RE: [H] Dvorak's take on Intel-Apple
At 05:13 PM 16/06/2005, Mesdaq, Ali wrote: Well if you want to test that I have a perl script you can use to test to see if your machine has any new files on it. So what you can do is browse sites that are most prone to trying to exploit your browser ie porn, hacking, misc. Then you run the script and it will display any new files of course not counting jpegs and other common browsing files. That would be very useful. Can you send me a copy? T
RE: [H] Dvorak's take on Intel-Apple
Well if you want to test that I have a perl script you can use to test to see if your machine has any new files on it. So what you can do is browse sites that are most prone to trying to exploit your browser ie porn, hacking, misc. Then you run the script and it will display any new files of course not counting jpegs and other common browsing files. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thane Sherrington Sent: Thursday, June 16, 2005 12:21 PM To: The Hardware List Subject: RE: [H] Dvorak's take on Intel-Apple At 04:06 PM 16/06/2005, Mesdaq, Ali wrote: >What are you looking to do exactly? I was thinking hardening a system, then taking it to a malicious page, and see if the hardening protected it. T
RE: [H] Dvorak's take on Intel-Apple
At 04:06 PM 16/06/2005, Mesdaq, Ali wrote: What are you looking to do exactly? I was thinking hardening a system, then taking it to a malicious page, and see if the hardening protected it. T
RE: [H] Dvorak's take on Intel-Apple
What are you looking to do exactly? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thane Sherrington Sent: Thursday, June 16, 2005 11:41 AM To: The Hardware List Subject: RE: [H] Dvorak's take on Intel-Apple At 03:01 PM 16/06/2005, Mesdaq, Ali wrote: >benefit however you shouldn't feel safe in a ff enviorement either. For >work all I do is research malicious URL's and Malware and we mainly use Would you mind sharing some of the URLs you are researching so we can test our systems against them? T
RE: [H] Dvorak's take on Intel-Apple
At 03:01 PM 16/06/2005, Mesdaq, Ali wrote: benefit however you shouldn't feel safe in a ff enviorement either. For work all I do is research malicious URL's and Malware and we mainly use Would you mind sharing some of the URLs you are researching so we can test our systems against them? T
RE: [H] Dvorak's take on Intel-Apple
The real vulnerability that IE has that firefox doesn't is the way it supports scripting. In IE you can go to a page and never be prompted anything and have 30mb of crapware installed. Firefox allows you to control what type of scripting you want to allow. That is a major benefit however you shouldn't feel safe in a ff enviorement either. For work all I do is research malicious URL's and Malware and we mainly use FF when we look at pages however there are tons of ways firefox can be abused as well but its just not so common that's why its safer. If firefox hits 50% market share you will see complaints about firefox as well and then people will be raving about opera. The new IE should be pretty good and someone who worked with me just went to Microsoft to work on that project. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eli Allen Sent: Thursday, June 16, 2005 6:10 AM To: The Hardware List Subject: Re: [H] Dvorak's take on Intel-Apple What vulnerabilities does ActiveX have that FF doesn't? In both cases you a prompted if you want to install, and in both cases if you say yes you get infected. Eli - Original Message - > At 09:39 AM 16/06/2005, Eli Allen wrote: >>Just because it doesn't support ActiveX doesn't mean anything. As I said, >>spyware requires IE > > Except that it avoids all the ActiveX nasties out there. Which is > currently the main infection vector, as I understand it. > >>is nothing inherent about ActiveX other then it being the popular way of >>doing things so if another interface becomes popular I'm sure spyware will >>take advantage of it. > > It depends on how the new interface is written. So far, the FF team has > worked to remove vulnerabilities whilst MS has not (at least not as fast.) > I recall that last year MS' solution to ActiveX attack was to tell people > to disallow any ActiveX controls - including ones from MS. Not a pretty > sight when a company can't even guarantee it's own controls are a)safe or > b) actually from itself. > > But as FF becomes more popular, it will become more of a target. Just as > Apple or Linux will as they grow market share. > > T >
RE: [H] Dvorak's take on Intel-Apple
