Secure Coding mailing list archives
RE: Hypothetical design question
From: "Alun Jones" <alun () texis com>
Date: Mon, 02 Feb 2004 17:06:10 +0000
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ljknews Sent: Saturday, January 31, 2004 12:43 PM Antivirus scanners typically work by matching against patterns of known viruses. For VMS that is the null set.
Hope you don't mind me saying this, but that's essentially a null argument. All software sucks, that's a given. All software has bugs, all software has security flaws, often the biggest of which is that all software is (at some point) used, configured and controlled by humans. If VMS has no known viruses, it's because of a combination of factors: 1. About ten people in the world use VMS. 2. A story about a virus infecting VMS is unlikely to make the evening news. If every Windows user switched to some other OS tomorrow, within a few days that system would be under attack from a whole host of new viruses. Unless you're going to point to specific _technical_ features of VMS (and I'm glad that you have) that prevent the spread of viruses, the argument that the system currently has no viruses is nothing better than a security by obscurity argument. There are no viruses because there is no perceived benefit to the virus author. Remember, the virus author can only have a few reasons for writing a virus: 1. To get some form of notoriety (even if it has to be anonymous notoriety, where it's only the author that gets to say "hey, I wrote that", and he only says it to himself). 2. As a destruction of existing systems - kind of a techno-Luddite, or one who hates an OS or app sufficiently much to want to harm everyone that uses it. 3. As a means of creating a vector for future attacks - this is happening more frequently. Note that only item 2 would allow for a cracker to consider writing a virus for a marginally popular OS. Alun. ~~~~ -- Texas Imperial Software | Find us at http://www.wftpd.com or email 1602 Harvest Moon Place | [EMAIL PROTECTED] Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers. Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
Current thread:
- Re: Hypothetical design question, (continued)
- Re: Hypothetical design question der Mouse (Jan 30)
- Re: Hypothetical design question Glenn and Mary Everhart (Jan 30)
- Re: Hypothetical design question Fernando Schapachnik (Jan 30)
- RE: Re: Hypothetical design question Nick Lothian (Jan 29)
- Re: Hypothetical design question Greenarrow 1 (Jan 30)
- RE: Re: Hypothetical design question Carl G. Alphonce (Jan 30)
- RE: Hypothetical design question Jeremy Epstein (Jan 30)
- Re: Hypothetical design question der Mouse (Jan 31)
- RE: Hypothetical design question Shea, Brian A (Jan 31)
- RE: Hypothetical design question ljknews (Feb 01)
- RE: Hypothetical design question Alun Jones (Feb 02)
- RE: Hypothetical design question ljknews (Feb 03)
- Re: Hypothetical design question Crispin Cowan (Feb 04)
- RE: Hypothetical design question Alun Jones (Feb 04)
- RE: Hypothetical design question dtalk-ml (Feb 04)
- RE: Hypothetical design question Alun Jones (Feb 04)
- Re: Hypothetical design question Crispin Cowan (Feb 05)
- RE: Hypothetical design question ljknews (Feb 01)