
Jeff Weinstein wrote:
I think that you may have to rethink some of your assumptions that were valid back when you designed the system, but are no longer given the current growth and changing demographics of the internet.
This is all getting unnecessarily complicated. As I pointed out in another post ("FV's blatant double standards") NO SYSTEM FOR SECURITY IS SAFE when one allows for recipient compromise, i.e. privileged access to a recipient's system by a malicious program.
I'd really like to see some effort spent on closing some of the more gaping holes in the underlying systems. Why should it be so easy for one program to snoop on the keystrokes directed to another?
Easy or difficult is not the point. In DOS it's possible for any program, in Unix only for those with root access. Security fails when it is not possible to make a distinctionbetween a program that _should_ have access and one that _shouldn't_. Anyone who's tried to teach novice DOS users what to do when one of those anti-virus TSR tools complains that something is doing something it shouldn't will know how hard it is for _users_ to guard themselves.
Why should it be so easy for a program downloaded from the net to patch a part of the operating system?
I would think that most viruses are transmitted by floppy disk, even now, or by programs _intentionally_ downloaded and _intended_ to patch the OS (such as a screen blanker). The possibility of mass net-based creepy-crawlies has been remote due to the uniquely multi-platform nature if Internet protocols; they're Unix-based, but end-users have PCs. Only metaplatforms such as Java, perlCCI, Telescript could change this. Rishab ---------------------------------------------------------------------- The Indian Techonomist - newsletter on India's information industry http://dxm.org/techonomist/ rishab@dxm.org Editor and publisher: Rishab Aiyer Ghosh rishab@arbornet.org Vox +91 11 6853410; 3760335; H 34 C Saket, New Delhi 110017, INDIA