× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. January 2007

RE: How Secure is Windows, Really?

<snip>
Faulty logic.  The description of a virus in this context is pretty
simple:
it is something that can bypass normal security procedures to infect
your
system and cause damage.

Logic bombs, where a programmer does something to break your machine,
have
been around forever.  It requires someone who has access to your machine
and
malicious intent.
</snip>

Also if proper change management & procedures were in place this
couldn't have made it into the production environment...not to mention
that the security was too lax.  Even if the production & development
environment are on the same system/partition this could be prevented by
proper security measures. 


Thanks,
Tommy Holden


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Joe Pluta
Sent: Tuesday, January 02, 2007 9:04 AM
To: 'Midrange Systems Technical Discussion'
Subject: RE: How Secure is Windows, Really?


From: rob@xxxxxxxxx

Even if we came up with a dozen examples someone would argue that it

was

not a virus because it didn't fit this technical definition that is so
extremely limited that it can only run on Windows operating systems.

Let's come up with new term for certain malicious CL programs.  Call

it a

"goomba".  And now we can say that Windows machines are immune to

goomba's

because they don't run CL.  And you should immediately switch to

running

your business off of i5/os because only it is susceptible to goomba's.


Faulty logic.  The description of a virus in this context is pretty
simple:
it is something that can bypass normal security procedures to infect
your
system and cause damage.

Logic bombs, where a programmer does something to break your machine,
have
been around forever.  It requires someone who has access to your machine
and
malicious intent.  Worms have been around for a long time as well.  The
idea
of programs that can replicate from one computer to another has been
around
since the 70s.

But it's the combination of a worm (self-replication or "infection") and
a
malicious payload and the incredible stupidity of Windows programs (a
vast
number of Windows exploits are "buffer overruns", which are perhaps the
laziest programming mistake any programmer can make) that makes Windows
such
an ugly component to any network.  The worm portion of the virus
bypasses
the security of your machine and then deposits its payload.  The fact
that
the worm portion can be activated through something as innocuous as
opening
a web page or an email is what makes the concept so insidious.

THERE ARE NO WORMS THAT AFFECT IBM MIDRANGE COMPUTERS.

Thus, there is no infection vector.  Yes, you can install a payload via
a
RSTLIB and you can have a rogue programmer, but those are simple
security
issues.  The problem with a worm is that it bypasses security during
replication.

This is not as simplistic as your malicious CL program, and your analogy
is
about the same as banning oil and fertilizer because they can be used to
create bombs.

Joe

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.