Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups)

[Rich Kulawiec <rsk () gsp org>]

On Mon, Oct 19, 2009 at 01:07:16PM -0700, chris () blask org wrote:
> As far as dealing with pre-infected machines, a strong-auth that
> required the user to do something (like swipe a finger) prior to using
> email could stamp a message as being highly likely as having come from
> a human and therefore of higher priority than something that could have
> been produced by a robot.

What's to stop the new owner of that system from stashing the results
of the swipe and using them at will?

Or more conveniently, just disabling the strong auth code?

There's no reason to expect a compromised system to run ANY code that's
placed on it.  You can't defeat this as long as the OS that's running
isn't under your control any more.

Incidentally, one of the things that I expect to see Real Soon Now,
given all the progress in virtualization, is malware that sandboxes
the former owner of the system into a nice, clean, virtual system and
goes through some trouble to run AV code that ensures that environment
is infection-free.  The user will of course be told "your system is
infected", will duly run whatever AV program they have, get back the
"system is clean" output...and that's when the real fun starts.

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.