[194630] in North American Network Operators' Group
Re: Please run windows update now
daemon@ATHENA.MIT.EDU (J. Oquendo)
Mon May 15 17:48:24 2017
X-Original-To: nanog@nanog.org
Date: Mon, 15 May 2017 16:48:21 -0500
From: "J. Oquendo" <joquendo@e-fensive.net>
To: bzs@theworld.com
In-Reply-To: <22810.6035.234891.956277@gargle.gargle.HOWL>
Cc: North American Network Operators' Group <nanog@nanog.org>,
Rich Kulawiec <rsk@gsp.org>
Errors-To: nanog-bounces@nanog.org
On Mon, 15 May 2017, bzs@theworld.com wrote:
> Oh great a design review!
>
> Hello Valdis, I am Barry Shein. I've done decades of internals and
> kernel work.
>
> Ever use any Windows since about Vista? It throws up those warning
> pop-ups when you're about to do something it decides needs
> confirmation?
>
> That was almost certainly my invention.
>
> I described the idea on an anti-spam list and two Microsoft engineers
> contacted me to discuss whether this is feasible etc.
>
> Never got a thank you tho.
>
> >
> > How do you throw a pop-up warning for that? Pre-run it and see how many >
> > might get executed? And how do you tell that the sequence ends up destroying
> > the file rather than creating a new one?
>
> You count the number of destructive opens in the kernel and if it
> exceeds a threshold (for example) you stop it and pop up a warning.
>
> For example.
>
> As I said this is the sort of thing which is suitable for an end-user
> OS and no doubt annoying in a server OS.
>
*popcorn* ... What was the original thread about? Because
once upon a time as a proof of concept for "undetectable"
viruses on *nix, (was for a competition where I was not
allowed to be play post disclosure of PoC), anyway, I
created a really really bad mechanism to negatively
impact ALL BSDs, Solaris, Linux, it was *nix agnostic.
Bigger takeaway, malware/scumware/whateverware authors
target Windows because there are more users. For someone
dealing with security 24x7x365, I can state MS has come
a very long way from what they were, including dealing
with MSRC and other departments. Do you have any idea
how difficult it is to deal with certain *nix projects?
Freshmeat? Github, hobby...
Apples and oranges. And I CAN COUNT the number of
destructive opens read, and write on any nix system, so
perhaps we should kill this thread before it becomes:
my NetBSD toaster is better than your windows powered
refrigetor.
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM
"Where ignorance is our master, there is no possibility of
real peace" - Dalai Lama
0B23 595C F07C 6092 8AEB 074B FC83 7AF5 9D8A 4463
https://pgp.mit.edu/pks/lookup?op=get&search=0xFC837AF59D8A4463
