On 1/13/24 13:39, Gibney, Dave wrote:
It should be obvious, but as a practical matter, you can't encrypt
the modules that do the decryption and it also follows that you can't
encrypt the modules that provide the execution environment (z/OS)
for these modules.
I would like to agree with you.
Viruses (for PCs) have been self-decrypting for a long time.
Given how people espouse that the mainframe can do everything that a PC
can do ... I think it stands to reason that someone with sufficient
motivation /could/ write a mainframe program that would decrypt itself.
If we accept that it's hypothetically possible to write a mainframe
program that can decrypt itself, then could we also accept the
hypothetical possibility to do the same with a program that is part of
the OS?
It's been a very long time since I've looked at low level mainframe OS
IPL / boot strap methods and procedures. But I'm confident that the
first part of the program that IPLs off of DASD doesn't know how to do
most of what the OS ultimately does.
It's all about have just enough recognizable -> executable code that can
decode / decrypt more recognizable -> executable code that can decrypt
even more.
Hence in /concept/ I don't agree with you.
--
Grant. . . .
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
