From: Eliezer Yudkowsky (sentience@pobox.com)
Date: Sat Dec 28 1996 - 16:39:23 MST
> You throw out any code that might break the security,
> even when it doesn't, *because* of the halting problem. Only simple code
> will pass the verifier. So you're limiting people's ability to write good,
> fast code in order to ensure that it's theoretically secure. If GNU come
> out with a super-duper highly-optimized free compiler which doesn't
> produce the same bytecode as Sun, then their applications will be bounced.
Tough luck for GNU. I know what the Java bytecodes are and how they're
verified, and that shouldn't pose any major barrier to optimizing
compilers if a bit of intelligence is exercised in their design.
> More to the point, a 'secure' language should not need a verifier. The
> mere fact that Java bytecode must be verified before it's run shows that
> the bytecode is not secure
I agree. If I'd designed the bytecodes, they'd be inherently secure and
we could write self-modifying Java code. (All you need are multiple
stacks.) However, the Java language is not just bytecode, but bytecode
+ verifier.
(From me:)
> > In point of fact, if Java wasn't secure, *then* I could write a
> > Turing machine capable of solving the halting problem.
How? Easy enough: A Turing machine is vulnerable to the halting
problem only because it can be encapsulated within a Universal Turing
Machine. (See Turing's original argument.) If the encapsulation can be
broken, I can modify the Turing machine to correctly say "Goes on
forever" when implemented on the basic level, and (incorrectly say)
"halts immediately" when encapsulated by the UTM, thus making it
invulnerable to the halting problem. This only works if the
encapsulation can always be broken.
> And how exactly do you prove there are no flaws in the implementation?
> Plenty have been found and exploited already, and more will be.
How do you prove that there are no chocolate cakes in the Asteroid belt,
especially when the first SF fans to enter the Asteroid belt,
particularly via time travel, will probably toss a chocolate cake in
there out of sheer mischief?
-- sentience@pobox.com Eliezer S. Yudkowsky http://tezcat.com/~eliezer/singularity.html http://tezcat.com/~eliezer/algernon.html Disclaimer: Unless otherwise specified, I'm not telling you everything I think I know.
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 14:35:56 MST