Full Disclosure mailing list archives
Re: Microsoft AntiSpyware: Will it be free and Vulnerable
From: devis <devis () easynix net>
Date: Tue, 11 Jan 2005 22:03:30 +0100
Dan Margolis wrote:
It is prooved matter that spywares do exploits IE holes ( Iframes bugs, Active X etc etc ). Do your work on a few and you will see. Beside, you missed the point entirely: if an user, just by clicking, can install spyware on his machine, then the OS / browser is to blame, not the actual (bad) code (exploiting it) floating around websites. Once again, you are missing the point completely, if M$ didn't 'slack code' their OS, spyware would :On Tue, Jan 11, 2005 at 06:51:16PM +0100, devis wrote:Buahwuahwuahwuawa ... you have to be gullible to think that M$ will not NOT cash on their own slack coding.I'm confused. Are are you saying that "slack coding" by Microsoft is responsible for spyware/adware? Seems a bit of an odd interpretation. Here's mine: - It's very, very difficult to prevent people from voluntarily installing spyware on their own systems. There's no way to write a heuristic that can distinguish between an application that accesses the 'net on a regular basis for spying and one that does so for, say,monitoring a buddy list or checking for mail.- You can certainly whitelist applications, but this would prevent useres from being able to install obscure shareware apps, custom apps,etc.- Were MS to restrict access to their API in order to prevent spyware makers from doing obscure tricks with the registry and whatnot, they'dbe accused, quite rightly, of anti-competitive tactics.Certainly some spyware results from poor restriction of web controls or something--I don't know the details, as I don't even use Windows--but I'd bet you the vast majority comes from users installing stuff they shouldn't--Kazaa, Snood, whatever--or from users clicking "OK" on bannerads that promise to speed your Internet connection.Much of the same goes for e-mail worms: so long as a user has permission to execute untrusted code and so long as that user has permission tosend code to other people, he is easy prey for e-mail born worms.So, here's the question: does most spyware exploit some actual bug or design flaw? Or does it just use the user's gullibility? I suspect thelatter. Flame on. --Dan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
1) not install 2) therefore not exist in the form, numbers and variety we know them I'll give you a clue:try to get a 'tool bar' or some 'other added bonus' automagically on bsd/unix/linux/solaris using any browser, on any site, clicking randomly.
As you said,'It's very, very difficult to prevent people from voluntarily installing spyware on their own systems.' yes indeed, because MS made it that the average joe is an admin therefore has supreme powers out of the box.
Usability costs security. Always has, always will. No Flames, Just information. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft AntiSpyware: Will it be free and Vulnerable RandallM (Jan 08)
- Re: Microsoft AntiSpyware: Will it be free and Vulnerable Matt Ostiguy (Jan 08)
- Re: Microsoft AntiSpyware: Will it be free and Vulnerable Vincent Archer (Jan 10)
- Re: Microsoft AntiSpyware: Will it be free and Vulnerable devis (Jan 11)
- Re: Microsoft AntiSpyware: Will it be free and Vulnerable Dan Margolis (Jan 11)
- Re: Microsoft AntiSpyware: Will it be free and Vulnerable devis (Jan 11)
- Re: Microsoft AntiSpyware: Will it be free and Vulnerable Dan Margolis (Jan 11)
- Re: Microsoft AntiSpyware: Will it be free and Vulnerable Matt Ostiguy (Jan 08)