Hacker News new | past | comments | ask | show | jobs | submit login

Exploits rely on interactions between parts of a system, not on crunching numbers. A pure Turing machine is perfectly un-exploitable since <s>its only i/o is supposed to be to the keyboard and the screen</s> (edit: it has no i/o whatsoever). CSS would have more holes than JS if it offered more APIs (which it might do unknowingly by mistakes in programming).

A "pure" Turing machine has no input or output at all, just an infinite expanse of tape.

Ah, indeed, I tend to confuse it for Brainfuck which at least can do something of use.

I/O on a Turing machine consists of initializing the tape with your input and reading the output off the tape once it's finished computing.

Indeed, and that exactly puts all the onus of exploitability on the machine's environment. The tape might as well be written by regular expressions, if some of the outputs make the ‘interpreter’ do network requests and stuff.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact