Thread: Windows virus?

  1. #16
    Registered User
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    3,229
    To get a virus on Windows you must give permission for a file to run, download, etc. Opening an email that has a script in it is pretty much giving it permission. Even then Outlook will warn you and allow you to not allow the script to run. IE also has this feature where you can block scripts from running. And the beautiful thing about autorun is you can shut it off completely from the control panel. I personally have never experienced any issues with autorun and certainly would not put the blame on it for a virus entering my system.
    It's like the Outlook version of autorun. I am not famaliar with email scripting, but I though Javascript does not allow accessing local filesystems. Ah, unless it's ActiveX. Why is opening email giving it permission to run whatever's in the mail? By that logic, when opening a Word document, you can expect it to format your harddrive?

    Sure, you can disable autorun. But how would a Windows "newbie" like me know? Why not make it default to disabled? Ah, user friendliness, of course. How amazed would the user be when he inserts a usb drive and everything runs automatically?

    Again we are stuck on this autorun thing. Autorun has nothing to do with the problem. Autorun only runs when a .inf is present meaning you either installed the program in question, copied it piecemeal to your USB drive, or you inserted a CD/DVD.
    In Linux, I can confidently insert a USB stick from an unknown source containing whatever there is, and navigate in it, knowing that nothing will be run until I explicitly issue a command to run a binary or script on the drive.

    So in the end if you have a virus it's your fault. Blaming the OS won't help matters and it won't help you rid yourself of bad habits that allowed the virus in. Just take it as a learning experience and stop trying to blame the OS.
    Sure, I am blaming the OS. It just seems that you need to know a lot more about Windows to make it secure than you need to know about Linux to make it secure.

    You certainly have not produced any evidence to support your claims that it is the OS's fault you have a virus.
    Well, if autorun is not the default on a freshly installed XP, I wouldn't have that virus . It's a problem in the OS's design.

  2. #17
    Registered User
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    3,229
    I have an idea. How about someone famaliar with the ins and outs of Windows write a script that change the settings of Windows to make it secure for security conscious Windows newbies?

    And then people would just need to run the script on a fresh install, and have the settings set to sane defaults, just like a fresh Linux install.

  3. #18
    Lurking whiteflags's Avatar
    Join Date
    Apr 2006
    Location
    United States
    Posts
    9,613
    Well since the only thing you've mentioned is auto-run:
    http://www.annoyances.org/exec/show/article03-018

    Good source for whatever other annoyances you think of, but I think Bubba is on to something. Don't go blaming the OS for every bumdass mistake you make.

  4. #19
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Location
    Inside my computer
    Posts
    24,654
    I'm siding with Bubba on the autorun thingy.
    If we made a system all-secure, we wouldn't allow running ANY program at all. Clearly, that destroys the purpose of computers and user friendliness, as well (they would have to do everything themselves OMG).
    No sir, the problem is not a bug or a flaw, but rathera malicious attempt to attack your computer which you failed to thwart.
    One feature I like about Vista is that it pops up the autorun dialog whenever you insert something. It lets you select to run autorun or not. The reason I like is because maybe I don't want to run autorun everytime I insert something.

    There will always be viruses as long as there is executable code and it's as simple as that. If that's a flaw, then Linux is guilty, as well. It has nothing to do with OS vulnerability.
    You should always use a 3rd party security solution to prevent nastiness. This is true for any good (big) operating system.
    Microsoft churns out a lot of patches each month to patch holes. Are they not concerned about security then?

    Oh and, Vista's UAC was not an attempt at a root system like in Linux but to annoy users and force developers to design programs to run under limited accounts. They made it to break the habit of creating Admin-only programs that assume you have control everywhere.
    Perhaps it may evolve into a root system in the future, though. Who knows.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  5. #20
    Registered User
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    3,229
    I am certainly not saying Microsoft doesn't care about security. Just that it values user friendliness more.

    One feature I like about Vista is that it pops up the autorun dialog whenever you insert something. It lets you select to run autorun or not. The reason I like is because maybe I don't want to run autorun everytime I insert something.
    That, I think, is a good idea, along with the UAC thing. Microsoft is finally doing something about security.

    You should always use a 3rd party security solution to prevent nastiness. This is true for any good (big) operating system.
    Hmm, I think you are generalizing a bit too much here. AFAIK, Windows is the only OS that needs third party security programs. Since when have you seen Mac or Linux users install anti-virus? Sure, some people run anti-viruses on Linux servers, but that is to scan Windows viruses in user mailboxes and windows shares, to prevent virii from getting to Windows users.

    I guess Windows is too much for me to take. I will just go back to my trusty Linux. Practically, for home use, no one needs to even think about security on Linux. The defaults are sane and good enough. If not behind a NAT, perhaps spending 3 minutes configuring iptables to block incoming connections would be a good idea. But that's about it. If running a server, add automatic update to the list.

    I have switched to Linux about 4 years ago. I only keep my Windows installation for gaming now, and do all my serious work on Linux. It's a lot less "moody".

    This is just an office machine my dad threw at me to fix.

    Needless to say, I am inexperienced in Windows, so I guess it's all my fault that my Windows gets all kinds of nasty stuff.

  6. #21
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Location
    Inside my computer
    Posts
    24,654
    Quote Originally Posted by cyberfish View Post
    I am certainly not saying Microsoft doesn't care about security. Just that it values user friendliness more.
    I could agree somewhat with that.
    Microsoft have been known to value user friendlines over security at times... Although, I don't know if I'd classify Autorun as one such thing.

    Hmm, I think you are generalizing a bit too much here. AFAIK, Windows is the only OS that needs third party security programs. Since when have you seen Mac or Linux users install anti-virus? Sure, some people run anti-viruses on Linux servers, but that is to scan Windows viruses in user mailboxes and windows shares, to prevent virii from getting to Windows users.
    Well, maybe, but I'm just implying that any operating system can be infiltrated with viruses. Run too many executables from where you don't know where they came from, on any operating system, and you're bound to get infected.

    Needless to say, I am inexperienced in Windows, so I guess it's all my fault that my Windows gets all kinds of nasty stuff.

    Well, I guess there's some truth in that, too. Windows is too popular for its own good, which makes it so that you have to be careful in what you do and what you don't.
    Anyway, a good AV software that checks when executables are run will do wonders for security.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  7. #22
    Registered User
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    3,229
    Run too many executables from where you don't know where they came from, on any operating system, and you're bound to get infected.
    That is true. But the problem is whether they run with your permission or not. I classify autorun as the latter, but I see your point.

  8. #23
    Registered User
    Join Date
    Jul 2008
    Posts
    67
    Quote Originally Posted by cyberfish View Post
    I have an idea. How about someone famaliar with the ins and outs of Windows write a script that change the settings of Windows to make it secure for security conscious Windows newbies?

    And then people would just need to run the script on a fresh install, and have the settings set to sane defaults, just like a fresh Linux install.
    Maybe try this ...
    http://www.ntsvcfg.de/ntsvcfg_eng.html


    Greetz

  9. #24
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    It is perfectly possible to build a secure OS. Just require all executables to be certified by a third party agent. However, if MS suggests this, they would be immediately shot down by every developer that isn't paid by MS for restricting the ability to develop applications...

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

  10. #25
    Registered User
    Join Date
    Jul 2008
    Posts
    67
    Quote Originally Posted by Bubba View Post
    I'm not so sure they kept the core design from ages ago and from what I know they did quite a bit of restructure and refactor between 95, 98, and XP.
    The evidence ..., but psssst -> Top Secret!

    Vista src

    ...

  11. #26
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Ireland
    Posts
    8,446
    Gosh... how lamely old.
    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  12. #27
    Cat without Hat CornedBee's Avatar
    Join Date
    Apr 2003
    Posts
    8,895
    Quote Originally Posted by matsp View Post
    It is perfectly possible to build a secure OS. Just require all executables to be certified by a third party agent.
    That might work. Or not. After all, even certified applications can have bugs. Code injection through a buffer overflow in a data file? Well, you could require certification of every file in the operating system

    Take, for example, the Vista driver certification requirement. A company actually snuck a piggyback driver through the certification process - in other words, a driver that can load arbitrary other (uncertified) drivers.
    When the license was revoked, people went on to exploit a bug in some real driver to do exactly the same thing.

    Certification is no guarantee for quality.
    All the buzzt!
    CornedBee

    "There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
    - Flon's Law

  13. #28
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    Quote Originally Posted by CornedBee View Post
    That might work. Or not. After all, even certified applications can have bugs. Code injection through a buffer overflow in a data file? Well, you could require certification of every file in the operating system

    Take, for example, the Vista driver certification requirement. A company actually snuck a piggyback driver through the certification process - in other words, a driver that can load arbitrary other (uncertified) drivers.
    When the license was revoked, people went on to exploit a bug in some real driver to do exactly the same thing.

    Certification is no guarantee for quality.
    Good point, the certification would only be as good as the certification company makes it, and that could well allow arbitrary bugs and/or arbitrary holes in the security.

    However, my point was more to the extent that we do not necessarily WANT a system that only allows "approved" applications, because it makes developing applications really hard work, and it would probably make most open source applications disappear from that architecture, making that OS a dead-end in the evolution of software.

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

  14. #29
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Ireland
    Posts
    8,446
    I think I see your point, matsp... but that is the final killing blow on the whole certification process.

    Assuming Microsoft did a real check on submissions - instead of cursory checks with thin checklists as it apparently is been doing - "harder" would mean better quality. As it is however, the Microsoft Certification Process is nothing but hot air as it always has been.

    No company is required to certify their drivers, if they don't want to. So... where's exactly the pressure on Microsoft? On the other hand Microsoft could up their current standards and demand better quality for those makers who decided to go certified. The whole process currently is a waste of time and, worst, gives a false sense of security to those users who look at Microsoft Certified as a seal of quality (as advertised).

    Maybe Microsoft is on the hands of driver makers, as you seem to suggest. But I think it is the other way around; that the Certification Process is a stillborn still being rocked. It completely failed its objectives since day 1, except for maybe one... marketing.
    Last edited by Mario F.; 07-15-2008 at 07:47 AM.
    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  15. #30
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    Quote Originally Posted by Mario F. View Post
    I think I see your point, matsp... but that is the final killing blow on the whole certification process.

    Assuming Microsoft did a real check on submissions - instead of cursory checks with thin checklists as it apparently is been doing - "harder" would mean better quality. As it is however, the Microsoft Certification Process is nothing but hot air as it always has been.

    No company is required to certify their drivers, if they don't want to. So... where's exactly the pressure on Microsoft? On the other hand Microsoft could up their current standards and demand better quality for those makers who decided to go certified. The whole process currently is a waste of time and, worst, gives a false sense of security to those users who look at Microsoft Certified as a seal of quality (as advertised).

    Maybe Microsoft is on the hands of driver makers, as you seem to suggest. But I think it is the other way around; that the Certification Process is a stillborn still being rocked. It completely failed its objectives since day 1, except for maybe one... marketing.
    Having worked with said certification process for video drivers, I do agree to some extent, but saying that it's completely pointless is probably a slight exaggeration. No, it doesn't catch all potential problems (and I know the driver I worked with actually "cheated" the API that MS provided by passing function pointers from one driver component to another - and MS didn't spot that with their tests).

    But I do agree that it doesn't by far reveal all and every potential security hole in the system [I managed to fix some in our driver, because I randomly spotted "bad code" in our driver - not because the WHQL test showed them up].

    --
    Mats

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Trojan horse generic
    By crvenkapa in forum Tech Board
    Replies: 8
    Last Post: 06-04-2007, 08:49 PM
  2. how to make a windows application
    By crvenkapa in forum C++ Programming
    Replies: 3
    Last Post: 03-26-2007, 09:59 AM
  3. Question..
    By pode in forum Windows Programming
    Replies: 12
    Last Post: 12-19-2004, 07:05 PM
  4. IE 6 status bar
    By DavidP in forum Tech Board
    Replies: 15
    Last Post: 10-23-2002, 05:31 PM
  5. Manipulating the Windows Clipboard
    By Johno in forum Windows Programming
    Replies: 2
    Last Post: 10-01-2002, 09:37 AM