[Owasp-leaders] Mobile security
namn at bluemoon.com.vn
Wed May 25 08:54:01 EDT 2011
On Wed, 25 May 2011 08:09:38 -0400
Kenneth Van Wyk <ken at krvw.com> wrote:
> On May 25, 2011, at 4:51, Nam Nguyen <namn at bluemoon.com.vn> wrote:
> > Like the example about why we use AV. We use AV not because the OS cannot protect us.
> > I mean, a virus is a normal application. So is a malware/trojan/etc. Just unwanted/undesired ones. It is not, then, the OS's responsibility to prevent an application from running.
> I suppose we'll just have to disagree on that point then.
Very much so, Kenneth. I have no doubt that you have very good reasons to believe otherwise. I'm not contesting your statement. I just don't agree with your example.
> I feel the mere existence of PC viruses is the single biggest failure of OS-level access control in the history of computing.
Just for the sake of my own curiosity, if it had been you, would you have designed the access control differently? How different? How could that prevent virus/worm/trojan/etc?
Shall we start another thread to debate on virus and OS responsibility? This could be an interesting topic.
More information about the OWASP-Leaders