Stata The Stata listserver
[Date Prev][Date Next][Thread Prev][Thread Next][Date index][Thread index]

RE: st: Mata vs C


From   "Steichen, Thomas J." <SteichT@rjrt.com>
To   <statalist@hsphsun2.harvard.edu>
Subject   RE: st: Mata vs C
Date   Thu, 18 Aug 2005 08:52:50 -0400

James Muller writes:
> Have there been any cases of malicious code being distributed 
> via Stata plugins? Too easy to track the author, perhaps. 
> It would be just so easy to do bad things with Mata or plugins. 
> Could even do it so the program gets over-written with something 
> innocent-looking afterwards.
> 
> Is it just me or does this seem like an extremely vulnerable point 
> regarding Stata?

This concern over mata and/or plugins surprises me a little, 
mainly because it has always been possible to write malicious code 
into an .ado file.  Perhaps the only difference is that ado code 
must remain visible while mata code can be hidden and plugin code 
is hidden.

In my 11 years of using Stata, I cannot recall a single instance
of intended or even accidental malicious ado code (and I extend
my personal thanks to this amazing group of honorable and benevolent 
writers of Stata code).  Nonetheless, it is always appropriate
to use caution when you get anything for free!  

I suspect that the number of Stata users is simply too limited 
(say relative to MS Windows) to attract vicious programmers... 
They likely can't do enough harm relative to the effort involved
to make them happy.  (This logic also applies to the supposedly
safer Mac world.) 

Tom


-----------------------------------------
CONFIDENTIALITY NOTE: This e-mail message, including any attachment(s),
contains information that may be confidential, protected by the attorney-
client or other legal privileges, and/or proprietary non-public
information. If you are not an intended recipient of this message or an
authorized assistant to an intended recipient, please notify the sender by
replying to this message and then delete it from your system. Use,
dissemination, distribution, or reproduction of this message and/or any of
its attachments (if any) by unintended recipients is not authorized and may
be unlawful.


*
*   For searches and help try:
*   http://www.stata.com/support/faqs/res/findit.html
*   http://www.stata.com/support/statalist/faq
*   http://www.ats.ucla.edu/stat/stata/



© Copyright 1996–2014 StataCorp LP   |   Terms of use   |   Privacy   |   Contact us   |   What's new   |   Site index