On 02/07/2012 02:47 PM, Ben Coman wrote:
This is slightly paranoid thinking, but considering the long evolution
of Smalltalk live images (apparently all the way from the original Xerox
PARC ST80 [1] ) in relation to Ken Thompson's Reflections on Trusting
Trust [2] - are there any mechanisms to
On Feb 8, 2012, at 9:35 AM, Philippe Marschall wrote:
On 02/07/2012 02:47 PM, Ben Coman wrote:
This is slightly paranoid thinking, but considering the long evolution
of Smalltalk live images (apparently all the way from the original Xerox
PARC ST80 [1] ) in relation to Ken Thompson's
On 02/08/2012 10:33 AM, Stéphane Ducasse wrote:
On Feb 8, 2012, at 9:35 AM, Philippe Marschall wrote:
On 02/07/2012 02:47 PM, Ben Coman wrote:
This is slightly paranoid thinking, but considering the long evolution
of Smalltalk live images (apparently all the way from the original Xerox
PARC
On Feb 8, 2012, at 10:39 AM, Philippe Marschall wrote:
well I do not think so since we can all read the code.
No, read the argument again. If the compiler is compromised and the other
tools in the image are compromised you can't read the code because the tools
don't display you the
On 02/08/2012 10:43 AM, Marcus Denker wrote:
On Feb 8, 2012, at 10:39 AM, Philippe Marschall wrote:
well I do not think so since we can all read the code.
No, read the argument again. If the compiler is compromised and the other tools
in the image are compromised you can't read the code
Am 08.02.2012 um 11:12 schrieb Philippe Marschall:
On 02/08/2012 10:43 AM, Marcus Denker wrote:
On Feb 8, 2012, at 10:39 AM, Philippe Marschall wrote:
well I do not think so since we can all read the code.
No, read the argument again. If the compiler is compromised and the other
On 8 February 2012 10:33, Norbert Hartl norb...@hartl.name wrote:
Am 08.02.2012 um 11:12 schrieb Philippe Marschall:
On 02/08/2012 10:43 AM, Marcus Denker wrote:
On Feb 8, 2012, at 10:39 AM, Philippe Marschall wrote:
well I do not think so since we can all read the code.
No, read the
On 02/08/2012 11:33 AM, Norbert Hartl wrote:
Am 08.02.2012 um 11:12 schrieb Philippe Marschall:
On 02/08/2012 10:43 AM, Marcus Denker wrote:
On Feb 8, 2012, at 10:39 AM, Philippe Marschall wrote:
well I do not think so since we can all read the code.
No, read the argument again. If the
Am 08.02.2012 um 12:04 schrieb Philippe Marschall:
On 02/08/2012 11:33 AM, Norbert Hartl wrote:
Am 08.02.2012 um 11:12 schrieb Philippe Marschall:
On 02/08/2012 10:43 AM, Marcus Denker wrote:
On Feb 8, 2012, at 10:39 AM, Philippe Marschall wrote:
well I do not think so since we can
Well, it's the turtles all the way down, and you always need a peace of trust
to step on to keep the whole thing. So there is no absulute security, but I
guess this is not a new concept.
But IMHO, if someone would like to reduce (not eliminate) the risks,
Smalltalk could make it less daunting.
Frank Shearar wrote:
On 8 February 2012 10:33, Norbert Hartl norb...@hartl.name wrote:
Am 08.02.2012 um 11:12 schrieb Philippe Marschall:
On 02/08/2012 10:43 AM, Marcus Denker wrote:
On Feb 8, 2012, at 10:39 AM, Philippe Marschall wrote:
well I do not think so since
Do you really think that the compiler is the real Achille heal in an
image where everything work by message send?
IMO, the compiler is much less central than in other languages.
What I would do to fool users and tools would just be to hack a few
methods like #methodDict (just like Stephane
You are right. The compiler binary described in the scenario
corresponds to the whole of the Smalltalk binary image.
Nicolas Cellier wrote:
Do you really think that the compiler is the real Achille heal in an
image where everything work by message send?
IMO, the compiler is much less central
On 8 February 2012 12:33, Norbert Hartl norb...@hartl.name wrote:
Am 08.02.2012 um 11:12 schrieb Philippe Marschall:
On 02/08/2012 10:43 AM, Marcus Denker wrote:
On Feb 8, 2012, at 10:39 AM, Philippe Marschall wrote:
well I do not think so since we can all read the code.
No, read the
Yes, so duplicating the Compiler can't be a valid strategy. Every
Inspector, every Debugger, every message send will modify the binary
image...
You could trace the image with another program - or another trusted
image ;) - and validate some restrictive invariants, for example like:
- all
This is slightly paranoid thinking, but considering the long evolution
of Smalltalk live images (apparently all the way from the original Xerox
PARC ST80 [1] ) in relation to Ken Thompson's Reflections on Trusting
Trust [2] - are there any mechanisms to prevent trojan code living
undetected
On 7 February 2012 15:47, Ben Coman b...@openinworld.com wrote:
This is slightly paranoid thinking, but considering the long evolution of
Smalltalk live images (apparently all the way from the original Xerox PARC
ST80 [1] ) in relation to Ken Thompson's Reflections on Trusting Trust [2]
- are
17 matches
Mail list logo
