Slashdot Mirror
The Desktop Security Battle May Be Lost
Trailrunner7 writes in with a Threatpost.com article that begins: "For years, security experts, analysts and even users have been lamenting the state of desktop security. Viruses, spam, Trojans and rootkits have added up to create an ugly picture. But, the good news is that the desktop security battle may be over. The less-than-good news, however, is that we may have lost it. Jeremiah Grossman, CTO of WhiteHat Security, said Thursday that many organizations, particularly in the financial services industry, have gotten to the point of assuming that their customers' desktops are compromised. And moving forward from that assumption, things don't get much prettier." It goes on to speculate about home routers being targeted and infected.
The Desktop Security Battle May Be Lost
No, you must have hope! We just need to hold them off a little longer until Gandalf the White Hat shows up on Shadowfax Machine.
My work here is dung.
... fall into the sea, eventually.
customers' desktops need to use GNU/Linux.
That was a great piece of investigative journalism. Banks have accepted that all their customers are infected and gawd knows that every last home router is insecure. So not only are you infected but you don't even know it. Run for the hills.
Does any one remember WinNuke and 95, 98.a, since then it's been a joyride, cDc with back orifice. There will always be methodologies to penetrate microcomputers as long as an incentive exists. The only way to win this 'battle' is to remove the user from the equation; We all know this won't be happening... so live ignorantly and make do with your computer in some state of fault. Happy surfing!
Of all the things I've lost; I miss my mind the most. - Mark Twain
They'll just use it as an excuse to sell 'identity theft' insurance and dump more
liability onto the customer. Their security isn't much better. PCI specs aren't
nearly good enough and evven if it was it wouldn't matter considering the way they
handle data security. Using regular post to send CDs of customer records unencrypted,
laptops lost and data breaches. Chip and Pin is a joke. Contactless transactions are worse.
They really dont care as long as it doesn't cost them much and they can dump most of the liability onto us.
...unless you buy my new product!
The Year of Linux on the Desktop(tm) is just around the corner!
Of course we lost it.
If it is a truism that DRM is futile because it will always be defeated, then it is also a truism that Security is futile because it will always be defeated.
There are things you can do to "keep the honest people honest", but there is little you can do against those who are determined to do bad things.
A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
> ...many organizations, particularly in the financial services industry,
> have gotten to the point of assuming that their customers' desktops are
> compromised.
They should have been assuming that all along. They should assume it even if only a tiny fraction of their customers' desktops are compromised.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
of this alarmist drivel is that there are only 2 adds on the poster's page.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
emerge -s virus
Searching...
[ Results for search key : virus ]
[ Applications found : 0 ]
And what do condoms have to do with computer security, anyway?
(ducks for cover)
A republic cannot succeed till it contains a certain body of men imbued with the principles of justice and honour.
there is little you can do against those who are determined to do bad things.
Or against those that are determined to do stupid things, regardless of warnings and education on the dangers.
Remember to maintain your supply of
If it is a truism that DRM is futile because it will always be defeated, then it is also a truism that Security is futile because it will always be defeated.
What? No.
DRM can always be defeated because of its design. If I lend you the key to my apartment so you can go in and borrow some sugar or something, there's nothing I can do to stop you from cleaning out my apartment and skipping town. But to claim all locks are futile because of that is just retarded.
DRM can always be defeated because the "attacker" is exactly the same as the user, and you're already giving them everything they need. That is a system which is fundamentally flawed. Real security is where you don't give the attacker your keys, passwords, etc.
It is theoretically possible to build a completely secure system, from a technological standpoint. The vulnerabilities are either physical weaknesses (you could just run off with my laptop) or people. There are also vulnerabilities from sloppy coding, but these have very little effect against users with good security habits.
Sure, it may never happen, but if so, that's because we'll always make mistakes. A completely secure DRM scheme is actually a logical impossibility, even if no one makes any mistakes.
Don't thank God, thank a doctor!
Don't use Windows. Was that so hard?
I am not saying that all other operating systems are perfectly secure by default or that they are invulnerable, but windows is absolutely insecure. We have to face that truth.
Microsoft's security record is laughable. And I'm not even talking about particular exploits, bugs can be fixed, I am talking about design. Windows is designed to be insecure. Security was never really taken seriously at microsoft. There are countless techniques to escalate permissions on just about any win platform (Including windows vista and 7). And this are not obscure and complex vulnerabilities. This are simple 50 lines executables that allow you to escalate any process you want with a few clicks.
Just take a look at any of their products, either server or desktop, and their security record will be worse than any competitor. Exchange, SQL, IIS, Explorer, Windows, Office. They allow script execution in crazy places (like a simple text document or spreadsheet).
Windows is insecure for a very good reason: Because there is a huge industry that developed around fixing windows, that industry is so big that it has become the main tool of customer loyalty that microsoft has. Millions, from huge Antivirus companies, to overstuffed IT departments, to your average computer repairman base their economy on Windows flaws. Those guys love windows and all its flaws. I've actually had people telling me "Well, I know it's a piece of crap, but it's what keeps people coming to my shop again and again". Not to mention the computer retailers. Imagine the fall in Dell stock if people didn't have to buy a new computer every 2 years just to run the latest OS? A friend of mine has am iMac from 2001 running the latest OSX. And it runs amazingly well ... If people knew they can run a blazingly fast 3D desktop on an 80 dollar atom-based mother+processor combo, newegg would die.
So, no, we didn't loose the security battle, Microsoft won the marketing one.
WTF am I doing replying to an AC at 5 A.M on a Friday night?
No, I think you misunderstand. DRM is literally futile, in that unless you're playing something on a black box to which you have no access beyond basic input, it will be possible to break it. There is literally no way to do what they want to achieve.
Security is technically possible, and isn't really that hard to achieve on a simple level. The difficulty comes in with the added complexity needed to make systems more usable. It's ridiculously difficult, but when a system is built properly and accompanied with user training and users that know what they're doing, you can get pretty damn secure.
DRM is futile because customers need to have the 'secret' deciding key inside their machine to see the content. Combine this with a PC where you can look into the RAM and mess with it and you've got fail with a capital F.
Security isn't a product, it's a process. The problem isn't the security it's getting ordinary people to follow the process.
No sig today...
We need to assign responsibility to those who can do something about it.
Every day, my firewall emails me a list of port scans against it, sorted by IP address. Most days that list is just under 100 different IP addresses scanning me, some days it is in the thousands of IP addresses - from all over the Internet (i.e. not just local addresses). This is on a residential DSL connection that offers no services to the world, isn't linked to by any web sites, and does not respond to any unsolicited traffic.
