Worm bait?

[Seth Gordon]

On Thu, 2003-08-21 at 11:21, David Kramer wrote:
> 
> Absolutely right.  Most of the security problems with Windows are due to the 
> fact that users want Windows to just do what they want, often without having 
> to tell it explicitly.  When Aunt Bertha send pictures of her new pet iguana, 
> little Susie wants to just see the pictures, not have to add Aunt Bertha to a 
> whitelist and make sure that her current RBL's policies are inline with her 
> own.

Some friends of ours told us that they had never been able to get MSN
Messenger working on their Windows machines at home, because their home
firewall blocked ports that MSN Messenger needed.  It turned out that
the firewall *also* blocked the ports that W32.Blaster was using to
propagate itself, so they were spared.

Does MSN Messenger use DCOM?  What on earth for?  Is it reasonable for
us to expect users to know that choosing MSN Messenger over, say, AIM,
has security implications?

-- 
"A salesman who can close 50% of his prospects is God.  An engineer
who can make 90% of his bridges remain standing gets fired."  --Dale
Worley
// seth gordon // sethg at ropine.com // http://ropine.com/sethg/cv.html //