View Single Post
Old 31 July 2015, 11:20   #97
meynaf
son of 68k
meynaf's Avatar
 
Join Date: Nov 2007
Location: Lyon / France
Age: 44
Posts: 2,459
Quote:
Originally Posted by Mrs Beanbag View Post
of course they have to guarantee internal consistency of the kernel, or behaviour becomes completely unpredictable. It is not safe to continue using such a system.
Nothing is really safe in the world of computing, you know. At least when you have "no security", you're not fooled in a false security belief.


Quote:
Originally Posted by Mrs Beanbag View Post
i'm no hacking expert, but i really don't know how you can be so sure. i am not so sure. but if someone did get in, they could do anything.
To get in you must be able to execute code. Think twice about this.


Quote:
Originally Posted by Mrs Beanbag View Post
EDIT: well here is something i could try: https://en.wikipedia.org/wiki/Ping_of_death
Oh fine, you can crash a machine at a distance (actually, freeze it). That's not taking full control at all.
Btw. I've seen a Windows box freeze because of such an attack, but they don't work on Amiga's tcp stacks.


Quote:
Originally Posted by Mrs Beanbag View Post
too bad they already quickformatted your hard disk.
Too slow. They didn't have enough time to make the machine download their code. Why the heck would they want to do that is beyond me, btw.

Using your way of thinking : perhaps you should invest in some kevlar coverall ; and nevermore get out of your home without it. Someone may well be waiting you with a gun. Security, you know


Quote:
Originally Posted by Mrs Beanbag View Post
Sure, i have a rock on my desk and i bet you can't hack it to fall upwards instead of down. The argument gets really silly here. What, exactly, could you possibly gain by hacking someone else's NES?
Nothing could be gained indeed. But what can be gained in hacking someone's xbox ?


Quote:
Originally Posted by Mrs Beanbag View Post
Computer programs do more things than they used to, all that extra memory and CPU power isn't just pointless you know, they didn't bother with advancing technology just to waste it all. New features have been invented and people want to be able to use them!
Sorry, but the same features could be there without extremely large code.


Quote:
Originally Posted by Mrs Beanbag View Post
that's the final frontier of security, and something that's not easy to do anything about, but if your computer has NO security, all it means is the smart user just doesn't trust their computer enough to do so many of the things we now take for granted. No buying things on Amazon, no posting to Facebook...
You need no security on your side to go on these sites.
If you go on warez sites - then yes you may need something.

The first security is to get a decent browser.
The second is to avoid going on dangerous sites without care (and not run the executables you find there, of course).
With that you don't even need an antivirus.


Quote:
Originally Posted by Mrs Beanbag View Post
this is like the argument of the smoker who reasons that people sometimes get cancer anyway so they might as well smoke a pack a day...
You're right. Don't get out of your home again, it's dangerous


Quote:
Originally Posted by Mrs Beanbag View Post
you could jump to various exec library functions... anyway there are more attacks than just buffer overflow. That is a very old and basic exploit.
There are very few ways to execute foreign code on a connected machine, you know.
Script injection will not work. Phishing will not work. What else ?


Quote:
Originally Posted by Mrs Beanbag View Post
Great! as long as your own programs are well written, it doesn't matter if you run anything else that was written in C by somebody else... i feel like we're going round in circles...
So you think we should mess up the whole system just to run badly written programs ?


Quote:
Originally Posted by Mrs Beanbag View Post
No. the Amiga has NO memory protection already. ok it has a flat memory model without remapping but it doesn't protect one process's memory from any other's, or the OS from anybody.
You forget about a few mmu tools, which offer some basic protection.

The goal isn't to protect against processes doing bad things. When such a process is running, it's already too late - regardless of the security of the machine.
Remember that this security can be returned against you - a rootkit taking full control of your machine is a lot harder to remove than an Amiga virus.


Quote:
Originally Posted by Mrs Beanbag View Post
well i'm sceptical of that as well, but if they have any network access for any game at any time, they'll want a security model.
This security model is called SSL or something like that. No memory protection is needed to use it.

Do you lock doors inside your home when you leave ? No, you just lock the door to the outside.
So there is no need for any protection against processes running on the computer. Only the network software needs it.

Do you see the point ?

When bad code gets executed it is TOO LATE.
Taking control of a machine is tricking the user to execute some code.
Simply connecting a machine doesn't make it vulnerable.

Btw. Oh, and don't forget your armor next time you go shopping. Who knows what can happen.
meynaf is offline  
 
Page generated in 0.06731 seconds with 9 queries