It seems reasonable to assume that most if not all of those IP addresses represent infected machines. Were there some way to get them shut down, imagine how much cleaner the Internet would be. However, there IS no way to do so: the ISPs hosting those machines don't provide any meaningful or automated way to report them, there is no way to contact the owner of those machines, so they just keep on spewing and infecting the rest of the system.
Nor will ISPs ever provide an automated way of reporting such machines as things stand now: a reporting mechanism is an internalized cost, and there is no reason for an ISP to internalize that cost when they can externalize it to the rest of the Internet.
This is one of those rare cases where "there ought to be a law" is a reasonable response: were ISPs required by law to investigate abuse reports and disconnect infected clients until those clients are cleaned up, the number of infected machines on the Internet would be reduced, the profit margins of the bot-herders and spammers wiped out, and the system would clean itself up. However, such a law would be fought most vigorously by all ISPs precisely because it would be internalizing a currently externalized cost, and it would be worth vastly more to ISPs to prevent such a law than the cost of lobbying against it.
(NB: "repeatedly submitting false abuse reports" is itself abuse, and should also result in the source of the false reports being shut down).
"Trojan/Worm/Virus" credits, anyone?
www.eFax.com are spammers
I disagree. Even working at a university, it completely depends on how you run your show. The department I'm part of has a border firewall, client firewalls, no one runs as administrator, antivirus, spyware, malware checkers are run on a regular basis. More important than any of those: we spend time to educate our users on security. They know what to avoid in terms of phishing scams, never to give out passwords to anyone, what to look for before you click on a link in an email (or even a website), etc.
To say the desktop war has been lost because the company you talked to has sucky IT and suckier IT clients...is just dumb.
It's simply a matter of convenience. There are several ways to make online banking completely secure. For instance, the bank could distribute Live CDs/USBs with a bare linux system and a browser. You want online banking? Wait for a minute or two, then login through the browser presented. Problem is, no one would put up with such inconvenience. WE WANT ACCESS RIGHT NOW!!!! Waiting for two minutes is unthinkable... Ultimately, you're right - as long as there are users, there will always be security problems, although the solution is 2 minutes away. We are just so fucking impatient :)
I hope that was a joke. Terrible analogy. Let's think for a moment what would happen if we dropped all security measures in place today. I mean all (drop all firewalls, disable all spam filters, anti-virus, encryption, etc.). The Internet would collapse in a matter of seconds. Emails becoming completely unusuble, the remaining PCs infected, servers rooted, websites defaced... Now imagine what would happen if we suddenly dropped all DRM schemes. Nothing.
This sort of FUD is in the best interest of those who sell "Identity guard" style products/subscriptions.
-- if you mod me down, I will become more powerful than you can possibly imagine
The practice of using a single privileged account for everything - banking, reading slashdot, downloading porn - may be doomed, and about time too. But I still think there's hope for using a single piece of hardware and a single network. Even if it comes down to using not just separate accounts, but separate cores, for play and work. Last time I looked (a while back) some CPU manufacturers were adding features for process separation but the OS had not yet implemented support. End-to-end encryption should protect your data in transit, if not your usage pattern, though there a a few things to fix in SSL implementations to prevent MITM.
I agree with you, but I think a better analogy to PC security is hiring a chauffeur to drive your car. Suppose you tell him to drive to a bad part of town so you can check out the russian porn sites, but don't lock your doors. While you're away somebody opens the car, clubs Jeeves over the back of the head, steals his uniform and pretends to be him. When you get back to the car, you sit in the back seat and tell him where to go and don't really pay attention to the fact that now he has a mustache and speaks only Nigerian.
If you'd had locks on your car (and if you'd avoided the bad parts of town) then you'd be ok. However, because you went to foolish places and didn't take precautions, it's no surprise that next time you tell Jeeves to take you to the bank, you get taken for a ride in more ways than one.
Scientists point out problems, engineers fix them
altslashdot.org: The future of slashdot.
You mean, in our tidy little world of 1s and 0s, where bugs don't exist, computers work perfectly, just like how Hollywood portrays them? Time to come to grips with reality. The World Isn't Perfect (tm), film at 11. People will continue to get pwned on their computers, just like how convenience stores will continue to get robbed, and how funds will be embezzled, and assets seized by a coup, and on and on.
body massage!
I know that it's a sacred tradition to regurgitate fanboy oneliners without thinking, but in this case
1. it was even in the summary that by now even home routers are targeted by the asshats. I fail to see how a hardened Linux PC helps there.
2. Actually, it seems to me like most zombie PCs nowadays don't come from port overflow attacks any more, but because of users clicking on spam links, re-entering their bank password on some www.i-pwn-you.ru site (fictive address for example sake) because the email told them to, and installing crap.
I'm not sure how Linux would help there at all. You do know that you can download and install rootkits for Linux too, right? In fact even the term rootkit comes from the Unix world, not from Windows. What's to keep an asshat from making their rootkit masquerade as a cutesy Linux screensaver instead of a cutesy Windows screeensaver?
If user clue remains a constant, meet the Clueless family, a white suburban family whose only knowledge of computers is that the nice guy at the shop said they need the most expensive one: you'll still have Joe Clueless opening executables he received in spam mails. And his wife Jane Clueless confirming her Paypal and eBay password the fourth time this week alone, and none of them was on paypal.com or ebay.com. And downloading and installing some piece of spyware masquerading as some cutesy utility or casual game. And their son, Timmy Clueless installing what some dodgy site told him is some hack to see through walls in Counter-Strike. And of course it needs to be installed as root, in fact as a kernel module. So punkbuster (or equivalent) can't detect it, you know? *nudge* *nudge* *wink* *wink* Know what I mean, eh?
Just as they're not deterred by Windows popping up a big fat windows asking them if they really want to install stuff, they won't be deterred by whatever hoops your favourite Linux distro makes them jump through either. If they have to su -, they'll su -.
End result: they're still pwned.
A polar bear is a cartesian bear after a coordinate transform.
I know this because I got a message saying my antivirus was out of date and that I needed to install an update. I simply clicked the link, gave them my credit card number and I'm safe now. I even have a cool new homepage.
The Kai's Semi-Updated Website Thingy
The battle isn't winnable, not without a significant world wide crackdown on rights and liberties.
Using that logic to say we shouldn't fight the battle at all is fundamentally flawed though. It's akin to saying that the battle against murder, rape and kiddie porn isn't winnable and should be given up. Human nature cannot be changed, we've spent countless thousands of years learning and relearning that lesson when we forget what history has taught us before.
