Hi, all... As I think about what trust is needed for computer operation, it seems at the moment we all play blind man's bluff... That is, we are given software from various points and asked to "just trust" the provider sight unseen, and with no simple way to find what the software should be doing.
Now, on the other hand, if a software package being installed or used had a specification of what exactly it writes and why it writes it, a user might reasonably hope to allow or disallow some of the writing, and might hope to be able to detect when some part of his machine's state was being altered where it should not be. In such a case, noticing and blocking viral or Trojan behavior becomes relatively easy, and a vendor tempted to add backdoors or worms or adware would have to include that within his list of what was done. Ideally such a list could be enforced during installs so that undisclosed actions would simply not take place, and fraudulent explanations might be subject of civil and criminal liability. (I would presume too that disclosing un-obfuscated source code would be an acceptable, if not as good, way to disclose effects.) There would be some vendors who would scream that they could not hide their secrets with such requirements, but I have seen plenty of cases where license keys and the like have been successfully managed even in systems open in this way. Automated behavior detecting systems have implemented some of this kind of checking for a long time, at least as far back as my own "Safety" package's "paranoid mode" (1993) and probably much further, and in numerous Linux and Windows monitoring systems today. Their problem is that they attempt to gather information about what actions are "normal" by watching installations or operation, and as Sony showed last year, even companies often thought of as ethical sometimes have software that does things to your computer you may not authorize and should know about. Question is: would it make sense to lobby for disclosure requirements of all writes software does, to whatever, and reasons for them, as conditions to make it fit for sale? Perhaps likewise to be a (or the?) defense against claims the software is doing things to others' machines without authoriation? Certainly such lists would require more of everyone installing software, at least in principle (I imagine permission interpreters would alleviate most work), but they would also make it possible for the first time to give trust in an informed way. With reports of 25% of the net being infected with malware, it could be high time for something to allow trust not to be as promiscuously given as in the past. Glenn C. Everhart ([EMAIL PROTECTED] home) _______________________________________________ Secure Coding mailing list (SC-L) [email protected] List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
