Please run windows update now
bzs at theworld.com
bzs at theworld.com
Mon May 15 21:03:15 UTC 2017
On May 15, 2017 at 16:17 valdis.kletnieks at vt.edu (valdis.kletnieks at vt.edu) wrote:
> On Mon, 15 May 2017 15:45:26 -0400, bzs at theworld.com said:
> > So for example why does a client OS produced with that much money
> > available even allow things like wholesale encryption of files without
> > at least popping up one of those warnings to confirm that you really
> > meant to run a program on $THRESHOLD files, opening them for update
> > etc, not just read?
> Well Barry, I can tell you why, with examples from the Unix world.
> for i in *; do encrypt < $i > $i.new; mv $i.new $i; done
Oh great a design review!
Hello Valdis, I am Barry Shein. I've done decades of internals and
Ever use any Windows since about Vista? It throws up those warning
pop-ups when you're about to do something it decides needs
That was almost certainly my invention.
I described the idea on an anti-spam list and two Microsoft engineers
contacted me to discuss whether this is feasible etc.
Never got a thank you tho.
> How do you throw a pop-up warning for that? Pre-run it and see how many >
> might get executed? And how do you tell that the sequence ends up destroying
> the file rather than creating a new one?
You count the number of destructive opens in the kernel and if it
exceeds a threshold (for example) you stop it and pop up a warning.
As I said this is the sort of thing which is suitable for an end-user
OS and no doubt annoying in a server OS.
> OK. How about this one?
> cat > ./wombat << EOF
> encrypt < $1 > $1.new; mv $1.new $1
> chmod +x ./wombat
> for i in *; do ./wombat $i; done
> Now convert that to C and bury that whole thing inside a binary. How does the
> operating system detect that and throw a pop-up *before* that executes?
> It's a lot harder problem than you think. Hint: Fred Cohen's PhD thesis
> showed that detecting malware is isomorphic to the Turing Halting Problem.
> x[DELETED ATTACHMENT <no suggested filename>, application/pgp-signature]
You don't seem to understand how OS's work which surprises me in your
Software Tool & Die | bzs at TheWorld.com | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD
The World: Since 1989 | A Public Information Utility | *oo*
More information about the NANOG