Just because human nature cannot be changed does not mean that we give up on protecting ourselves. You don't play to win, you play because you can't afford to lose.
We should assume compromise when we are building security into networked systems.
Anything less would not be diligent in proactive security. And security is always best when it is proactive, and not reactive.
And while it is inconvenient and even possibly insulting to those of use who have decent control over our system(s), we shouldn't base what we do upon our own security, we should be looking towards the weakest link and assume that it does and will continue to exist, and that is a vector for attack.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Quitters never win.
Winners never quit.
But those who never win and never quit
are idiots.
-- despair.com
Other countries seem to be realizing that's it's a much more winnable battle if home users aren't in an MS environment. Isn't this EXACTLY why the Canadian bank recently started handing out Linux Live Boot CDs for their customers to use when banking from home?
I think this is the article http://linux.slashdot.org/story/10/03/25/2350236/Can-Ubuntu-Save-Online-Banking
Yes, any halfway competent organization can secure its workstations. It's not that hard to form and enforce reasonable policies that keep the receptionist's system clean.
But when she gets home, there's no organization backing her up. There is no policy or IT support beyond (maybe) some Indian call centre who's first priority is getting her off the line ASAP. It's fair to assume her desktop at home has been compromised by anyone with the inclination to do so.
Relevancy Check here.
We are interrupting the scheduled Windblows/M$ bashing documentary with the news and weather report from the land of TFA:
Botnets are starting to target and infect routers and DSL modems. Scary, and a possible trend. Think about what this could mean. Should this problem become pervasive, it won't matter if PCs are disinfected, swapped out, or replaced with iPads, the bad guys are still control because they own the network below. They'll own DNS, the routers in between, and so on. There is effectively little defensive countermeasures to protect home routers and DSL modems, which are not exactly secure to begin with, or detect if they've been compromised.
These are all reasonable assumptions based on real-world attacks that have been going on for some time now. Attackers have been targeting home networking equipment for a couple of years, using a combination of vulnerabilities in the firmware and hardware to get control of home users' outbound Internet traffic. It's an increasingly effective strategy for attackers looking to get control of large numbers of systems, without having to re-infect them regularly.
That was Relevancy Check with news and the weather.
Now we return you to your scheduled blind worshiping your favorite non-M$ OS and Windblows/M$ bashing documentary.
Mit der Dummheit kämpfen Götter selbst vergebens
Now that HP has open sourced it's Polaris virus-safe computing project.
Higher Logics: where programming meets science.
You are not advocating that people stop downloading Russian porn are you? Because that is just crazy talk!
If I were God, wouldn't I protect my churches from acts of me?
Attackers have been targeting home networking equipment for a couple of years, using a combination of vulnerabilities in the firmware and hardware to get control of home users' outbound Internet traffic
So, regardless if you have Windows, Mac OS or Linux; you could be fucked.
It looks like an attacker can put code in your router's firmware that sends all your traffic through their computers and they sniff it and get your passwords to you bank accounts.
And there are other exploits.
RIP America
July 4, 1776 - September 11, 2001
We could start, by throwing the book at money mules. Anybody who's busted gets 5 years in the slammer for fraud, and paraded on the 6 o'clock news.
The failure to vigorously prosecute money mules is the big elephant in the room at the moment.
One thing I loved about the ThinkNIC I set up for my mom so many years ago was that it was impossible to break. It booted from read-only media (a CD) so I knew that mom could never screw up anything in her computer permanently. The worst possible crash could be fixed by just turning it off and back on.
With so many folks pushing "cloud-based" solutions for, well, everything - Why hasn't something like the ThinkNIC come back?
A little box with any sort of read-only memory could hold all the programs most users will ever want. Make that memory in the form of some sort of plug-in card, and the entire machine would be easy to upgrade. (ThinkNIC used to send out new CDs with the latest versions of their setup.) It would also be easy to fix if a security problem were found; just mail out a new SD card or whatever.
Banks could advertise "Real Security. Because we care." They could give away a small computer to customers with the promise that said little box would enable streamlined access to their accounts, all while doing nearly everything an adult could need from a computer.
There's a kernel of a good idea in there, somewhere. I'm not the entrepeneur to make it into a business but I'm wondering why I don't see anyone trying?
I never seem to have these problems. Is there some weird, vulnerable OS out there that a lot of folks are using?
there is little you can do against those who are determined to do bad things.
Or against those that are determined to do stupid things, regardless of warnings and education on the dangers.
I've always thought it would be a great idea for the state law enforcement agencies to look for e-mail addresses the same way spammers do. Then send fake phishing e-mails to those addresses. If a user responds favorably or goes to the phishing site, apply a court order requiring that the user is denied Internet access for six months. The justification is that their stupidity creates botnets and enables spam that harms many other people and reduces the overall quality of the entire network; therefore they should be held responsible for it.
While I don't normally want the government to find new ways to get involved in things, this one isn't so bad because it requires the active participation of the user. If your e-mail address is already out there, one more phishing attempt is a drop in the bucket. Other than one additional e-mail, anyone with sense enough not to respond to phishers would not be affected by this.
It is a miracle that curiosity survives formal education. - Einstein
t is theoretically possible to build a completely secure system, from a technological standpoint. The vulnerabilities are either physical weaknesses (you could just run off with my laptop) or people.
Err, that someone running of with your laptop is a "people". So is that someone who's writing malware.
"while democracy seeks equality in liberty, socialism seeks equality in restraint and servitude." de Tocqueville
Actually, it seems like a reasonable assumption to me. Always code or design assuming the worst. Before you decide what hoops you make the user jump through to get his money online, assume that he's pwned in every imaginable way, that his firewall is mis-configured to be a digital goatse ;) and probably he's not even who he says he is. And he's probably trying to break your system too. Because sooner or later you'll have to deal with just that. Now what can you do to mitigate such a situation?
Basically you can divide people and design philosophies into a spectrum between:
- optimistic: they expect the best possible outcome. They just know it'll be all right. The world is nice, the users do exactly the click sequence they've been told to, and his functions only receive exactly the right input.
- pessimistic: they expect that Murphy's Law is actually a law of the universe, and if something could possibly go wrong without violating the laws of physics, it will. Actually the real serious pessimists don't even exclude the laws of physics going wrong. They tend to have the speed of light as a variable ;) They also tend to bring a sweater or two along when going to the beach in Florida in August. And they just know that some bastard out there will feed their program the wrong input, or will have his password stolen by a keylogger and then sue when he finds his account empty. They tend to rarely be disappointed in those expectations, actually.
