Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

It seems to be the widespread use of a computer (O/S), that makes it a target for malware writers.

1 view
Skip to first unread message

Casey Hawthorne

unread,
Sep 28, 2009, 12:44:22 PM9/28/09
to
It seems to be the widespread use of a computer (O/S), that makes it a
target for malware writers.

I wonder if there are a million ways to tweak the Windows O/S kernel,
so that it still works (if it did before), but that, the tweaking in
effect makes it seem like there a million different classes of machine
out there.

A lot fewer machines of a particular class for malware writers to be
tooooo interested in.

Posted in this group, since Roedy frequents this group.
--
Regards,
Casey

Roedy Green

unread,
Sep 28, 2009, 2:51:56 PM9/28/09
to
On Mon, 28 Sep 2009 09:44:22 -0700, Casey Hawthorne
<caseyhHA...@istar.ca> wrote, quoted or indirectly quoted
someone who said :

>It seems to be the widespread use of a computer (O/S), that makes it a
>target for malware writers.
>
>I wonder if there are a million ways to tweak the Windows O/S kernel,
>so that it still works (if it did before), but that, the tweaking in
>effect makes it seem like there a million different classes of machine
>out there.
>
>A lot fewer machines of a particular class for malware writers to be
>tooooo interested in.


I have puzzled why there are so many "security updates". Just how
many places does an OS expose itself?

Perhaps what is needed is an OS written from scratch with security as
paramount. The key would be reducing the number of places an OS
exposes to critical data and keeping each app in its own airtight box
where it can only harm itself. I also want isolate device drivers in
firmware running their own CPUs so bugs in drivers can't compromise
the OS.

It might be wise to not let any coder under 45 years old near writing
or maintaining the security code.

A Roman emperor PRESUMED everyone was out to get him, and organised
accordingly. OSes blithely presume there are no bugs in gigabytes of
code. An OS has to work even when there are bugs. It has to be
constantly cross-checking itself.
--
Roedy Green Canadian Mind Products
http://mindprod.com

When you are programming and you feel paralysis from overwhelm:
(o) Write down your worries in an electronic todo list, so you can temporarily stop thinking about them.
(o) Write smaller modules and classes so you don�t need to juggle many facts to complete the code.
(o) Do some necessary, but simple, clerical task.
(o) Solve some simple problem with at least some probability of being useful in the big solution. It will break the logjam.
~ Roedy

Daniel Pitts

unread,
Sep 28, 2009, 5:10:45 PM9/28/09
to
Not that this is on topic, but the problem with your theory is:
Consistency is what allows regular programs to work as expected.
Malware is just a flavor of malware. If you have a special task, you
can create a machine that performs that task extremely well, and is
immune or otherwise unfavorable to malware. The problem is, the machine
is no longer General Purpose.

--
Daniel Pitts' Tech Blog: <http://virtualinfinity.net/wordpress/>

Lew

unread,
Sep 28, 2009, 7:51:52 PM9/28/09
to
Casey Hawthorne wrote:
> It seems to be the widespread use of a computer (O/S), that makes it a
> target for malware writers.

What does this have to do with Java?

> I wonder if there are a million ways to tweak the Windows O/S kernel,
> so that it still works (if it did before), but that, the tweaking in
> effect makes it seem like there a million different classes of machine
> out there.
>
> A lot fewer machines of a particular class for malware writers to be
> tooooo interested in.
>
> Posted in this group, since Roedy frequents this group.

That is bizarre reasoning. The reason to post to comp.lang.java.advocacy
should be because the topic of your post relates to Java advocacy. If you
want to send a message to Roedy, send him an email.

--
Lew

Sabine Dinis Blochberger

unread,
Sep 29, 2009, 4:19:27 AM9/29/09
to
Roedy Green wrote:

> On Mon, 28 Sep 2009 09:44:22 -0700, Casey Hawthorne
> <caseyhHA...@istar.ca> wrote, quoted or indirectly quoted
> someone who said :
>
> >It seems to be the widespread use of a computer (O/S), that makes it a
> >target for malware writers.
>

> I have puzzled why there are so many "security updates". Just how
> many places does an OS expose itself?
>

As many as the user lets it ;)

> Perhaps what is needed is an OS written from scratch with security as
> paramount. The key would be reducing the number of places an OS
> exposes to critical data and keeping each app in its own airtight box
> where it can only harm itself. I also want isolate device drivers in
> firmware running their own CPUs so bugs in drivers can't compromise
> the OS.
>

OpenBSD? <http://www.openbsd.org/> They win purely for having a TRON
themed mascot right now.

