| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: strombrg at dcs.nac.uci.edu (Dan Stromberg) Subject: Administrivia: Testing Emergency Virus Filter.. On Wed, 2003-08-20 at 16:56, Nick FitzGerald wrote: > 2. I suspect that Mr Turing and a his halting problem will intervene > in any attempt to devise a foolproof "this message contains an > attachment" mechanism. The obvious choice to break any such system is > steganographic encoding of a binary stream into a text message. It may > be grossly inefficient, but do you think that really matters? You likely already know this and just thinko'd, but detecting an attachment isn't equivalent to the halting problem - not with current protocols/standards at least. Detecting an attachment with a nasty payload is equivalent to the halting problem though, which for those who didn't study theoretical computer science, means "you can't do it very well, generally speaking". However, despite nice general-purpose virus/trojan detection being equivalent to the halting problem, look at all the antivirus companies making a living doing it anyway. If it weren't equivalent to the halting problem, if it were solvable in a reasonable amount of time in general, then windows (esp.) and mac users wouldn't have to download new virus signatures all the time. -- Dan Stromberg DCS/NACS/UCI <strombrg@....nac.uci.edu> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030821/976826f8/attachment.bin
Powered by blists - more mailing lists