Hangout for experimental confirmation and demonstration of software, computing, and networking. The exercises don't always work out. The professor is a bumbler and the laboratory assistant is a skanky dufus.

- Archives - 2004-06-13 2004-06-20 2004-06-27 2004-08-29 2004-09-05 2004-09-12 2004-09-19 2004-10-10 2004-10-24 2004-11-07 2004-11-28 2004-12-05 2004-12-12 2004-12-26 2005-01-30 2005-02-06 2005-03-06 2005-03-13 2005-03-20 2005-04-03 2005-04-10 2005-04-17 2005-04-24 2005-05-01 2005-05-08 2005-05-15 2005-05-29 2005-06-05 2005-06-12 2005-06-19 2005-06-26 2005-07-10 2005-07-17 2005-07-31 2005-08-28 2005-10-09 2005-10-16 2005-10-23 2005-11-13 2005-11-27 2005-12-04 2005-12-18 2006-01-08 2006-02-05 2006-02-12 2006-02-19 2006-03-05 2006-03-12 2006-03-26 2006-04-23 2006-04-30 2006-07-16 2006-07-30 2006-08-06 2006-09-03 2006-10-08 2006-10-22 2006-10-29 2006-11-26 2006-12-10 2007-01-28 2007-02-04 2007-02-11 2007-03-11 2007-03-25 2007-04-08 2007-06-03 2007-06-10 2007-06-17 2007-07-01 2007-07-08 2007-08-19 2007-09-30 2007-10-07 2007-10-21 2007-11-04 2007-11-11 2007-11-18 2007-11-25 2008-01-27 2008-02-03 2008-02-10 2008-02-17 2008-02-24 2008-03-09 2008-04-06 2008-05-18 2008-05-25 2008-06-01 2008-06-08 2008-07-13 2008-08-10 2008-08-24 2008-08-31 2008-09-07 2008-10-05 2008-12-28 2009-05-10 2010-04-25


Blog Feed

Recent Items
 
Standards as Arbitrary Solutions to Recurring Prob...
 
Easy trouble-free use of IT tops the list
 
Maturing UML and Increasing Expressiveness
 
More Open Than Open
 
Removing Complexity Makes Less Better
 
Your Computer Is Insecure. Bad planning, eh?
 
Certification of Network-Attached Components?
 
Reputation and Community Trust of Download Files
 
The PITAS from PITAC And the Emperor's Security Cl...
 
Collaborative Development Spurs Open-Source Arrang...

  

visits to Orcmid's Lair pages

The nfoCentrale Blog Conclave
 
Millennia Antica: The Kiln Sitter's Diary
 
nfoWorks: Pursuing Harmony
 
Numbering Peano
 
Orcmid's Lair
 
Orcmid's Live Hideout
 
Prof. von Clueless in the Blunder Dome
 
Spanner Wingnut's Muddleware Lab (experimental)

nfoCentrale Associated Sites
 
DMA: The Document Management Alliance
 
DMware: Document Management Interoperability Exchange
 
Millennia Antica Pottery
 
The Miser Project
 
nfoCentrale: the Anchor Site
 
nfoWare: Information Processing Technology
 
nfoWorks: Tools for Document Interoperability
 
NuovoDoc: Design for Document System Interoperability
 
ODMA Interoperability Exchange
 
Orcmid's Lair
 
TROST: Open-System Trustworthiness

 

Repairing Aberrant Behavior: But Is That the Threat?

ACM News Service: Supersmart Security.  I notice that there is a great deal of interest these days in systems that detect odd behavior of applications and find some way to fence it in or even re-establish a fresh copy.  The motivation is finding an active approach to repairing a system that has been compromised.  This is an interesting question, but I find myself puzzled about the problem being solved, especially when we talk about perturbing code so that exploits can't rely on a consistent pattern to apply their malevolent transformations against.  I suspect that measure will only have temporary success, if the past is any guide here. A greater concern for me is whether this is the main or even most-serious threat?  It is addressed to a symptom of compromise that might not deal with attacks that are really against higher levels in the application stack and intended to compromise data and users and the business system, not damage the computer.  And it raises tremendous trust concerns for the security software itself.  I already can't be sure my firewall is really working, and I am not sure a root kit, my main worry, is caught by this sort of thing (nor do I expect to see this sort of thing on consumer PCs anyhow). The Gary Anthes 2005-03-21 ComputerWorld article has more for digging deeper.  I am simply not sure that system damage is the most prevalent threat or even the intention of most attackers, yet this seems to be the focus of this article, which links compromise and damage together: "For some time, we have been losing the battle against those who would damage our computer systems. That's because computers are increasingly interconnected and the software they run is more complex. Both factors increase vulnerability to infection and intrusion."

---

[updated 2005-03-24T18:00Z I've been bravely posting directly from my Blog This! bookmarklet, but it means less spell-checking.  This one had a howler that I couldn't overlook.

¶ posted by orcmid at 3/24/2005 08:55:00 AM

  <$BlogBacklinkTitle$>  

<$BlogBacklinkSnippet$>
posted by <$BlogBacklinkAuthor$> at <$BlogBacklinkDateTime$>