undefined | Better HN

0 pointsRetric16y ago0 comments

An infinite loop does not a virus make. With a multithreaded OS an infinite loop is not really a problem. Limiting resources to some defined level is a "solvable" problem.

0 comments

6 comments · 2 top-level

tptacek16y ago· 2 in thread

The antivirus problem isn't a resource consumption problem. "The halting problem" is a CS synecdoche for the limitations of static analysis and the fundamental generality of what a "virus" is.

He's saying, "we mathematically figured out a long time that trying to look at a computer program and predetermine what it will do before running it is a task that reduces to the halting problem."

That this is a stupid way to look at the antivirus problem is besides the point here.

RetricOP16y ago

Sorry, that's a better explanation of what you meant but it's still not a problem.

You don't need to figure out what a program can do ahead of time if you limit what it can do at run time. You don't even need to let the user do anything at run time.

tptacek16y ago

You are arguing with the wall. I'm just explaining what Schneier meant by "2+2=3".

1 more reply

ori_b16y ago· 2 in thread

Allowing friendly programs to access resources but disallowing unfriendly ones is impossible, because it is impossible to distinguish between the two without some form of enforced signing that is impossible for the user to subvert(and who wants that?). And no, defaulting to reduced permissions for some programs is insufficient. People will still click "Ok, allow higher permissions" on programs if prompted.

What's the difference between 'rm -rf foo', for example, and 'run-virus'?

RetricOP16y ago

Not much, but nothing says the user needs to be able to type 'rm -rf foo'. Most people are used to OS that are designed to be fast and permissive, but you can code a defensive OS.

ori_b16y ago

What sort of defensiveness do you think will work to effectively prevent -- to make up an example -- an application from popping up a fake login screen that asks them to enter the details, then mails the login info to the attacker and the program to all the victim's friends, without making the system unusable? Signed binaries where the signature describes the level of access might work if you don't allow it to be subverted by the user, but at the cost of essentially losing control over what you can run.i

I can't think of an especially usable uber-paranoid defensive system, although I'd definitely love to be proven wrong. Essentially, the problem isn't a totally technological one. The core of the problem is that the user can effectively be convinced to be their own attacker.

j / k navigate · click thread line to collapse

0 comments

6 comments · 2 top-level

tptacek16y ago· 2 in thread

The antivirus problem isn't a resource consumption problem. "The halting problem" is a CS synecdoche for the limitations of static analysis and the fundamental generality of what a "virus" is.

He's saying, "we mathematically figured out a long time that trying to look at a computer program and predetermine what it will do before running it is a task that reduces to the halting problem."

That this is a stupid way to look at the antivirus problem is besides the point here.

RetricOP16y ago

Sorry, that's a better explanation of what you meant but it's still not a problem.

You don't need to figure out what a program can do ahead of time if you limit what it can do at run time. You don't even need to let the user do anything at run time.

tptacek16y ago

You are arguing with the wall. I'm just explaining what Schneier meant by "2+2=3".

1 more reply

ori_b16y ago· 2 in thread

What's the difference between 'rm -rf foo', for example, and 'run-virus'?

RetricOP16y ago

Not much, but nothing says the user needs to be able to type 'rm -rf foo'. Most people are used to OS that are designed to be fast and permissive, but you can code a defensive OS.

ori_b16y ago

j / k navigate · click thread line to collapse