WHMurray@DOCKMASTER.NCSC.MIL (04/06/90)
Fred Cohen uses the term "transitivity" to describe the potential of data to flow between compartments within a system. However, the term is also used to describe the propensity for data to become a program. That is, how likely is the data to influence the behavior of the system. Let us take for example an ATM. I can put data in it. The data that I put in influences the behavior of the system in a limited way. It would not be fair to say that it has no influence at all. On the other hand, it cannot cause any change to the program library of the ATM or of the host system. I would have great difficulty entering a virus through such a portal. I would have difficulty entering any data that could cause an unintended copy of itself, executable or otherwise, through such portal. It is possible to think of restricting the generality of a port, or even of a whole computer, such that its programs cannot be modified in any way. An arcade game is an example; a user can hardly enter data that will persist longer than the privilege afforded by one twenty-five cent token. The program may be stored in read-only storage. Yet, somehow I persist in believing that the originator of that program reserved to himself to make late modifications to the program. Does not this reserved privilege contain the potential to enter malicious changes? Cohen asserts that one way to deal with the virus problem would be to move to application-only machines. Others who have posted to this list insist that the virus problem is caused, not by the size of the population of PCs, but by the generality of its architecture and the ease with which programs can be changed. Are there useful lines, between these two extreme, that we can draw? William Hugh Murray 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840