次の方法で共有

A ridiculous "security" tool

  • [アーティクル]

Reading Bugtraq today I saw this message about a "vulnerability" in Windows. Apparently -- get this -- if someone has the ability to install arbitrary system software on your computer, they can replace the SLL library used by IE and log all your internet traffic before it gets encrypted.

Somebody tell Al Gore to shut down the internet now before it's too late!!!

C'mon, if someone is running arbitrary code on your machine it's not your machine any more. Why even bother trying to spoof the SSL layer for IE when you could just, I don't know, install a keystroke logger or filesystem watcher and get all the user's data (instead of just their Hotmail password)?

And just what is supposed to stop the attackers from spoofing the tool that's supposed to detect the spoofing? A spoof-buster-buster-buster? I don't know.

End users are never going to learn about real security if they keep getting hit with messages like this. But I guess they might be scared into downloading a "security" tool if it helps them sleep better at night.

Of course if you were paranoid none of this would be an issue anyway.

Oh and it's the second Tuesday of the month, so go to Windows Update and get the latest patches. They're rated as "Critical"

Comments

  • Anonymous
    February 10, 2004
    I dont think a blanket "get all the latest patches" is a good thing to recommend. I regard it as foolish. Evaluate whether you need the patch or not.

    No point in installing a patch if you are not running a service that its patching for example.

    Can we have a list of changes made in the patch? Like, what was the problem and what it fixes along with a repro scenario to test this.

    Usually its a bit too vague on the KB article.

    I guess this would depend on what level you are targeting, with automatic updates I would imagine the Consumer level you are talking about as enterprise level would run SUS etc.

    Why can we not modify /etc/hosts file with wildcards instead of EXACT matching, this would save a huge amount of entries and problems.

  • Anonymous
    February 11, 2004
    The comment has been removed
  • Anonymous
    February 11, 2004
    NEW SECURITY THREAT FOUND IN WINDOWS:

    WARNING! If a attacker puts malware.exe into c:documents and settingsall usersstart menuprogramsstartup ....

    :-)

    I agree - it's only a security threat if IE was stupid enough to (say) load the DLL from Tempoary Internet Items or something or something else that users couldn't reasonably expect.

  • Anonymous
    February 11, 2004
    The comment has been removed
  • Anonymous
    February 11, 2004
    The comment has been removed
  • Anonymous
    February 12, 2004
    You can't make that kind of decision -- you're just
    A GRUNT!
  • Anonymous
    February 12, 2004
    ...no offense.
  • Anonymous
    February 13, 2004
    Personally, I think aluminum foil deflector beanies are the way to go.
    http://zapatopi.net/afdb.html