In message <[EMAIL PROTECTED]>, Bjorn Remseth writes:
>
>
> On Sat, Apr 17, 1999 at 05:41:56PM -0400, Lynne L. Harrison wrote:
>
>
> Another issue that bugs me is the fact that viruses are an essentially
> unnecessary. They are a consequence of basically flawed security
> mechanisms in a few operating systems (Windows and MacOS, mainly), and
> total disregard for security in a few important office programs using
> macros (word, excel). Had these systems both used hardware memory
> protection to create a barrier stopping writes to operating system
> files (such as the boot sector), and restrict macros from doing
> anything to any file, as the are allowed to today, then we wouldn't
> have had the virus menace. Viruses would still have been possible, but
> mainly a curiosity, as they now are on proplerly designed systems such
> as VMS, MVS, Unix etc. (and probably on java based systems to).
Unfortunately, this is largely a myth.
Yes, OS controls can prevent many boot sector viruses. Depending on the
permissions assigned to the floppy drive, it may be possible for a virus
to scribble on the boot sector of a floppy, and if you ever boot with
that inadvertently left in -- well, you know what happens. (Actually,
the real protection is that real operating systems are rebooted much
less often...)
The problem is with macro viruses. Assuming that the user can customize
the local text formatter's equivalent of normal.dot -- and I regard that
as not just an operational necessity, but highly desirable -- a macro
virus could be spread in the same exact fashion as today. Sure, you can't
get at the system's copy of normal.dot -- but that doesn't matter; it's
the active copy that counts. There may be OS-level protections possible,
but they're going to be a lot more subtle than file protection.
Now -- why does this have anything to do with cryptography?
