Re: Texas Bank Dumps Antivirus for Whitelisting

["Richard M. Smith" <rms () computerbytesman com>]

But how does a Web browser running on a Harvard Architecture stop XSS
errors?  Code and data mixing happens within HTML and not at the binary
machine level.  You're now saying that we should ditch HTML with its mixture
of tags, text, and script code are you?

Richard

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Rob, grandpa of Ryan, Trevor, Devon & Hannah
Sent: Thursday, July 17, 2008 2:35 PM
To: funsec () linuxbox org
Subject: Re: [funsec] Texas Bank Dumps Antivirus for Whitelisting

Date sent:              Wed, 16 Jul 2008 21:33:32 -0400
From:                   "Richard M. Smith" <rms () computerbytesman com>

> I'm not sure how Harvard Architecture, whatever it might be, would protect
> against SQL injection and XSS errors.  

Kids these days.

Harvard architecture, unlike von Neumann architecture, had a strict
separation of 
progrma and data store and representation.  It would have been impossible
for a 
program to modify its own or other executable material.  Data was not
executable, 
so SQL injection and XSS would have been impossible.  (So would a lot of
other 
things, but ...)

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
Skill without imagination is craftsmanship and gives us many
useful objects such as wickerwork picnic baskets.  Imagination
without skill gives us modern art.                    - Tom Stoppard
http://victoria.tc.ca/techrev/rms.htm
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.