Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Trustworthy Computing Mini-Poll
From: Simon Richter <Simon.Richter () hogyros de>
Date: Fri, 20 Dec 2002 23:59:53 +0100

Bruce,

I'd say protection from binary viruses and stack overflows, plus if
[...]

I'm sorry, maybe I was sleeping in class...  can somebody explain to me
how a TCPA machine (as currently hypothesized) would keep stack overflows
from happening?  Is this a facet of having a "nub" check each and every
memory access, and having a stack marked "read/write/no execute"? Or is
my vision not far enough?

Hrm, maybe I expect too much from the TCPA folks, but actually a buffer
overflow (using a "carefully crafted" DVD) that lets me take control of
a trustworthy DVD player would be the first thing I'd think of if I
designed such a system, and thus the first thing I'd like to prevent.

I see that you qualified "protection from *binary* viruses" - the "nub"
sure wouldn't allow a file that a file virus (Staog or something like
that) had tinkered with to execute.  But file viruses were never a serious
threat as far as I can tell (see http://news.com.com/2009-1001-254061.html).

As an old time Amiga user I tend to disagree. :-)

Seriously though, there isn't much difference between a file virus and a
rootkit. If my computer tells me when I try to run a modified binary, I
have already gained a lot.

[Macro viruses]

Well, we can't do much about that, I think. There are always stupid
people running stupid programs.

   Simon

-- 
GPG Fingerprint: 040E B5F7 84F1 4FBC CEAD  ADC6 18A0 CC8D 5706 A4B4

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]