[Cryptography] North Korea and Sony
Bill Frantz
frantz at pwpconsult.com
Fri Dec 12 01:15:42 EST 2014
On 12/11/14 at 12:44 PM, bear at sonic.net (Ray Dillinger) wrote:
>On 12/10/2014 05:13 PM, Bill Frantz wrote:
>>On 12/9/14 at 7:41 PM, bear at sonic.net (Ray Dillinger) wrote:
>>
>>> We shouldn't have to work out how to PREVENT mail clients from
>>> opening executable attachments; we should be establishing legal
>>> frameworks for recovering the entirely forseeable losses from
>>> the criminally negligent entities who make mail clients which
>>> CAN!
>>
>>More importantly, we should automatically open any program in a limited
>>authority space which limits its ability to access/change things to
>>"need to know".
>
>Right now there do not seem to be any capability-based secure
>Operating systems that have reached a level of development
>making them viable as real options for real companies to be
>using for everyday work.
>
>Could this be fixed?
Marc Stiegler, Alan H. Karp, Ka Ping Yee, and Mark Miller
addressed this specific issue for Windows in "Polaris: Toward
Virus Safe Computing for Windows XP",
<http://www.hpl.hp.com/personal/Alan_Karp/polaris.pdf>. The
basic approach (described on page 5) is to run these programs
under a separate userID, unique to the program. It seems likely
that their approach would extend to other popular systems.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | I like the farmers' market | Periwinkle
(408)356-8506 | because I can get fruits and | 16345
Englewood Ave
www.pwpconsult.com | vegetables without stickers. | Los Gatos,
CA 95032
More information about the cryptography
mailing list