From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <20030605013240.33002.qmail@web40413.mail.yahoo.com>
From: "A. Baker" <boojum_42@yahoo.com>
To: 9fans@cse.psu.edu
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Subject: [9fans] Chaos anyone?
Date: Wed,  4 Jun 2003 18:32:40 -0700
Topicbox-Message-UUID: c4950842-eacb-11e9-9e20-41e7f4b1d025


I'd be (wildly) interested in comments of the security
persuasion.
(Plan 9s current model vs Unix (yes I RTFM, TYVM :-)
vs Process-Based Security(PBS), vs ... ?

See This?

http://story.news.yahoo.com/news?tmpl=story&cid=620&ncid=620&e=4&u=/nf/20030603/bs_nf/21652

(in essence)

HydraOS
"It is "the first hack proof Web-services appliance
          -------------8<-------------
(Welllll?)

http://www.thirdpig.com/brickserver.htm
          -------------8<-------------
which can defend against such an attack and will never
crash," Bodacion Technologies chief software architect
Eric Uner told NewsFactor. "The server's combination
of complex mathematics and embedded systems makes it
impervious."
The Hydra operating system (OS) is composed of a small
real-time nano-kernel, TCP/IP networking stack, Web
server, FTP server and file system designed by former
Motorolasoftware engineers Uner and Eric Hauk.
Hydra's kernel is loaded from flash memory rather than
disk, according to company specifications. Each time
Hydra loads the kernel, it checks for viruses, then
constantly scans the kernel in RAM for any viruses or
unauthorized changes.
"Hydra's embedded kernel is one aspect that makes
Hydra so revolutionary," Bodacion's documentation
claims. "Hydra constantly checks its small kernel for
corruption, making Hydra immune to viruses."
Bodacion's Hydra server uses biomorphic mathematics --
a derivative of Chaos Theory used to model the random
growth of living things -- to generate series of
pattern-less numbers that cannot be deciphered by
hackers, even if they possess the basic mathematical
formula, Uner told NewsFactor. No two Hydra users ever
receive the same session ID, customer ID, order ID, or
any other digital identification. Nor will any hacker
be able to discern a pattern and predict the next
number, Uner added."

http://hydra.hellug.gr/download.html

Also has anyone honeypotted, -netted Plan 9 (yet)?

http://www.honeypots.net/

http://www.securityfocus.com/infocus/1506/

Alllll those big words!
I've been gone awhile and am trying to catch up. I'm
actively(?!) putting off the gauntlet of hardening my
sacrificial (Unix) Gnu(g)oat.
Many thanks,



=====
Boojum

__________________________________
Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
http://calendar.yahoo.com