Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Chasing the GHOST in my machine



Let's not pretend there aren't any inherently safe systems out there, OpenVMS comes to mind. Surprisingly, most of it was written in BLISS, like C, a language that does not enforce any discipline on coders.

Unlike the C and Unix culture though, at DEC discipline was part of the DNA. You could find yourself in trouble for simply suggesting you bring in a tape cartridge from another DEC site with code you had written without first obtaining clearance to even utter the suggestion.

In a world where there is no such discipline in the DNA, more restrictive tools are required, such as languages with very strict type regimes, compilers that always perform index checking and range checking and never allow you to turn it off unless for a debug build. Yet we continue to use the same old stuff that does little to nothing of the kind. All due to a testosterone driven culture of "because we can".



On 30 January 2015 at 17:30, Josh Glover <jmglov@example.com> wrote:
On 30 January 2015 at 01:38, Nicolas Limare <nicolas+tlug@example.com> wrote:

> So you're safe.

Well... safe from this particular bug. Wait until the next buffer
overflow exploit comes out next week.

The only way to be safe is to unplug your box from all networks, shut
off Bluetooth / IR, and unplug all input devices. And then turn it off
and put it in a locked safe. Then put the safe in a bank vault. And
then hope to $DIETY that the bank isn't robbed.

Your best bet for having a useful computer with a modicum of safety is
to not run anything that listens on an external port. Distros have
gotten better about turning off all services by default, but be
careful about what you turn on explicitly. Then all you really have to
worry about are network stack exploits, which are relatively rare. And
physical security, of course.

Cheers,
Josh

--
To unsubscribe from this mailing list,
please see the instructions at http://lists.tlug.jp/list.html

The TLUG mailing list is hosted by ASAHI Net, provider of mobile and
fixed broadband Internet services to individuals and corporations.
Visit ASAHI Net's English-language Web page: http://asahi-net.jp/en/


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links