nanog mailing list archives
Re: Spyware becomes increasingly malicious
From: "Alexei Roudnev" <alex () relcom net>
Date: Wed, 14 Jul 2004 00:46:15 -0700
Most of the lastest versions appear to install themselves using the ByteCode Verifier vulnerability in the Microsoft Virtual Machine.
MS do not publish full system specs, and they use undocumented features themself. So, what other companies are doing? Yes, correct, they are experimenting, searching for the undocumented features. They found it, and no one can separate bugs and undocumented features. These are all results of MS approach _I am doing everything myself and do not want others to compete with me_. Ok, so please do not complain on those who uses your undocumented features, undocumented API (and ohh, it is not my API, it is a bug... as they are saying now). Are you sure that it is a bug, but not a backhole created by MS for themself? I am not.
Fully patched systems don't get the stuff installed.
Or - after others found this backhole, they decided to seal it. You can not prove that it is a bug, as I can not prove that it was a feature. Any undocumented API is not different from a bug - it is just something which is not documented but exists.
I'm sure the authors are working on newer injection methods....
Just as MS is working on new undocumented API's. Of course, they are - hackers, spyware designers and MS developers... I do not see a difference.
Though the blame might be placed on Microsoft for having a flaw in their code, this wasn't part of any IE feature.
Please, specify a difference between 'flaw in the code' and 'backhole created for their own purposes'. If they claim 'our developers use only specified API' and 'we specify and document every system call and every function which can be used legally, from technical point of view', then I agree. But they never did and never would. if they do it, they lost their monopoly. Result - full zoo of pets, pests, and other animals in every home computer running Windoze. May be, this particular feature was a bug, I can agree - but I do not see a difference (still).
I do not blame MS, but what about spyware on MAC-s - is it so easy to write and install spyware there?I don't really want to get into the argument of why people choose
Sorry, it was a _technical_ question - is MAC OS known as having pests and ad-ware in the comparable numbers (if any)?
microsoft products to attack, but if someone was going to choose a product to attack, from which they were going to try and make the most money/impact off of, do you think they would choose the product with the largest user base? I think that's the case here. It would be a poor business decision not to, and these people are definetly out to make as much money as they can off of these exploits.This is 100% legal at this point (and even if it is not legal, who bored about it outside of USA? No anyone!).It really shouldn't be legal. It is someone gaining unauthorized
Hmm. Is it legal for MS developers (for example, office developers) to use undocumented APIs? What's a difference? What does it mean 'access' - you open my web page, and your IE download my GIF file - is it authorised (my GIF is installed into your computer)? You allow Active X to run, even if ActiveX can install software - it is enough to be authorised. These is common sense - if there is a road, it is authoruised to hike it (except if there is a closed gate or an angry dog on the way). At least, it is common sence on 90% of the world. Of course, we can create many laws making common sense useless, but do not expect anyone outside to follow it. Internet is not located inside, so - you can make a conclusion. MS provoked people to search for undocumented things - it is common sense which say me that it results in my home computer making unpredicted actions - and I can not blame spyware writers, I should blame MS writers... (I do not like spywriters, anyway, but they are making their business..)
access to computer systems and altering data on those machines. Not to mention that people are profiting from these intrusions.
Of course, they are. MS is profited from undocumented API's, as well. Where is a difference?
-Brian
Current thread:
- Problems with private justice (was Re: Spyware becomes increasingly malicious), (continued)
- Problems with private justice (was Re: Spyware becomes increasingly malicious) Sean Donelan (Jul 13)
- RE: Spyware becomes increasingly malicious Hannigan, Martin (Jul 12)
- Re: Spyware becomes increasingly malicious Valdis . Kletnieks (Jul 13)
- Re: Spyware becomes increasingly malicious Dan Hollis (Jul 12)
- RE: Spyware becomes increasingly malicious Brian Battle (Jul 12)
- Re: Spyware becomes increasingly malicious Alexei Roudnev (Jul 13)
- Re: Spyware becomes increasingly malicious Petri Helenius (Jul 13)
- RE: Spyware becomes increasingly malicious Michel Py (Jul 13)
- RE: Spyware becomes increasingly malicious Michel Py (Jul 13)
- RE: Spyware becomes increasingly malicious Brian Battle (Jul 13)
- Re: Spyware becomes increasingly malicious Alexei Roudnev (Jul 14)
- Re: Spyware becomes increasingly malicious John Underhill (Jul 14)
- Re: Spyware becomes increasingly malicious Niels Bakker (Jul 14)
- Re: Spyware becomes increasingly malicious John Underhill (Jul 14)
- Re: Spyware becomes increasingly malicious sthaug (Jul 14)
- Re: Spyware becomes increasingly malicious (let's return to reality) Alexei Roudnev (Jul 14)
- Re: Spyware becomes increasingly malicious (let's return to reality) Brett (Jul 15)
- Re: Spyware becomes increasingly malicious (let's return to reality) Curtis Maurand (Jul 15)
- Re: Spyware becomes increasingly malicious (let's return to reality) Alexei Roudnev (Jul 15)
- Re: Spyware becomes increasingly malicious Alexei Roudnev (Jul 14)
- Re: Spyware becomes increasingly malicious Alexei Roudnev (Jul 14)
- Re: Spyware becomes increasingly malicious Jeff Shultz (Jul 15)