Slashdot Mirror
Shape-Shifting Malware Hits the Web
Stony Stevenson writes to tell us that in a recent interview, Marc Henauer has revealed that security researchers are falling behind now that malware is starting to be able to change its signature every few hours. "Unfortunately the know-how and construction kits used to create this shape-shifting threat are now readily available and are unleashing a wave of malware based on social engineering techniques. [...] Sweeney believes that a non rules-based monitoring process must be set up to defend all ingress and egress points covering SMTP, DNS, HTTP(s), IM etc."
Maybe now we'll stop pretending that glorified versions of grep can keep us safe.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
The slashdot synopsis is longer than the article.
What's the bad news?
The bad news is that all the users with a clue about protecting their PCs get sent spam, adware, crapware and all the other junk that these zombied PCs churn out until Windows does die.
Enumerating the bad is usually a bad idea, since it is to easy to change what is "bad". We enumerate the good with firewalls, why should software security be any different? Distro repository + corperate repository should cover all software necessary, right?
Will we now see true evolution of software viruses?
This is pretty much #1 and #2 in this list of The Six Dumbest Ideas in Computer Security.
If I have nothing to hide, don't search me
Sweeney believes that a non rules-based monitoring process must be set up to defend all ingress and egress points covering SMTP, DNS, HTTP(s), IM etc.
What exactly is a "non rules-based monitoring process?" I thought I had some clue about security procedures, but I'm be hard pressed to describe what such a process might be. Even more importantly, what would it cost to implement? TFA is no help here, consisting of the usual hand-waving about the never-ending arms race between malware writers and the rest of us.
We all know what the most effective solution to this problem would be. Funny how it's never mentioned in any of these articles.
That way they can keep selling you "updated" "signature files" every hour / day / week / month / year.
The correct way to handle this is to set up your system so that the user cannot ACCIDENTALLY execute any external code.
There's no way to solve the issue of some idiot clicking on everything and putting in the root password whenever asked. So don't bother bringing that case up.
For everyone else, lock the OS files so that it cannot be infected and set the user writable portion to not execute any code. There, the majority of that problem is solved.
Then, ship the default installation without any open ports and you've pretty much solved the worm issue.
But that approach means that the anti-virus companies cannot keep selling you new signature files. So don't expect any of them to support it.
Until the people who are putting this stuff out there are seriously and literally beaten either within inches of their lives or to death, this sort of thing will get worse and worse.
These assholes call themselves "marketers." They have gotten away with it for so long, they often call a great portion of this "legitimate business." It's not enough to criminalize this stuff... especially when law enforcement generally has no idea how to prosecute or make a case against any of it.
There should be a series of web sites built that creates a "hit list" of people responsible for this crap. That's where the end of this should begin.
All my posts about malware and virus software for some time have been doom and gloom. Seems moderators don't like that. This is nothing but the tip of the iceburg of what might be coming, and what is probably already in the wild, we just don't know it yet. I could probably think of a dozen scenarios where malware could already be hiding on your equipment, silently waiting to be signaled.
It's possibly in your router's flash by now, or your motherboard's flash, or sitting on a CD or CE player's flash, or an MP3 player. It only has to wait till it needs to start spreading, and be dormant there too, then one day you notice missing files, or there is an outbreak of serious malware globally. Yes, tinfoil hat stuff, but it is possible, and as time ticks on it is becoming more probable.
Nobody wants to believe it, but it is possible. If it is possible, it will only be a matter of time...
Support NYCountryLawyer RIAA vs People
I thought shape-shifting malware was the official business attire of geeks everywhere.
Leave the gun, take the cannolis.
Or am I the only one old enough to remember that brief time when DAME was considered the unholy terror?
You either believe in rational thought or you don't
But there is no way to uninstall Internet Explorer. Sure you can delete the icon, so it doesn't appear to be installed, but it still is always available.
Sleep your way to a whiter smile...date a dentist!
--Mike--
You can remove it, but it's nasty.
1991
Tequila is the first widespread polymorphic virus found in the wild. Polymorphic viruses make detection difficult for virus scanners by changing their appearance with each new infection.
Sweeney believes that a non rules-based monitoring process must be set up to defend all ingress and egress points covering SMTP, DNS, HTTP(s), IM etc."
Its called heuristics and its been in use for a while.
Enjoy,
It's just the normal noises in here.
That doesn't help the situation. If windows goes away, the problem with just migrate to Linux.
Until we get to the point where you can assign permissions to every single program for every single role you expect that program to fulfill, it's not going to get much better.
--Mike--
How would a user be able to install anything then? Malware would just use the regular installation procedure.
Besides, the click-everything user is unfortunately the default and the resulting bot-nets can hurt you no matter how good your security is.
Justice is the sheep getting arrested while an impartial judge declares the vote void.
If you have Internet Explorer on your computer, the OS is a bigger problem.
I don't read replies by ACs.
If you take a snapshot of your harddrive/OperatingSystem, and as long as you don't do anything to change it (no writing to disk anywhere, no launching applications) then take another snapshot a few minutes later and another and another, soon this shape/shifting malware will reveal itself, get enough glimpses of it and a picture will emerge so you will know what to look for then know how to eradicate it from your computer, I doubt the kludge like mcaffee & norton are capable but somebody has to rise to the occasion to build something good enough to do this, it would be worth it to leave your PC alone while some anti-malware runs that can deal with this shape/shifting malware and catch it so it can be removed, or reveal a method & list of files so you can manually remove it...
Politics is Treachery, Religion is Brainwashing
Comment removed based on user account deletion
Public Executions.
public torture and maiming are also acceptable solutions.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Shellcode polymorphism has been known for years. Here's a good article from Phrack on it.
Any AV vendor who isn't prepared for it by now has grossly failed their customers.
All rites reversed 2010
The correct way to handle this is to set up your system so that the user cannot ACCIDENTALLY execute any external code.
and you do that by asking cancel or allow for each app.
I'm pretty sure that deleting all the shortcuts and then putting firefox as the default browser is a way better solution then actually trying to yank IE out of Windows.
The source for the article is "Marc Henauer, head of the cyber-crime division at the Swiss Justice and Police Department." Anyone actually heard of this guy? Doesn't he have more important things to do than make paranoid press releases? Maybe chase down the pirate bay or something?
How about giving the user more choices? You might want to let them run it in a sandbox, or run it without internet access, or chroot it.
If they had a way to express their intent, and actually control how much they give away when they click... it would go a VERY long way towards fixing things, probably 99%.
--Mike--
How many users that just run malware in the first place will use these options? More options won't change the habits of users who aren't security minded in the first place.
Comment removed based on user account deletion
With real OS you certainly mean WinNT right?
'cause UNIX is so 70s
Comment removed based on user account deletion
As long as you can avoid every piece of software that uses IE's integrated libraries and services for its own web access and rendering. Good luck with that.
Really, "iexplore.exe" is the least of your problems. The real evil is in the half-assed DLLs and associated components.
Welcome to the Panopticon. Used to be a prison, now it's your home.
You can remove it, but it's necessary for Windows Update. Not a total loss IMO.
Random Thoughts From A Diseased Mind (Not For Dummies)
Come on mods, this guy didn't even read the parent! I know he has a wikipedia link, but follow the damn conversation!
its easy just cut your internet cable remove all your cd and floppy drives cover your usb ports and bingo no way to ever get infected.
Thinking that using Unix is the solution to getting 0wned is like thinking that heterosexuality is the solution to getting AIDS. The only general solution is education.
As the article states, this malware is all based on social engineering. If you can convince somebody to run a program because it will show them the latest celebrity sex tape, it doesn't matter what OS they're running. Right now it only works on Windows because the malware authors know that they can get 90% of the market by doing only 10% of the work and it's very difficult for virus-type malware to spread when hosts that are susceptible are hard to find. If any other OS took over perhaps 25% of the market, that OS would become a target also.
The answer, of course, is to educate users that they should be very skeptical of offers to view some celebrity sex tape or dancing bunnies, and that they should ignore such things.
