| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: yossarian at planet.nl (yossarian) Subject: Anti-MS drivel Tobias Wrote: > > The fact that people use Windows and Office, proves that they can - basic > > Vulcan Logic. > > No. _IF_ people could use MS Windows/Outlook then things like > Win32/Bagle-A wouldn't stand a chance because people either knew not to > start or couldn't execute attachments from within email clients. The > fact that millions of end users _do_ run email attachments from within > their email clients shows that they _are not_ able to use Windows. It is > the wrong operating system for them. Have you noticed that you can put diesel in a normal car, cause the muzzle at the gas station is too thick? Ask the local garage how often it happens the other way around. Who is to blaim - where are talking product liability here, while most of us are not trained in legal matters - hence the example. And remember - people are required to have formal training to drive a car.... With the laters updates for Outlook, most attachments are blocked by default, and guess what: question No.1 to the helpdesk: how do I turn this feature off? When I drove home after reading this thread, I tried to open the hood while driving - guess what? It does. So things can go wrong when I just push buttons randomly. But only irresponsible and stupid people will do that! Yep, cause if the wind catches the hood it wil fold over the windscreen. Let's sue GM! My car won't even complain when driving in the dark without the lights on. Technically a piece of cake to fix - my former car put them on automatically - and the whipers when it rained, too. But the new one doesn't - my point is that even in car manufacturing with a 100 years experience, certain security features are lacking in new cars. Remember the Pinto? Now the e-mail attachment. E-mail is the killer app, most used PC feature, so this is where stupid people are bound to do wrong. If you block opening attachments they'll save it to their desktop and either call the helpdesk since they can't seem to find the file and start yelling about it, or open it from the desktop. Believe me, i've seen this happen. What do we do next - prevent users from starting executables alltogether? Make a .Pol file so the only executable they can run is winword.exe and outlook.exe? Theoretically sound, but with the reality in many shops that they give local admin to users since the customer is allways right, or some other lame excuse, it won't work. People just clicking everywhere should not be using *any* operating system, or any other complex device for that matter, like a car. Why blame a device for complexity some people can't handle? ANY device? > > The faulty nature does not deter many people from using it, so > > the flaws cannot be too serious. > > A problem is only a problem in the eye of the end consumer if "rien ne > va plus". Only when a PC won't start up again, the end user knows > "Uh-Oh...". > > In the meantime this same virus and worm ridden system has caused major > traffic jam on email servers and made the day on the Internet a hell. Routers choke, servers gasp, let's blame MS, is that it? Let's imagine a worm that propagates using something like older OpenSSH, open FTP directories accepting anon, and samba shares - use buffer overflows in sendmail and apache for effective rights - and CORBA to root. It contains a mechanism for detecting the network lay-out, along the lines of p0f, and a tunneling mechanism for additional payload over a P2P like network, with a TLS communication. And it would trigger at certain intervals ARP flooding to all systems with DNS and BootPS. At the end of the year it would tell intel processors it is a 286. To make the fun bigger it would find the installed certificates on the machine and use it to sign the trojans it installs. Would networks crumble? Servers and routers need special care, for cases such as this one. Complaining about either stupid users or Outlook is not going to change anything - fix your infra. And chop-bloody-chop with it! If you are to build a virus, go for the greater numbers. Worms even more so. So this is what it all boils down to - the risk of the monopoly. And yes this puts a huge responsibility on MS. Maybe we can blame them, but any monopoly on the desktop brings this risk. Since standardisation in OS and applications is corporate policy everywhere, and globalization is real, there will allways be a monopoly on the desktop with all its inherent risks. Maybe not MS's but then some other. And guess what? The next one will be worm and virusridden too That is the reality of being a sysadmin in the 21st century. If you can't take the heat, stop whining, this is a kitchen you know.
Powered by blists - more mailing lists