Secure Coding mailing list archives
RE: Hypothetical design question
From: ljknews <ljknews () mac com>
Date: Tue, 03 Feb 2004 15:55:33 +0000
At 8:53 PM -0600 2/1/04, Alun Jones wrote:
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ljknews Sent: Saturday, January 31, 2004 12:43 PM Antivirus scanners typically work by matching against patterns of known viruses. For VMS that is the null set.Hope you don't mind me saying this, but that's essentially a null argument. All software sucks, that's a given. All software has bugs, all software has security flaws, often the biggest of which is that all software is (at some point) used, configured and controlled by humans.
Certainly all software has defects, but whether that can be exploited by sociopaths can vary.
Unless you're going to point to specific _technical_ features of VMS (and I'm glad that you have) that prevent the spread of viruses, the argument that the system currently has no viruses is nothing better than a security by obscurity argument.
1. VMS does _nothing_ automatically on receipt of email. 2. VMS users in practice do not typically run with system management privileges. 3. Programming practices by VMS Development and the VMS Calling Standard mitigate against buffer overflows and similar exploits in sensitive code. 4. Successive releases of VMS do not involve wholesale replacement (vs. refinement) of significant numbers of modules. I have heard an estimate that 30% of one release of Windows NT was totally replaced for one release. Starting from scratch rather than modifying old code is a monumental effort and no development organization can support to much of that at a time. Certainly VMS is software, and thus not perfect. VMS Development has announced to small groups certain security improvements they are planning for VMS 8.2, but these are to defend against potential exploits that have not been reported on VMS. The great mass of security-related changes in VMS 6.0 were in response to defects discovered only in white-box testing. [Ed. I think that we've taken this thread about as far (or farther :-) than it should go. Folks, let's please either bring this back to secure application development practices, or let's let the thread die. Thanks. KRvW]
Current thread:
- Re: Hypothetical design question, (continued)
- Re: Hypothetical design question Glenn and Mary Everhart (Jan 30)
- Re: Hypothetical design question Fernando Schapachnik (Jan 30)
- RE: Re: Hypothetical design question Nick Lothian (Jan 29)
- Re: Hypothetical design question Greenarrow 1 (Jan 30)
- RE: Re: Hypothetical design question Carl G. Alphonce (Jan 30)
- RE: Hypothetical design question Jeremy Epstein (Jan 30)
- Re: Hypothetical design question der Mouse (Jan 31)
- RE: Hypothetical design question Shea, Brian A (Jan 31)
- RE: Hypothetical design question ljknews (Feb 01)
- RE: Hypothetical design question Alun Jones (Feb 02)
- RE: Hypothetical design question ljknews (Feb 03)
- Re: Hypothetical design question Crispin Cowan (Feb 04)
- RE: Hypothetical design question Alun Jones (Feb 04)
- RE: Hypothetical design question dtalk-ml (Feb 04)
- RE: Hypothetical design question Alun Jones (Feb 04)
- Re: Hypothetical design question Crispin Cowan (Feb 05)
- RE: Hypothetical design question ljknews (Feb 01)