The fact that Unix doesn't have many naive desktop users simply means that it gets attacked in different ways than typical Windows machines. Quite frankly, the first worm ever took advantage of the insecurity of Unix machines, and the term rootkit obviously comes from the Unix world.
dom
Good luck with that.
Last I checked, neither my MacBook nor my Linux desktop used a single DLL.Cantankerous old coot since 1957.
What, no VM or Boot Camp?
Anyways, a clever answer, and in the final analysis, the correct one. But, violates the implied constraint of GP's question: While running Windows, how do you avoid using Internet Explorer?
My answer was "not as easily as it seems". Your answer was "mu". Very Zen.
Welcome to the Panopticon. Used to be a prison, now it's your home.
Ok, so we set a cancel/allow feature for every app. that may work for skilled or intelligent users, and most slashdotters would be OK.
The REST of the users out there are not as program/os/security savvy and would tell their PC to allow the app so they can watch that adult video or so they can have that pretty screensaver. They become so trained to just click allow that it defeats the purpose. As a sysadmin and a former helpdesker, I can tell you that the majority of computer users are a bunch of crack-tards who barely understand the mechanics of their machines. They would have no clue if a program asking for access is legit or not.
We as a community CANNOT use ourselves as a standard to base security(or perceived common sense) against. really, just look at society as a whole and ask yourself, do you consider yourself part of the norm, or are they just a bunch of petty, mindless sheep. Look at what they consider entertainment as a clue. Lost and American Gladiator- one gives them excitement and watercooler talk and the other allows them to imagine themselves doing better on those challenges so they feel good about themselves. Fabricated dreams.
What would you say the average slashdotter IQ is and what is the world average?
How amazed would you be to suddenly find that you just forgot what I wrote and you needed to reread my post.... again.
Malware writers go for botnets of puny windows desktop machines because that is low hanging fruit. One decent server with an always-on fiber connection to the net is worth thousands of times more than your dinky little ADSL gaming machine for just about anything that you would a botnet for. You know what the market share looks like on the server side? Most of the biggest and best machines on the net run *nix.
Macs have around 5% market share and are much more likely to be left on and connected all the time. By the market share argument, they should be getting having at least a few folks trying to get in.
You know why they don't? Sane privilege defaults, no activeX and clear separation between user data and and system applications, usually on entirely separate partitions.
Sorry dude, but windows really is just that bad.
That doesn't help the situation. If windows goes away, the problem with just migrate to Linux.
Linux, by its very nature allows and encourages diversity - the structure of the FOSS community means that there will always be various distros and if any particular distro gets overwhelmed by security problems then it's not just possible but easy to switch to a new distro.
Average slashdotter IQ? As measured using a paper test that doesn't involve going out into the sunlight or successfully interacting with an available female?
That's true, but then again safety belts save lives in many cases regardless of the ones who refuse to use them.
In other news:
Sweeney would like to know if you want to try a meat pie. They are very good.
I don't know. Back in the day, IE for Solaris was a pretty decent alternative to Netscape.
And how many users, pray tell, do you think would understand what those options are, or which one to pick for any given program. If your answer is > 1 %, you have a much higher opinion of the average computer user's understanding of what they're doing than I do.
Good, inexpensive web hosting
Seriously: It's like structured code vs assembler.... you can do the same thing in either, in theory. Sounds smart until you read the gp. Just throwing in the name of a couple programming languages is not insightful. written in Redmond or somewhere else The GP never made a comparison between any two methods. This is just pandering to the "well, I like to use the software best for the job, closed source or not" crowd. I realized the difference is subtle, but it's very important. Again, there was no comparison made in the GP
This guy is trying to game the system. Don't let him get away with it.
weirdest thing I ever saw: scientology advertising on slashdot.
I'm not an expert but I thought that that was pretty much what SELinux and Apparmour did.
Every few years the malware comes out newer, shinier and costs about $100-400 depending on if you get the Home Basic or Ultimate versions.
...this is the first step towards a 'solution':
SELinux
Firefox
???