Personally I like my programs and processes designed by the latter. And it seems to me like this is what those banks are doing. They're for a change starting from the worst possible scenario as an assumption. Nothing wrong with that.
A polar bear is a cartesian bear after a coordinate transform.
Don't use Windows. Was that so hard?
Heh. It's easy; I've done it myself. In fact, it's easier than using Windows, which has the most difficult UI in the industry, especially since it's constantly changing.
But that's all irrelevant, because computer security has absolutely nothing to do with sales. It's determined by ad budgets. Microsoft can spend (and has spent) over a billion US$ marketing a releases of Windows. The only other computer company that can come close to this is Apple, and they're more than an order of magnitude away from it. No other "competitor" stands a chance of getting the funding that it takes to get into the market.
And, in a sense, even that is irrelevant to the topic at hand. As far as security is concerned, the 90% or so of the customers who use MS Windows don't spend money on security. It's not something they can see, and they'll never understand the technical details. Building them a secure system is more expensive than not bothering with security, and it wouldn't increase sales past the current 90%, so why should MS bother?
Perhaps the best bit of evidence here is something that came out on /. recently: the discovery that, even if you tell Windows to not update anything automatically, there are still parts of "the system" that get updated whenever MS says (and the machine is connected to the Internet). During the discussion, it came out that this "feature" has been in Windows since XP. Now, to us geeks and nerds, this is obviously a "back door" that was planted purposely with the intention that outsiders be able to install software on a machine without permission. That's what it does, after all, and such things don't get implemented by accident. It's also obvious to us that it won't be limited to only MS employees; all it takes is a bit of "social engineering" (typically in the form of a bit of cash), and info about this back door will be available to essentially anyone. This has all been acknowledged by Microsoft.
But did this produce any outrage or abandonment of MS Windows? I haven't seen or read of any. The customers don't care. Security isn't something they actually use, so it's not interesting. If you try explaining the problems with this automatic update feature, their eyes glass over, they classify you as a computer nerd, and they switch to a topic that's actually interesting.
Actually, this is a case where the canonical auto analogy works quite well. Look at all the safety features that have been put into cars over the past decades. How many of them happened because customers were demanding them? Right; none. Safety features were all forced on the auto makers by government regulators. Customers couldn't even be persuaded to pay for seat belts; they had to be mandated by law. And then, most people refused to use them until the cops started writing tickets. In this case, it's pretty obvious that lives are quite literally at stake, yet people wouldn't pay for (or use) safety features. Safety had to be forced on them by those evil government regulators.
The situation is worse with computers. With cars, most of the safety features are visible and/or unobtrusive. With computers, most security features are either invisible or they become visible by interfering with usability. People don't pay for things they can't see, and they especially don't pay for things that interfere with what they're trying to do. The computer industry obviously doesn't know (or care) how to make security both silent and noninterfering, as the auto industry has (mostly) been able to do.
The computer industry does know a lot about security, of course. But the Market Leader that makes that 90% of delivered systems has no motive to implement good security, because it's a cost that doesn't add to their income, and they know that their customers don't care. They can invest a small amount in "security theater", and that's all they need. They can safely ignore the maybe 5% of the market that understands securit
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
You have too much faith in the average user, if you think they'll configure and admin a whole PC instead of just buying a small appliance and forgetting that it's even there. And if you actually want them to configure and admin it _well_, now that's a whole other issue.
A polar bear is a cartesian bear after a coordinate transform.
Awesome idea!
Security Free Day!
Educate them by giving them an annual example of *why* security is necessary.
Everyone backs up on the third Friday of August, and then drop the walls/encryption/anti-malware Saturday morning and let it go wild.
Sadly, I honestly think that it would be about as havok-wreaking as Y2K was. In other words, very little.
Every home router ships with a button that generates a OTP on a small display. I'm guessing a lot of these routers are owned because of weak passwords.
I've been running for 15 years now with out any anti-virus software or anti-malware at all and have never had a single security problem. Wait, I see the issue. Apparently, how secure a desktop is dependent on the desktop software. Who knew?
I don't think it's quite as you describe.
Your argument makes sense in a highly abstract, academic universe in which all people are perfectly skilled, knowledgeable and well resourced. This is too far removed from reality to be useful.
The first problem is that we know it's possible to build DRM that is extremely hard to crack. The PS3 is a working example of that. Games distributed via Xbox Live (versus dvd) are another example. These systems have been partially defeated a handful of times and then promptly re-secured. It turns out that though you technically speaking "have the keys" they are buried under so much silicon wizardry that in practice you don't have them.
The second is that it's very questionable whether there is any such thing as a "completely secure system" as you describe. Your phrasing is vague so I'll assume you're talking about resistance against attackers who are physically remote. The trend has been that over time, bugs that were once thought to be un-exploitable have become exploitable. For instance at one time both heap and integer overflows were not deemed to be a security issue until techniques for reliably exploiting them were published. Likewise, it's only recently that implementors of software cryptography have started thinking about statistical side-channel attacks and many (most?) engineers are still unfamiliar with them.
In short, it's possible to build both very strong DRM and very strong security against remote attackers, but real people routinely build very weak versions of both and I am skeptical there are any perfectly undefeatable systems out there.
HP Labs had some interesting experiments with CapDesk and Polaris trying to put some capability-based security features on top of Windows. I see three main objections to capability-based OSes:
o Picking the right set of capabilities to enforce is a tough problem that would probably require years of trial and error. For example, "open a network port" is way too broad.
o SELinux is an example of confining processes to particular kinds of access to particular objects. Defining SELinux policies has proven difficult in practice and the results are brittle.
o Nobody, to my knowledge, has demonstrated a practical one.
so i have had occasion to think sort of weak thoughts about this. Yah, it seems reasonable to think everything is compromised. personally, i have had owned wifi routers and satellite modems. I tried openbsd for a desktop. my firewall has been openbsd for a decade. so what am i using now: stupid win xp. ah well, at least is supports flash and the audio works. and it is easy to reinstall everytime it gets infected enough to be noticeable. i figure i should try pc-bsd. why not? because if you look broadly enough, who has physical security?
However, I might like a box with some limited vetted software (sort of a joke) and hardware it takes a big crowbar to get to. Can it run random stuff or even take software updates? Nah. if it costs like a netbook, get a new one every year.
Mainly because the current crop of Linux users are nerds. If the example Clueless family in my example exercised that level of caution, well, they wouldn't be clueless in the first place.
And if they were that cautious, they wouldn't get pwned in Windows either. I mean, it's not like that spyware crap was linked to from microsoft.com or anything.
The way they get pwned is more like:
Joe Clueless wakes up on a saturday morning, scratches his balls and goes to see if he has any email. Does he want herbal Viagra? Hmm, Jane has been faking too many headaches lately, maybe it couldn't hurt to at least look at the site. Just in case. Big fake UI popup tells him that he has 200 viruses on his system and needs to download and install the free Pwnage antivirus. Eeep, he doesn't want no nasty viruses on the computer he does his banking on, so let's hurry and do just that.
Next email tells him that the USPS couldn't deliver some package, and he has to run some attached executable to find out more details. Fuck, he wouldn't want to miss a package, so he dutifully does that.
Another emails tells him that the IRS wants something from him, so he does that again.
Next email tells him that hundreds of naked teenage babes are waiting for him at some .ru site. Well, Jane is out with the kid, maybe he has time to take a peek. Oh, he has to install this free dialer to see the pics. Well, sure, why not? He does that.
After clicking a bit around, another popup tells him that his computer has incriminating evidence against him and he needs to download and run this amazing browser history eraser. Teh oops. Jane might be pissed off if she sees porn sites in the browser history. Time to download and run this trojan too. He makes a mental note to complain about these browser devs who don't include that function already ;)
Meanwhile Jane comes back and wants to see which of her friends emailed her. That computer gets to add a cutesy minigame from an attachment, and another handy-dandy utility to remember her passwords, to its growing malware collection. While she's at it, she clicks on the www.i-pwn-u.ru link in another email to confirm her Paypal password again. She makes a mental note to whine about these idiots at Paypal who forget her password every other day and keep asking her to enter it again ;)
Little Timmy gets his computer time in the afternoon and gets his ass handed to him in multiplayer again. He googles for "counterstrike cheats" (or whatever game he's playing) and gets to some dodgy site where if you just download their keyboard and mouse driver, it can do a whole collection of FPS macros for you and make you play like a pro. (And also log the keypresses and send them back home, but they're not saying that.) Bweh-heh-heh, he'll show those guys in his clan who's teh uber-l337 FPS player.
Do you see any reason why in the same scenario they'd exercise caution about what they download in Linux, when they don't in Windows?
A polar bear is a cartesian bear after a coordinate transform.
Remember when people used to laugh when the subject of hardware infection came up?
Let's mark the dated - May 2010, now can we move on to securing our hardware [without draconian measures].
If we're able to get the HW manufacturers on board we might see something of a victory in the near future and be able to compute without interference.
This problem has never been taken seriously - and it's about time.
Subversionhack:
http://subversionhack.livejournal.com/
~hylas
Maybe in the past, but there are a lot of cases where DRM is still standing tough:
HD Satellite
PS3 -- one guy finally found one crack, but Sony has already not just patched this (and patched out Linux support in general), but put code in so they can force ROM upgrades as they see fit.
Zune WMA DRM. No, transcoding or analog hole doesn't count.
Blu-Ray -- AACS/BD+/BD-ROM mark. Still nothing even close to a break.
HDCP -- those cables are still secure. No such thing as a box you plug your HDMI cable into to decode stuff like you could with the old Macrovision VHS copy-protection.
Windows/Office activation. Yes, a crack may exist, but it gets flushed out every patch tuesday. Plus, I've yet to see a crack for Windows that is not a Trojan in disguise.
VAC/Warden bypass tools. The only utility that actually works with a game is MQ2 for everquest. Every other utility either results in a ban, or is a Trojan.
So, newer forms of DRM which bring in autoupdate mechanisms are winning the war.
Why don't you learn to read instead of thinking you're too cute for it, smackoff.
Oh, you're just adorable yourself getting all pissy like that! :-)
And for the record I really am just too cute for it. Cute Overload actually rejected me saying even they could not handle my cuteness. I am all that cute *and* a bag of chips.
Smackoff? That's a new one. Even Urban Dictionary provided no illumination. Hmm. A wrestling term perhaps? Is it the groovy new lingo kids are throwing down these days at the soda shoppe?
I don't generally post this kind of thing, but please mod the parent up. I cannot stress enough how false assumptions are generally bad in terms of security. Yes, Linux is being attacked (successfully), as is Mac OSX. The attacks on home routers are particularly heinous as most people do not update/upgrade the firmware ever, and more of it is based on common Linux underpinnings.
Michael J. Ryan - tracker1.info
Collecting some ideas in this thread how about this. Not as a perfect solution, there isn't one, but it might cut zombies down greatly.
- Home routers by default are protected by a security company or the isp, automatically patched or re-imaged.
- A similar strategy is used to create a secure pc used only in the home for financial transactions.
- The router is used as a bidirectional filter, to keep the network clean (not letting zombies from inside the house get out) and to keep the pcs in the house clean (not letting dangerous looking things get through any ports, including scary looking email). So the router has to communicate proactively with the user and we need some standard client apps for that perhaps.
- Users are given an intrusion detection agent to run on their router (well the router downloads it automatically) and optionally on pcs/macs/linuxes that will detect port scans, attempts to break in via password scanning ftp and ssh services, and all known malware attacks. This will report to the ISP which can block those attackers from entering the ISP's network, or if inside the network then flag for examination. For example when I got my Mac a year ago I had to install things like fail2ban and this sort of thing is beyond the knowledge or understanding of most users.
- ISPs provide a way (manual entry via a website, and also via a standardized webservice that third party developers can target) for end-users to report IPs that are attempting attacks. The ISP can ban IPs outside the network that rack up a number of such attempts.
- There is a big danger of the ISP taking advantage of this power, and there need to be rules that ISPs can't do that. There is a big danger that by closing lots of ports it could break the net for protocols used by new applications, video conferencing, etc.
- Users therefore would be able to select among various providers of filters, allowing the market competition to reward the best providers, independent of the ISPs. No filtering at all (with all done by user) must be an option.
- Getting ISPs and third party providers of security profiles and security agents to work together and agree on standards is difficult. It could be assisted by a homeland security czar but the government would be too likely to abuse such a position, sneaking in security policies in lieu of court cases or legislation. So probably security consulting companies and manufacturers should discuss this at industry events and make an online venue to thrash out the ideas. Ideally users would pick the ISP with the best security record but apparently there is not enough competition in that market yet.
- Also ideally, statistics on attacks, infections and performance of the system as a whole would also be retrievable via webservices by third parties, in other words the entire system from device to end user to router to isp to corporate systems would form an interlocking, ad-hoc instrumented security system that is transparent enough to understand what is going on and what works, what doesn't.
- There is still the danger of unknown vulnerabilities, so there will need to be a big batch of canaries sprinkled about to try and detect them. Perhaps some of these things are already in place through actions of antivirus manufacturers and isps.
