Actually, to make this point better: If I open a certain set of 0s and 1s in notepad.exe, it just displays the ASCII/Unicode character representation of those 1s and 0s on the screen If I open the same set of 0s and 1s in cscript.exe, then certain other actions get performed on the system.
The above is a fairly clear distinction, but there are plenty of scenarios that grey the boundary far more. As far as I'm concerned, it is very difficult to distinguish between data and code, except in the simplest of cases. Cheers Ken From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Tuesday, 17 April 2012 11:12 AM To: NT System Admin Issues Subject: RE: Whitelisting The first statement is wrong - there is no difference between data and code - they are just ones and zeros. Now, an application, can, tell an OS that certain memory addresses contain code that should not be executed. But some other application, loading exactly the same ones and zeros, can tell the OS that it should be executable. Cheers Ken From: Andrew S. Baker [mailto:asbz...@gmail.com]<mailto:[mailto:asbz...@gmail.com]> Sent: Tuesday, 17 April 2012 2:28 AM To: NT System Admin Issues Subject: Re: Whitelisting >>Data is code. Code is data. They're both strings of 1's and 0's. No, they are most certainly not the same. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin