OT Antivirus software

touche. although at a2 and higher, it's mathematically provably secure.

WATFIV

SPSS

BAL

SOC 4

PL/C

See, I know the *real* swear-words!

I actually enjoyed using FORTRAN. It was a lot more tolerable, after you figured out "equivalents" for 'useful' features in other languages. I even managed "array of pointer to function" that didn't give any even ANSI WARNING messages.

I'm *not* going to repeat what the salesman for a high-end Fortran-to-C conversion service said when he got some of that code for a demo of their product.

Then there was the time the boss made me write more than 40 lines of comments to document a _single_ line of Fortran code. A *very*simple* line of code. all it did was a _single_ 'shift' operation. This was one of those things where _what_ was happening was absolutely clear, but *WHY* it worked took a _lot_ of explaining. an 'abuse the data representation' situation. :)

Number of _milliseconds_ overflowing a 32-bit qty.

"The number of _discovered_ bugs in a system is always finite in number. the number of UNDISCOVERED bugs, is, by definition, infinite in number."

I do know of *one* O/S without any bugs in it. TSEC 'orange book' certified at the A1 level -- with the formal mathematical proof of correctness, and the proof of implementation matching the design.

Even if true, the 'risks/damages' are _guaranteed_ to a much lesser degree.

out-of-the-box, without any 'hardening' -- User mail readers don't run with "system" privileges. The _windowing system_ doesn't run with 'system' privileges. Users (or viruses they unknowningly execute) cannot over-write *system* files

With only a -moderate- amount of hardening (2-3 hours of configuration tweaking) and the right SCSI drives, and I have systems where I will _give_ you the superuser password, _and_ access to the physical console, and the _worst_ thing you can do is cause the system to re-boot.

It _doesn't_ require 'rocket science'. Just healthy paranoia, *and* the right 'building block' tools.

Windows XP PRO is approaching where Unix was 15-20 years ago, in _that_ respect.

That old argumetn remains false.

Remember the "Join the Crew" virus hoax? This was a chain letter sent around the internet from naive users. Basicly it said that if you got an email with "Join the Crew" in the subject line to had to delete it unread because if you read it, your computer would be infected with a terrible virus. Periodically system administrators hd to remind their naive users that you could not infect your computer by reading your email.

Then Microsoft discovered the internet and suddenly it became possible for viruses to spread just by reading email. Not satisfied with that, Microsoft went on to wirte email clients that would automatically infect your computer with emailed viruses even befor you read the email.

NO previous email client software had been written that would automatically and by default execute any executable it received in an email. Pretty much everyone else had realized THAT would be incredibly stupid.

There are a host of other mistakes made by Microsoft that everyone else had previously avoided right off the bat that Microsoft has made and still has refused to correct. Another classic that no decent programmer would make was the practice of updating the registry BEFORE installing a new module and writing the OS so it would not re-install software that was in the registry so that if the installation failed the user could not simply fix the problem by repeating the installation.

Then there is Microsoft's refusal to use CDS which assures the viability of buffer-overflow exploits.

And so on.

Yes, without Microsoftware there would be worms and viruses and definately there would be spam, but not like we have now.

I don't think I am in rec.woodworking anymore, Toto.

I'll see you and raise you a FORTH.

"Forth is a recursive language. You can't understand Forth till you understand Forth."

I wrote a Forth interpreter for a Modcomp mini once when I was between projects and bored. The guy in the next office outdid me - he took the Forth and used it to build a Lisp interpreter :-).

Use the Filter, Luke!

Humph. Late comer. How about Fortran I and FAP, later MAP and Fortran II. Lots of people writing good stuff to augment the manufacturer's offerings, including CARE (CDC 924 assembler), Boolfinder (JPL 7044 link editor), and a memory management system for 360 75's running RTOS/JPLOS (can't remember the name). The last three are unfair because I wrote them (most of them anyway) in about 1963, 1968, and 1971. creak, jo4hn

But it is vulnerable Dave. Open source code makes it more vulnerable than proprietary code. It is a matter of poplularity at this point that makes

*nix less attractive to the average adolescent with too much time on his hands. CERT advisories make it clear that *nix is certainly vulnerable.

All right, I know you Linux guys are going to blink a couple of times and scratch your heads, wondering how I could even think to ask such a thing, but why one Earth would you care how long the computer has been running continously? I know mine has been on for a couple of months (Win2000 professional) but I can't imagine keeping track of the number of days, or even really caring if it got shut off for a while (it just stays on because I'm sort of lazy, and I figure the cancer-research screensaver can use it when I'm otherwise occupied). What are you doing, trying to find the zillionth decimal place of PI with a 486 or something equally odd?

Nothing. Not a twinge of recognition even.

OUCH!

I see now that I am in the presence of a true master.

I just couldn't stand the whole "doing things 4 times" aspect of it. Hey, I'm gonna use a variable. Here is what it's called. Here is what it's set to. OK, now, use it.

No conversion software has ever been worth a damn, that I've seen.

There's a "guide to writing obfuscated code" somewhere which is great reading for amusement purposes. Unfortunately, some of the code-monkeys I've worked with have mistaken it for a style guide, I think. Ah, here one is, but it's not the one I was thinking:

one I was thinking talked about using variable names that looked like commands and so on, but my google-fu is deficient today.

Actually, I rather liked FORTH. Built a 6500-based micro back in, er, '80 or '81 maybe, that used it. PicoFORTH maybe?

Well, if you understand registers and CPU-speak in general, it's not bad. (thinks) actually, I learned Forth first, which made learning assembler much easier.

Now that, is just _wrong_.

'79 or '80 is as early as I get, having been 12 years old at the time.

/tip of the hat

That's straight out of the Microsoft propaganda mill, and is laughable. The whole point of open-source software is the peer-review process. If you tried to check in something that was insecure due to intent, or due to just bad coding, (a) it gets caught, and (b) you lose credibility. I'd rather trust thousands of geeks who are trying to do it right, compared to one entity (Microsoft) whose motivation is profit. It's not just a theoretical difference; compare vulnerabilities of, say, OpenBSD vs. Windows XP. You might have trouble finding some for the former...

And yet, those vunlerabilities are usually a case of someone changing something in an unwise way, to expose the possibility of a hypothetical bug. Compare this to the trojan-of-the-week advisories that you're no doubt also seeing for Windows.

As another person here has posted, even if you exploit user or process-level security holes, you don't get system level access. This is in sharp contrast to Windows where the user and window manager run with system-changing authority. That fundamental difference is the critical difference. No matter how a Unix user screws up, or what they run, they can't hurt the system.

Well, as I mentioned, one of mine is monitoring several dozen financial service provider websites that our company has on the Internet. My boss's boss's boss would get touchy if we didn't know something went down because the monitoring boxes failed, because people wouldn't be able to do things like buy houses and other kinda important stuff.

We're not keeping track of it, just run 'uptime' and it tells ya. Well, on the one, I know it rolled over the 497 days thing twice, so I guess I'm keeping track of it somewhat...

No, it's running a critical business function that can't just crash at random times because it feels like it. Someone else mentioned a control system at a steel mill, which would require literally tons of metal to be reprocessed should it fail.

But, raw uptime isn't the primary reason, or even _a_ primary reason, to switch to an OS. Just Not Breaking is damn nice once you get used to it.

Subject lines. Use them. Love them.