Tranquilizer darts help with that... On Wed, May 18, 2011 at 10:50 AM, John Cook <john.c...@pfsf.org> wrote:
> Big difference is that 'nix was created as more of a professional level OS > and Windows was created as a consumer product. It's pretty hard to "get the > cat back in the bag" once it's out. > > -----Original Message----- > From: Ben Scott [mailto:mailvor...@gmail.com] > Sent: Wednesday, May 18, 2011 1:36 PM > To: NT System Admin Issues > Subject: Re: Interesting news from Apple > > On Wed, May 18, 2011 at 12:25 PM, John Aldrich > <jaldr...@blueridgecarpet.com> wrote: > > Mostly I was thinking of the typical Windows type > > stuff where they trick you into downloading an EXE file and running it. > > Same thing can happen on Linux. And from the sound of the report, > that's what's hitting the Mac's. It's really just a social > engineering attack: Trick the user into downloading and running > malicious software. There's not much you can do to combat that, > except have the admins take away the ability for users to run > software. And that won't help home users who are their own admins. > > "There are seldom good technological solutions to behavioral > problems." (Ed Crowley) > > The one thing traditional *nix systems have going for them is that > it's easier to lock down the environment, since they've been doing > that pretty much from the start. Just mount /tmp and /home with > "noexec" and users can't execute anything they can write to. > > In the Windows world, you've got to deal with a fsckton of crappy > software that breaks in weird ways when you try this or other > nominally sensible things. And I include Windows itself in that. > Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK. It will still run > via several methods, such as the command line. So you either block > .LNK files from running -- breaking *all user shortcuts*, including > "Recent Documents" -- or you allow an obvious path for attackers. > Great job Microsoft. > > But that's not a security model thing, it's a crappy implementation > thing. You can work around it with enough time and money. And > someday Microsoft might fix their bugs, at least. Dealing with the > crappy third-party software... well, hopefully one has enough pull > with one's vendors to have them fix their bugs. > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > CONFIDENTIALITY STATEMENT: The information transmitted, or contained or > attached to or with this Notice is intended only for the person or entity to > which it is addressed and may contain Protected Health Information (PHI), > confidential and/or privileged material. Any review, transmission, > dissemination, or other use of, and taking any action in reliance upon this > information by persons or entities other than the intended recipient without > the express written consent of the sender are prohibited. This information > may be protected by the Health Insurance Portability and Accountability Act > of 1996 (HIPAA), and other Federal and Florida laws. Improper or > unauthorized use or disclosure of this information could result in civil > and/or criminal penalties. > Consider the environment. Please don't print this e-mail unless you really > need to. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
