1. Lamport's one-time password scheme uses the passwords in reverse order. Would it not be simpler to use f (s) the first time, f (f(s)) the second time, and so on?
2. Is there any feasible way to use the MMU hardware to prevent the kind of overflow at- tack shown in Fig. 9-21? Explain why or why not.
3. Describe how stack canaries work and how they can be circumvented by the attackers.
4. The TOCTOU attack exploits race condition between the attacker and the victim. One way to prevent race conditions is make file system accesses transactions. Explain how this approach might work and what problems might arise?
5. Name a C compiler feature that could eliminate a large number of security holes. Why is it not more widely implemented?