29 July 2015, 16:31 | #81 |
Registered User
Join Date: Oct 2009
Location: Germany
Posts: 3,303
|
You cannot compare/equal newspaper and books to phones. They are too different. Apart from phones are unifit to read from.
|
29 July 2015, 16:59 | #82 | ||||||||||||||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,323
|
Quote:
If it's "like Amiga" it's maybe not the miggy itself, but it's sure not some raspberry pi clone either. Quote:
Your reply told about locking things for business purpose, it did not mention any real security threat - which was what i was asking for. Quote:
Quote:
When running your asm program for debug you know the risk so you save everything else, don't you ? No memory protection ? We can have a limited one. I use enforcer as a debugging tool (and therefore will not switch for some clone without an mmu). This is enough for "null memory errors" you mention. No resource tracking ? My own programs DO have resource tracking inside, thru my asm system framework. About designing a new machine where a single program can bring the whole system down, well, why not giving the choice ? Protection can be active or not. Quote:
Quote:
Quote:
Quote:
And anything running bloatwares on a gigahertz machine is pc-like for me. Quote:
Quote:
You can't properly play a ProTracker module with just audio.device, for example. And some tasks are low-level by nature. Quote:
Anyway, did you know that none of my programs accesses hardware directly ? I always use my own system framework, which is a mini os on top of amigaos. Allowing a direct hw access under some conditions isn't the removeal of all apis... Quote:
Quote:
Quote:
But you do only what that game engine allows you to do, iow you've got limited freedom. |
||||||||||||||
29 July 2015, 17:38 | #83 |
cheeky scoundrel
Join Date: Nov 2004
Location: Spijkenisse/Netherlands
Age: 42
Posts: 6,908
|
|
29 July 2015, 17:41 | #84 | |
Computer Nerd
Join Date: Sep 2007
Location: Rotterdam/Netherlands
Age: 47
Posts: 3,751
|
Quote:
I find them highly amusing Depends on the engine. Unity3D allows you to do just about anything. It gives you a bunch of systems that you can tie together how you see fit. Certainly a reasonable way to make certain kinds of software, unless you want to write everything from scratch. On the Amiga that can be interesting, on the peecee it may be an annoyance. |
|
29 July 2015, 17:54 | #85 | ||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,323
|
Quote:
Anyway this only shows memory protection as a debug tool - doesn't imply all programs should run under it. As many things, i see it as something you should be able to activate or not. Quote:
How long is it to just setup a display and show some kind of image on it ? |
||
29 July 2015, 20:28 | #86 | |
Users Awaiting Email Confirmation
Join Date: Mar 2011
Location: kkhkj
Posts: 323
|
Quote:
Look. no one loved Amiga more than me but I'd agree there is no demand.... However there WAS demand for it back in the day.... so there is an argument for that one, plus the company was still alive (a very good argument) |
|
30 July 2015, 12:58 | #87 | |||||||
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
|
|||||||
30 July 2015, 13:31 | #88 | |||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,323
|
I'm against Windows, right, but i'm also against Linux, iOs, Android, and many others.
The hardware architecture is also important (i'm against x86, arm, and many others). Right, i know, i'm against many things Quote:
Quote:
My A1200 ran Enforcer quite a few times, and this alone catches many null, unitialised or dangling pointers. This is not a reason to forbid these accesses permanently - and thus destroy the programmer's freedom. Quote:
Does this mean that (according to you) a single, well documented spec would be a problem ? |
|||
30 July 2015, 14:01 | #89 | |||||
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
Quote:
Quote:
Quote:
Quote:
|
|||||
30 July 2015, 18:06 | #90 | ||||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,323
|
Quote:
Quote:
Quote:
Quote:
In addition, I can hack and crack just about every program on Amiga ; on the PC i can't do that on any. Putting protection at the machine's level doesn't really protect - once you run an executable it's too late, it CAN do bad things. Asking the user "are you sure you clicked here ?" isn't very smart. Even if a program's rights are limited, it will simply not work if the privileges it asks are not granted, and count on the users to give these - as they just want to see what the program does. So "security" at the OS level is just an illusion. There is no security. Note that buffer overflow attacks don't work on a system without memory protection (because the address the program is located isn't constant). |
||||
30 July 2015, 19:20 | #91 | |
Registered User
Join Date: May 2013
Location: Grimstad / Norway
Posts: 839
|
Quote:
To have read-access to anything you should have to go a lot of extra miles (a "root" type user would have been an appropriate way of achieving it), to write to non-system memory it should suffice with a "root" type of raised access level, but to write to absolutely anything then a proper OS would more or less have to commit suicide as it can't guarantee anything any more. Of course, a proper OS would give you many ways of modifying stuff through an API, probably all you could want? |
|
30 July 2015, 21:14 | #92 | ||||||
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
http://www.bunniestudios.com/blog/?p=3554 Quote:
Quote:
Quote:
Quote:
Security is only as strong as the user... well, ok, at least then maybe we can blame the user! But maybe you are assuming only one kind of security model is possible. We have to use our imaginations. Quote:
https://en.wikipedia.org/wiki/Addres..._randomization Amiga's ROM functions are always at fixed addresses anyway, and if you write to $4 you can nuke entire OS. Of course we could implement very minimal memory protection, which only protects memory and doesn't remap it. Last edited by Mrs Beanbag; 30 July 2015 at 21:23. |
||||||
30 July 2015, 23:11 | #93 |
Registered User
Join Date: May 2010
Location: Ames, IA, USA
Posts: 521
|
Not to mention that consoles today are more dependent on the Internet, which opens up many attack vectors. 80's consoles were secure because they were stand-alone, so unless you had physical access to the console, it was impossible to compromise it.
