OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   RE: [xml-dev] Painful USA Today article (was RE: [xml-dev] ANN:RESTTutor

[ Lists Home | Date Index | Thread Index ]
  • To: "Benjamin Franz" <snowhare@nihongo.org>,<xml-dev@lists.xml.org>
  • Subject: RE: [xml-dev] Painful USA Today article (was RE: [xml-dev] ANN:RESTTutorial)
  • From: "Dare Obasanjo" <dareo@microsoft.com>
  • Date: Sat, 25 May 2002 11:25:53 -0700
  • Cc: "Joshua Allen" <joshuaa@microsoft.com>
  • Thread-index: AcIEBqqWHnCrQg3iSA6tLYDsAEIX4AAEexnS
  • Thread-topic: [xml-dev] Painful USA Today article (was RE: [xml-dev] ANN:RESTTutorial)

I believe a number of firewall products already do this. I seem to remember a free version of Zone Alarm that notified me whenever any program tried to connect to the Internet which helped me to discover a trojan version of notepad.exe on my machine. 
 
Windows XP also ships with Internet Connection Firewall[0] which I personally haven't tried out since I still run Win2K at home. 
 
[0] http://www.microsoft.com/windowsxp/pro/techinfo/planning/firewall/default.asp
 
-----Original Message----- 
From: Benjamin Franz [mailto:snowhare@nihongo.org] 
Sent: Sat 5/25/2002 9:09 AM 
To: xml-dev@lists.xml.org 
Cc: Joshua Allen 
Subject: RE: [xml-dev] Painful USA Today article (was RE: [xml-dev] ANN:RESTTutorial)



	On Fri, 24 May 2002, Joshua Allen wrote:
	>
	> * Installed by default in Outlook was the ability to have code send
	> e-mail and lookup addresses on behalf of the user.  The first outlook
	> worms used that API.  The new versions of Outlook (and patches for
	> previous versions) made this impractical, so the next batch of worms
	> connected TCP directly using port 25.  Would installing with CDO (the
	> automatic e-mail API) off by default have made a big difference?
	> Possibly.
	
	Better yet (and getting MS out in front of this would be a _good_ thing) 
	would be placing sockets under the explicit control of the security
	system. If a program had to be explicitly _granted_ permission to make the
	initial connect to a outbound TCP/UDP port (or via a non-port oriented IP
	protocal period) or to establish a listener the first time (either by user
	interaction or via strong cryptographic signature, or both) this would
	drop 99% of Internet-aware malware dead in its tracks. The (not
	insignificant) side-benefit is that it would _also_ stop virtually all
	'spy-ware' from 'phoning home' without a user's explicit permission and
	knowledge. And users should have the ability to _turn off_ a specific
	program's access priviledges once set as well.
	
	With the Internet becoming as much a feature of computers as hard drives -
	it is about time that the security model _at least_ caught up with the
	idea of 'access permissions' that have been used to keep programs and
	people out of places they are not supposed to be for decades on
	filesystems.
	
	 --
	Jerry
	
	     The lyf so short, the craft so long to lerne.
	
	                                    ---Geoffrey Chaucer
	
	
	
	-----------------------------------------------------------------
	The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
	initiative of OASIS <http://www.oasis-open.org>
	
	The list archives are at http://lists.xml.org/archives/xml-dev/
	
	To subscribe or unsubscribe from this list use the subscription
	manager: <http://lists.xml.org/ob/adm.pl>
	
	





 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS