Linux-Advocacy Digest #399, Volume #26 Sun, 7 May 00 19:13:08 EDT
Contents:
Re: Built in Virus Scanners! (2:1)
Re: Dvorak calls Microsoft on 'innovation' (Mathias Grimmberger)
Re: Built in Virus Scanners! (Jeff Szarka)
Re: Built in Virus Scanners! (Jeff Szarka)
Re: Browsers and e-mail (Jeff Szarka)
Re: Browsers and e-mail (Jeff Szarka)
Re: Browsers and e-mail (Jeff Szarka)
Re: This is Bullsh&^%T!!! (Jeff Szarka)
Re: Let's POLL! ("Otto")
----------------------------------------------------------------------------
From: 2:1 <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Built in Virus Scanners!
Date: Sun, 07 May 2000 22:13:53 +0100
Mike wrote:
>
> "Charlie Ebert" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
>
> [... long incoherent screed unceremoniously snipped ...]
>
> > Do so without fear of viruses as the basic
> > structure of Linux doesn't allow installation nor execution of
> > programs without the prior approval of root on my system. Root has to
> > be involved before a program is installed or declared runnable in my
> > user account.
>
> Get real, Charlie. I'm supposed to call a sysadmin before I can run a simple
> script? And what is she going to do? Inspect it first, to make sure it's
> okay? And, God help us, what if I actually _write_a_program_? You know, one
> that needs to be compiled? I can compile it, but then I have to call the
> sysadmin every time I want to test it?
>
> Wouldn't it be a whole lot more productive if you just left the power switch
> in the 'off' position?
If you're intelligent enough to write a program, then you're intelligent
eenough not to execute an anknown e-mail program. For those users who
won't be writing programs, they can stop them changing the execution
bit. Besides, people stupid enough to execute a program from un unknown
source probably wouldn't know *how* to change an execution bit if they
could:)
-Ed
--
Did you know that the reason that windows steam up in cold weather is
because
of all the fish in the atmosphere?
-The Hackenthorpe Book Of Lies
------------------------------
Crossposted-To: comp.os.ms-windows.nt.advocacy,comp.lang.java.advocacy
From: Mathias Grimmberger <[EMAIL PROTECTED]>
Subject: Re: Dvorak calls Microsoft on 'innovation'
Date: Sun, 7 May 2000 21:20:58 GMT
"Erik Funkenbusch" <[EMAIL PROTECTED]> writes:
> Mathias Grimmberger <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > "Erik Funkenbusch" <[EMAIL PROTECTED]> writes:
> > > For instance, you may need to display the scanned fingerprint on the
> > > screen, or display a waveform of a voice sample, or any number of
> > > other features that are specific to Biomentrics and not generic to
> > > logins. Why would you do that? Well, in Fingerprint analysis, it's
> > > common to display the scanned image because fingerprint scanning is
> > > not 100% perfect. Looking at the image, you can tell if your finger is
> > > not positioned properly to get a good reading. And you can use that
> > > image to position your finger correctly.
> >
> > Hmm, I wasn't aware that displaying an image was a particularly
> > difficult thing to do with a GUI. It is not generic to logins but it is
> > not generic to biometrics either and why should it be in any other API
> > at all when it is in the GUI API already?
>
> Displaying the image is not difficult. Getting the Image from the Biometric
> module in a standard way is. A common theme in Fingerprint identification
> (not just validation, which is much easier than identification) is to show
> the user the fingerprint being scanned and then superimposing graphical data
> on top which helps show how many minutiae points are identified.
As I look at the problem the biometrics module should do that. It has
all the data and presumably also knows the best way to provide suitable
feedback to the user so it can work in an optimal way. I would not
expect the app vendor to think about or do research on the topic.
> Now, suppose you want the app to determine how accurate a sample you need.
> You might say that only 40% accuracy was needed for this application. The
> less accuracy you accept, the fewer false negatives you'll have and the
> easier it is to use.
Easy. Just pass some parameter(s) (a number between 0 and 100 was what
we used IIRC) to the biometrics module and document it's effects
(e.g. that it is the required accuracy in percent).
This is suitably abstract to work for many biometric methods.
> In my experience, providing proper user feedback is essential to getting a
> good identification.
Of course. I'm just saying that I think getting the users to cooperate
is difficult, at least if your target audience is the general
population.
> > > Of course you can with NT4.
> >
> > How? I would need to do what LogonUser() (IIRC) does but without
> > providing a cleartext password. It would need to be a *documented*
> > functionality, not something obtained by reverse-engineering the normal
> > login process. AFAIK it is impossible with NT4. Care to name the
> > function?
>
> What's wrong with a cleartext password? It's not like the password is being
> transmitted over a wire. It's all internal.
One of the first rules in security is: "Do not store passwords nor
password equivalents". That it's all internal doesn't matter - if it's
there then there is a way to get at it. It doesn't even matter if that
would require Admin privileges, even the admin should not be able to get
at any passwords.
> > > The problem is that this is vendor specific and it's impossible to
> > > write generic Biomentric aware applications without writing to each
> > > vendors API.
> >
> > I fail to see the problem. There are only a few apps needing that,
> > proper layering/abstraction can solve the problem of multiple vendor
> > APIs (granted, has to be redone for every app vendor) and finally the
> > app vendor is likely to choose one biometrics vendor of his liking
> > anyway (a software vendor working for the Pentagon would take no
> > chances with the choice of biometrics modules actually used).
>
> So your argument is that "few apps need this"? If it was available, more
> apps would take advantage of it.
That and that a useful generic API is very hard to do.
I don't believe that every app will use biometrics if it is only made
easy enough. What use would biometrics be for e.g. a word processor? The
user using it is *already* authenticated by being logged in in the first
place and that goes for the majority of apps.
Of course one can do neat things with biometrics, like constantly
verifying that the user in front of the box is allowed to use it. How
relevant would that be in the real world?
> And not all uses of biometrics are for national defense level security. A
> good use is when you have a terminal sitting out in a store somewhere and
> you want to make sure only authorized people use it.
But that is again a very special application, there will be special
software running, not some generic app. What use is biometrics for the
average user, the market MS is in?
> Biometrics is uncommon and expensive primarily because there's no
> standardized way of using it.
May be true, I don't really know. I'm a pessimist as far as funky new
technologies are concerned.
> > That's what I fear, that the API will not support every possible
> > biometrics out there. If it would, it would have to be a rather simple
> > API, just some hooks basically copying opaque data around. Big
> > innovation that...
>
> Why do you say that? I think all use cases can be identified in biometrics.
All use cases maybe (although saying "all" in such a context frightens
me).
All biometric methods, useful data formats - no way. What data format
will a biometric method using DNS samples use? Can you get all providers
of fingerprint biometrics to use the same data format? I don't see it.
So the API either will only deal with opaque data or can't support every
biometric method imaginable.
> > An app may need access to a function which identifies the user in front
> > of the machine (looking into a camera, putting his finger somewhere,
> > ...) or a function verifying that that user is who he said he is (there
> > is a huge difference to the former function). And that is basically it.
> > Everything else is specific to the biometrics used and must be handled
> > by the biometrics module.
>
> Not true. Suppose I want to integrate speech recognition and voice print
> recognition (each command must be identified as valid from this person
> before processed). Now, I need access to the voice sample to run it through
> my speech recognition after it's been validated. How do I do that in a
> generic way without calling directly into the vendors API?
Hmm, OK, I didn't think of such a scenario.
But this requires that the data formats used by the speech recognition
and the voice print recognition be the same or convertable into each
other.
> > > They did a pretty good job with the CryptoAPI.
> >
> > You mean the one with the _NSAKEY variable? It's not secure. And no,
> > this has nothing to do with "NSA" being a part of that variable name, if
> > the rumours where true that would be the second security hole.
>
> Do you know anything about this? MS's CryptoAPI has been reviewed by lots
> of security experts. Don't babble about net rumors.
The story goes like this:
In CAPI all components used are cryptographically signed - no valid
signature, no way to use that module. This is an important part of the
security of the whole thing.
For unknown reasons MS included *two* public keys in the API, the
primary one and the one called _NSAKEY. MS claims the second one is a
backup should the first one become unavailable - that is just bogus, why
can't they keep a backup of the first one? AFAIK MS also never provided
proof that they actually have access to the private key matching the
public _NSAKEY, but that thought leads to the conspiracy theory...
Now for the purpose of signing CAPI components the two keys are
equivalent. Their protection is not equivalent however - while you can't
change the primary key you can just change the secondary and sign new
modules with the matching private key.
There exists a little tool on the net which does just that. Apparently
crypto companies have known about the whole thing for some years and
have used it for their own purposes (installing their crypto modules).
A bad guy could now install new components which use rot-13 for
encryption. Poof, no security anymore. Whithout additional measures you
just can't trust the modules CAPI is using which was a design goal
AFAIK. So in my book CAPI is not secure because of that.
MGri
--
Mathias Grimmberger <[EMAIL PROTECTED]>
Eat flaming death, evil Micro$oft mongrels!
------------------------------
From: Jeff Szarka <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Built in Virus Scanners!
Date: Sun, 07 May 2000 22:07:24 GMT
On Sun, 07 May 2000 16:45:53 GMT, Charlie Ebert <[EMAIL PROTECTED]>
wrote:
<snip>
:> Boris
:
:
:NO BORIN,
:
:The main problem with the Microsoft Virus is it spread itself and
:matastisized itself
:to virtually everything in my office.
:
:I'm afraid you have to step down now and return to the audience sir.
:
:Charlie
Exactly why were you letting .vbs files even come in? Seems like bad
administration to me after the first few vbs viruses.
By the way, your news reader is broken.
------------------------------
From: Jeff Szarka <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Built in Virus Scanners!
Date: Sun, 07 May 2000 22:08:45 GMT
On Sun, 07 May 2000 22:09:54 +0100, 2:1 <[EMAIL PROTECTED]> wrote:
:Boris wrote:
:>
: typically; even if you did, NTFS protects each user's files. For
:example, if me and Joe
:> both have files on the same NT box and neither of us has admin access and sysadmin
:> protected us from each-other by setting permissions appropriately, any executable
:run by
:> me will NOT be able to destroy (or even view) Joe's data (and vice versa).
:
:Not completelytrue. If NT is allowed to run 16 bit apps (which is
:required in some compaies which have legacy software) they can take free
:reign over everything (by using direct hardware IO), and could easily
:trash the computer. It can be disabled, but that is not always possible.
:Under *NIX, this won't happen.
:
:-Ed
This might be the most ignorant thing I've ever read...
NT runs 16bit apps via emulation. They work exactly like any Win32
application.
------------------------------
From: Jeff Szarka <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Browsers and e-mail
Date: Sun, 07 May 2000 22:15:24 GMT
On Fri, 05 May 2000 23:27:45 -0400, mlw <[EMAIL PROTECTED]> wrote:
:
:Given the nature of both systems, i.e. the normalcy of receiving data
:from unknown origins, shouldn't e-mail have the same restrictions and
:safety precautions that browsers have?
Mail clients should require you to save an executable files before
they can be run. Meaning the novice user would need to execute them
like a regular program. Of course, there will always be those users
who do this and still run the trojan. They're the same people who stop
and read "MAKE MONEY FAST!!!!!!" just in case... (because after all,
they want to MAKE MONEY FAST!!!!)
It's stupid to send attachments anyway... Pictures I can understand...
other than that... use freedrive.com or such.
------------------------------
From: Jeff Szarka <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Browsers and e-mail
Date: Sun, 07 May 2000 22:24:03 GMT
On Sun, 07 May 2000 08:55:49 -0400, mlw <[EMAIL PROTECTED]> wrote:
:Boris wrote:
:>
:> "mlw" <[EMAIL PROTECTED]> wrote in message
:news:[EMAIL PROTECTED]...
:> >
:> > Given the nature of both systems, i.e. the normalcy of receiving data
:> > from unknown origins, shouldn't e-mail have the same restrictions and
:> > safety precautions that browsers have?
:> I use IE5/OE5 on Win2000. And most security settings in OE are inherited from IE.
:For
:> example, if I disabled ActiveX controls in IE and opened HTML post on news group,
:and that
:> message contains ActiveX control, that control won't be able to execute.
:>
:
:So, OK, what's the answer? I think we all agree that something like the
:"ILOVEYOU" virus will continue to happen in increasing frequency. How do
:you stop it? You can't keep arresting 14 year olds everytime this
:happens, you have to decide that security is important.
I detailed a fix for all .vbs based viruses in another message.
Basically it involves removing the .vbs file assocation (or if you
prefer, mapping it to a small program that explains the danger of
opening unknown attachments) If you still need access to .vbs files,
create a new file extension and map it to
C:\%windir%\System32\WScript.exe "%1" %*
There is really no downside to using this method. Using associate.exe
from the resource kit you can easily roll out the fix via login
scripts or whatever.
You might want to kill other windows scripting based files. I don't
have a full list on hand but I could make one up. You don't sacrifice
any features AND you're 100% safe.
