IETF Logo Mail Archive

Re: [Asrg] Viruses

gep2@terabites.com Thu, 26 June 2003 18:30 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA13509 for <asrg-archive@odin.ietf.org>; Thu, 26 Jun 2003 14:30:00 -0400 (EDT)
Received: (from exim@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5PFjd723246 for asrg-archive@odin.ietf.org; Wed, 25 Jun 2003 11:45:39 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VCSl-00060u-Ss for asrg-web-archive@optimus.ietf.org; Wed, 25 Jun 2003 11:45:35 -0400
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA17244; Wed, 25 Jun 2003 11:45:30 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VCSB-0005R3-5b; Wed, 25 Jun 2003 11:44:59 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VByq-00089b-Qi for asrg@optimus.ietf.org; Wed, 25 Jun 2003 11:14:55 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA05122 for <asrg@ietf.org>; Tue, 24 Jun 2003 23:54:50 -0400 (EDT)
From: gep2@terabites.com
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19V1Mw-0001qf-00 for asrg@ietf.org; Tue, 24 Jun 2003 23:54:50 -0400
Received: from h000.c000.snv.cp.net ([209.228.32.64] helo=c000.snv.cp.net) by ietf-mx with smtp (Exim 4.12) id 19V1Ml-0001qa-00 for asrg@ietf.org; Tue, 24 Jun 2003 23:54:39 -0400
Received: (cpmta 12344 invoked from network); 24 Jun 2003 20:54:14 -0700
Received: from 12.239.18.238 (HELO WinProxy.anywhere) by smtp.terabites.com (209.228.32.64) with SMTP; 24 Jun 2003 20:54:14 -0700
X-Sent: 25 Jun 2003 03:54:14 GMT
Received: from 192.168.0.30 by 192.168.0.1 (WinProxy); Tue, 24 Jun 2003 22:54:13 -0600
Received: from 192.168.0.240 (unverified [192.168.0.240]) by nts1.terabites.com (EMWAC SMTPRS 0.83) with SMTP id <B0000024246@nts1.terabites.com>; Tue, 24 Jun 2003 23:21:36 -0500
Message-ID: <B0000024246@nts1.terabites.com>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] Viruses
To: Barry Shein <bzs@world.std.com>, gep2@terabites.com
Cc: asrg@ietf.org
In-Reply-To: <16120.53549.345766.701104@world.std.com>
X-Mailer: SPRY Mail Version: 04.00.06.17
Content-Transfer-Encoding: 7bit
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 24 Jun 2003 23:21:36 -0500
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

>No, there are actually specific weaknesses in the memory and
>protection model of windows operating systems which allow programs run
>by ordinary users without privileges to infect the machine with
>viruses.

Viruses and worms can easily enough propagate while operating without 
privileges.

The fact is that Sun, Linux, Mac, VMS, and other OSes (and apps running under 
those) also can be and have been subject to viruses too.  The main reason 
they're not infected more often is because Windows and its apps are more widely 
found, and thus a more appealing target for virus authors.

>Plus or minus the odd serious bug or misconfiguration operating
>systems such as unix, linux, VMS, MVS, TOPS-20 (going back 20+ years),
>etc are more or less immune to such problems. 

I guess you can claim that if you dismiss any vulnerability as an "odd serious 
bug".

OS/MVT had plenty of strong memory and protection features, but (like most ANY 
operating system) there were plenty of holes and vulnerabilities, too.  All 
systems have them;  most nontrivial applications do, too.

> This is because you generally have to first obtain super-user privilege to 
modify system software.

But you don't have to "modify system software" to become infected with a worm, 
virus, or trojan.

>This is really viruses 101.

The problem (here on THIS list at least) isn't viruses, it's the ability to 
install malicious programs that can aid and abet spammers.  That does NOT 
require system root rights.  

One of the things that's so appealing about the sender/recipient pair 
permissions lists is that the SAME mechanism works against BOTH spam AND 
viruses/worms/trojans.  And it doesn't require a special theoretical 
high-security operating system to achieve that.


Gordon Peterson                  http://personal.terabites.com/
1977-2002  Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment!  Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.



_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email