is there a best anti-viral program for Revolution?

Gordon Webster gwalias-rev at yahoo.com
Wed May 25 12:40:11 EDT 2005


Scanning the Transcript in stacks would not be useful
I feel, since it's true purpose could be so easily
obfuscated as Dar rightly points out. Also, encrypted
stacks would be a major headache.

I think that the 'sandbox' has to be at the bytecode
level to be truly effective and that means it would
probably be best to have this feature built into the
runtime engine.

I would imagine that this could work in much the same
way as the Java security layer that is the default
when running applets. Users would have the option to
run the stack in 'safe' mode which warns them what the
stack wants to do, instead of doing it.

The Java folk have 'been there, done that' so perhaps
the rev community could borrow from their experience
rather than reinventing the wheel.

Best

Gordon


--- Dar Scott <dsc at swcp.com> wrote:
> 
> On May 25, 2005, at 12:23 AM, Erik Hansen wrote:
> 
> > is there a best anti-viral program
> > for Revolution?
> 
> I struck the OT from my response.  This is highly
> relevant to this list.
> 
> It is very easy to download and run stacks.  Often
> in mail we find 
> message-box one-liners to open stacks on the net. 
> Stacks can be 
> readily opened from Revolution Online.
> 
> Transcript is very powerful, like fire.  And like
> fire it is dangerous.
> 
> Stacks can work like applications and can be
> libraries that we use in 
> what we build.
> 
> Stacks can easily be viruses but are even more
> likely to be be malware, 
> spyware, or a wide range of trojan horse bad things.
>  Like an Borland 
> Pascal math library, some might work OK for years
> before springing on 
> you and your customers.
> 
> As the Revolution community grows there will be
> viruses and cousins and 
> these might be covered in virus databases.  Many
> anti-virus programs 
> look at mail or files.  However, many of us run
> stacks before they are 
> saved.
> 
> It would be nice to be able to run stacks in a
> sandbox.  Do we have 
> some of this?
> 
> If a stack is not encrypted, it might be possible to
> automatically 
> detect any file i/o or network i/o or shell() if
> there was no attempt 
> to hide that.  However, Transcript is very powerful
> and it would be 
> easy to hide those.
> 
> It gets down to trusting your source, trusting that
> what you are 
> getting is really from your source and trusting the
> competence of your 
> source in not including malware in the stack.  There
> are many folks in 
> this community that I trust as far as integrity, but
> know they can err 
> as easily as I in making sure a stack is safe.
> 
> Some folks with files that can be downloaded include
> MD5 or SHA digests 
> at the same site as the download or in
> announcements.  It is safer to 
> have those in independent sites.  Even then there
> are vulnerabilities.  
> Even so, this might be a direction for this
> community to go.  The 
> process of downloading a stack might point to two
> URLs, one for the 
> stack and one for the digest.
> 
> Another direction might be the concept of a signed
> stack file.  That 
> can be independent of the stack structure, simply a
> signed version of 
> some binary file.  However, if RunRev extends the
> notion of stack to 
> include a signed stack and can handle the signature
> verification, and 
> even do signing, that would be cool.
> 
> All of this is a real pain, but I don't know how to
> avoid it.  Anything 
> added to Revolution and to Revolution network
> services to minimize that 
> pain would be nice.
> 
> Dar
> 
> -- 
> **********************************************
>      DSC (Dar Scott Consulting & Dar's Lab)
>      http://www.swcp.com/dsc/
>      Programming and software
> **********************************************
> 
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
>
http://lists.runrev.com/mailman/listinfo/use-revolution
> 


More information about the use-livecode mailing list