Security for a while
Profit!
Repeat as necessary.
Windows is so blown up, security is pointless.
Better website design/security doesn't help. The nasties will create their own malware sites quicker than you can say 'globals off'. And detection in Windows is pretty much like your oil light on the car dash - 'you are hosed, just letting you know it's bad.'
I'm thinking my wife's next machine is running Kubuntu. Mine at home too. All I need is a way to feed my Windows-based MP3 player, some Windows Media Player replacement, and I'm gone.
Or a Mac. They have a few years before the kids target them.
deleting the extra space after periods so i can stay relevant, yeah.
How about giving the user more choices? You might want to let them run it in a sandbox, or run it without internet access, or chroot it.
If they had a way to express their intent, and actually control how much they give away when they click... it would go a VERY long way towards fixing things, probably 99%.
Have you ever tried Comodo's free firewall or free antivirus???
Both of them use whitelisting / safelists. Anything not whitelisted needs explicit permission from the user before they're able to read/write/delete/create a file or directory or access the internet. These two FREE (as in beer) products literally give you a similar level of control over what runs on your computer.
The Comodo antivirus doesn't work on Vista right now but will soon. Then again, this is Slashdot so we're all running XP right ?!?
For sandboxing, you can use VMWare Server (free as in beer) to generate an image to run in VMPlayer (also free as in beer) which you can then use within Windows. If you get VMWorkstation (not free but well worth it), you can get fine-grained control over snapshotting.
But my Linux desktops and servers seem just fine. And I don't trust my WindowsXP laptop with important data. At some point, there needs to be personal responsibility. In the same way that I need to make sure that the brake pads on my vehicle are in good order, people need to make sure that their software, whatever they choose, is also in good order.
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
.dll = .Framework, .bundle, .dylib,.so
The system runs at ring 0, the local applications at ring 1, the intranet applications at ring 2, the internet applications at ring 3. Thus no malware can do anything, unless there is a bug in the software interfaces between the rings.
Does it work with Windows Server 2003? Most XP products do, it they don't explicitly check that they're unning on XP.
Socialism: a lie told by totalitarians and believed by fools.
If all the Wonows user moved to Linux, then this would no longer be the nature of the community. One distro would rule them all and in the darkness bind them, and the spam would continue unabated.
Socialism: a lie told by totalitarians and believed by fools.
There are some very sane and easy ways to fight these things, and not a single entity (except perhaps tripwire which is out because of how hard it is to use/configure, and java which works pretty well in limited situations) even tries.
We need per-app permissions. This doesn't have to be obvious, but when you install an app, the system needs to pop up a box before a single line of code is run giving options that the software is asking for.
Net access, write to own directory, write to system directories, use APIs to interact with other program, take control of various devices such as the keyboard and screen, communicate over the internet to one host or to any host... The list could be quite long..
But the use would be simple--a box pops up and has checkboxes by the services it needs. I review this and possibly deselect some. It either installs or refuses because it can't run without the ones I deselect.
This seems obvious and not all that hard to implement (I mean, as in compared to as much work as going from XP to Vista, or creating OS X)...
The other thing that would fix a lot of these things--put a bounty on finding & solving new viruii and on hacking into systems.
If you were to "Register" people for these bounties, you could even include a clause that they can be monitored to ensure they aren't the ones creating a virus and that they don't do anything to hurt the public computers they are hacking.
Even something like finding a missing patch in a web server should be worth a few bucks--like a "Ticket". Charge the company $100, pass $50 on to the person finding it, use the other $50 to go towards virus bounties.
For a new flaw that gives access to a common, important device like a Cisco router, you charge the company $300,000 or so, give the finder $100,000, put 100k away and slap Cisco around for a while with the other $100k just for fun.
Another bounty for identifying and disassembling bot-nets. a $30 ticket for the botted computer (Just a warning, really), and a Major Award for the identity of the person running it. Then you take all the money that guy has on hand and split it between the fund and the finder.
This is no more extreme a concept than bounty hunters or the "Consultants" in Iraq...