That's my "Thank you Microsoft for screwing up e-mail" tip of the day.
------------------------------
From: Jeff Szarka <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Browsers and e-mail
Date: Sun, 07 May 2000 22:29:14 GMT
On 07 May 2000 14:01:55 -0600, Craig Kelley <[EMAIL PROTECTED]>
wrote:
:These companies like to make everything "easy" to do. Just plug it
:in, and email your attachments. I vote that we re-educate the users
:by stripping off all attachments on the SMTP servers...
Yes... Look for my new IPO in a year. "safe-email.com" Get attachments
sent there, scanned for safety and then sent to you. (I'm not really
gonna do this but... if someone copies me.. at least let me in on some
profit, I could probably live happily on 1Mil invested correctly er..
make it 2Mil)
:> 2. Get your sysadmin to distribute a little registry patch to make the
:> default action of a .vbs file to "Edit" instead of "Open". Have said patch
:> installed during a login script.
:
:Kludge.
:
:What if it had been a .exe? Would you still reccomend this action?
Then you're looking at your average trojan. Just filter out .exe
files. There is NO need to send them via e-mail. (pictures, sounds,
etc, I can understand)
------------------------------
From: Jeff Szarka <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
Date: Sun, 07 May 2000 22:31:42 GMT
On Sat, 06 May 2000 00:39:03 GMT, [EMAIL PROTECTED] (JEDIDIAH)
wrote:
:>How does OE think it knows better than the actual user? Because it
:>puts attachments only 2 clicks away? (after a warning message not to
:
: A Unix mail client can put attachements 0 clicks away.
Outlook should offer this also. If it's not released as an update very
soon I'll stop using Outlook.
------------------------------
From: "Otto" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Let's POLL!
Date: Sun, 07 May 2000 22:53:48 GMT
"Charlie Ebert" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
Let me just say that,
Just because some 12 year old kid launches a VB script virus,
and YOUR company ingests this virus, should the employee's
who have double clicked our the attachment using YOUR companies
OUTLOOK EXPRESS be disciplined?
{That depends on the company's policy}
Why do you figure that corporations establish policies
such as these? Don't they realize that someday, someone,
will indeed take this to court and challenge this.
Do corporate institutions think they can WIN in a situation
where THEY gave the employee in question the power to
EXECUTE a virus from the software the corporation provided to
ALL their employee's, trained or NOT.,
{The computers are company properties, the company has the right to set
policies the way it sees practical}
Is it intelligent for a company to have a policy, where by,
it is forbidden to click on any E-mail attachments?
{Yes, however those attachment can be filtered out to prevent "temptations"}
Is it intelligent for a company to DRILL your systems administrator
for allowing the virus to come into your company, even though there is
NOTHING he can really do about it!
{If the company allows attachments within email, then it's useless to blame
the SAs}
Does it make any sense to continue to blame the 12 year old
who wrote the script and sent it out via an E-mail to drop
½ the Microsoft equipped corporations around the world?
Shouldn't we make it a policy within the United States to
EXPECT terrorist actions from within and abroad based on
past actions, example, OKC? Does it make sense to you
that corporations such as defense contractors will put
up huge concrete barricades, and hire guards equipped with
bomb sniffing dogs yet continue to allow Microsoft in their
offices as the mainstay of their E-mail handling clients?
{Any system can be exploited, some easier than others}
Have you heard someone within your organization BLAME the
problem we've just experienced with the ILOVEYOU virus on
the fact that the operating system was connected to the
internet in the first place? Does this kind of explanation
logic seem flawed to you in any way?
{No, but disconnecting the network from the Internet doesn't guarantee a
virus free environment}
Wouldn't it be MORE intelligent to run an OS such as LINUX
,where by, employee's could click on A script or .exe and
have nothing happen as it WON'T run it! They can look at it
but it won't trash out their corporate world then E-mail
the rest of the world with a copy of itself?
{What we would, could, should use as an OS has little to do with viruses}
How many people have you met who still don't seem to understand that
Microsoft operating systems are based on a
nearly 20 year old tradition of a stand alone P.C. Concept?
That security was never an issue for Microsoft? Do you now
understand why Microsoft says security isn't an issue with
Windows?
{Operating systems aren't secure in themselves, it is the Admin who needs
set up the security policy. Any OS can be hacked and with the exception of
MS OS, it is the Admin's fault when it happens.}
Otto
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
