funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Texas Bank Dumps Antivirus for Whitelisting

From: "Richard M. Smith" <rms () computerbytesman com>
Date: Wed, 16 Jul 2008 21:33:32 -0400
I did a talk a couple of years ago at Boston University along this lines.  I
pointed out that many (but of course not all) security flaws in software are
due to data morphing into code.  Examples: buffer overflow, SQL injection,
and XSS errors.

I'm not sure how Harvard Architecture, whatever it might be, would protect
against SQL injection and XSS errors.  Buffer overflows can be dealt with by
marking data pages as non-execute in the page table.  Why this relatively
simple fix can't be implemented across the board in Windows is a head
scratcher to me.

Richard

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Rob, grandpa of Ryan, Trevor, Devon & Hannah
Sent: Wednesday, July 16, 2008 9:59 PM
To: funsec () linuxbox org
Subject: Re: [funsec] Texas Bank Dumps Antivirus for Whitelisting

Date sent:              Wed, 16 Jul 2008 19:46:24 -0400
From:                   Rich Kulawiec <rsk () gsp org>


Wrong answer.  The correct answer is to recognize that any operating
system which requires anti-virus software is fundamentally, deeply
broken and to either (a) fix it (b) get it fixed or (c) dump it.


Even better, let's dump von Neumann architecture, go back to Harvard 
architecture, and avoid viruses altogether ...

Sorry, but I remember the late 80s when everybody was saying that once we
got 
some security (mainframe-type, of course) into desktop operating systems
viruses 
would be a thing of the past.  They aren't, obviously.  As long as data can
be 
executed, and programs can be treated as data, viruses will be inherently
possible.

(And that's just viruses.  The techie version of getting rid of a [favourite
dumb-
person epithet] by giving them a card with "Turn over" written on both sides
is to 
tell someone to come up with a technical solution to trojans ...)

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
Before speaking, consider the interpretation of your words as
well as their intent.                                 - Andrew Alden
victoria.tc.ca/techrev/rms.htm      en.wikipedia.org/wiki/Robert_Slade
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: