Lpc2000

At 12:49 AM 4/24/2006 +0000, jayasooriah wrote:
>One other poster said that it is irrelevant of the CSI can be made to
>crash by supplying erroneous input.  I think it matter, because this
>vulnerability is a resource that hackers use to exploit.  This is one
>of the most commonly used methods if you look at history.

I agree with you with the caveat that the vulnerability still exists with 
CRP turned on.  Actually as a potential method of breaking security this 
strikes me as being the bigger hole,  Fortunately it should be the easier 
to fix.


>It would be a win-win for both Philips and LPC community if Philips would:
>
>a)  open a channel to acknowledge bugs as and when they are reported;
>b)  provide information as to what versions and parts these apply to; and
>c)  indicate when they plan to fix them and how users can check this out;

Agreed, although to be fair to Philips they are far from unique in this regard.

Robert

" 'Freedom' has no meaning of itself.  There are always restrictions,   be 
they legal, genetic, or physical.  If you don't believe me, try to chew a 
radio signal. "  -- Kelvin Throop, III
http://www.aeolusdevelopment.com/