[
Lists Home |
Date Index |
Thread Index
]
On Fri, 24 May 2002, Joshua Allen wrote:
>
> * Installed by default in Outlook was the ability to have code send
> e-mail and lookup addresses on behalf of the user. The first outlook
> worms used that API. The new versions of Outlook (and patches for
> previous versions) made this impractical, so the next batch of worms
> connected TCP directly using port 25. Would installing with CDO (the
> automatic e-mail API) off by default have made a big difference?
> Possibly.
Better yet (and getting MS out in front of this would be a _good_ thing)
would be placing sockets under the explicit control of the security
system. If a program had to be explicitly _granted_ permission to make the
initial connect to a outbound TCP/UDP port (or via a non-port oriented IP
protocal period) or to establish a listener the first time (either by user
interaction or via strong cryptographic signature, or both) this would
drop 99% of Internet-aware malware dead in its tracks. The (not
insignificant) side-benefit is that it would _also_ stop virtually all
'spy-ware' from 'phoning home' without a user's explicit permission and
knowledge. And users should have the ability to _turn off_ a specific
program's access priviledges once set as well.
With the Internet becoming as much a feature of computers as hard drives -
it is about time that the security model _at least_ caught up with the
idea of 'access permissions' that have been used to keep programs and
people out of places they are not supposed to be for decades on
filesystems.
--
Jerry
The lyf so short, the craft so long to lerne.
---Geoffrey Chaucer
|
