lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20050111190917.GB2295@specialk>
From: fd.lists.dmargoli at af0.net (Dan Margolis)
Subject: Microsoft AntiSpyware: Will it be free and
	Vulnerable

On Tue, Jan 11, 2005 at 06:51:16PM +0100, devis wrote:
> Buahwuahwuahwuawa ... you have to be gullible to think that M$ will not 
> NOT cash on their own slack coding.  

I'm confused. Are are you saying that "slack coding" by Microsoft is
responsible for spyware/adware? Seems a bit of an odd interpretation.
Here's mine:

- It's very, very difficult to prevent people from voluntarily
  installing spyware on their own systems. There's no way to write a
  heuristic that can distinguish between an application that accesses
  the 'net on a regular basis for spying and one that does so for, say,
  monitoring a buddy list or checking for mail. 

- You can certainly whitelist applications, but this would prevent
  useres from being able to install obscure shareware apps, custom apps,
  etc. 

- Were MS to restrict access to their API in order to prevent spyware
  makers from doing obscure tricks with the registry and whatnot, they'd
  be accused, quite rightly, of anti-competitive tactics. 

Certainly some spyware results from poor restriction of web controls or
something--I don't know the details, as I don't even use Windows--but
I'd bet you the vast majority comes from users installing stuff they
shouldn't--Kazaa, Snood, whatever--or from users clicking "OK" on banner
ads that promise to speed your Internet connection. 

Much of the same goes for e-mail worms: so long as a user has permission
to execute untrusted code and so long as that user has permission to
send code to other people, he is easy prey for e-mail born worms. 

So, here's the question: does most spyware exploit some actual bug or
design flaw? Or does it just use the user's gullibility? I suspect the
latter. 

Flame on. 
--
Dan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