Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: The Million Dollar Solution

From: oysteivi () TIHLDE ORG (Oystein Viggen)
Date: Sun, 7 May 2000 19:12:07 +0200

Jeremy Speer spake thus:


On one final note, why could we not just create a loader for wscript.exe
that just bings up a popup window that shows that some script is running.
Would you like it to continue? If you are not expecting the script, then
you would click "***NO***". This would at least prevent anyone from having
it run without them knowing. They would at least know that something is
going on.


There is of course the small matter of all those windows users who will
just blindly click "Yes" on anything they aren't 100% sure that they don't
want, and the other half that will just click something at random if they
don't know what is going on.

I used to work in a quite large Norwegian bank where everybody used
Outlook. A lot of the people I know from there would click "Yes" just to
see what would happen. (For example, I once got an incarnation of the
"Good times" virus warning from some people there).

Bottom line is: As long as there are stupid people, the only choice is to
make it "hard" for them to use that stupidity to ruin the day for
others. I therefore would go for the "associate vbs and soforth with
notepad/wordpad" any day. Non-stupid users would find a way around that
anyway...:)

Oystein
Previous By Date Next
Previous By Thread Next

Current thread: