Preventing the next MyDoom (fwd)
D. Hugh Redelmeier
hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org
Wed Feb 18 00:53:10 UTC 2004
I sent the following letter to a local commercial newsletter.
I thought some TLUGgers might be interested.
---------- Forwarded message ----------
Date: Tue, 17 Feb 2004 19:50:22 -0500 (EST)
From: "D. Hugh Redelmeier" <hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org>
To: rdutt-baJCGVF0K2RfOZc0+OmrVg at public.gmane.org
cc: swexler-5fEA2WC4m+QrCQQS9T2b3QC/G2K4zDHf at public.gmane.org
Subject: Preventing the next MyDoom
I just read your column.
<http://www.integratedmar.com/connectit/story.cfm?item=375>
You seem to blame everyone for MyDoom except the maker of the
fundamental mistakes: Microsoft.
"opening" an attachment should not be a problem. It isn't a problem
on my computer (it runs LINUX). It is crazy to let opening a document
run potentially dangerous code.
Microsoft has made a whole bunch of decisions that leave its
customers open to attack. I'm not talking about bugs: all code has
bugs. I'm talking about design mistakes that were made years ago and
have not been fixed:
- Microsoft Excel, PowerPoint, Word, and so on allow embedded Visual
BASIC for Applications scripts. This turns what should be passive
documents into active threats. (This problem is wider than email
attachments.)
- "opening" a .exe file is interpreted as: please run this. This is a
crazy default for email attachments. Aside from the danger, it
probably makes no sense in the MS Windows environment where programs
generally have to be installed to be runnable.
As far as I can tell, the major use for freestanding .exe files is as
self-extracting archives. Surely this could be replaced by a
sensible archive file type (perhaps .zip). Then there would be
no reason to allow "opening" a .exe anywhere.
- There are many other extensions that are dangerous to "open" (eg.
.pif, .com). And Microsoft didn't even disclose all of them (eg.
.scr).
- Microsoft tools, by default, don't show the file extension. Combine
this with the fact that the user has to protect himself from some of
them (because Microsoft tools don't) and you are in a Catch 22
situation.
- As I understand it, in the past, Outlook used to "open" mail
attachments automatically to create thumbnails. Wow.
All these problems have been well known for a decade or more. And yet
Microsoft hasn't fixed them (except for the thumbnail problem).
Why are you not holding Microsoft accountable? Isn't it about time?
For related (but slightly different) view, look at this item from the
current issue of Crypto-Gram:
<http://www.schneier.com/crypto-gram-0402.html#8>
Bruce Schneier is a very well respected security expert. I recommend
subscribing to his free newsletter.
Hugh Redelmeier
hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org voice: +1 416 482-8253
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list