[Esd-l] ZIP scanning, take two (repost)
Peter Hanecak
hanecak at megaloman.com
Mon Feb 23 00:38:20 PST 2004
Hello,
On Mon, 23 Feb 2004, Snowy Angelique Maslov aka 'Snowpony' wrote:
[snip]
> I must admit I tend to get people to zip things to get through filters on most
> systems. However with the way Windows XP/2003 now handles zip files this
> technique is starting to have it's own security problems. :/ I'd say perhaps
[snip]
I start to see a loop here:
1) MS makes something "executable",
2) virus/worm/... takes advantage of it,
3) filtering software filters such things out
4) MS makes something else "executable",
5) ...
etc.
Maybe it's time to clearly separate executables (maybe also counting
buffer overflows) and data. A lot of people were saying this for a long
time but all major "solutions" we have for now is "Trusted Computing
Initiative" which is trying to be portrayed as solution but if we see say
how buffer overflows in some games on Xbox are used to run unsigned code
on that console ... well that leave us where we are today with one more
problem: What that "Trust" does mean? Something like "It's your computer
but we do not trust it so we propose this scheme which will enable us to
trust your computer which will betray you - its owner - as we wish".
Well ... in the long run I'm optimist: Something new and better will come
and prevail. :)
Sincerely
Peter
--
===================================================================
Peter Hanecak <hanecak at megaloman.com>
GPG pub.key: http://www.megaloman.com/gpg/hanecak-megaloman.txt
===================================================================
More information about the esd-l
mailing list