Unfortunately, what was a good part of town yesterday may be a bad one today. These changes happen relatively slowly in meatspace, but can happen more or less instantly in cyberspace. It's just not possible to ever be sure where the bad parts of town are. You could work on a whitelist of only trusted sites, but you'd end up blocking 95% of the Internet, most of which is harmless.
The main problem here is that the Internet is only MOSTLY harmless.
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
You lock up a tank by locking all the hatches internally but one, then putting a exterior padlock on that.
*picks up bic pen*
*walks toward nearest army base with M1 Abrams*
*Whistles to allay suspicion*
HA! I just wasted some of your bandwidth with a frivolous sig!
Simple telling people when they have an unusual mail load would probably do wonders to help.
Telling them when there traffic looks like a bot has taken it.
Getting them to go to gmail would help.
I have never had a virus I didn't put there on my PC. My family follows the simple directions for email and applications.
It's nice to see kids learning about this in schools now. Safe ways to use the computer will also go a long way to stop this.
It's really common sense stuff to reduce the risk. Looking for a solution that'a 100% fix will only cause snake oil salesmen to push placebo's and get us no where.
The Kruger Dunning explains most post on
DRM can always be defeated because the "attacker" is exactly the same as the user, and you're already giving them everything they need. That is a system which is fundamentally flawed. Real security is where you don't give the attacker your keys, passwords, etc.
So DRM relies on "security through obscurity", which is generally frowned on in security circles.
I'm drawing a distinction between the attackers, who most people assume are people anyway, and the classic case of PEBKAC. I can protect myself reasonably well from attackers, including human ones. I can't reasonably protect you from anyone if you're not willing to cooperate.
Don't thank God, thank a doctor!
There are several ways to make online banking completely secure.
Sorry, but you just lost all credibility right here. Anyone who claims that anything can be "completely secure" is either a) trying to sell something or b) clueless. You can say something is "more secure" or that something provides better security, but nothing, ever, will be "completely secure".
The
As the CTO of a company named 'WhiteHat Security' you are, and I'm being mild here, completely unqualified for your job if you're just now learning to make that assumption. You do not belong in any group, conversation, publication, organization or even organizational unit that involves security. You are ignorant of the most basic premises of security.
Now ... to put it bluntly, you fucking suck at your job.
Anyone with half a clue assumes the client is compromised and has for as long as I can remember.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
However, if you assume that your client's machine is infected, no measure will secure your transaction. (There are keyloggers which do screenshots on mousclicks etc.)
I know this is a little FUD, but not exactly implausible. -Jeremiah Grossman
Your argument makes sense in a highly abstract, academic universe in which all people are perfectly skilled, knowledgeable and well resourced.
I also addressed a universe in which people are reasonably skilled, knowledgeable, and well-resourced. I think that's a definite possibility. I hate to use a car analogy, but no one expects driving a car to be "easy" or "intuitive" or something you should be able to just pick up and do instantly. They expect to have to learn something. It only takes the tiniest bit of that kind of attitude to increase desktop security dramatically.
Really, it's not difficult to keep your system patched and avoid downloading random crap. 99% of the population can't seem to do that, I grant you, but it's not that far removed from reality.
The first problem is that we know it's possible to build DRM that is extremely hard to crack.
It only has to be cracked once -- particularly software DRM. One person (or team) figures out how to crack it, and distributes that over the Internet.
These systems have been partially defeated a handful of times and then promptly re-secured. It turns out that though you technically speaking "have the keys" they are buried under so much silicon wizardry that in practice you don't have them.
"Promptly re-secured" suggests that it's not the silicon alone.
I could also qualify this with, all DRM is theoretically crackable, and all DRM involving static media (audio and video) will be cracked, as we've seen. Executable stuff (games) is harder.
The second is that it's very questionable whether there is any such thing as a "completely secure system" as you describe. Your phrasing is vague so I'll assume you're talking about resistance against attackers who are physically remote.
Yes.
The trend has been that over time, bugs that were once thought to be un-exploitable have become exploitable.
We're talking about bugs, though. You're going to find this even more ludicrous, but there is nothing inherent in software that requires it to have bugs. The bugs are our fault.
Now, I'm not going to tell you that I can create flawless software, or that any human can, only that it's possible, whereas working DRM is not.
For instance at one time both heap and integer overflows were not deemed to be a security issue until techniques for reliably exploiting them were published.
And both heap and integer overflows are things which do not have to exist.
Likewise, it's only recently that implementors of software cryptography have started thinking about statistical side-channel attacks and many (most?) engineers are still unfamiliar with them.
This is harder, yes. However, these are mostly dealing with information sent over the wire, and none of it applies to keeping a single desktop PC secure, given that desktop PCs typically don't need remote access.
I am skeptical there are any perfectly undefeatable systems out there.
As am I.
However, to take "DRM can never work", and use that to conclude that "Security is impossible", is missing the point. It's a bit like noticing that homeopathy is bunk, and from that, concluding that medicine is impossible.
Don't thank God, thank a doctor!
So you want the Nannystate to fix this for you because you're too lazy to fix this yourself? Collectivist! We don't need your fascist-socialism here! Leave America if you hate it so much! [/sarcasm]
Actually, I'm a liberal, although in this case, I don't think we need any draconian laws or oversized bureaucracies to deal with this issue. Why? Because even though it would cost ISPs money to address this issue, infected computers on their network costs them money in the form of more traffic (they gotta pay for the pipes to the backbone after all). They therefore have a financial motive for dealing with their customers' infected computers, and some ISPs have in fact taken it upon themselves to warn users that they suspect have compromised computers. All on their own.
So I think it would only take a little nudge from the government to encourage the other ISPs to start doing something similar. Just stress to them that the extra traffic from infected computers is probably costing them money.
I understood your distinction. My response to you was tongue-in-cheek.
"while democracy seeks equality in liberty, socialism seeks equality in restraint and servitude." de Tocqueville
many organizations, particularly in the financial services industry, have gotten to the point of assuming that their customers' desktops are compromised
Isn't that a good thing? If I were writing code that interacts with a system outside my control, I would assume the worst case scenario (compromised, packet sniffers, rootkits, etc.) and code as much as I can to be resilient to that.
Have financial institutions been running thus far under the assumption that their customer's computers aren't compromised?
Faith is a willingness to accept something w/o complete proof and to act on it. Reason allows you to correct that faith.
Ummm...the Internet is the bad part of town. Your Intranet is the only network you can really trust (and TFA puts doubt on that, even).
