Re: Virus free desktop

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Nov 18, 2003 at 12:38:47PM -0800 or thereabouts, Alan wrote:
> > So, how about changing the operating system to allow or even encourage
> > such behaviour? "Sure, just run anything, it's safe. If it's a virus,
> > operating system clearly warns about it."
> 
> Starting ssh would look something like:
[snip]
> Starting malware would look like:
>  - hey, I see a bind() call on port 22222
>  - is /home/alan/tmp/blah.bin with fingerprint [hash] allowed to do
>    this?
>  - I don't see blah.bin in my allowed apps, log it and prompt the user
>   (or)
>  - is port 22222 a port that this systems security policy allows binding
>    to?
>  - nope the action for undetermined bind()s is [prompt/deny], log it 
> and prompt the user or deny.

Ssh is an excellent example. Recognise this?

  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
  Someone could be eavesdropping on you right now (man-in-the-middle attack)!
  It is also possible that the RSA host key has just been changed.
  The fingerprint for the RSA key sent by the remote host is
  [snip]

Admit it. How many of us stop and check this out every single time?

And we're back to "if you give someone a choice, there is a chance
they will do the non-safe thing"..

Unless I am missing something from the original URL?

Telsa

_______________________________________________
gnome-list mailing list
gnome-list@xxxxxxxxx
http://mail.gnome.org/mailman/listinfo/gnome-list

[Index of Archives]     [Fedora Desktop]     [Trinity Users]     [KDE]     [Gimp]     [Yosemite News]

  Powered by Linux