From: terje.mathisen@nospicedham.tmsw.no   
      
   James Harris wrote:   
   > On 05/01/2018 20:31, wolfgang kern wrote:   
   >> My OS seem to save from such attacks because it wont ever compile   
   >> Java into executable code. It may just interprete it, and so easy   
   >> detect any attempt to behave outside of limits/rules.   
   >>   
   >> Please show me how it could affect my SAFE OS variant (interprete   
   >> only).   
   >>   
   >> It could gather some info about my OS within the rare   
   >> Windoze+KESYS variant but because my code-style is much too far   
   >> away from C, I heavy daubt that any non-C programmer/virus/trojan   
   >> will ever see how my OS work at all.   
   >   
   > In essence: Does your OS allow user-written binaries to run? If so,   
   > they can read anything - any byte - in the address space they run in   
   > even if that memory belongs to the kernel or to another program. The   
   > same trick would be much harder with interpreted Java.   
      
   This is only a scaling problem: The slower you run and the less timing   
   reslution you have, you just have to run for more iterations in order to   
   get statistically stable readings.   
      
   Terje   
      
      
   --   
   -    
   "almost all programming can be viewed as an exercise in caching"   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)