Fwd: SF new column announcement: Microsoft Anti-Spyware?
From: Caeser Augustus (caeser.augustus_at_gmail.com)
Date: 01/10/05
- Previous message: JM: "Re: Source Port 0 Host Sweep"
- Next in thread: Sebastian: "(WAS: Re: Fwd: SF new column announcement: Microsoft Anti-Spyware?)"
- Reply: Sebastian: "(WAS: Re: Fwd: SF new column announcement: Microsoft Anti-Spyware?)"
- Reply: Christos Triantafyllidis: "Re: Fwd: SF new column announcement: Microsoft Anti-Spyware?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 10 Jan 2005 10:35:02 +0530 To: security-basics@securityfocus.com
Here's my 2 cents:
Nothing really is unexploitable if you try hard enough.
If by some real chance an average user in the world was using Linux,
you can be sure that people who make spyware would have made it for
that platform as well. It's just isn't plain business sense to do that
as of now.
And really, I heard so much hohum about MS's security record. OK I
understand that MS maybe not into security that much till very
recently. But when they did (SP2) this is what I see happened:
1) The average user : feels good about security but is confronted by a
learning curve. Whatever it is, but I'm sure that an information bar
is easier to configure than a hosts file.
2) The IT guys shout: "Don't install it".
- It breaks stuff.
- It's got security issues( My companies IT policy )
- Not stable.
I'd say Hello. Wake up. Just because you're incompetent enough not to
know about it, you term something bad. I mean a sheer amount of IT
staff that I've knows is just point and click types. Boot off the CD
Press enter thrice, click next next next, when you get password box,
type admin or password and lo behold, you have Windows 2003 running.
I'm not saying all are like that. There are serious professionals(btw,
i'm not) who DO this job. Bust most aren't.
3) The crackers: It's got holes: it's exploitable. I think: off
course. Everything is. Including the Linux Kernel. That's what makes
this field fun.
I'm sure, given enough motivation (read money), you can have as many
spyware as you want for Linux/Unix/Freebsd whatever. It's just that
not most of supridentdents/Operations
Managers/Nurses/Clerks/Executives/Sales Executives/Accountants who
sits at his office/SOHO desk reading mail, does it on Konquror (even
though it's free). So, no spyware.
And oh, all this may be localised to India only, I dunno. But I have
worked for an International Support Center, catering to THE average
and the Admin level american/uk computer user. And that was the
impression I got.
On Fri, 07 Jan 2005 13:47:55 -0700, Kelly Martin <kel@securityfocus.com> wrote:
> Matvei Kliuchnikov wrote:
>
> >From the article:
> >
> >"because it's holes in Microsoft's operating system that built the
> >entire spyware industry to begin with"
> >
> >That's just plain wrong. Spyware, by it's nature, is installed along
> >with other applications that the user manually installs. Download
> >KaZaa, for example, and you'll find that several other "spyware" apps
> >are installed along with it. This has nothing to do with security
> >vulnerabilites.
> >
> >
> You should really do a bit more reading before making such a definitive
> statement. Only a portion of spyware is installed this way. Most of the
> time the inclusion of spyware along with a legitimate application is
> clearly indicated in the user agreement, but these click-through
> agreements are rarely read and thus, the users gets a little more than
> he is expecting.
>
> A huge amount of spyware gets installed in an entirely different way,
> however, and has everything to do with vulnerabilities and/or unpatched
> machines. I'm referring to bits of code that are installed without a
> user's permission, just by visiting a website -- via security problems
> with ActiveX, Javascript, JAVA, and unpatched vulnerabilities in
> Internet Explorer. There are many, many examples of this. Have you never
> seen a .DLL downloaded while visiting a website using IE? What about the
> users that you support? It's pretty hard to surf the web nowadays using
> IE without getting some kind of spyware.
>
> Things to watch for:
> - has your browser's homepage been hijacked?
> - do you see any unwanted toolbars in IE?
> - do you see unwanted pop-up windows when you start IE?
> - are you unable to reach Google.com or Yahoo.com, and get redirected to
> another search engine instead?
> - is there a trojan or keylogger reporting statistics about you back to
> another location
> - [the list goes on, and on...]
>
> >Obviously, Microsoft has a shoddy record of security problems, but
> >don't confuse the issue and continue spreading FUD.
> >
> >
> >
> I can recommend that you read up on CoolWebSearch as an excellent
> example of nasty spyware that is *not* user-installed, and does in fact
> attempt to exploit vulnerabilities. There are many others.
>
> Regards,
>
> Kelly Martin
>
>
- Previous message: JM: "Re: Source Port 0 Host Sweep"
- Next in thread: Sebastian: "(WAS: Re: Fwd: SF new column announcement: Microsoft Anti-Spyware?)"
- Reply: Sebastian: "(WAS: Re: Fwd: SF new column announcement: Microsoft Anti-Spyware?)"
- Reply: Christos Triantafyllidis: "Re: Fwd: SF new column announcement: Microsoft Anti-Spyware?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
