is there a best anti-viral program for Revolution?

Dar Scott dsc at swcp.com
Wed May 25 12:24:42 EDT 2005


On May 25, 2005, at 12:23 AM, Erik Hansen wrote:

> is there a best anti-viral program
> for Revolution?

I struck the OT from my response.  This is highly relevant to this list.

It is very easy to download and run stacks.  Often in mail we find 
message-box one-liners to open stacks on the net.  Stacks can be 
readily opened from Revolution Online.

Transcript is very powerful, like fire.  And like fire it is dangerous.

Stacks can work like applications and can be libraries that we use in 
what we build.

Stacks can easily be viruses but are even more likely to be be malware, 
spyware, or a wide range of trojan horse bad things.  Like an Borland 
Pascal math library, some might work OK for years before springing on 
you and your customers.

As the Revolution community grows there will be viruses and cousins and 
these might be covered in virus databases.  Many anti-virus programs 
look at mail or files.  However, many of us run stacks before they are 
saved.

It would be nice to be able to run stacks in a sandbox.  Do we have 
some of this?

If a stack is not encrypted, it might be possible to automatically 
detect any file i/o or network i/o or shell() if there was no attempt 
to hide that.  However, Transcript is very powerful and it would be 
easy to hide those.

It gets down to trusting your source, trusting that what you are 
getting is really from your source and trusting the competence of your 
source in not including malware in the stack.  There are many folks in 
this community that I trust as far as integrity, but know they can err 
as easily as I in making sure a stack is safe.

Some folks with files that can be downloaded include MD5 or SHA digests 
at the same site as the download or in announcements.  It is safer to 
have those in independent sites.  Even then there are vulnerabilities.  
Even so, this might be a direction for this community to go.  The 
process of downloading a stack might point to two URLs, one for the 
stack and one for the digest.

Another direction might be the concept of a signed stack file.  That 
can be independent of the stack structure, simply a signed version of 
some binary file.  However, if RunRev extends the notion of stack to 
include a signed stack and can handle the signature verification, and 
even do signing, that would be cool.

All of this is a real pain, but I don't know how to avoid it.  Anything 
added to Revolution and to Revolution network services to minimize that 
pain would be nice.

Dar

-- 
**********************************************
     DSC (Dar Scott Consulting & Dar's Lab)
     http://www.swcp.com/dsc/
     Programming and software
**********************************************



More information about the use-livecode mailing list