RE: Spyware becomes increasingly malicious

Mailman List Mirror (Read Only)
1

John Underhill wrote:
[snip long post]

One of the best posts I have seen in a long time; thanks, John.

So the question remains, what do we do about it?

That's where it gets tough. Let's begin with what we can't do about it:

- Declare that using IE is illegal. This literally takes an act of
congress. And, it would be almost impossible to enforce. Anyway, let's
pretend for a moment that congress does outlaw IE _and_ can enforce it,
it still does not do us much good: whoever will replace Microsoft on the
marketplace will quickly become very much like Microsoft because the
market demands it. We (citizens of the world) have Microsoft because,
short of wanting Microsoft itself we collectively wanted what Microsoft
makes the way they make it, which comes at a price.

- Make IE safe. The nature of the beast is that it can't be: it would
require a tremendous reduction in features, which in turn will drive the
market towards a more featured browser, which will be unsafe. Kind of
the same argument as above.

- In exchange for his life, appoint Saddam Hussein to rid us of spyware
writers. As he's on a roll, let's put spammers in the deal, too. The guy
has a proven track record, problem is most of us live in a society that
oppose his methods, so this does not fly.

- Hire a large number of the brilliant minds that read this list to
write a counter-spyware solution that target the spyware writers. This
does not fly either, because the battlefield is not level: we would
target a limited and hard-to-find group of hijacking experts, that in
turn have the entire world population of dumb users and unsecure
browsers to play with.

So, as it appears to me we can't solve for good hunger in the world,
peace in the middle east, and the spyware problem.

John Underhill wrote:
So the question remains, what do we do about it?

Save for legislative and/or legal action (that we do not do here), I'm
afraid that the only thing we can do in here is to blackhole, and do it
right. I don't like it much, but I have not heard any other suggestions
so far.

Michel.

2

-:slight_smile:
Excellent!

3

Can we call Godwin out on this comment?

Guys, girls, etc. This whole "MacOS is based on BSD which has been looked at
for years" discussion is actaully quite silly. Why? Because the majority of the
code in MacOS X which would be abused is not going to be BSD based.
A bug in cat? tar? sed? No. It'll be a bug in Mail.app, how it ties into
the Helper app, possibly Finder.app and Applescript. It'll be some image overflow
in Safari, via Khtml and Aqua's rendering engine. It'll be something that
Is Very Not Going To Ever Have Been A Part of What You Call BSD.

So, I call crapola on that argument, and invoke a Godwin-for-21st-century based on
the above comment. Lets move on.

Adrian