Because ActiveX can ride pre-approved AOX objects and -not- prompt the user to be installed. This has changed with SP2 in XP, but many users are still not running that.. prior to SP2, the prompts weren't there for objects that piggy-backed a zone (pretended to be from approved sources like MS, etc.). While it has improved, it's still not completely there, as some AOX "helper" objects are able to piggyback pre-approved AOX controls as 'updates' when in fact, they are not 'updates' but rather malicious BS.. see AOX that changes background wallpaper to 'smittie' virus notices.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eli Allen Sent: Thursday, June 16, 2005 8:10 AM To: The Hardware List Subject: Re: [H] Dvorak's take on Intel-Apple What vulnerabilities does ActiveX have that FF doesn't? In both cases you a prompted if you want to install, and in both cases if you say yes you get infected. Eli - Original Message - > At 09:39 AM 16/06/2005, Eli Allen wrote: >>Just because it doesn't support ActiveX doesn't mean anything. As I said, >>spyware requires IE > > Except that it avoids all the ActiveX nasties out there. Which is > currently the main infection vector, as I understand it. > >>is nothing inherent about ActiveX other then it being the popular way of >>doing things so if another interface becomes popular I'm sure spyware will >>take advantage of it. > > It depends on how the new interface is written. So far, the FF team has > worked to remove vulnerabilities whilst MS has not (at least not as fast.) > I recall that last year MS' solution to ActiveX attack was to tell people > to disallow any ActiveX controls - including ones from MS. Not a pretty > sight when a company can't even guarantee it's own controls are a)safe or > b) actually from itself. > > But as FF becomes more popular, it will become more of a target. Just as > Apple or Linux will as they grow market share. > > T >
Re: [H] Dvorak's take on Intel-Apple
At 10:28 AM 16/06/2005, Ben Ruset wrote: Because most of the time you're NOT prompted to install. Aren't you listening Ben? ActiveX only poses a threat to newbies and idiots. FF is just as dangerous. You heard it here first. :P T Eli Allen wrote: What vulnerabilities does ActiveX have that FF doesn't? In both cases you a prompted if you want to install, and in both cases if you say yes you get infected. Eli __ NOD32 1.1135 (20050609) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com __ NOD32 1.1135 (20050609) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com
Re: [H] Dvorak's take on Intel-Apple
Because most of the time you're NOT prompted to install. Eli Allen wrote: What vulnerabilities does ActiveX have that FF doesn't? In both cases you a prompted if you want to install, and in both cases if you say yes you get infected. Eli
Re: [H] Dvorak's take on Intel-Apple
Eli Allen wrote: Just because it doesn't support ActiveX doesn't mean anything. As I said, spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. There is nothing inherent about ActiveX other then it being the popular way of doing things so if another interface becomes popular I'm sure spyware will take advantage of it. Being tied to the OS doesn't mean much in terms of spyware either. All the spyware I've seen installs itself by acting as a trojan horse which basically means its an inherent problem in the user, not the OS that spyware needs to work. - Original Message - At 09:00 AM 16/06/2005, Eli Allen wrote: Spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. Firefox does support native plugins so don't see how you can say that Firefox is really any different from IE. Except that it doesn't support Active X, IIRC, which is the main way Spyware installs right now. And it isn't tied into the core of the OS as IE is, which has got to be a problem. T I agree 100% with Eli. Exceptions to the rule aside, just like writing software for Microsoft first tends to give you the biggest return since it is the largest market share, the same case with spyware writers. If OS-X has the leading market return, you would see spyware and viruses written for it instead. It is plain and simple economics. Microsoft OSes are default 'administrator' or privileged user, that's the real key of the problem there. I believe OS-X has some kind of user segregation as well, so that should be nice. Linux is the same as well but their GUIs tend to be laden with RPC like daemons with privileges. Sound nasty and familiar? That is exactly what Microsoft does. :) Once every OS has this segregation do you think people will simply stop? Of course not. There are ways to bypass those scenarios (find out where the default installs package in, plant trojans there when you privilege up to administrator). It's the path of least resistance in getting the biggest return for fiendish code writing. Viruses have been around for a very long time and the first one was not exclusive to DOS. Spyware was popular and sensible when Internet access has become ubiquitous. Malware that makes money! What a concept! It is a lot better than the typical geek-empowering fame and fortune scenario. Insecure infrastructures lead to this, not "Active X". -- - Carroll Kong
