|
Eddie,
No question that the ILOVEYOU bug was opportunistic on Outlooks popularity (actually I think the thing went WAY larger than the writer expected). And no question that CNN is in the news business, which is always by nature trying to stoke the flames a little.
Maybe the fact that there is a Linux vs. Windows play on this will give the guys in Redmond a kick to tie up loose ends where they can and accept the responsiblity of their monopoly, along with the cash ;
|
|
|
|
|
>>>"From my perspective, Windows should assume the 99% case, that people really don't want to run .exe's and .vbs files attached to their emails. It only took what, 3 versions of MS office until it wouldn't run startup macros until it asked you at least"
Unfortunatly some of us find windows running exe's and vbs scripts a really useful feature,
However allowing them to have annonymous access to file services is silly I agree !
But I think the real problem with the "lovebug" scare
was that windows gives to easy an access to the address book.
Programs that access the addressbook should have to register
with the user first"
Still some Silly users will give access to an imported vbs script.
But it would sure slow down the spread of such virii,
|
|
|
|
|
Colin,
>> Unfortunatly some of us find windows running exe's and
>> vbs scripts a really useful feature, However allowing
>> them to have annonymous access to file services is silly
>> I agree !
From my perspective, if you try to handle this on a function by function level, it's just not going to fly. There will be too many loopholes, which is why I'd simply prevent users from being able to download them by default.
A sandbox is an excellent idea, and I honestly can't figure out why one isn't part of Windows. I mean theoretically under NT at least you should be able to execute a process within a defined security context, and you could limit what that security context had access too. I'm surprised that MS hasn't made this a "feature" in NT or 2000.
|
|
|
|
|
Grant,
Sandbox ? I'm unsure exactly what a sandbox is,
I guess by the name it refers to a process having a defined area where it is allowed to play and be used.
I believe it would be possible for a program to do this,
eg Intercept every message and thread and analyse them,
However I guess your 500 mhz machine would behave like a 66 mhz machine.
So, sure it should be built into the OS for performance,
I'm guessing here but I think the half capabilities for it are already in the windows system, via the registry.
with key access rights.
If so I guess its another job MS left half finished.
Partially due to OS buyers want features not protection,
Until the day they have viral problems.
Anyhow if my belief in a sandbox is the same as yours,
Yes I agree, and it should have nice high wall too,
Regardz
Colin Davie
|
|
|
|
|
Colin,
I'm not Windows NT security model expert, but:
My understanding however is that *any* process can be run in a security context, just as you can set the security ID in which a Service runs. Without firing up VC++, I'm pretty sure CreateProcess() contains a parameter for this.
Once executed in a security context, with restricted rights, applications could be limited in what they are allowed to do. No writing to the network, no sending email, no deleting files, no cracking of SAM, etc.
It bugs me a little that Microsoft tells everyone that they shouldn't do daily work in an Administrator account, yet you basically can't do development, run a debugger, install software or just about anything else unless you do. It would be nice when it popped up the "Do you want to run this terrible untrusted file" dialog, to give you the option of running it in a reasonable tight, user account with limited rights, or if you wish, you could give the file full rights to your system (which is the default now).
That's what I was getting at.
|
|
|
|
|
Grant,
>> I'm not Windows NT security model expert,
you probably know more than me though
...
Actually I'm looking at it from W98 also
...
But with both and w2k it should and could be the default.
Somehow I also believe MS got it the wrong way round.(again)
...
And in the tight User account,
There should be a Suspicious Dialog box
when >>writing to the network, no sending email, no deleting files, no cracking of SAM, etc
; is attempted the default being to terminate and destroy the process, and process creator,
...
What I was thinking with the registry if there was
a HKEY->DEFAULT_INTERNET_APPLICATIONS
then the e-mail, browser, messaging etc, may be in effect
isolated from the rest of the OS.
...
But lets face it MS has had several alteranatives, but hasn't really opted for them,
Regardz
Colin Davies
|
|
|
|
|
>>But lets face it MS has had several alteranatives, but hasn't really opted for them
I don't believe the MS people are bad folks, but it is rather conspicuous that this has been overlooked for so long.
Anyway, I think we've discussed this poor topic to death ;
|
|
|
|
|