"i doubt this can be remotely implemented in practice because of dynamic code like |eval| and mobile code."
Because we all shout at and blacklist browsers when a website gets hacked and starts monitoring users' actions..... On a more serious note, try a program, like Comodo's Firewall. You can change the operation mode, from "learn which programs do what", to "block all programs". I'm afraid most of this talk is theoretical crap. Then again, during Godel's age, there weren't computers that could calculate how many people believe in spaghetti monsters. In short, there is the social factor, which computers seem to be more and more dependent on. There are no precise mathematics, in fact, all notion of probability is fragmenting so much, that the probability that anything happens nears to 1. My two cents, Chris. On Sun, Sep 19, 2010 at 7:07 PM, Georgi Guninski <[email protected]> wrote: > On Sun, Sep 19, 2010 at 06:21:35PM +0200, Pavel Kankovsky wrote: >> On the other hand, It is possible to "detect all bad programs" if it is >> allowed to err on the safe side and mistake some good programs for bad >> programs. An extreme example is to call all programs bad unless their >> exact code appears on the list of known good programs. >> > > > i doubt this can be remotely implemented in practice because of dynamic code > like |eval| and mobile code. > > can |code| be realistically distinguished from |data| for current OSes > (e.g. is a vim modeline *only a* plain string or a string + program) ? > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
