Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!samsung!umich!sharkey!msuinfo!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: ignatz@chinet.chi.il.us (Dave Ihnat) Newsgroups: comp.virus Subject: Re: Death of a Virus Message-ID: <0006.9004111326.AA11326@ubu.cert.sei.cmu.edu> Date: 10 Apr 90 22:50:39 GMT Sender: Virus Discussion List Lines: 38 Approved: krvw@sei.cmu.edu CHESS@YKTVMV.BITNET (David.M.Chess) writes: >Unfortunately, viruses do not depend on this hardware model; viruses >can spread in any system that allows both programming and information >sharing, regardless of whether or not programs have direct access to >the hardware, whether or not the system is assumed to be single-user, >and so on. See various papers by Fred Cohen on the subject. As long >as (roughly) some programs sometimes have write-access to some other >programs, viruses can spread. >Dave Chess >IBM T. J. Watson Research Center As a practical matter, I was trying to not go into a lecture on the differences between the hardware and software models you bring up. But the baseline is this: All of the single-user machines which are currently the major targets of viral attack provide NO hardware model which allows preemptive control by the OS or monitor of program access to memory or hardware. Thus, in such systems, it is categorically impossible to provide a reliably virus-free environment. Systems which provide the underlying hardware CAN be made much more secure. In this environment, it is still possible to improperly use the provided capabilities and thus grant unauthorized access; but this is not a case of CAN be secure, but DIDN'T make it secure but had the capability. As a real- world example, Unix and VMS systems don't see the widespread attacks that single-user systems such as the PC and Mac have "enjoyed." Attacks on such multi-user/multi-tasking systems that are successful invariably result from either errors in the protection mechanisms (usually, not the hardware itself, but rather the operating system which utilizes it) or errors in application of the provided protections, either by programmers (privileged programs that don't properly control access, etc.), or by administrators and users who don't use such capabilities as ACL's and file permission settings. So the point I was making is that in an environment which doesn't even provide underlying hardware support for protection, it's impossible to make a secure, safe system no matter how good you are in software development. Having the hardware, however, does not guarantee such security; but id does make it possible.