Linked by David Adams on Mon 6th Oct 2003 19:34 UTC
Bugs & Viruses It's an oft-repeated maxim that one of the reasons that Windows operating systems are plagued by so many viruses, worms, and security exploits is because they are so popular. Extrapolating on this, many have remarked that if Linux, MacOS, or other OSes become more popular, they will attract the attention of virus writers. That may be true, but the increased attention will not necessarily yield the same quantity of viruses and other exploits, says a Register article. Update: Rebuttal article.
Permalink for comment
To read all comments associated with this story, please click here.
Re: Marcus Sundman (IP: ---.kotikaista.weppi.fi)
by drsmithy on Tue 7th Oct 2003 04:38 UTC

Google is your friend.
The first hit is an introduction to the subject:
http://www.skyhunter.com/marcs/capabilityIntro/


Translation: dynamic ACLs.

This approach wouldn't work as it suffers from the big problem of dialog-box-overload. After about the first half-dozen annoying boxes that pop up during the simple process of sending an email, an end-user is either going to a) disable the system or b) simply start hitting "OK" as a matter of course without even readin the message. Indeed, were such a system to be implemented in Windows, I'd predict utilities available to automatically hit "OK" every time would be available within a week and be immensely popular.

And that's only on the desktop side. On the server side it'd be even less practical as the admin either has to sit there approving every operation or pre-define a set of allowable activities (thus removing the only advantage the system has - being dynamic).

Then there's the whole problem of deciding at which point to prompt for each capability. Is simply reading the disk suspicious ? How about writing to it ? Should any outgoing network connection require authorisation ? Is every file deletion going to require answering a half-dozen dialog boxes ? How about over a network share ?

Choice quote:
"Next, Melissa would have to ask you, "Can I have a direct connection to the Internet?" At this point only the most naive user would fail to realize that this email message, no matter how strong the claim that it came from a friend, is up to no good purpose. You would say "No!"

And that would be the end of all such viruses. No fuss, no muss. They would never rate a mention in the news."

The person who wrote this has either never dealt with end users, or is one of the most optimistic and idealistic individuals on the planet. I mean, do they seriously expect peope who can't set the clock on their VCR to even know what a "direct connect to the internet" even *is* ?

I also recommend reading "Capability Myths Demolished" available e.g. at http://zesty.ca/capmyths/

A quick read indicates that this document might address the myths listed and possibly even demolish them, but it doesn't address the problems that would be encountered in actual implementation.