WYTM - "but what if it was true?"

dan at geer.org dan at geer.org
Fri Jun 24 17:25:10 EDT 2005 

Dan Kaminsky writes:
 | Dan--
 |
 |     I had something much more complicated, but it comes down to.
 |
 |     You trust Internet Explorer.
 |     Spyware considers Internet Explorer crunchy, and good with ketchup.
 |     Any questions?
 |
 |     A little less snarkily, Spyware can trivially use what MS refers to
 | as a Browser Helper Object (BHO) to alter all traffic on any web page.
 | Inserting a 1x1 iframe in the corner of whatever, that does nothing but
 | transmit upstream data via HTTP image GETs, is trivial.  And if HTTP is
 | a bit too protected -- there's *always* DNS ;).  gethostbyname indeed.
 |
 | P.S.  Imagine for a moment it was profitable to give people cancer.  No,
 | not just a pesky side effect, but kind of the idea.  Angiostatin
 | wouldn't stand a chance.
 |


If you are insisting that there is always
a way and that, therefore, the situation is
permanently hopeless such that the smart
ones are getting the hell out of the
Internet, I can go with that, but then
we (you and I) would both be guilty of
letting the best be the enemy of the good.

<commercial>

  However, I/we routinely disable all use of
  BHOs, prevent mod of any entity as chosen
  by filename extension, checksum, or filesystem
  location, and whitelist applications, to name
  a _few_.  For the genuinely paranoid, regular
  (like every few hours) reboot to a new VM is
  also enforceable and recommended, especially
  if you care about attacks that are purely
  in-memory and which do not leave behind any
  payload such as to aid an attacker on his/her
  proposed second visit.  If you indeed are an
  "I don't need no stinkin' payload" sort of
  guy, like the folks who eschew carrying matches
  because you can always light a fire rubbing
  two sticks together, make me a suggestion;
  I love free consulting.

</commercial>

--dan


=================
"Internet Explorer is the most dangerous program ever written."
  -- Rik Farrow to Scott Charney during the audience grilling stage of 
     http://www.usenix.org/events/usenix04/tech/sigs.html#mono_debate



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list