Interesting People mailing list archives
IP: Re: MS strikes yet again and again at security PAY ATTENTION
From: David Farber <dave () farber net>
Date: Sat, 31 Mar 2001 01:38:37 -0500
From: "Steve Wolfe" <swolfe () codon com> To: <farber () cis upenn edu> Subject: Re: MS strikes yet again and again at security PAY ATTENTION Date: Fri, 30 Mar 2001 17:47:30 -0700 X-Mailer: Microsoft Outlook Express 5.00.2314.1300"Such aprogram," Microsoft said, "would be capable of taking any action that the user himself could take on his machine, including adding, changing or deleting data, communicating with web sites, or reformatting the harddrive." Of course, the greatest danger is not that someone will format your hard drive, or look at your documents. While it would be very annoying, the real danger is that the malicious person will use the opportunity either to directly install a "back-door" onto the computer, or to degrade the machine's security in order to install the back-door later. Once the back-door is installed, the malicious person can then use your computer for further malicious deeds whenever he sees fit, not just when you visit their site. Back-door kits are easily accessible, and often require very little expertise to install. A recent article profiling the average day of a cyber-criminal (http://www.msnbc.com/news/550567.asp) involves nothing more than setting up a quick web page to accept credit cards for entrance to a fictitious web site, and sending out spam to attract unknowing visitors, particularly preying upon those who are new to the Internet. The technique only needs to be modified to execute the back-door installation instead of (or even in addition to) accepting the credit card payment. steve
For archives see: http://www.interesting-people.org/
Current thread:
- IP: Re: MS strikes yet again and again at security PAY ATTENTION David Farber (Mar 30)