From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII X-Google-Thread: 103376,452860c2cffef8e3 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-08-25 10:44:47 PST Message-ID: <3F4A3178.4F3F@mail.ru> Date: Mon, 25 Aug 2003 19:55:36 +0400 From: Dmytry Lavrov X-Mailer: Mozilla 3.0Gold (Win95; I) MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Virus Resistive Software References: Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit NNTP-Posting-Host: 213.248.15.47 X-Trace: shknews01 1061826789 213.248.15.47 (25 Aug 2003 23:53:09 +0800) Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!headwall.stanford.edu!newshub.sdsu.edu!elnk-nf2-pas!newsfeed.earthlink.net!newsfeed.news2me.com!nntp1.phx1.gblx.net!nntp.gblx.net!nntp.gblx.net!news2.ilink.net!shknews01 Xref: archiver1.google.com comp.lang.ada:41849 Date: 2003-08-25T19:55:36+04:00 List-Id: Robert C. Leif wrote: > > It appears from the latest news reports, that present commercial > software, particularly email programs, is susceptible to attack by > viruses. A question with a very big payoff is could software written > in Ada and perhaps in part in XML be made significantly more virus > resistant than present commercial software, such as Microsoft� > Outlook�? For instance, would the strong type checking of both Ada and > XML schema help. As a point of information, it is possible to create > XML schemas that are semantically very similar to Ada type and object > declarations. Would the use of an Ada protected type with a single > entry for reading addresses in a user?s phone book be of any help? > > > > I believe the present practice of providing the source text should > decrease the vulnerability of the system. However, I hope that this > discussion can focus on technical feasibility, as opposed to an > argument about ?free? vs. entrepreneurial software. > > > > Bob Leif > > Robert C. Leif, Ph.D. > > Email rleif@rleif.com > > Heh,don't run viruses.And don't write to code area(EVEN TO JAVA SCRIPT CODE BY SCRIPT),check for [and stack] overflow,etc.If programm is not buggy(read:at least stable) it's can't be hacked or infected!. ADA programs is more stable ==> more defence against everything. BUT If ada program will run mashine code,it will be as hackable as C++ are. Also,if here will be special "codes" (like "029382FormatHardDisc" in header of mail ;-),it will be hackable . If i remember correctly,virus attack(if user does not run virus) called worm attack. If this attack is possible,it's mean software bug.Only Bug.It's not about viruses,it's about bugs. If prog causes reboots sometimes,it's mean that this prog can be(read:WILL BE) hacked (heh,if F22 need reboots,it's mean that possible to send a signal that will cause this reboot,and mean that possible to control plane remotely via hack!). Main problem of outlook(and IE) that outlook by default does RUN code(and does not ask user) for target processor if idiotic "sertificate" are right. MS sells sertificates to access your computer(ex.to spy email addresses for spamming)! ---------------- For example,if i'm sorts data via quicksort,in c++ or ada,with special input it's possible to cause stack overflow!also if heap model are bad,it's possible to fragment all heap. There are _too_many_ things called by one word:"hack" 0: Changing program(game) to work W/O disk in CD ;-). 1: decoding publically avaliable encrypted data.(why it's outlawed???Everyone can do what he want in his head or on his paper ,why not on computer???) 2: Composing encoded,verified message if you shouldn't compose this message. 3: Sending something that causes bad things to non-your computer(including 2). 3b:Sending a message that causes bad things on many computers. And there are outlawed so called "unauthorised access to computer". What's they mean by this STRANGE words? Who authorises access? What is access?What is "authorised access"? (i'm is not a native english speaker,but russian version of this laws are as strange) No one know! No explanations!(except trivial:"unauthorised access to computer is a unauthorised access to computer") By laws,if your computer have virus and virus are self-copying,YOU are OUTLAWED. Why computer communications need new laws? Federal Laws shouldn't be changed so frequently.Heh,_first_time_in_history_after_money_ new laws added for new tool(cars not about it:there still be good-old laws about murdering,no new laws ;-) Instead of spending money to lawyers,let's make software more STABLE. Program is a only set of well-defined laws for computer.If these laws ALLOW hack,there will be a hack. Thanks God,first virus was written before "internet age". Hackable/infectable progs is a problem of fool with a tool.With better tool(ada) fool is a same fool.Maybe results of fool's work are better with ada.