Re: [H] Dvorak's take on Intel-Apple
What vulnerabilities does ActiveX have that FF doesn't? In both cases you a prompted if you want to install, and in both cases if you say yes you get infected. Eli - Original Message - At 09:39 AM 16/06/2005, Eli Allen wrote: Just because it doesn't support ActiveX doesn't mean anything. As I said, spyware requires IE Except that it avoids all the ActiveX nasties out there. Which is currently the main infection vector, as I understand it. is nothing inherent about ActiveX other then it being the popular way of doing things so if another interface becomes popular I'm sure spyware will take advantage of it. It depends on how the new interface is written. So far, the FF team has worked to remove vulnerabilities whilst MS has not (at least not as fast.) I recall that last year MS' solution to ActiveX attack was to tell people to disallow any ActiveX controls - including ones from MS. Not a pretty sight when a company can't even guarantee it's own controls are a)safe or b) actually from itself. But as FF becomes more popular, it will become more of a target. Just as Apple or Linux will as they grow market share. T
Re: [H] Dvorak's take on Intel-Apple
At 09:39 AM 16/06/2005, Eli Allen wrote: Just because it doesn't support ActiveX doesn't mean anything. As I said, spyware requires IE Except that it avoids all the ActiveX nasties out there. Which is currently the main infection vector, as I understand it. is nothing inherent about ActiveX other then it being the popular way of doing things so if another interface becomes popular I'm sure spyware will take advantage of it. It depends on how the new interface is written. So far, the FF team has worked to remove vulnerabilities whilst MS has not (at least not as fast.) I recall that last year MS' solution to ActiveX attack was to tell people to disallow any ActiveX controls - including ones from MS. Not a pretty sight when a company can't even guarantee it's own controls are a)safe or b) actually from itself. But as FF becomes more popular, it will become more of a target. Just as Apple or Linux will as they grow market share. T
Re: [H] Dvorak's take on Intel-Apple
Same animal, different sub-species. Plugins & Java do form an attack vector in FF/Moz just not as an effective one. Anytime you allow something to extend or run custom code, you're taking a risk. Gotta admit I only see IE once or twice a week these days so FF is working out as a replacement for me. Ben Ruset wrote: Lack of support for ActiveX. Eli Allen wrote: Spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. Firefox does support native plugins so don't see how you can say that Firefox is really any different from IE.
Re: [H] Dvorak's take on Intel-Apple
Native code is native code. Nothing inherent about ActiveX. - Original Message - Lack of support for ActiveX. Eli Allen wrote: Spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. Firefox does support native plugins so don't see how you can say that Firefox is really any different from IE.
Re: [H] Dvorak's take on Intel-Apple
Just because it doesn't support ActiveX doesn't mean anything. As I said, spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. There is nothing inherent about ActiveX other then it being the popular way of doing things so if another interface becomes popular I'm sure spyware will take advantage of it. Being tied to the OS doesn't mean much in terms of spyware either. All the spyware I've seen installs itself by acting as a trojan horse which basically means its an inherent problem in the user, not the OS that spyware needs to work. - Original Message - At 09:00 AM 16/06/2005, Eli Allen wrote: Spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. Firefox does support native plugins so don't see how you can say that Firefox is really any different from IE. Except that it doesn't support Active X, IIRC, which is the main way Spyware installs right now. And it isn't tied into the core of the OS as IE is, which has got to be a problem. T
Re: [H] Dvorak's take on Intel-Apple
Lack of support for ActiveX. Eli Allen wrote: Spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. Firefox does support native plugins so don't see how you can say that Firefox is really any different from IE.
