Greg,
Am 16.02.2011 22:52, schrieb Greg Christopher:
> It's true also that text based configuration is really easy to attack. I
> actually saw a vendor showing off a simple batch script to add a host line to
> the hosts file, which redirected browsers to a different IP address for windows
> software updates. Of course from an access standpoint, it's not any more
> defended when the information is stored elsewhere but only accessible via an
> API. They still support the hosts file anyway, so that's not the issue.
well, most likely now the localhost resolving sits somehow in registry,
and if so I could then quickly hack a vbscript which does the same - so
manipulation is most likely equally easy ...
but on the other side lets think a bit about common behavior: isnt it
more the mis-behaviour of the windows users that they all work with
administrator rights (or switch-off ACL), and therefore are able to do
such manipulations form their normal user accout? And isnt this pretty
much same prob how all windows boxes get infected with viruses?
dont get me wrong - I *dont* say that we dont need to care about this
prob with c-ares, just thought that the trouble M$ gives us here now
with their latest OS is worth nothing ...
security is not implementable - its a discipline: windows users must
change their way they use their OS in order to get security, and the OS
is meanwhile prepared for this ... :-)
Gün.
Received on 2011-02-17