From: gep2(_at_)terabites(_dot_)com
...
Any computer on which software can be installed could theoretically have BAD
software installed.
What major operating systems are configured by default to install
software from distant servers unknown to a computer system's owners?
I don't believe it's possible by any kind of automated
means to determine absolutely that an arbitrary subject program is bug-free,
or
even that it will terminate.
The halting problem is a red herring.
And in particular, a WORD macro virus (for instance) which works on a
Windows-based OS will probably work on a Mac-based OS too... since the level
of
abstraction provided by the macro facility SPECIFICALLY shields the executing
macro from vagaries based on the underlying OS.
That's another red herring. I believe the WORD macro virus hole
was closed long ago. I know that similar holes in emacs and vi
were closed many years ago.
...
The US military has spent many billions of dollars over the years in research
trying to find "absolutely secure" operating systems, and although they have
made some fairly impressive strides, ...
That's yet another red herring. The DOD trusted systems efforts have
been targeted mostly at keeping secrets within a system instead of
preventing the installation of bad software. Historically, the standard
way (on at least some such trusted systems in my personal experience)
for vendors to install software is to be escorted past the armed guards
with your media, bypass and turn off the MAC (mandatory access control)
system, install the software, restore the MAC stuff, and leave your
media to be destroyed.
I think the DOD's trusted system stuff is a boondoggle, waste of money,
and worse, gives people a false sense of security, but that's also
irrelevant here.
Buffer overflow exploits, in particular, (along with similar array subscript
...
are powerless unless the exploit is in software that has permission
to install software or at least execute software. Worries about such
issues is why MTAs often run in "chroot jails".
This is yet another red herring.
Just as nobody should ever be stupid enough to run an executable that arrives
in
an E-mail from someone they don't know, they similarly shouldn't run
executables
that arrive from someone they DO know unless they know what it's about, and
have
verified (separately) with the sender why it was sent and that it's
legitimate.
There is no reason why such windows of vulnerability should be left open for
no
reason at all.
What major system is configured by default to execute programs that
arrive in email and is configured by default gives the MUA of every
user the right to install software?
What major system system vendor touts as an advantage the lack of
a "sandbox" in its competetors to Java?
What does any of this have to do with ASRG or with spam in general?
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg