But how does a Web browser running on a Harvard Architecture stop XSS errors? Code and data mixing happens within HTML and not at the binary machine level. You're now saying that we should ditch HTML with its mixture of tags, text, and script code are you?
Richard -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob, grandpa of Ryan, Trevor, Devon & Hannah Sent: Thursday, July 17, 2008 2:35 PM To: [email protected] Subject: Re: [funsec] Texas Bank Dumps Antivirus for Whitelisting Date sent: Wed, 16 Jul 2008 21:33:32 -0400 From: "Richard M. Smith" <[EMAIL PROTECTED]> > I'm not sure how Harvard Architecture, whatever it might be, would protect > against SQL injection and XSS errors. Kids these days. Harvard architecture, unlike von Neumann architecture, had a strict separation of progrma and data store and representation. It would have been impossible for a program to modify its own or other executable material. Data was not executable, so SQL injection and XSS would have been impossible. (So would a lot of other things, but ...) ====================== (quote inserted randomly by Pegasus Mailer) [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Skill without imagination is craftsmanship and gives us many useful objects such as wickerwork picnic baskets. Imagination without skill gives us modern art. - Tom Stoppard http://victoria.tc.ca/techrev/rms.htm _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