Just sayin'...
MCSE? No, sir...I don't do Windows. Yes, I am an idealist. What's your point?
The main problem is two fold. The software companies (i.e. all of them) have their own agenda, profit. Microsoft is probably the biggest culprit, but they are also the largest targeted OS. The second part are the consequences. If laws started making it very painful to be caught performing 'internet terrorism' than you would see a large fall in this types of crimes. Utilizing acids, a propane torch and a pair of vice grips would solve the problem overnight.
We're number one! Windows is number 1.25! SUCK IT BALLMER!
You can rag on Windows and admin privileges all you want. All I can say is:
login as: root
root@yourhost.foo's password:*******
Spare me the, "OMG USE SUDOZ LOLZ" because that's a load of crap in the face of the poor argument that 'UAC' not doing squat.
As for the rest, go deal with commodity hosting sometime. The number of infected Linux systems out there is legion. And it'll continue to be so, because in the end, Linux has the same problem as Windows: Package management sucks. It doesn't matter what distribution you choose, sooner or later, users will need to install something that's a) not in their distribution's package management system or b) is included but horribly out of date or simply broken.
When that happens, they're going to scream, curse, drink heavily, install the package the old fashioned way (probably involving several megatons of mail to mailing lists/posts to forums to figure out how) and then, once it's working - promptly forget about it. It will then be left to rot, and any security patches/etc. coming out for $SOFTWARE will be ignored.
Heh. It's easy; I've done it myself. In fact, it's easier than using Windows, which has the most difficult UI in the industry, especially since it's constantly changing.
By that implied standard, which UI is _not_ "constantly changing" ?
But that's all irrelevant, because computer security has absolutely nothing to do with sales. It's determined by ad budgets.
The single biggest factor in "security" (and I assume from your comment you are using the word in the context of outcomes, not capabilities) is end user behaviour. Nothing else even comes close.
Building them a secure system is more expensive than not bothering with security, and it wouldn't increase sales past the current 90%, so why should MS bother?
But now you're using "security" in a reference to capabilities. So, what security _capabilities_ are lacking in Windows, both compared to the alternatives and in an absolute sense ?
So all a tank-jacker has to do is put a brick through the window?
I've worked inside on things since windows 3.1
I've worked with security products over the same period.
I've worked with Users, and in terms of compliance, and in terms of business.
I've worked with and for and around vendors.
Today, we are multi generations of the base consumer OS later.
The real world security model is so broken as to be an actual joke.
The security models in use are also now so broken as to be an actual joke.
Application and vendor companies are still shipping products today, multi generations later in this consumer area that require the logged in user to run with administration rights when using the program.
Security products have been failing for several years. And there is no chance whatsoever that security products can mitigate and bulwark off computers against the fact that software is fundamentally flawed, but worse yet, globally end users are running the majority of applications, tools, utilties and processes with administrator rights.
Even with the onset of Vista and with Windows 7, the voluntary compliance in view of UAC is simply ignored. Most home users switch off and blithly click click click, and the smarter ones would be utterly ignored when reporting to vendors to have culpative changes made to end software. With no punitive action being faced there is very little to persuade vendors and software producers to actually secure and improve their programs, APIs, frameworks, and Features.
Security vendors rarely step forward to make demands in light of admin rights, - and their whole industry is based on the equivilent in Pharma terms - dragons penises and the maagical effects of it as a healing agent towards keeping clients secure.
Most security products are at best woefully inadaquate, and in many cases have no idea malware and foreign code is running wild on systems they are 'protecting'. Years ago, they should have been driving the use of admin rights on the desktop away. But again, with no punative penalty for failures, they can continue selling utterly flawed models and generations of products that are patently unable to do what they are supposedly designed to do.
I don't entirely blame them, but the failure to drive the admin rights issue is the fundamental flaw in this, along with faulty vendor products, and faulty third party software products.
Here are AdmV0rl0ns laws.
1. The model of software development has to change. And change fundamentally. For several decades - software has been built along very odd engineering lines. Companies are allowed almost a free hand in terms of punitive licensing, and in terms of licensing, and gain enormous protection from the state, and freedom of the state in terms of copyright and other protection.
In most cases, every single line of code written has been accompanied with a substantive 'If the world burns down because of this software, or because of anything this software does, then we cannot be held accountable, good luck.'.
This cannot continue. In the real world, no such engineering is acceptable. Bridges are not shoddy affairs put up and then handed over to the paying taxpayer, customer or business with an cast iron guarantee that the bridge builder is excempt from 'everything'.
Consumers don't buy a car, and then are forced by laws and licenses to sign over all their rights and if the wheels fly off the car, the maker gets exeption from all responsibility.
In terms of OS development, The vendor has to be brought to account, and it has to develop and security test APIs and function to a level where the wheels do not fly off. And where security becomes a functional demand. And if this change cannot be gained by voluntary method, then the law needs changing so punitive damages are available to those who suffer failures from software.
It has to be remembered, many of these companies make millions, perhaps even billions, and yet avoid any examination of their products actual safety and engineering. Windows XP and its subsequent service packs w
We`re all equal
The 70's called and they're offering timesharing again (although they are now calling it "cloud computing" as a new and improved name). Security was good, the core OS was secure and as a closed environment it wasn't prone to hackers. All you need is a TTY (preferably a ASR33), a dial up modem and you can call up your bank and get access to your account information.
The 60's have called have offered batch as an alternative.
For years, security experts, analysts and even users have been lamenting the state of *MS Windows* security. Viruses, spam, Trojans and rootkits have added up to create an ugly picture. But, the good news is that the MS Windows security battle may be over. The less-than-good news, however, is that we may have lost it. Jeremiah Grossman, CTO of WhiteHat Security, said Thursday that many organizations, particularly in the financial services industry, have gotten to the point of assuming that their customers' MS Windows desktops are compromised. And moving forward from that assumption, things don't get much prettier.
Wow, mono-culture turned out to be bad. Who'd a thunk it?
I call hogwash. How many Microsoft employees must be posting in this forum. The measure that matters is the real world. I've been working in a university I.T. dept, thats a LOT of machines spread amongst a huge breadth of user skill levels (our particular uni consists of roughly 40% OSX, 50% Windows (XP and 7) and 10% Fedora Linux (and yes, we do put end users on the Fedora boxes for classwork). I am yet to see a Linux or OSX machine get with a hijacked browser session.
I'd be very interested in a show of hands. Linux does have a decent share of the server market, and systems running it do get exploited (but my bet is that its very predominantly from exploits in sloppy PHP web apps and the like). But aside from that, how many of you out there have *ever* had malware get on to your Linux desktop and start hijacking your browser? My bet is very nearly zero. Windows is as secure as anything else? You may like to think that in principle it could be, but the experimental evidence strongly disagrees.
