On Tue, Nov 18, 2003 at 12:38:47PM -0800 or thereabouts, Alan wrote: > > So, how about changing the operating system to allow or even encourage > > such behaviour? "Sure, just run anything, it's safe. If it's a virus, > > operating system clearly warns about it." > > Starting ssh would look something like: [snip] > Starting malware would look like: > - hey, I see a bind() call on port 22222 > - is /home/alan/tmp/blah.bin with fingerprint [hash] allowed to do > this? > - I don't see blah.bin in my allowed apps, log it and prompt the user > (or) > - is port 22222 a port that this systems security policy allows binding > to? > - nope the action for undetermined bind()s is [prompt/deny], log it > and prompt the user or deny. Ssh is an excellent example. Recognise this? @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is [snip] Admit it. How many of us stop and check this out every single time? And we're back to "if you give someone a choice, there is a chance they will do the non-safe thing".. Unless I am missing something from the original URL? Telsa _______________________________________________ gnome-list mailing list gnome-list@xxxxxxxxx http://mail.gnome.org/mailman/listinfo/gnome-list
