Eli Allen wrote:
Just because it doesn't support ActiveX doesn't mean anything. As I
said, spyware requires IE because that is the browser most novices use
who don't know how to easily avoid spyware. There is nothing inherent
about ActiveX other then it being the popular way of doing things so if
another interface becomes popular I'm sure spyware will take advantage
of it.
Being tied to the OS doesn't mean much in terms of spyware either. All
the spyware I've seen installs itself by acting as a trojan horse which
basically means its an inherent problem in the user, not the OS that
spyware needs to work.
----- Original Message -----
At 09:00 AM 16/06/2005, Eli Allen wrote:
Spyware requires IE because that is the browser most novices use who
don't know how to easily avoid spyware. Firefox does support native
plugins so don't see how you can say that Firefox is really any
different from IE.
Except that it doesn't support Active X, IIRC, which is the main way
Spyware installs right now. And it isn't tied into the core of the
OS as IE is, which has got to be a problem.
T
I agree 100% with Eli. Exceptions to the rule aside, just like writing
software for Microsoft first tends to give you the biggest return since
it is the largest market share, the same case with spyware writers. If
OS-X has the leading market return, you would see spyware and viruses
written for it instead. It is plain and simple economics.
Microsoft OSes are default 'administrator' or privileged user, that's
the real key of the problem there. I believe OS-X has some kind of user
segregation as well, so that should be nice. Linux is the same as well
but their GUIs tend to be laden with RPC like daemons with privileges.
Sound nasty and familiar? That is exactly what Microsoft does. :)
Once every OS has this segregation do you think people will simply stop?
Of course not. There are ways to bypass those scenarios (find out
where the default installs package in, plant trojans there when you
privilege up to administrator).
It's the path of least resistance in getting the biggest return for
fiendish code writing. Viruses have been around for a very long time
and the first one was not exclusive to DOS. Spyware was popular and
sensible when Internet access has become ubiquitous. Malware that makes
money! What a concept! It is a lot better than the typical
geek-empowering fame and fortune scenario. Insecure infrastructures
lead to this, not "Active X".
--
- Carroll Kong