|
30 July 2015, 23:31 | #94 |
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
well you could do Van Eck Phreaking, and watch someone else playing Sonic the Hedgehog from across the street...
|
30 July 2015, 23:35 | #95 | |||||||||||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,323
|
Quote:
Quote:
Quote:
Quote:
And even, any such attack wouldn't go unnoticed and have minimal impact. I see abnormal network access ? Well, i disconnect MiamiDx and your attempt to remotely control my Miggy just fails. Quote:
Btw. many cartridges have non-volatile storage (for saved games). This doesn't make the console vulnerable. Quote:
There is nothing natural for projects to be real big. Quote:
Quote:
Note : windows programs just ask for altering your computer, without saying how. So what i said is the biggest security problem is what touches both the chair and the keyboard, i.e. the user. Quote:
Quote:
Note that this kind of attack normally won't affect an ASM program because the asm programmer is (or should be ) smart enough to avoid putting large structures in the stack. Try such attacks on whichever program of mine if you don't believe me. Quote:
I'll add that this dependency isn't necessary a good thing ; why, they even want to make all games depend on it. |
|||||||||||
30 July 2015, 23:58 | #96 | |||||||||||
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
Quote:
EDIT: well here is something i could try: https://en.wikipedia.org/wiki/Ping_of_death Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Last edited by Mrs Beanbag; 31 July 2015 at 00:05. |
|||||||||||
31 July 2015, 10:20 | #97 | |||||||||||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,323
|
Quote:
Quote:
Quote:
Btw. I've seen a Windows box freeze because of such an attack, but they don't work on Amiga's tcp stacks. Too slow. They didn't have enough time to make the machine download their code. Why the heck would they want to do that is beyond me, btw. Using your way of thinking : perhaps you should invest in some kevlar coverall ; and nevermore get out of your home without it. Someone may well be waiting you with a gun. Security, you know Quote:
Quote:
Quote:
If you go on warez sites - then yes you may need something. The first security is to get a decent browser. The second is to avoid going on dangerous sites without care (and not run the executables you find there, of course). With that you don't even need an antivirus. Quote:
Quote:
Script injection will not work. Phishing will not work. What else ? Quote:
Quote:
The goal isn't to protect against processes doing bad things. When such a process is running, it's already too late - regardless of the security of the machine. Remember that this security can be returned against you - a rootkit taking full control of your machine is a lot harder to remove than an Amiga virus. Quote:
Do you lock doors inside your home when you leave ? No, you just lock the door to the outside. So there is no need for any protection against processes running on the computer. Only the network software needs it. Do you see the point ? When bad code gets executed it is TOO LATE. Taking control of a machine is tricking the user to execute some code. Simply connecting a machine doesn't make it vulnerable. Btw. Oh, and don't forget your armor next time you go shopping. Who knows what can happen. |
|||||||||||
31 July 2015, 10:45 | #98 |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,323
|
After rereading a few posts i see we're a little bit OT in here.
As a new Amiga, should one exist, has very few chances to become a mainstream machine - we're in a niche market. So security is pointless - we're not targeted. |
31 July 2015, 10:51 | #99 | ||||
Glastonbridge Software
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,243
|
Quote:
Quote:
THEY COULD BUY STUFF WITH YOUR MONEY AND LISTEN TO YOU AND WATCH YOU IN YOUR OWN HOME. Quote:
Quote:
If one program on your system has an exploit allowing someone to inject code, your entire system is open, not just that one program. And it isn't necessarily badly written. Security is HARD. That is why it is imperative to limit the damage malicious code can do if it gets in. They managed to plant malicious code in a Jeep over its DAB radio. SSL only protects against someone eavesdropping on the communication, it doesn't guarantee the safety of the content. |
||||
31 July 2015, 11:32 | #100 | ||||||
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,323
|
Quote:
A good firewall (perhaps) would have. And guess what : Amigas also can run firewall software. Quote:
Features require some code. But not THAT MUCH code. You can't imagine the features that can fit in just 20kb of code. Quote:
Quote:
... apart that if malicious code runs on a miggy then it's noticed a lot faster. Quote:
Btw. do you have a gun at home to limit the malicious damage, should someone enter anyway ? Quote:
Memory protection will not either. In fact, nothing will. |
||||||
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Amiga 1200 computer | sidrulez! | MarketPlace | 4 | 01 January 2015 23:36 |
looking for my amiga 3000 computer | amicrawler | MarketPlace | 4 | 19 September 2009 21:50 |
Amiga inc reveal new entry Amiga computer - $489usd | Mikey_C | News | 132 | 01 October 2007 13:10 |
The DADDY Amiga computer is? | Bloodwych | Retrogaming General Discussion | 27 | 05 August 2002 18:14 |
|
|