Slashdot Mirror
Computer Security Still Totally Inadequate
Several news sources are running articles detailing the lack of computer security on all platforms. Symantec foretells a dark future for Firefox and Mac users describing their security as a "false paradise". Kernel developer and Red Hat fellow, Allan Cox stated in his recent interview with O'Reilly that "even the best systems today are totally inadequate". He goes on to say that "We are still in a world where an attack like the Slammer worm, combined with a PC BIOS eraser or disk locking tool, could wipe out half the PCs exposed to the Internet in a few hours," Cox said. "In a sense we are fortunate that most attackers want to control and use systems they attack rather than destroy them."
Nevermind RTFA, did you even read the summary?
"Symantec foretells a dark future for Firefox and Mac users describing their security as a "false paradise"."
I hate that. I've fixed more people's computers by simply removing these crappy security suites than I ever have needed to fix viruses and hacks. A firewall, reasonable use restrictions (not installing Chinese software cracks), not using IE/Outlook, and running an occasional anti-virus anti-spyware scan are plenty.
If you need more then switch to Linux.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
This, in fact, should reduce the IE's attack surface several-fold.
.VBS/.JS script stored on the local machine (which is trusted to do anything anyway), yet a lot of MS and third-party components is in CATID_SafeForScripting for no reason at all.
n /fq99-032.mspx n /fq99-037.mspx n /MS02-055.mspx n /MS02-065.mspx n /ms02-055.asp n /ms03-038.asp n /MS03-038.mspx e chnet/security/bulletin/MS03-038.asp
... and many-many-many more of these holes (just search for "kill bit" with the quotes)
MS has made a huge mistake when IE 4.x-6.x relied on CATID_SafeForScripting/CATID_SafeForInitializing COM component categories to make decisions whether it's safe to use the COM component from a JavaScript/VBScript.
CATID_SafeForScripting is not needed when the COM component is accessed from a stand-alone
IE has a kill bit feature which allows disabling certain scriptable COM components based on their GUIDs. And most IE security fixes are, in fact, just registry updates adding more of those "kill bits".
Examples: http://www.microsoft.com/technet/security/bulleti
http://www.microsoft.com/technet/security/bulleti
http://www.microsoft.com/technet/security/Bulleti
http://www.microsoft.com/technet/security/Bulleti
http://www.microsoft.com/technet/security/bulleti
http://www.microsoft.com/technet/security/bulleti
http://www.microsoft.com/technet/security/Bulleti
http://www.microsoft.com/technet/treeview/?url=/t
throw new SuccessException("Sig read successfully");
Number of PC viruses in 2004: 30
Number of Mac viruses ever:26
Do the math. Oh, and most of the stuff that SAM flagged...
MS Word macro viruses: 533
Sources:
Mac Viruses by the numbers
30 PC viruses played havoc in 2004
Check out my sci-fi/humor trilogy at PatriotsBooks.
First I saw them talking about Mac... then I thought well - it's BSD based now, which has been around practically forever.
... not "hack into" and "gain")
Then I saw them mention a root kit for OSX and wondered to myself what good that would do without actually having a way to gain control in the first place.
(See definition of rootkit from wikipedia: "A root kit is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes."
Note the words "after cracking" and "maintain"
Sounds like a bunch of malarky disguised as solid information to scare people who aren't aware of more advanced computer concepts.