From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,9bb56e94a4c5bb5e X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news4.google.com!newshub.sdsu.edu!elnk-nf2-pas!newsfeed.earthlink.net!stamper.news.pas.earthlink.net!newsread1.news.pas.earthlink.net.POSTED!a6202946!not-for-mail From: Jeffrey Carter Organization: jrcarter commercial-at acm [period | full stop] org User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7.3) Gecko/20040910 X-Accept-Language: en-us, en MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: How unchecked conversion works? References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Message-ID: <8PwGd.8282$pZ4.6177@newsread1.news.pas.earthlink.net> Date: Sun, 16 Jan 2005 16:41:40 GMT NNTP-Posting-Host: 63.189.48.247 X-Complaints-To: abuse@earthlink.net X-Trace: newsread1.news.pas.earthlink.net 1105893700 63.189.48.247 (Sun, 16 Jan 2005 08:41:40 PST) NNTP-Posting-Date: Sun, 16 Jan 2005 08:41:40 PST Xref: g2news1.google.com comp.lang.ada:7850 Date: 2005-01-16T16:41:40+00:00 List-Id: Larry Kilgallen wrote: > I remember that the Honeywell SCOMP was evaluated at the A1 level. I attended a presentation at a conference in the late 1980's by a researcher whose project was to create an A1 OS. Basically he was reimplementing UNIX into an A1 level OS. This allowed him to reuse some of the UNIX source code. This was funded by the US govt. He had achieved everything except there was one small covert channel available. A trusted user could set up a program that created a lot of processes when it wanted to transmit a one, and no processes to transmit a zero. The untrusted recipient would create a process from time to time and see how many processes had been created, since process IDs were sequential. This created a noisy channel with a bandwidth of about 1 bps. The researcher tried to plug this hole by using a PRNG to generate IDs without replacement, but since the algorithm used by the PRNG would be known or easily determined, that just made the recipient's program a little more complicated, and the channel a little more noisy. Since the researcher couldn't include a true RNG in his SW, the project was a failure. It seems to me that this system was a success. Nothing stops the trusted person from memorizing a block of data, going out of the secure area, writing it down, and giving it to the recipient. That would have less noise and a much higher bandwidth than this covert channel. The only channels worth worrying about should be those that are better than humans can achieve without using the computer. Trying to plug this kind of hole is a waste of time. -- Jeff Carter "Every sperm is sacred." Monty Python's the Meaning of Life 55