Interesting claims by Google on a provably secure OS... I think its always possible to design software (OS inclusive) in a very secure manner; the realm of cryptovirology unlocks so much and virus designs have changed from the era of Von Neumann (paper on code that changes code!); it is a possibility. AI also brings new advances to software engineering; some concepts that we see like: software performing self checks, analysis of open ports within software, etc. There is much involved.. too bad for viral designers (like me :) ) victor
On Fri, Jul 10, 2009 at 7:14 PM, Mike Barnard <[email protected]>wrote: > > > On Fri, Jul 10, 2009 at 5:24 PM, Hari Kurup <[email protected]> wrote: > >> <http://www.cio.com/article/print/496902> >> Bruce Schneier, the chief security technology officer at BT, scoffed at >> Google's promise. "It's an idiotic claim," Schneier wrote in an e-mail. >> "It was mathematically proved decades ago that it is impossible -- not >> an engineering impossibility, not technologically impossible, but the >> 2+2=3 kind of impossible -- to create an operating system that is immune >> to viruses." >> > > > I would tend to disagree and to agree with Bruce. Unless I am wrong, I have > not heard of Viruses for MacOS, *BSD family of OSes and UNIX OSes in > general, Linux. There is a tendency to find bugs and security holes in > programs run on these OSes, but the underlying OS is pretty secure (not > 100%). One trend that I believe we have all noticed is the creation of > viruses for expensive commercial products. Adobe has been the latest of > applications to have viruses targeted at them. i am yet to see a virus > targeted to OpenOffice. > > The OS installed on my laptop has the capability of locking the OS down to > the point where if something is not installed, not even root will install it > unless you drop down the security level to a level where root is allowed to > install and run something globally. This ensures that if i grant user A an > account on my laptop, what ever he runs will be in his userland. It will not > affect me nor try to change the binary files in the common executable paths. > > If Google is thinking this way, then they may just be 'a little' right on > their claim. > > Solaris have been working on something that i think can achieve this (stand > to be corrected), Containers and > Zones<http://en.wikipedia.org/wiki/Solaris_Containers> > The BSd family have had their version for a while called > Jails<http://en.wikipedia.org/wiki/FreeBSD_jail>. > Get it from the horses mouth <http://wiki.freebsd.org/Jails>. > > There is a list of OS support for such > system<http://en.wikipedia.org/wiki/Operating_system-level_virtualization>and > what they can do. Some use external applications, for example, Linux, > AIX others have it embedded into the OS, for example, Solaris. FreeBSD > > -- > Mike > > Of course, you might discount this possibility, but remember that one in > a million chances happen 99% of the time. > ------------------------------------------------------------ > > _______________________________________________ > LUG mailing list > [email protected] > http://kym.net/mailman/listinfo/lug > %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The List's Host is not responsible for them in any way. > --------------------------------------- > > >
_______________________________________________ LUG mailing list [email protected] http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The List's Host is not responsible for them in any way. ---------------------------------------
