Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #5781

Re: obviscating python code for distribution

From Hans Georg Schaathun <hg@schaathun.net>
Newsgroups comp.lang.python
Subject Re: obviscating python code for distribution
Date 2011-05-19 19:23 +0100
Organization University of Bergen
Message-ID <0q3ga8-s2v.ln1@svn.schaathun.net> (permalink)
References (6 earlier) <mailman.1769.1305745672.9059.python-list@python.org> <1skda8-3as.ln1@svn.schaathun.net> <mailman.1773.1305754489.9059.python-list@python.org> <4vlea8-55t.ln1@svn.schaathun.net> <mailman.1795.1305825830.9059.python-list@python.org>

Show all headers | View raw

On Thu, 19 May 2011 10:23:47 -0700, geremy condra
  <debatem1@gmail.com> wrote:
:  Let me get this straight: your argument is that operating *systems*
:  aren't systems?

You referred to the kernel and not the system.  The complexities of
the two are hardly comparable.

There probably are different uses of system; in computer security
literature¹ it often refers, not only to a product (hardware/software)
an actual installation and configuration of that product in a specific
context.  /I/ did not redefine it.

Speaking of reasonable assumptions, one necessary assumption which is
particularly dodgy is that whoever deploys and configures it
understands all the assumptions and do not break them through ignorance.

Is your concern with security purely from a developer's viewpoint,
so that you don't have to worry about the context in which it will
be deployed?

: > So what?  The levels of assurance have nothing to do with standards.
: > The levels of assurance refer to the /confidence/ you can have that
: > the standards are met.
: 
:  The increasing levels of assurance don't just signify that you've
:  checked for problems- it certifies that you don't have them, at least
:  insofar as that level of testing is able to find. Insisting that this
:  doesn't, or shouldn't, translate into tighter security doesn't make
:  much sense.

Tighter sure, but the security requirements and the requirement on
testing and/or validation are orthogonal scales.  The higher levels
of assurance are based on formal methods while the lower ones are based
primarily on testing.  

I read your initial comment to imply that if you cannot get satisfactory
assurance using the lower levels, you won't get any at the higher
levels.  That does not make any sense.  Obviously, if you were implying
that no system passes the lower levels, then of course they won't pass
the higher levels, but then, if that's the case, we would all know that
we cannot even design /seemingly/ secure systems.  And nobody has
suggested that so far.


¹ e.g. Dieter Gollmann for just one ref off the top of my head.
-- 
:-- Hans Georg

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Re: obviscating python code for distribution Daniel Kluev <dan.kluev@gmail.com> - 2011-05-16 13:21 +1100
  Re: obviscating python code for distribution "Rhodri James" <rhodri@wildebst.demon.co.uk> - 2011-05-16 23:42 +0100
    Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 08:36 +0100
      Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 17:42 +0300
      Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 09:54 -0700
        Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 18:33 +0100
          Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 12:07 -0700
            Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 20:56 +0100
              Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 14:34 -0700
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 06:21 +0100
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-19 08:47 +0000
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 10:16 +0100
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 10:23 -0700
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 19:23 +0100
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 17:56 -0700
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-20 05:48 +0100
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-20 07:04 +0000
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-20 09:54 +0100
                Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 15:24 -0500
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-20 15:45 -0700
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-21 00:54 +0000
                Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 23:26 -0500
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-20 07:10 +0000
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-20 09:26 -0700
                Re: obviscating python code for distribution Nobody <nobody@nowhere.com> - 2011-05-20 18:48 +0100
                Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-20 11:33 +1000
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 19:30 -0700
                Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-20 12:35 +1000
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 03:24 +1000
        Re: obviscating python code for distribution John Bokma <john@castleamber.com> - 2011-05-18 12:31 -0500
          Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 03:52 +1000
      Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 10:40 -0700
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:07 +1000
      Re: obviscating python code for distribution "Littlefield, Tyler" <tyler@tysdomain.com> - 2011-05-18 12:26 -0600
        Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-18 21:54 -0500
          Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 10:50 -0700
            Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 01:17 -0500
      Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 21:30 +0300
      Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 21:31 +0300
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:37 +1000
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:49 +1000
      Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 14:47 -0700

csiph-web