Eli Allen wrote:
Just because it doesn't support ActiveX doesn't mean anything. As I said, spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. There is nothing inherent about ActiveX other then it being the popular way of doing things so if another interface becomes popular I'm sure spyware will take advantage of it.

Being tied to the OS doesn't mean much in terms of spyware either. All the spyware I've seen installs itself by acting as a trojan horse which basically means its an inherent problem in the user, not the OS that spyware needs to work.

----- Original Message -----

At 09:00 AM 16/06/2005, Eli Allen wrote:

Spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. Firefox does support native plugins so don't see how you can say that Firefox is really any different from IE.


Except that it doesn't support Active X, IIRC, which is the main way Spyware installs right now. And it isn't tied into the core of the OS as IE is, which has got to be a problem.

T

I agree 100% with Eli. Exceptions to the rule aside, just like writing software for Microsoft first tends to give you the biggest return since it is the largest market share, the same case with spyware writers. If OS-X has the leading market return, you would see spyware and viruses written for it instead. It is plain and simple economics.

Microsoft OSes are default 'administrator' or privileged user, that's the real key of the problem there. I believe OS-X has some kind of user segregation as well, so that should be nice. Linux is the same as well but their GUIs tend to be laden with RPC like daemons with privileges. Sound nasty and familiar? That is exactly what Microsoft does. :)

Once every OS has this segregation do you think people will simply stop? Of course not. There are ways to bypass those scenarios (find out where the default installs package in, plant trojans there when you privilege up to administrator).

It's the path of least resistance in getting the biggest return for fiendish code writing. Viruses have been around for a very long time and the first one was not exclusive to DOS. Spyware was popular and sensible when Internet access has become ubiquitous. Malware that makes money! What a concept! It is a lot better than the typical geek-empowering fame and fortune scenario. Insecure infrastructures lead to this, not "Active X".



--

- Carroll Kong

Reply via email to