Re: in an object oriented world

2024-01-26 Thread Lee 
Hi,

On Fri, Jan 26, 2024 at 8:46 AM songbird wrote:
>
> John Hasler wrote:
> > songbird writes:
> >> any process which does not respond should be thus cast into the outer
> >> darkness of the bits and never to return (aka a virus or unauthorized
> >> program).

Q: is javascript sourced from who knows where on the Internet
considered an unauthorized program?

if no, have you heard of "malvertising"?

> > Malware can lie.  A virus can infect an authorized program and use its
> > credentials.
>
>   objects are only created by authorized calls to other
> objects so there is no pathway to infect if done correctly.

I hate it when someone blithely tosses off that "if done correctly"
nonsense - ignoring the last 60+ years of computer history that shows
people more often than not CANNOT actually "do it correctly."

I came across this recently
  https://thephd.dev/c-undefined-behavior-and-the-sledgehammer-guideline

TL,DR: undefined behavior yields incorrect behavior
if (i >= 0 && i < sizeof(tab)) {
printf("tab[%d] looks safe because %d is between [0:%d]\n",
   i, i, (int)sizeof(tab));
return tab[i];
}
doesn't actually verify that i is always within limits.

$ cat bad-behavior.c
#include 
#include 
#include 
#include 

uint8_t tab[0x1ff + 1];

int safe = 0;

uint8_t f(int32_t x)
{
if (x < 0)
return 0;
if ( safe ) { /* do a valid overflow check */
   if ((INT32_MAX / 0x1ff) <= x) {
  printf("overflow prevented!\n");
  return 0;
   }
}
int32_t i = x * 0x1ff / 0x;
  /* signed integer overflow yields undefined behavior */
if (i >= 0 && i < sizeof(tab)) {
printf("tab[%d] looks safe because %d is between [0:%d]\n",
   i, i, (int)sizeof(tab));
return tab[i];
}
return 1;
}

int main(int argc, char **argv)
{
(void)argc;
memset(tab, 0, sizeof(tab));
if ( strcmp(argv[1], "safe") == 0 ) safe = 1;
return f(atoi(argv[2]));
}
/*
 * https://thephd.dev/c-undefined-behavior-and-the-sledgehammer-guideline
 *
 * gcc -O2 -o bad.exe bad-behavior.c
 * ./bad unsafe 5000
 * tab[62183] looks safe because 62183 is between [0;512]
 */

$ gcc -O2 -o bad.exe bad-behavior.c

$ ./bad unsafe 5000
tab[62183] looks safe because 62183 is between [0:512]

$ ./bad   safe 5000
overflow prevented!


>   if you do not allow random objects to be created that
> are not verified and vetted then there are no viruses.

That sounds so very easy.  Not so easy to do in practice, but it sure
_sounds_ easy enough.

>   note, i'm just kicking this around and wondering if it
> really would be possible.

I'd vote for possible but improbable.

Regards,
Lee

Re: in an object oriented world

2024-01-26 Thread tomas 
On Fri, Jan 26, 2024 at 07:56:35AM -0600, John Hasler wrote:
> Songbird writes:
> > because it only comes from GOD.  no other process can send this
> > signal.
> 
> I meant why should GOD believe the reply?

GOD doesn't believe. He KNOWS. Even without having to "send a
signal".

And now let's discuss whether Objects have any freedom, if GOD
knows all in advance.

I dimly remember that wars have been waged over that kind of
question. But my memory is fuzzy...

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: in an object oriented world

2024-01-26 Thread John Hasler 
Songbird writes:
> because it only comes from GOD.  no other process can send this
> signal.

I meant why should GOD believe the reply?

> objects are only created by authorized calls to other
> objects so there is no pathway to infect if done correctly.

> if you do not allow random objects to be created that
> are not verified and vetted then there are no viruses.

Then there is no need for your verification process.
-- 
John Hasler 
j...@sugarbit.com
Elmwood, WI USA

Re: in an object oriented world

2024-01-26 Thread songbird 
John Hasler wrote:
> songbird writes:
>> every thing running on a computer should be able to say:
>
>> "I am [x version ...], these are my parents [y, z, 1, ...], i was
>> compiled by program [...] from source code [...], here are my
>> credentials [blah, blah]"
>
>> when sent a signal from GOD.
>
> Why should she believe it?

  because it only comes from GOD.  no other process
can send this signal.


>> any process which does not respond should be thus cast into the outer
>> darkness of the bits and never to return (aka a virus or unauthorized
>> program).
>
> Malware can lie.  A virus can infect an authorized program and use its
> credentials.

  objects are only created by authorized calls to other
objects so there is no pathway to infect if done correctly.

  if you do not allow random objects to be created that
are not verified and vetted then there are no viruses.

  note, i'm just kicking this around and wondering if it
really would be possible.


  songbird

Re: in an object oriented world

2024-01-25 Thread John Hasler 
Songbird writes:
> every thing running on a computer should be able to say:

> "I am [x version ...], these are my parents [y, z, 1, ...], i was
> compiled by program [...] from source code [...], here are my
> credentials [blah, blah]"

> when sent a signal from GOD.

Why should she believe it?

> any process which does not respond should be thus cast into the outer
> darkness of the bits and never to return (aka a virus or unauthorized
> program).

Malware can lie.  A virus can infect an authorized program and use its
credentials.
-- 
John Hasler 
j...@sugarbit.com
Elmwood, WI USA

in an object oriented world

2024-01-25 Thread songbird 
  every thing running on a computer should be able to say:

"I am [x version ...], these are my parents [y, z, 1, ...], i was compiled by 
program [...] from source code [...], here are my credentials [blah, blah]"

when sent a signal from GOD.  since GOD can kill you you 
should have the right response ready when (s)he calls.  any 
process which does not respond should be thus cast into the
outer darkness of the bits and never to return (aka a virus
or unauthorized program).

  yes, i'm amused by conversations in debian devel at times...


  songbird  (recursively or not cursedly yours 
 parenthetical or knot