It's important to differentiate between a desktop user and a server
admin. It should be standard for a desktop user to have a router, so
that the connection to the internet has a minimum of security, and may
be easier to configure. Most I reckon only use modems with zero
security, and the Windows firewall is not very good (if they set it up
at all, it's so naggy I'm guessing most just will click allow
everything/forever and be done with it).

> A Roman emperor PRESUMED everyone was out to get him, and organised
> accordingly. OSes blithely presume there are no bugs in gigabytes of
> code. An OS has to work even when there are bugs. It has to be
> constantly cross-checking itself.
>

Sounds like A.I., of course it would be awesome if a computer could tell
you that someone did something unnice. That would require it to be self
aware too.

Roedy Green

unread,
Sep 29, 2009, 10:57:59 AM9/29/09
to
On Tue, 29 Sep 2009 09:19:27 +0100, Sabine Dinis Blochberger
<no....@here.invalid> wrote, quoted or indirectly quoted someone who
said :

>Sounds like A.I., of course it would be awesome if a computer could tell


>you that someone did something unnice. That would require it to be self
>aware too.

I was thinking along the lines of some redundancy, but not AI. The OS
is built of black boxes. You have independent teams implement each
black box three times. The black boxes challenge each other, and
monitor the three implementations for consistency. If anything
detects trouble it triggers an "inquisition" that normally results in
one black box being disabled, and messages sent back to the
implementors. Pay of the implementation teams is based on NOT having
your modules decommissioned, relative performance to the other
implementors of a black box.

Roedy Green

unread,
Sep 29, 2009, 10:58:50 AM9/29/09
to
On Mon, 28 Sep 2009 14:10:45 -0700, Daniel Pitts
<newsgroup....@virtualinfinity.net> wrote, quoted or indirectly
quoted someone who said :

>Malware is just a flavor of malware.

I think you meant to say something more profound.

Daniel Pitts

unread,
Sep 30, 2009, 5:18:23 PM9/30/09
to
Roedy Green wrote:
> On Tue, 29 Sep 2009 09:19:27 +0100, Sabine Dinis Blochberger
> <no....@here.invalid> wrote, quoted or indirectly quoted someone who
> said :
>
>> Sounds like A.I., of course it would be awesome if a computer could tell
>> you that someone did something unnice. That would require it to be self
>> aware too.
>
> I was thinking along the lines of some redundancy, but not AI. The OS
> is built of black boxes. You have independent teams implement each
> black box three times. The black boxes challenge each other, and
> monitor the three implementations for consistency. If anything
> detects trouble it triggers an "inquisition" that normally results in
> one black box being disabled, and messages sent back to the
> implementors. Pay of the implementation teams is based on NOT having
> your modules decommissioned, relative performance to the other
> implementors of a black box.
I read an artical a while back in an ACM magazine (either Queue or
Communications of, don't remember which), that talks about using 2N+1
"servers" to handle reliability in the face of bugs. If I recall
correctly, the technique relied on no more than one correct Client
implementation, and N+1 correct servers.

This could probably be scaled down to component level with similar
results. The protocol was design to allow minimal overhead in a
"everyone agrees" situation.

Daniel Pitts

unread,
Sep 30, 2009, 5:19:25 PM9/30/09
to
Roedy Green wrote:
> On Mon, 28 Sep 2009 14:10:45 -0700, Daniel Pitts
> <newsgroup....@virtualinfinity.net> wrote, quoted or indirectly
> quoted someone who said :
>
>> Malware is just a flavor of malware.
>
> I think you meant to say something more profound.
I meant to say something, that is for sure :-)

"Malware is just a flavor of general software." is what I intended.

0 new messages