- TalkBack 29 of 54:
- Next »
- « Previous
- Thread View
- Flat View
- Windows and Spyware
-
I used to be a generic computer technician. But like all of my friends in this industry, the last two years have forced me to become a spyware-removal specialist. I'd estimate that a third to a half of my billable hours are spent searching for an removing spyware from customers' computers; and the spyware information pages on my site are now the most popular pages on the site, by far.
What always occurs to me as I clean the slime out of someone's computer is how nearly all of this garbage could easily be prevented save for inherent "features" in Windows that invite malware into the system.
You assert that spyware doesn't exploit specific vulnerabilities in Windows. I assert that spyware exploits the general lack of security that permeates Windows and its included components, especially IE.
Windows was designed to make computing accessible to idiots; and because of that, a great many extensibility "features" were built into the system. These "features" are little short of a red carpet rolled out for hackers, crackers, script kiddies, and now, spyware publishers.
For example, Browser Helper Objects, ActiveX components, and other "customizations" allow those with the required skills to splice their applications directly into Windows (since IE is really just an extension of the file manager, when you get right down to it).
Properly setting the security settings in "Internet Options" will prevent some spyware from installing (or will at least prompt the user first), but it's not all that hard for spyware programmers to include code to change these settings, since in Windows, everyone is an administrator by default.
Another Windows vulnerability that is frequently exploited is the way the Windows deals with the issue of shared dll's, the Registry, and other essential system files. A more secure alternative would be to make the system directories and the bulk of the Registry off-limits to third-party programs. Require applications to come with their own application-specific libraries, in their own directories, rather than allowing them to modify or add to the system directories.
Another glaring fault in Windows is that everyone is an administrator by default. Because of this unhappy tradition, many applications won't even run in a limited user profile. Compare this to Linux. Even a neophyte Linux user knows that the first thing you do after installing Linux is to establish a non-root user account for yourself. You never log in as root unless you need to, and you never, ever log onto the Internet as root unless you have a very, very good reason for doing so. Accordingly, Linux apps are written to run well in what Windows would call "limited" profiles, once they are installed by root.
To some extent, NT/2K/XP users can duplicate this environment by assigning themselves limited accounts for day-to-day use (something I always encourage my customers to try, at least); but it's an imperfect solution. Many apps break when they're run in a limited profile. Most of these can be fixed by isolating the offending file(s) and modifying permissions, making Registry changes, etc.; but this is way beyond what most users know how to do.
How much better it would be if apps were designed from the start to be installable only by an administrator, but to work properly in a limited profile.
You mention that spyware-removal apps only work on Windows machines. Frankly, I'm not aware of any commercial spyware written for any other platform, and it's not only because of the ubiquity of Windows. It's also because it would be a lot harder to write spyware that would install on more secure platforms. - Posted by: RichardM_z Posted on: 06/04/04 You are currently: a Guest | Members login | Terms of Use
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now
- Open Standards Technologies Provide the Ingredients for Delivering Security Across the Papa Gino's Enterprise Dell Papa Gino's Holdings Corporation founded by the entrepreneur operates one ... Download Now
- Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
Enterprise Applications
- Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
- New Online Dashboard
-
- Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline
-
