[funsec] Texas Bank Dumps Antivirus for Whitelisting
Richard M. Smith
rms at computerbytesman.com
Thu Jul 17 13:02:52 CDT 2008
But how does a Web browser running on a Harvard Architecture stop XSS
errors? Code and data mixing happens within HTML and not at the binary
machine level. You're now saying that we should ditch HTML with its mixture
of tags, text, and script code are you?
Richard
-----Original Message-----
From: funsec-bounces at linuxbox.org [mailto:funsec-bounces at linuxbox.org] On
Behalf Of Rob, grandpa of Ryan, Trevor, Devon & Hannah
Sent: Thursday, July 17, 2008 2:35 PM
To: funsec at linuxbox.org
Subject: Re: [funsec] Texas Bank Dumps Antivirus for Whitelisting
Date sent: Wed, 16 Jul 2008 21:33:32 -0400
From: "Richard M. Smith" <rms at computerbytesman.com>
> I'm not sure how Harvard Architecture, whatever it might be, would protect
> against SQL injection and XSS errors.
Kids these days.
Harvard architecture, unlike von Neumann architecture, had a strict
separation of
progrma and data store and representation. It would have been impossible
for a
program to modify its own or other executable material. Data was not
executable,
so SQL injection and XSS would have been impossible. (So would a lot of
other
things, but ...)
====================== (quote inserted randomly by Pegasus Mailer)
rslade at vcn.bc.ca slade at victoria.tc.ca rslade at computercrime.org
Skill without imagination is craftsmanship and gives us many
useful objects such as wickerwork picnic baskets. Imagination
without skill gives us modern art. - Tom Stoppard
http://victoria.tc.ca/techrev/rms.htm
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
More information about the funsec
mailing list