North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Spyware becomes increasingly malicious (let's return to reality)

  • From: Alexei Roudnev
  • Date: Thu Jul 15 02:54:56 2004

Ok, let.s return to reality (sorry for moving this thread into the OS
related flame).

First of all, even if OS have not any caveats, it will not protect it from
spyware/adware. if I want to install my 'Cool-Search' into million of
computers, all I need to do is to write fancy game, and offer it 'free of
change' in exchange of 'Allow to show you ads once / day'.
That's all - you will have everything installed explicitly.

But 'hidden' installation makes it much more easy for spyware, and is (in
general) a very big evil. System must distinguish between 'USER' mode (use
applications but do not change system behavior) and 'INSTALL' mode
(install/delete/add software, processes and so on). In many cases, system
must ask password to do any such action. (If you know MS, you can image
which nightmare is to implement it -- I worked with IDS such as Osiris and
had a fun, guessing what system decide to change today. But it is not a
problem in most other OS).

Second, but even worst, problem is absense of ANY system interface showing
you, what is starting, stopping and running. It is not any problem to remove
spyware, from common point of view - just open 'list of running processes'
and 'Startup list' and uncheck everything you do not want to see. Problem -
such interface does not exist, is not possible because of complexity (there
are milluions ways of starting anything) and can not trace a history of
processes (because of, again, extra complexity, unlimited usage of 'classes'
and 'objects' and 'pluginns' and 'toolbars' and so on). Anyway, good 'change
history' system could easily revert such changes back so that instead of
very complex 'adaware' scaners we will have just 'change history, revert ?'
button.

Third is more easy for ISP - if we can not fight with bad software, fight
whith those who got a profit using it. For SPAM - ok, there is not ANY way
to stop sending spam (fort now), but any SPAM advertices someone, and this
someone is always 100% identified - so fight (limit, flood by calls,
overload by false information, etc) SPAM benefitiants, learn them do not
purchase 'We will send your advertice to 10M people over the world'. The
same in case of adaware. For spyware, fight those who receive information
back - by any way.


----- Original Message ----- 
From: "John Underhill" <[email protected]>
To: "Niels Bakker" <[email protected]>; <[email protected]>
Sent: Wednesday, July 14, 2004 1:12 PM
Subject: Re: Spyware becomes increasingly malicious


>
> Ok.. but has BSD been attacked on the scale that MS code has? I would
argue
> no, not even close. Do you believe BSD is invulnerable to attack? Hardly..
> Unless you want to go back to text based browsers and kernals that fit on
a
> floppy, it is extermely difficult to eliminate all vulnerabilities in the
> code of a sophisticated OS. The more complex the system, the easier it is
to
> break, and with the level of automation currently expected by most users,
> this requires a very complex build.
> Could MS be made more secure, of course. Do I think they are actively
> working on the problem, yes. If Novell or Mac had risen to the top of the
OS
> heap, would they be catching all the viruses now? I think they would.
> Really, my point was not to argue this, but that there is no justification
> for malicious code, that you can't simply pawn it off on MS as being the
> real problem. By doing that, you are saying that people creating spyware
and
> viruses are not culpable for their actions, that they should be allowed to
> create havoc and destroy systems, because really they are only leveraging
> 'features' built into the operating system.
>
>
> ----- Original Message ----- 
> From: "Niels Bakker" <[email protected]>
> To: <[email protected]>
> Sent: Wednesday, July 14, 2004 3:31 PM
> Subject: Re: Spyware becomes increasingly malicious
>
>
> >
> > >> Sorry, it was a _technical_ question - is MAC OS known as having
pests
> > >> and ad-ware in the comparable numbers (if any)?
> >
> > * [email protected] (John Underhill) [Wed 14 Jul 2004, 19:45 CEST]:
> > > This is spurious logic. You are suggesting that Mac is a more secure
> > > operating system, and I would suggest that it is probably far less
> > > secure, because it has not had to withstand years of unearthing
> > > vulnerabilities in the code.
> >
> > It has.  Darwin is based on years of development in BSD code.
> >
> >
> > -- Niels.
> >
> > -- 
> > Today's subliminal thought is:
>