let's torture and kill virus writers

[jcallen at narsil.com (Jerry Callen)]

Derek Martin wrote:

> I think it boils down to people in general are not security
> paranoid nearly enough. 

Amen, brethren! But, as you point out, they just don't know HOW to be
appropriately paranoid. Heck, I'm reasonably techy, and I don't trust
MY OWN judgement half the time.

That's why (as many people have pointed out) this stuff should ALWAYS
come configured for maximum security/minimum convenience by default.

>  The majority of the latest rash of viruses exploit weaknesses in MS
> Office and related products.  The answer to plugging up this hole is to
> get people to STOP USING OFFICE.  Who the hell needs a 1.7MB word
> attachment that boils down to a 20k ASCII text file anyway?

Well, I'll play devil's advocate.

In a business setting, formatting matters. For better or worse, it 
gives your clients warm fuzzies if they see a consistent look and feel
out of a vendor. It's silly for me (at branch office A) to spend a lot
of time preparing a document for a prospect and then BLOW AWAY all the
formatting when I send it branch office B for recycling with a new 
client.

Further, there may be an Excel spreadsheet tucked into the document,
which can be tweaked on a per-client basis to reflect differing 
discount rates, etc. 

Similarly, Word has a feature for change tracking that is very handy 
when you are negotiating a contract. The changes I make are marked on
the copy I send to the other party; if they agree, they accept the 
changes. There's a nice, coherent record of how each side alters the 
document on each cycle.

This is actually USEFUL, not just glitz. You can TRY to tell your
suits that these aren't useful; they won't believe you, and THEY ARE
RIGHT.

The solution, as I see it, is strong authentication and encryption.
If I am SURE (thanks to a digital signature) that an attachment comes
from someone I trust, then I can open the document in confidence. But
there is a convenience cost here; it just won't do to have the 
signature generated automatically on outgoing message, because then 
a rogue program can forge the signature. The user HAS to type in a
passphrase FOR EVERY OUTGOING ATTACHMENT. Are people willing to do this?
Maybe they are, after they've lost their files once to a virus.

This authentication thang is, IMHO, the big change that has to happen
for the Internet to become dramatically "safer" than it is now. It's
going to require a lot of infrastructure changes, and it's going to
take a long time, but it HAS to happen.

My $.02.

-- Jerry Callen
   jcallen at narsil.com


-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).