RE: [malware-list] TALPA - a threat model? well sorta.

From: Press, Jonathan
Date: Fri Aug 15 2008 - 12:30:36 EST

Next message: Stephen Hemminger: "[PATCH] lockdep: fix build if CONFIG_PROVE_LOCKING not defined"
Previous message: Linus Torvalds: "Re: Please pull ACPI fixes"
In reply to: david: "RE: [malware-list] TALPA - a threat model? well sorta."
Next in thread: david: "RE: [malware-list] TALPA - a threat model? well sorta."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> -----Original Message-----
> From: david@xxxxxxx [mailto:david@xxxxxxx]
> Sent: Friday, August 15, 2008 12:25 PM
> To: Press, Jonathan
> Cc: Peter Zijlstra; Helge Hafting; linux-kernel@xxxxxxxxxxxxxxx;
malware-
> list@xxxxxxxxxxxxxxxx; hch@xxxxxxxxxxxxx; andi@xxxxxxxxxxxxxx;
> viro@xxxxxxxxxxxxxxxxxx; alan@xxxxxxxxxxxxxxxxxxx; Arjan van de Ven
> Subject: RE: [malware-list] TALPA - a threat model? well sorta.

> > The problem is that you have to account for the cases where the
malware
> > made it onto the system even if you were trying to catch it ahead of
> > time. For example:
> >
> > - Administrator turns off or reduces AV protection for some reason
for
> > some period of time. It happens all the time.
>
> according to the threat model actions of the administrator do not
matter.

Sorry, I don't know what you mean.

Jon

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stephen Hemminger: "[PATCH] lockdep: fix build if CONFIG_PROVE_LOCKING not defined"
Previous message: Linus Torvalds: "Re: Please pull ACPI fixes"
In reply to: david: "RE: [malware-list] TALPA - a threat model? well sorta."
Next in thread: david: "RE: [malware-list] TALPA - a threat model? well sorta."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]