodePhage magic" and you still have a software full of holes (but a little less than if you didn't run it.)

      The problem is just that now that you have fired those two people that knew what they were talking about, you're just clueless about what is going on.

      --
      Write boring code, not shiny code!
    3. Re:Hmmm .... by VorpalRodent · · Score: 5, Funny

      I tried that, but the parent process was *not* happy!

      --
      Take it to the limit, everybody to the limit, come on, everybody fhqwhgads.
    4. Re:Hmmm .... by RabidReindeer · · Score: 3, Funny

      >>>> system finds that piece of code and automatically puts it together with whatever pieces of code you need to make your program work

      Hey! Why does my Windows 10 system boot up with a picture of a penguin?

  2. Sayonara Copy Protection and Key Checks!!! by neversleepy · · Score: 3, Insightful

    Woo hoo. Finally I can treat the copy protection and CONSTANT recurring key checks as bugs in the software I have paid for!

    1. Re:Sayonara Copy Protection and Key Checks!!! by Bert64 · · Score: 4, Insightful

      Pirates already have versions with these bugs fixed, widely available from various torrent sites.

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!