funsec mailing list archives
Re: Texas Bank Dumps Antivirus for Whitelisting
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Wed, 16 Jul 2008 21:33:32 -0400
I did a talk a couple of years ago at Boston University along this lines. I pointed out that many (but of course not all) security flaws in software are due to data morphing into code. Examples: buffer overflow, SQL injection, and XSS errors. I'm not sure how Harvard Architecture, whatever it might be, would protect against SQL injection and XSS errors. Buffer overflows can be dealt with by marking data pages as non-execute in the page table. Why this relatively simple fix can't be implemented across the board in Windows is a head scratcher to me. Richard -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Rob, grandpa of Ryan, Trevor, Devon & Hannah Sent: Wednesday, July 16, 2008 9:59 PM To: funsec () linuxbox org Subject: Re: [funsec] Texas Bank Dumps Antivirus for Whitelisting Date sent: Wed, 16 Jul 2008 19:46:24 -0400 From: Rich Kulawiec <rsk () gsp org>
Wrong answer. The correct answer is to recognize that any operating system which requires anti-virus software is fundamentally, deeply broken and to either (a) fix it (b) get it fixed or (c) dump it.
Even better, let's dump von Neumann architecture, go back to Harvard architecture, and avoid viruses altogether ... Sorry, but I remember the late 80s when everybody was saying that once we got some security (mainframe-type, of course) into desktop operating systems viruses would be a thing of the past. They aren't, obviously. As long as data can be executed, and programs can be treated as data, viruses will be inherently possible. (And that's just viruses. The techie version of getting rid of a [favourite dumb- person epithet] by giving them a card with "Turn over" written on both sides is to tell someone to come up with a technical solution to trojans ...) ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org Before speaking, consider the interpretation of your words as well as their intent. - Andrew Alden victoria.tc.ca/techrev/rms.htm en.wikipedia.org/wiki/Robert_Slade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Texas Bank Dumps Antivirus for Whitelisting, (continued)
- Re: Texas Bank Dumps Antivirus for Whitelisting Nick FitzGerald (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Drsolly (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Drsolly (Jul 16)
- Re: Texas Bank Dumps Antivirus for Whitelisting David Harley (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Toralv_Dirro (Jul 15)
- Re: Texas Bank Dumps Antivirus for Whitelisting Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 16)
- Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 16)
- Re: Texas Bank Dumps Antivirus for Whitelisting Larry Seltzer (Jul 16)
- Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 16)
- Re: Texas Bank Dumps Antivirus for Whitelisting Larry Seltzer (Jul 16)
- Re: Texas Bank Dumps Antivirus for Whitelisting Toralv_Dirro (Jul 16)