Subject: [IP] more on 80 per cent of home PCs infected - survey
Begin forwarded message:
From: Bob Frankston <rmfxixB0406@bobf.frankston.com>
Date: October 30, 2004 5:07:16 PM EDT
To: 'Brett Glass' <firstname.lastname@example.org>, "'David P. Reed'" <email@example.com>
Cc: 'Bob Frankston' <Bob2firstname.lastname@example.org>, email@example.com, 'Ip' <firstname.lastname@example.org>, 'Brett Glass' <email@example.com>
Subject: RE: [IP] more on 80 per cent of home PCs infected - survey
Before responding I must emphasize that it is impossible to have a secure
machine because there is no unambiguous definition. At best we can talk
about metrics and tradeoffs.
Just tell your users to su to root and rm / -R (or whatever the appropriate
command is. Betcha they'd do it. Betcha I can send email that they'll think
is from you and do it. Even better if I place an urgent phone call telling
them there is a lethal virus and for the sake of their children they better
do something about it now or else ...
But I'm confused -- what is Unix's security model and how many decades. They
are all derived from the Multics ACL model but with some roadbumps along the
way. Unix initially had a weak systems with just groups and defaulting to R
X isn't part of Windows but then the GUI is not part of XP - embedded XP
doesn't depend on the GUI. Even better -- if you just run an embedded system
without users then you don't have to worry about them doing dumb things like
running insecure applications just because they are useful.
All of the systems are hierarchical with drivers having far too much authority.
Security is only meaningful if one can still make effective use of the system.
PS: I left this in plane text because too many people assume typography is a
------------------------------------- You are subscribed as firstname.lastname@example.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/
Search: Match: Sort by:
Powered by eList eXpress LLC