Actually the arms race may be a GOOD thing. Viruses and spam could be the "key driver" the market needs to force progress on artificial intelligence.
Will Comodo run in Wine? :)
It's true! Just a few minutes ago I was sorely tempted to type "sudo apt-get install shapeshiftvirus". If Linux gets more popular, it's just a matter of time until shapeshiftvirus gets ported to it. Then, assuming the virus is GPLed, Debian will enthusiastically put it into their repository. It'll trickle down to Ubuntu. When that happens, users all over the world are going to choose to install it, type in the installation command, and enter their password.
"Believe me!" -- Donald Trump
You should probably have that ego checked out; it might lead to your head spontaneously exploding if left unchecked.
Uh, you pretty much just described exactly how selinux works.
I hear what you're saying ... Define the list of "good" software, not the "bad", but here's a monkey-wrench at you ...
Define "execute". Are you referring to files on disk being treated as executable code? What about cases where an authorized application is buffer overflowed and patched in RAM? Your suggestions won't stop that. What about code that is interpreted, such as scripts or macros? Noscript for FF is great and all (I'm using it right now), but how many sites are 100% broken when scripts are turned off? We see countless examples of scripts today that can automate delivering a browser exploit, overflowing/patching a valid running browser process' memory and running arbitrary code. Who cares if the browser is sandboxed if everything the attacker wants is already in the browser (e.g. credit card numbers, passwords, etc.)? Don't say "same origin policy" because: A) if the browser's pwned all bets are off, and B) modern web apps (and therefore modern web malware) throw objects from several different domains into a single page in the browser. HTTP & HTML were pretty much designed to defeat Same Origin Policy.
But I agree, it's a separation of code and data problem.
It is definitely the case that metamorphic and polymorphic malware is becoming more commonplace, but there is research being done on how to characterize it and detect it. My friend Qinghua Zhang is finishing her PhD thesis on just this topic. There are lots of open research problems, but we shouldn't pretend that static signature matching is the only solution just because it is the most widely deployed one.
Or, people can use a platform that is immune to these bugs. MacOS has never, in its history, been able to be exploited via a web browser, nor can it be.
Me? I use Ubuntu/Firefox.
Do away with our corrupt tax code. Support the Fair Tax
Ummmm... yeah. Way to miss the point.
Cantankerous old coot since 1957.
I agree in principle, but why hasn't your proposal happened yet?
There are plenty of free anti-virus products around that require you to update with the latest signatures, so money is not the issue. (I know most "free" anti-virus products have a paid corporate version, but what about others such as Clam-AV?)
If people can write free and open office suites, development platforms, database applications, and even whole operating systems, why hasn't anyone written an anti-virus application such that you're proposing?
I'm not a programmer, but I'm guessing it's harder that it sounds.
We know it's nasty, that's why we want to remove it.
"I've got more toys than Teruhisa Kitahara."
Not so. Not with Vista anyway. That's precisely what I did, yet for some reason, from time to time IE randomly opens up to an ad page. AVG doesn't know why, AdAware, Windows Defender (joke), and other programs couldn't figure it out either. I think it started when I installed itunes and quicktime. The weirdest thing is, it seems to occur when they system *sees* certain files, like when explorer opens the folder they are in. I don't know what kind of files though. It's rare and inconsistent, so I can't trace the cause. But without the IE executable, this wouldn't be a problem. I thought about accessing the HD from another computer and replacing IE with another executable, but that would probably brick windows. Oh, the humanity!
The path to enlightenment is truly through homemade drugs!
Then everyone switches to Linux, and WE all get targeted!
What exactly is a "non rules-based monitoring process?" I thought I had some clue about security procedures, but I'm be hard pressed to describe what such a process might be. Even more importantly, what would it cost to implement? TFA is no help here, consisting of the usual hand-waving about the never-ending arms race between malware writers and the rest of us.
