[Coco] Re: OS Vulnerabilities (Was: Paypal )
James Ross
jr at webross.com
Sat Feb 28 00:28:24 EST 2004
John E. Malmberg wrote:
>Some OSes like OpenVMS/UNIX/LINUX require that the program be run by a
>privileged user to cause that type of problem.
Just because a person is an administrator of their computer does not
necessarily mean the applications / drivers could not contain a
Trojan. Since RPM's are convenient, any admin installing from them is
just as venerable and as Windows user, especially from an unknown
source.
>1. Cookie exploit.
I do not believe this is possible for http://server1/ to read
http://server2/ cookies with today's mainstream browsers is it?
>But if your e-mail client will open external pictures automatically
I have yet to get a no kidding virus from either Outlook or Outlook
Express from displaying pics. Of course executables/scripts are out
of question, but graphics? If that is ture I would like to read about
it.
>2. Script exploit.
With all the Internet mesh-mash of technologies, no doubt that there
are still wide-open holes. And that is a security risk.
I still blame the OS. If and when a modern OS is devised, it should
be practically indestructible and give control to the PC owner and not
the programmer / engineer of the software.
It is easy to render your OS useless
why is this possible? Bad
design.
JR
More information about the Coco
mailing list