Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

more on 80 per cent of home PCs infected - survey

From: David Farber <dave () farber net>
Date: Sat, 30 Oct 2004 18:33:05 -0400


Begin forwarded message:

From: Bob Frankston <rmfxixB0406 () bobf frankston com>
Date: October 30, 2004 5:07:16 PM EDT
To: 'Brett Glass' <brett () lariat org>, "'David P. Reed'" <dpreed () reed com> Cc: 'Bob Frankston' <Bob2-0406 () bobf frankston com>, dave () farber net, 'Ip' <ip () v2 listbox com>, 'Brett Glass' <extreme () brettglass com> 
Subject: RE: [IP] more on 80 per cent of home PCs infected - survey
Before responding I must emphasize that it is impossible to have a secure 
machine because there is no unambiguous definition. At best we can talk
about metrics and tradeoffs.
Just tell your users to su to root and rm / -R (or whatever the appropriate command is. Betcha they'd do it. Betcha I can send email that they'll think is from you and do it. Even better if I place an urgent phone call telling them there is a lethal virus and for the sake of their children they better 
do something about it now or else ...
But I'm confused -- what is Unix's security model and how many decades. They are all derived from the Multics ACL model but with some roadbumps along the way. Unix initially had a weak systems with just groups and defaulting to R 
access.

X isn't part of Windows but then the GUI is not part of XP - embedded XP
doesn't depend on the GUI. Even better -- if you just run an embedded system without users then you don't have to worry about them doing dumb things like 
running insecure applications just because they are useful.

All of the systems are hierarchical with drivers having far too much
authority.

Security is only meaningful if one can still make effective use of the
system.
PS: I left this in plane text because too many people assume typography is a 
virus.

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: