funsec mailing list archives
Re: Texas Bank Dumps Antivirus for Whitelisting
From: Drsolly <drsollyp () drsolly com>
Date: Thu, 17 Jul 2008 23:20:33 +0100 (BST)
On Thu, 17 Jul 2008, Larry Seltzer wrote:
Harvard architecture, unlike von Neumann architecture, had a strictseparation of progrma and data store and representation. It would have been impossible for a program to modify its own or other executable material. Data was not executable, so SQL injection and XSS would have been impossible. (So would a lot of other things, but ...) I'm not a real computer scientist, I just play one online, but this isn't how I thought it worked. SQL isn't actually executable code, it's just data that program code uses in order to decide what to execute. A program in a Harvard architecture is capable of going "if x==1 then do_this() else if x==2 then do_that(); etc(),etc(),etc()" - can't it? Things like buffer overflows would be impossible with a Harvard architecture, but I don't see why SQL injection or Trojan horse programs or many other malicious items would be any less likely.
What's the difference between bytes that are executable, and bytes that are used by the computer to decide what to do? _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Texas Bank Dumps Antivirus for Whitelisting, (continued)
- Re: Texas Bank Dumps Antivirus for Whitelisting Jeff Kell (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Valdis . Kletnieks (Jul 18)
- Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 18)
- Re: Texas Bank Dumps Antivirus for Whitelisting Blue Boar (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Blue Boar (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Larry Seltzer (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Drsolly (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Larry Seltzer (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 17)
- Re: Texas Bank Dumps Antivirus for Whitelisting Larry Seltzer (Jul 17)