Re: Hypothetical design question

["Greenarrow 1" <Greenarrow1 () msn com>]

I have been reading all the posts, inre:  Hypothetical design question.

It seems to me to be almost equally proportioned as to where the security
break occurs.  Mail client, OS, programmer, IT personnel or user.  The
crossover has occurred as I have received examples of the threat now on
Linux machines as another variant which points towards not being OS
confined.

Instead of placing responsibility on others why isnt there any points
towards overlapping amongst all involved.  Ie, email client towards coding,
OS, programmers and IT towards developing interlaced programs and finally a
mass media blitz towards all users (ie, newspapers, TV, radio, Isp's, all
connection medias).  One point to make is no matter how secure ones makes
the program if the individual user does not have the knowledge to enforce or
use such program it is worthless. Eradicating attachments and zip files is
about as impossible as getting rid of spam.  Adding more security functions
to the OS while being a supported idea lacks the fundamentals of anyone
using them.

In my field I get to see and talk to users (from corporate IT's down to the
unknown small home user).  Until there is a full educational advancement
towards teaching all users the importance of a secured environment no matter
what programmers, IT departments or OS makers do there will be a continous
threat towards the internet.

All this talk of better securing programs still lacks the basic fundamental
of educating the common user and until this is accomplished it will not
succeed.  To make my point, babys are born and yes they learn by watching
and copying what others do, but to succeed in life they also mush have
educational teachings, schooling, whatever to survive in the world. If the
parent(s) do not point the child towards this the child only learns the
basic teachings of the parent.  This is also true on the internet or of
owning a computer.


Regards,
George
Greenarrow1
InNetInvestigations-Forensics


----- Original Message -----
From: "Kenneth R. van Wyk" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, January 27, 2004 1:38 PM
Subject: [SC-L] Hypothetical design question

> It's been a quiet day here on SC-L -- most likely, many of us are busy
> blocking or deleting copies of the mydoom worm that's floating around...
>
> So here's a hypothetical but topical situation to consider.  Say you're
> fed up
> with the email client that's installed throughout your company because it
> seems to provide little more than a virus/worm petri dish.  So, you decide
> to
> design (yet another) alternative email client that will help alleviate at
> least some of the problems in the current one.  However, you realize that
> there's an uphill challenge -- like trying to put whipped cream back into
> a
> can, the user community has grown very fond of some of the very features
> that
> viruses and worms thrive on (e.g., file attachments that can be executed
> with
> a single/double click of a mouse) and you're going to pretty much be
> forced
> to somehow design something that keeps the users happy as well as improves
> the state of email security.  (Note that I am NOT referring to spam email;
> I'm only talking about email borne outbound viruses and worms.)
>
> Can it be done?  What sort of design features would you put into the
> application to help prevent the system from being used to propagate
> viruses
> -- e.g., compartmentalizing or sandboxing the execution of attachments
> such
> that they have no network or file resources?  What sort of design/feature
> trade-offs would you think need to be made?
>
> In other words, could an email client be designed and implemented that
> would
> satisfy both the users and the security requirements?  Or, is the problem
> too
> difficult without sacrificing some functionality?
>
> Oh, and FWIW, when single-click executable attachments first started
> appearing
> in email clients, I vividly recall several people in the anti-virus
> community
> claiming that the "house of cards" would come tumbling down.  I think that
> that was something like 10 years ago...
>
> Cheers,
>
> Ken van Wyk
> --
> KRvW Associates, LLC
> http://www.KRvW.com