Censorship is the opposite of education. If neo-darwinism were defensible, people would not need to try and censor ID.
...But you run around with a weak password on your home ROUTER?
Typical, arrogant Slashdot. You deserve what you got.
And sometimes it doesn't take a rogue download!
My story:
I had a router that was probably 3-4 years old. It worked just fine, and did everything I needed it to. Except, of course, keep out hackers.
One day, I started being unable to get to certain websites. That list grew.
I kept checking all the PCs in the house for viruses or trojans or spyware, and all kept coming up clean.
I checked the routing, and I was being funneled through some random odd IP addresses.
Removed the errant links in the route, and things changed back to normal. Not a week or so later, and the same problem!
Went out and grabbed myself a new router, and the issues haven't come back since!
(I changed the default username and password, router's ip address, set up wireless password, disabled remote login—I thought I had done everything I could to secure the router from that type of thing... I guess I didn't protect it from design flaws it may have had, that I had no control over)
I imagine that the longer a router is out, the more time the hackers have to find the chinks in the armor of the router's security, and the easier it is to take control of them.
Especially since I rarely ever see many firmware updates for routers. I think I saw a few for the old one, but there was a span of a year or more where there was nothing.
You know, if a company knows that its routers can be or have been compromised, it'd be a good idea to let the public know (so they could then work to better protect themselves).
I wouldn't have even known if some websites hadn't stopped working! And I now more often check my routing, to make sure I'm not being redirected.
Let's ignore the API/ABI issue. Suppose a miracle happens, and every app developer decides to exclusively support native KeyKOS and EROS features.
How would it even work?
Without filenames, there is no reasonable way for the human to express things. I'm not going to type a UUID.
Without programs being able to scan directories, they can't offer nice File/Open dialog boxes. Consider the gimp, which provides a preview thumbnail.
Consider the common Edit/Insert operation. The app goes looking for a file to insert into a document.
Consider something like Open Office or Firefox. These apps have only one instance normally, even if you click the icon multiple times. This is for consistancy (multiple instances editing a single file is bad) and for memory use reduction.
What would your GUI look like? How non-desktop must it be?
System access gives you the ability to hide your running processes from userland scans and deletion of your running files and boot hooks.
There are very few - if any (correct me if I'm wrong, please, with details, if those details are informative enough I'll even pay for the knowledge!) antivirus or antimalware programs that can detect and reliably remove rootkits. I certainly haven't found any that can do so, that's why I rely on combofix, the tdss variant removers, gmer, my intuition, and other tools to remove persistent infections from the increasing number of rootkit infected systems I deal with all the time as an independent home computer technician.
Userland malware isn't the real problem, anymore - most antivirus and antimalware programs can deal with that ( and I agree that most end users don't know to run it, even if they would know what to run, sadly, this is another of the bad things about Microsoft, education of end users as to the problems they will face, but Windows Defender, etc, hell, that's a whole nother topic) the real problem nowadays that I'm seeing much more of is rootkits that keep the spambot/malware alive, regenerates it when you kill it thru other methods.
I have a pretty good toolkit, and enough knowledge, at this point to wipe this crap out on every system I encounter; but I know that it's going to get a lot worse. I already spend about thirty hours a week just trying to keep up on the latest removal tools after seeing a system last week with more than four rootkits on it, in addition to much other crap. (Cleaned it, to the best of my knowledge)
What got me, this year, is that for the first time since Klez I had one of my home systems infected. It was a TDSS variant (probably thru a driveby ad, near as I can tell), got it removed, but even tho I've been doing tech support since before Windows existed; couldn't trace the source of the infection back as well as I want to. Since then I've seen a lot of other attacks being tried, some of which failed on my system because they were executing invalid instructions (experimentation, I imagine); I know it's getting bad out there. I'm careful past the point of paranoia with my home systems.
I have customers who rely on me to keep their systems clean. I have to tell them that I can't be one hundred percent certain that I can guarantee they will be free of crap. Some of them I migrate to linux, Ubuntu or Fedora, if it works for them. I know there aren't any solid solutions, but when I see an article like this, I just have to say that I think the real problem is Microsoft's operating system.
I should probably make this a slashdot Question. Busy... ;) and speaking of busy, I have three systems on the bench tonite I am paying lip service too...
SB
It's old. The more humans I meet, the more I like my cats. At least they are honest.
The battle may be lost, but we don't have to lose the war! Let's step up our efforts. We can create a war on spam! It could be a misdemeanor to support the terrorist funding spam groups by allowing them your e-mail or the use of your machine! This could be supported by the government wiretapping efforts. It would help the economy by providing more free slave labor, and it would help stop the moral decline of the internet! Just say no to spam!
For You, Blue.
Polaris:
http://www.hpl.hp.com/research/mmsl/projects/adv/polaris.html?jumpid=reg_R1002_USEN
Virus Safe Computing:
http://www.hpl.hp.com/news/2005/apr-jun/virussafe.html?jumpid=reg_R1002_USEN
Download:
Disclaimers:
Polaris uses a kernel driver to work around a bug that Microsoft claims is not security related. We believe this kernel driver is the reason Polaris does not work with Windows Vista. If you run without it, you are vulnerable to an attacker who mounts a Shatter attack after launching a process via the COM server. However, you're probably safe until Polaris becomes widely used.
This version is a first prototype, which means there are a number of things we didn't do and a number of bugs we didn't fix. For example, this version does not support linked files. However, almost 100 people have used Polaris, some of them for several years, and have reported few problems. A few have them have reported that Polaris saved them from some nasty virues.
Polaris is NOT supported by HP. Send all questions to:
alan.karp at hp.com.
http://www.hpl.hp.com/personal/Alan_Karp/polaris/index.html?jumpid=reg_R1002_USEN
~hylas
What about the HDfury? Sure, it's analog, but...
The other thing is, at least LCD panels use LVDS to connect to the controller board. Hijack the unencrypted LVDS signal.
Burn a Linux Live CD?
However, this still won't help against the user that browses... adult material first, gets himself (temporarily) infected and then moves on to do his banking.
Or the various drive-by and MitM attacks (owned router, e.g., which is incidentally what TFA was talking about).
Personally, I use a LiveCD for banking, which gets hooked up to the net directly through the DSL modem (PPPoE) without javascript or anything else enabled.
The kicker is that with this setup I am still in violation of the ToS of my bank, because there is no antivirus installed...