[Asrg] Bug, or Feature?
gep2@terabites.com Thu, 26 June 2003 19:59 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA18840 for <asrg-archive@odin.ietf.org>; Thu, 26 Jun 2003 15:59:01 -0400 (EDT)
Received: (from exim@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5QJwXg00780 for asrg-archive@odin.ietf.org; Thu, 26 Jun 2003 15:58:33 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19Vct7-0000CT-6X for asrg-web-archive@optimus.ietf.org; Thu, 26 Jun 2003 15:58:33 -0400
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA18784; Thu, 26 Jun 2003 15:58:30 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19Vcsc-0008Ky-5V; Thu, 26 Jun 2003 15:58:02 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19Vcro-0008Jk-3z for asrg@optimus.ietf.org; Thu, 26 Jun 2003 15:57:12 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA18682 for <asrg@ietf.org>; Thu, 26 Jun 2003 15:56:54 -0400 (EDT)
From: gep2@terabites.com
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Vcpx-0005Or-00 for asrg@ietf.org; Thu, 26 Jun 2003 15:55:17 -0400
Received: from h001.c000.snv.cp.net ([209.228.32.65] helo=c000.snv.cp.net) by ietf-mx with smtp (Exim 4.12) id 19Vcpn-0005Oc-00 for asrg@ietf.org; Thu, 26 Jun 2003 15:55:07 -0400
Received: (cpmta 14137 invoked from network); 26 Jun 2003 12:54:37 -0700
Received: from 12.239.18.238 (HELO WinProxy.anywhere) by smtp.terabites.com (209.228.32.65) with SMTP; 26 Jun 2003 12:54:37 -0700
X-Sent: 26 Jun 2003 19:54:37 GMT
Received: from 192.168.0.30 by 192.168.0.1 (WinProxy); Thu, 26 Jun 2003 14:53:51 -0600
Received: from 192.168.0.240 (unverified [192.168.0.240]) by nts1.terabites.com (EMWAC SMTPRS 0.83) with SMTP id <B0000024266@nts1.terabites.com>; Thu, 26 Jun 2003 15:21:19 -0500
Message-ID: <B0000024266@nts1.terabites.com>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
To: asrg@ietf.org
X-Mailer: SPRY Mail Version: 04.00.06.17
Content-Transfer-Encoding: 7bit
Subject: [Asrg] Bug, or Feature?
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Thu, 26 Jun 2003 15:21:19 -0500
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
> For example, is it a FEATURE of all mentioned windows OS's that any non-privileged program can add new .EXE files to the system directory and modify the registry such that those newly added programs autostart on boot? > Or is it a BUG which was exploited? And if it's a BUG is it odd that the same bug exists across all those releases, has it been known previously, why hasn't it been fixed in, apparently, over 7 years (Windows95 ... XP.) As much as you might not like to hear the answer... since this characteristic is found in all those releases, AND counted upon by large numbers of applications which would be broken if that characteristic were changed... clearly the item in question IS a "feature". Not all "features" are particularly well-considered. This is true for ALL software. (Sometimes it's more important which easily implemented features you LEAVE OUT than which ones you PUT IN.) The FACT remains, however, that restricting certain operations to "root-only" or "sysadmin-only" is really pretty meaningless on typical user-level Windows desktops, where (especially on home machines) there IS no root or sysadmin-level qualified/intelligent/wise authority which is more qualified to approve or deny such requests. As for rapidly getting out patches for SENDMAIL, I'll point out that many of the security weaknesses in Outlook and Outlook Express have been closed by patches that have been out for more than a year, and maybe TWO... but where many users haven't bothered to (or don't realize that they should) install those patches. Certificates attesting to the trustworthiness of incoming executable software are one approach, but typically not a good one especially given the large numbers of applications (freeware/shareware/etc) produced by trustworthy-but-small producers which cannot ante up the bucks for certificates. I still believe that a good alternative that is effective in the great majority of typical cases is to simply by default block unexpected attachments that arrive from unfamiliar. untrusted senders (and most especially if those are of risky/executable types). Gordon Peterson http://personal.terabites.com/ 1977-2002 Twenty-fifth anniversary year of Local Area Networking! Support the Anti-SPAM Amendment! Join at http://www.cauce.org/ 12/19/98: Partisan Republicans scornfully ignore the voters they "represent". 12/09/00: the date the Republican Party took down democracy in America. _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] Bug, or Feature? gep2
- Re: [Asrg] Bug, or Feature? Vernon Schryver
- Re: [Asrg] Bug, or Feature? Barry Shein
- Re: [Asrg] Bug, or Feature? mathew