Path: utzoo!attcan!uunet!husc6!bloom-beacon!tut.cis.ohio-state.edu!mailrus!ames!amdahl!pyramid!octopus!pete From: pete@octopus.UUCP (Pete Holzmann) Newsgroups: news.admin Subject: Re: Malicious posting worries (was re: A counter-example...) Keywords: Be Practical Message-ID: <272@octopus.UUCP> Date: 1 Jul 88 16:55:16 GMT References: <266@octopus.UUCP> <3331@s.cc.purdue.edu> Reply-To: pete@octopus.UUCP (Pete Holzmann) Organization: Octopus Enterprises, Cupertino CA Lines: 40 In article <3331@s.cc.purdue.edu> rsk@s.cc.purdue.edu (Rich Kulawiec) writes: >>And my response is: these 'unpleasant possibilities' exist right now >>in many forms on the net. They are worries that we must all live with. > >I do not agree that we "must all live with" these problems. Further, I >feel that a partial solution to the problem is to stop carrying binaries. >A total solution would be to stop carrying source code as well. I am >unwilling to accept the loss of functionality that this latter would >entail, while I am willing to accept the risk that it poses. However, >in the former case (binaries), I am not willing to accept the >functionality/risk tradeoff. Ahh, now you understand. There is always a functionality/risk tradeoff. For you, who have no use for the binaries, they pose a risk without any functional usefulness. For me, binaries are often important and useful. You find source code useful enough that you are willing to read it before compiling, then live with the risk that maybe there was a gotcha after all. I find binaries useful enough that I am willing to try them out on an isolated machine, then live with the risk that there's a problem after all. And my original statement IS true. We all must live with 'unpleasant possibilities' until the day that someone finds a way to eliminate all program bugs. Practically speaking, buggy software is much more of a problem on the net than malicious software. I'm sure that software bugs have caused MUCH more aggravation than viruses ever will! Sure, a few people get trashed by a virus. How many get trashed by program bugs? How many get trashed by their own operator error? Functionality/risk tradeoffs are in the eyes of the beholder. Please put yourself in the other guy's sandals before assuming that the functionality/ risk tradeoffs he lives with are intolerable. Pete -- OOO __| ___ Peter Holzmann, Octopus Enterprises OOOOOOO___/ _______ USPS: 19611 La Mar Court, Cupertino, CA 95014 OOOOO \___/ UUCP: {hpda,pyramid}!octopus!pete ___| \_____ Phone: 408/996-7746