He's talking about computer immune systems. Here's a link to an IBM research paper from the top of the Google results for "virus immune system computers":
http://www.research.ibm.com/antivirus/SciPapers/Kephart/VB97/
The basic idea is that computers and viruses are so advanced, that it's time to implement immune systems. Instead of comparing one's system against a large list of fairly static virus signature rules, an immune system could evolve and build the "rule" dynamically as it encounters and interacts with the virus. The semantic ambiguity in the statement is that he's referring to a "rule" as a state-based virus signature. In a "non rules-based system", such as an immune system, there would be behavioral standards, such as "only send out traffic on one port at a time, and send it out consistently on the same port". There might also be structural standards (ie. digital signatures on executable code) or functional standards (i.e. return an application manifest upon request that can be compared to a reference site). If an application doesn't conform to the behavioral, structural, and functional standards, then the immune system has leeway to gobble it up and dispose of it. One might argue with his semantics, and claim that the behavioral, structural, and functional standards in an immune system are also 'rules'. The thinking behind computer immune systems, however, is more along the lines of activation networks and neural nets which implement behavior standards as functional evaluations of code performance, rather than lists of static state-based virus signatures (which are called 'rules' in the jargon).
Put another way, instead of having a long list of 'rules' such as "foo.exe is a virus" or "any file with signature xyz is a virus", there would be standards such as "a process should communicate consistently on the same port and not port hop" or "a file shouldn't try to access certain areas of OS memory if it doesn't have a certain type of application manifest registered to OS developers". Yes, you could call those 'rules' also. But that's not what he's referring to in the article. In the article, when he says 'rules', he's referring to state-based virus signatures. A "non rules-based monitoring process" wouldn't use state-based signatures; instead, it would monitor the behavior of code against performance standards.
(yes, a 'standard' might be considered a "rule", if you want to argue semantics. They just happen to be using the term 'rule' in a jargon-specific manner.)
I never run it. I've only been hacked a few times, and knew it almost right away. It's the ones you don't see that worry me; but if you can't see them, what makes you think the AV companies can see them? Before the AV companies will write signatures for them, somebody has to notice them, and if "noticing them" is automated, then that implies that polymorphism is not a problem--but it's common knowledge that it IS a problem for AV vendors. Besides, you have to *pay* for AV, and it slows your machine down. If you pay for AV and let it slow you, "the terrorists win".
I use XP; but I don't click on "dancing bunny" attachments. I have very tight controls (no Flash, no Javascript, etc.) on all except my trusted web sites (*.goole.com, etc.). I back up data if it really matters to me. If I'm doing nothing on the network and the router starts flashing, I immediately get suspicious and check my processes.
Granted, my approach towards security is not for everybody. I have to be more vigilant; but I don't pay the AV penalty in CPU cycles or $$$, and that suits me just fine.
What I'd really like to see is secure defaults for IE, exploits patched more quickly, and fewer web sites that want you to drop your pants and bend over from a security standpoint. Hint, hint: if your web site wants me to run ActiveX, I am going to go someplace else if I can.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
And by WinNT you mean OS2/Warp right?
A computer once beat me at chess, but it was no match for me at kick boxing. Emo Philips
I think you are right. Now, as in some systems I know they follow the rules, every initiation of a program or transaction is based on authorization of the initiator AND program/transaction (authentication is already done by default - the program is already starting). The execution rights, the database access on field level, the network access, etc are also based on same authorization. Might not help if the person granting the authorizations is totally clueless but might help when the OS asks the permissions for an unknown (to the user) program to access an unknown (to the user) node in network or asks if it is allowed to read your documents, overwrite or rename a program or a library, turn the microphone or the camera on, read or modify the register, to change to supervisory (sorry, root) access, to use a service, to create an executable, to install a hook, etc. If the warnings would be written in clear (and polite) language I think most users would think twice before allowing all that. And once one of the privileges would be disallowed, all the privileges could be taken away from that program or process.
Honestly, I think MS tried that with Vista but took shortcuts and didn't think the whole picture but did it in piecemeal - will not work, too many places, too many products, not very clear warnings, etc, the authorization functionality has to be deeper in OS, totally independent of any program or application. Linux may have an edge but even SELinux, etc are immature, too complicated for a "normal" user. OSX is friendlier but not perfect, needs something like Little Snitch and other add-ons for more control.
