[
Lists Home |
Date Index |
Thread Index
]
- To: "Benjamin Franz" <snowhare@nihongo.org>,<xml-dev@lists.xml.org>
- Subject: RE: [xml-dev] Painful USA Today article (was RE: [xml-dev] ANN:RESTTutorial)
- From: "Dare Obasanjo" <dareo@microsoft.com>
- Date: Sat, 25 May 2002 11:25:53 -0700
- Cc: "Joshua Allen" <joshuaa@microsoft.com>
- Thread-index: AcIEBqqWHnCrQg3iSA6tLYDsAEIX4AAEexnS
- Thread-topic: [xml-dev] Painful USA Today article (was RE: [xml-dev] ANN:RESTTutorial)
I believe a number of firewall products already do this. I seem to remember a free version of Zone Alarm that notified me whenever any program tried to connect to the Internet which helped me to discover a trojan version of notepad.exe on my machine.
Windows XP also ships with Internet Connection Firewall[0] which I personally haven't tried out since I still run Win2K at home.
[0] http://www.microsoft.com/windowsxp/pro/techinfo/planning/firewall/default.asp
-----Original Message-----
From: Benjamin Franz [mailto:snowhare@nihongo.org]
Sent: Sat 5/25/2002 9:09 AM
To: xml-dev@lists.xml.org
Cc: Joshua Allen
Subject: RE: [xml-dev] Painful USA Today article (was RE: [xml-dev] ANN:RESTTutorial)
On Fri, 24 May 2002, Joshua Allen wrote:
>
> * Installed by default in Outlook was the ability to have code send
> e-mail and lookup addresses on behalf of the user. The first outlook
> worms used that API. The new versions of Outlook (and patches for
> previous versions) made this impractical, so the next batch of worms
> connected TCP directly using port 25. Would installing with CDO (the
> automatic e-mail API) off by default have made a big difference?
> Possibly.
Better yet (and getting MS out in front of this would be a _good_ thing)
would be placing sockets under the explicit control of the security
system. If a program had to be explicitly _granted_ permission to make the
initial connect to a outbound TCP/UDP port (or via a non-port oriented IP
protocal period) or to establish a listener the first time (either by user
interaction or via strong cryptographic signature, or both) this would
drop 99% of Internet-aware malware dead in its tracks. The (not
insignificant) side-benefit is that it would _also_ stop virtually all
'spy-ware' from 'phoning home' without a user's explicit permission and
knowledge. And users should have the ability to _turn off_ a specific
program's access priviledges once set as well.
With the Internet becoming as much a feature of computers as hard drives -
it is about time that the security model _at least_ caught up with the
idea of 'access permissions' that have been used to keep programs and
people out of places they are not supposed to be for decades on
filesystems.
--
Jerry
The lyf so short, the craft so long to lerne.
---Geoffrey Chaucer
-----------------------------------------------------------------
The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
initiative of OASIS <http://www.oasis-open.org>
The list archives are at http://lists.xml.org/archives/xml-dev/
To subscribe or unsubscribe from this list use the subscription
manager: <http://lists.xml.org/ob/adm.pl>
|