Re: [H] Dvorak's take on Intel-Apple
At 09:00 AM 16/06/2005, Eli Allen wrote: Spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. Firefox does support native plugins so don't see how you can say that Firefox is really any different from IE. Except that it doesn't support Active X, IIRC, which is the main way Spyware installs right now. And it isn't tied into the core of the OS as IE is, which has got to be a problem. T
Re: [H] Dvorak's take on Intel-Apple
Spyware requires IE because that is the browser most novices use who don't know how to easily avoid spyware. Firefox does support native plugins so don't see how you can say that Firefox is really any different from IE. Eli - Original Message - The thing is, at least on the spyware front, that most spyware requires you to be browsing in IE to become infected. Most Mac people don't use IE5 for Mac anymore, since it's so old and a piece of crap compared to Safari. Without ActiveX, it's a lot harder to get spyware on your machine. Blah, there really is no difference between OSX and a Linux desktop except that the OSX GUI is far more polished and there are more commercial apps for it. Thane Sherrington wrote: It will be interesting to see how Apple's OS handles a concentrated attack. If it cannot stand up, then it's possible that Linux may finally emerge as the safe alternative to all else. At last, an interesting scenario!
Re: [H] Dvorak's take on Intel-Apple
The thing is, at least on the spyware front, that most spyware requires you to be browsing in IE to become infected. Most Mac people don't use IE5 for Mac anymore, since it's so old and a piece of crap compared to Safari. Without ActiveX, it's a lot harder to get spyware on your machine. Blah, there really is no difference between OSX and a Linux desktop except that the OSX GUI is far more polished and there are more commercial apps for it. Thane Sherrington wrote: It will be interesting to see how Apple's OS handles a concentrated attack. If it cannot stand up, then it's possible that Linux may finally emerge as the safe alternative to all else. At last, an interesting scenario!
[H] Dvorak's take on Intel-Apple
This would be interesting. T What's going to happen eventually is that Apple will see the increasing problems with spyware and viruses on PCs. With millions of dollars being invested in antispyware software it would be easy for Apple to sell a shrink-wrapped OS X86 to PC users. I'd guess that most PC users would give OS X86 a shot and the company could get $100 a box and sell at least 10 million copies. But initially Apple doesn't want the hassle of making its new OS work universally. Here's the scenario to expect: 1. Apple releases OS X86 as a proprietary system for its boxes. It's immediately pirated and goes into the wild. 2. Apple squawks about the piracy to draw attention to it, thus increasing the piracy, creating a virtual or shadow beta test. The complaining is necessary to assure Microsoft that Apple does not intend to compete with Windows. This keeps Microsoft selling MS Office for the Mac. 3. There are driver issues that get resolved by the hobbyists, and OS X86 now remains in shadow beta, being tested in a process that is apparently outside of Apple's control, but is in fact carefully monitored by the company. 4. Once the system stabilizes in the wild, Apple announces that it cannot do anything about the piracy situation and that it's apparent that everyone wants this OS rather than Windows. It's "the will of the public." Apple then makes the stupendous announcement that it will sell a generic boxed OS, "for the rest of you!" One claim is that it is a solution to spyware. 5. Microsoft freaks out and stops development of Office for the Mac. But in the interim, while not selling OS X86 "for the rest of you," Apple has been developing a complete Office suite, which it announces at the same time. 6. Spyware and viruses emerge on the Mac. It is easy to predict what will happen after that. To many Mac aficionados the uniqueness of the platform will be lost forever, and who knows what they'll do for fun. But one thing is for sure: The big problem that Mac users will have to face is the emergence of virus code and spyware aimed at them. It's possible that the Mac users going into this new world will be like the American Indians when confronted by smallpox-contaminated blankets. Most Mac users are ignorant about this plague and ill prepared to deal with it. It will be interesting to see how Apple's OS handles a concentrated attack. If it cannot stand up, then it's possible that Linux may finally emerge as the safe alternative to all else. At last, an interesting scenario!