Rant 2006-04-03: and who is really wrong

Notes before reading:
*For an explanation on how this rant is organized, please: read this.
*This rant is NOT of my work; this is another of a colleague of mine. Apparently I started a trend in my company, jeje. It is posted in this thread and published here.
*The discussion is about an article that is about a new Internet Explorer vulnerability found which hacker use, luring people with excerpts of BBC news to a website that installs a keystroke logger in users computers.
-This is actually a reply to two posts of a user that goes by the name xuniL. Both posts are published here and here; I recommend you read them first because they are quite hillarious. They basically are very pro-Microsoft, talking about that the real issue here is not Internet Explorer (which is actually very useful and innovative) or trying to do silly and unproductive things like protecting the user's PC, but that the real issue and the ones to blame are the hackers which are actually doing the attacks… and much much more. Please, do read this posts: they make this rant even more entertaining.
-WMF is Windows Meta File, and were the cause of a very nasty Windows vulnerability about two months ago (more information about it here).
-:S is a disturbed smiley (see it bending you're head to your left).
-ZDNet is the News site in which this thread is posted.

I had a hard time deciding whether to sort all your lies alphabetically or or as they appear. Well, doesn't really matter.

1. “Let's say the bird flu starts to really spread. If you use the logic presented by the open sores zealots, you would just stay home where it's safe and never allow anyone over, is that it?” No, that's not it. Open Source would mean people would be vaccinated since birth and would provide antibodies for those who wouldn't. By the way, this same analogy was used gloriously by Microsoft when it advised users to stay away from Internet because of the WMF vulnerability.

2. “But the mentality of the open sores community seems to be each individual PC in the world should be able to protect itself and shun all attacks and spam and other sorts of malware.” That could not be more distant from the truth. There are numerous Open Source firewalls, virus scanners, etc., that scan for Windows flaws. I have one myself because I need a couple of Windows machines in a Mac/Linux environment. Such is life :S

3. “People forget the wonders you can do programming to IE on an intranet or the internet if it weren't for the attacks. Well, the smart thing to do is obvious. Stop the illegitimate traffic as close to it's sorce as possible to stop it from propogating the entire world and causing loss of productivity and that huge waste of bandwidth we could have back.”
First of all, what wonders? I can think of two basic “wonders”: VBScript ,which has already been deprecated by Microsoft; and ActiveX, needless to say, it's the prime point of entrance for malware. Or what? Any other reason why Microsoft promotes the use of ActiveX but blocks it by default? Oh, another thing: non-admin logins anyone?

4. “That (virus scanning at public routes) alone would free up massive amounts of bandwidth.” Well, all that “freed up” banwidth would translate into used processing power, to say the least. But even then, clients would be forced anyway into having something to defend, because NO SECUTIRY MEASURE CAN 100% PROTECT AGAINST PRESENT AND FUTURE VULNERABILITIES.

No quote here, just some thoughts:
Do you even know what malware is? I'll be kind enough to tell you: it's an exploit for a KNOWN vulnerability. Having antimalware programs in the first place means that such vulnerabilities are pretty much in the public domain, isn't it?

Many defenders use heuristics, which leads to a rhetoric question: wouldn't these heuristics help Microsoft know what in the world is wrong with it's programs?

By the way, 99% of exploit are OS-dependant, not hardware-dependant. So, if you hear casks, do you think horses or zebras?

Geez, I hope ZDNET starts asking for an IT degree (or SAT scores, for that matter) before letting people post this kind of bull.

No comments: