Delivery-Date: Fri, 10 Jul 2015 15:04:35 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,FROM_LOCAL_NOVOWEL,HK_RANDOM_FROM,RCVD_IN_DNSWL_MED,
	T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id DCDC31E0427;
	Fri, 10 Jul 2015 15:04:33 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 410A136B83;
	Fri, 10 Jul 2015 19:04:28 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id B063B36B69
 for <tor-talk@lists.torproject.org>; Fri, 10 Jul 2015 19:04:24 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id CqPMBIu0VC-f for <tor-talk@lists.torproject.org>;
 Fri, 10 Jul 2015 19:04:24 +0000 (UTC)
Received: from mail-wi0-x231.google.com (mail-wi0-x231.google.com
 [IPv6:2a00:1450:400c:c05::231])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 6170E36B66
 for <tor-talk@lists.torproject.org>; Fri, 10 Jul 2015 19:04:24 +0000 (UTC)
Received: by wiga1 with SMTP id a1so22898258wig.0
 for <tor-talk@lists.torproject.org>; Fri, 10 Jul 2015 12:04:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=XU5zeBpKzO7C/KwI0HJbf4y54iRgDCuFZWsk5zLi7Sk=;
 b=MUOB2baB33bkc5PJxetrcFgDjG/LAf2Nk3Eb56JlPQK6hondGAlsQb4ov8myNrjQZY
 ZGC2wd3lWKZZjurP3SqjnqFwUAQQKoi9vd7EZEbxZqrbgmM75zAxq9ROz8jnhHGC0yHn
 X3328sL9dxJvlOR+18ZF7vbJhsu/iCQaQjmAKf2xZd0ZGXLWbrinvVySkR0KEiu9FKbm
 j1P0sMojKqulGsx6q0MxgpJUFc1cn/n00XkcddOu8HgCtgtHHZMJgUZbb0kLaumS/eSs
 z4ecZjSKhUA/It3wvDhhxI0608J/SjQTQupIKLT+XkkbjKNhXpK5TKV1DOM8IN+GGhBm
 x90A==
MIME-Version: 1.0
X-Received: by 10.180.80.9 with SMTP id n9mr500375wix.87.1436555061170; Fri,
 10 Jul 2015 12:04:21 -0700 (PDT)
Received: by 10.194.81.97 with HTTP; Fri, 10 Jul 2015 12:04:21 -0700 (PDT)
Received: by 10.194.81.97 with HTTP; Fri, 10 Jul 2015 12:04:21 -0700 (PDT)
In-Reply-To: <2908573.VdipUzUU48@flipchan-tha-server>
References: <5596ED9F.3050302@cryptolab.net> <559D1282.1020502@agol.dk>
 <CAAgxajGSzYztzVzpsujpSskupMUkc9KAJ3zV5cCzdP1C=xW74A@mail.gmail.com>
 <2908573.VdipUzUU48@flipchan-tha-server>
Date: Fri, 10 Jul 2015 12:04:21 -0700
Message-ID: <CAAgxajHooUcCawM+FuwrwZstXTehC+APFr1+yc=VJ85qSD1X=Q@mail.gmail.com>
From: Apple Apple <djjdjdjdjdjdjd32@gmail.com>
To: tor-talk@lists.torproject.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] pdf with tor
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

>couldn't we just code some protection against this
Well security vulnerabilities are basically bugs, that is, programming
mistakes, which a 3rd party can exploit to do things like crash or take
control of the system.

There are some mitigations such as Address Space Layout Randomisation,
Position Independent Code, Stack Smashing Protection, Mandatory Access
Controls etc. If you are interested in the technical details of how these
things work I recommend looking at the Hardened Gentoo documentation
http://wiki.gentoo.org/wiki/Hardened/Introduction_to_Hardened_Gentoo.

I think the general problem is more political than technical. Unfortunately
no one really cares about security. Maybe it's because it can't be measured
easily, unlike other things such as performance. If a regular person
switches from OS A to OS B and their computer now takes twice as long to
boot up they are just going to switch right back - regardless of any
additional non-tangible benefits the latter may have, including security.

At the moment we're in a sad situation where OS vendors will only implement
watered down security controls so as to not harm things that customers
actually notice such as performance. For example Windows, OS X and Linux
all have some kind of ASLR so they can tick the box and say "yep, got that
shiny feature" but if one were to scrutinise the actual implementations
they are all woefully inadequate compared to the original Pax or OpenBSD
design. Here is an article illustrating the kind of attitude I mean
https://www.rsbac.org/documentation/why_rsbac_does_not_use_lsm.

I think opening PDF files inside a virtual machine is not a bad way of
solving the problem. There are obviously practical limits stopping you from
having a VM for every application. If that idea of separating groups of
addictions into different virtual machines still intrigues you though then
you might be interested in the Qubes project.

I hope this information is helpful.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