Real-life is against your idea. If something is spreading, it will be leaving signatures everywhere. If it is dormant, then it is not spreading, it will be getting old hat, while also _waiting_ will only increase its chances of discovery.
ItÂs not all such doom and gloom, because real-life is against it, here as also in biology. Adding to that, security firms are actively injecting their sandboxes into the wild, to sample the stuff, making detection even easier for most of the stuff.
The only doom and gloom scenario is with inferior security systems such as Windows and Mac OS X (closed, proprietary systems that takes security as a second class citizen instead of a first priority one). Even in Linux, SE Linux, snort, AppArmour etc. are second-class projects, not covering entire distributions. ThatÂs why I call these *NIX-OSes server-OSes, because they fail so miseraby in all aspects on the desktop. They need to outclass Windows and OS X in every aspect, and security can be a top aspect, but not by lulling into the "no-virus" hype. Think encrypted memory and so on. WhoÂs working on that? Microsoft.
You should check your bias towards doom and gloom, because objective study needs to be without any bias. Yes, we can _never_ truly know, but you can quantify to what degree you donÂt know and take your chances. ThatÂs life..
Awwww, did I insult your precious "Lost" or did someone simply piss in your frosted flakes this morning?
It's not an accurate reflection of my ego, it's an observation I made and continuously re-evaluate, secretly hoping that the world will spontaneously get smarter or the general public will suddenly die off but fail to take us with them.
Damn, I guess you are still here, maybe we'll have better luck tomorrow.
How amazed would you be to suddenly find that you just forgot what I wrote and you needed to reread my post.... again.
Right idea, wrong UI. Let it run, by default, in a severely restricted environment - no access to the network (other than possibly one remote address, which is the site from which it was originally downloaded). No ability to access the filesystem outside a private, per-application component. If a process needs more than this, then pop up an irritating box asking for elevated permissions and remember the setting. Make the box look scary so the default response is to click 'no' (and if this happens let the app keep running, but with parts that depend on the elevated privilege fail).
Also, put the warnings in plain English (or whatever the locale is set to). Something like this: "Application %s wants to be able to access your documents. Some applications may need to do this in order to open documents created with other applications, but malicious programs might gain access to your personal data."
If the user wants to download and play a random game, then it can work fine without accessing their documents and (in many cases) without connecting to the Internet. Give an option for an installer to pop up a permissions box for a different application, so users get used to the idea that, for well-behaved applications, the permissions will be set correctly at install time and the correct thing to do when a runtime privilege escalation box appears is almost always to click deny. If the user chooses to suppress the display of these boxes, make the default action deny.
The Java security model is nice from a systems perspective. It lets you allow and deny all sorts of things in a very fine-grained way, but it also lets you reference named policies. If a system included a sensible set of default policies (with sensible names) then an installer could simply request one of these and the user could make an informed decision. If your game is requesting the 'Privileged Network Server' policy instead of the 'Multiplayer Game' policy then you know something is wrong.
I am TheRaven on Soylent News
-- Ed Avis ed@membled.com
You can do this quite easily on Windows.
Start->Run... "gpedit.msc" -> Windows Settings -> Security Settings -> Software Restriction Policies. If there is nothing in there create a new policy, then under Addition Rules create a path rule for your data and download folders. It then becomes impossible to execute anything in these directories.
Locking the OS files and registry is as simple as running as a normal user account instead of admin.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
That beats AARD by two years.
I had a server that ran Windows for a year with no AV or anything and I was not even that careful with it, I would browse the web occasionally and install stuff.
It had ZERO viruses after over a year.
I don't think geeks have anything to worry about viruses if you are careful.
Comment removed based on user account deletion
I meant running XP compared to Vista. Heck if we were talking Solaris, BSD, Linux, etc. we wouldn't be having a discussion on the fact that most major commercial antivirus companies sell a product that is essentially a glorified binary grep.
Clearly the solution is to follow Zimbabwe's lead by outlawing shape-shifting.
https://www.eff.org/https-everywhere