ietf
[Top] [All Lists]

RE: VIRUS WARNING

2000-05-11 07:30:02
From owner-ietf-outbound(_at_)ietf(_dot_)org Thu May 11 06:36:01 2000
From: Steven M. Bellovin [mailto:smb(_at_)research(_dot_)att(_dot_)com]

...
Note the two crucial points -- it ran with the user's permissions, and 
it was explicitly run by the user, rather than by any automatic 
mechanism.


From: "Castro, Edison M. (PCA)" <ECastro(_at_)NA2(_dot_)US(_dot_)ML(_dot_)com>

That is exactly the same way that all Windows virus work. As a Windows 
user (as well as other OSes), I can say that people have to be responsible 
for their actions.  Whenever you receive any Email attachment, the only way
that attachment can produce any damage is if you run it.
...

Not only that, this version of Word (2000) is configured to only ask me when
a signed (with a certificate of a trusted party) macro is included.


There are serious mistakes in that.
First, is the perhaps minor point that rumor has it that Outlook Express
(as opposed to Outlook) is eager to open attachments automatically.

Second, what matters is not only what configuration changes can be made
to close some of the holes, but how systems are configured by default
from the CDROM's and how they are most commonly configured in practice.

Third, and where the first serious mistake lies, on Windows 98 the worm
did not run with merely the user's permissions.  That constrasts with
reasonable operating systems, where much of its damage would be impossible.

Forth, the most serious problem is that most computer users and many who
consider themselves more than mere users have no clue what is meant by
"the user's permissions."  The main desktop operating system vendors can
be blamed more for obscuring that notion among users than for their other
crimes.  It is the equivalent of refusing to equip cars with seat belts,
air bags, stop lights and tail lights on grounds of "user-friendliness."


Never mind that the current worm involved Visual Basic instead of Word
macros.  Regardless of the programming language, given the familiar
"feature rich," "user friendliness," it's probably trivial for a worm to
find the user's signature and sign its spawn.  You wouldn't want users to
need to type a passphrase, use a smart card, or anything else so
complicated and user-unfriendly merely to send mail, would you?  Thus,
the next act in this circus will not only involve email from people you
know (as this one did), but it will also be cryptographically signed by
the apparent senders.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com



<Prev in Thread] Current Thread [Next in Thread>