Linked by Kroc Camen on Sat 17th Oct 2009 05:27 UTC
Microsoft Whilst it's not okay in Microsoft's eyes for Google to install a plugin into Internet Explorer, increasing the potential surface area of attack, when Microsoft do it to Firefox, it's a different matter. Now a security hole has been found in a plugin that Microsoft have been silently installing into Firefox.
Thread beginning with comment 389995
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[6]: Opt-in
by moondevil on Mon 19th Oct 2009 09:26 UTC in reply to "RE[5]: Opt-in"
moondevil
Member since:
2005-07-08

Well for starts they can wipe out your data. That's all.

As soon as you get a compromissed programm with a live network connection, the process has the same rights as the user that started it. Now whatever is running inside that process, read "injected code", can do whatever that user can do.

If the specific user can wipe out files, than you can say goodbye to all you Amiga 500 files, that have the same user as owner. Or maybe the program will upload data from your files, who knows.

Reply Parent Score: 1

RE[7]: Opt-in
by mrAmiga500 on Mon 19th Oct 2009 14:59 in reply to "RE[6]: Opt-in"
mrAmiga500 Member since:
2009-03-20

Well for starts they can wipe out your data. That's all.

As soon as you get a compromissed programm with a live network connection, the process has the same rights as the user that started it. Now whatever is running inside that process, read "injected code", can do whatever that user can do.

If the specific user can wipe out files, than you can say goodbye to all you Amiga 500 files, that have the same user as owner. Or maybe the program will upload data from your files, who knows.


No, they can't wipe all my data. You're thinking "too modern". The Amiga OS doesn't have built in support for remote execution of programs or processes. It doesn't have users, owners or rights. It doesn't have a built in file server. There is no way someone could see my files, let alone execute, upload or delete one.

I don't use any security at all and I feel supremely safe. (...until somebody can prove otherwise ;) )

Edited 2009-10-19 15:01 UTC

Reply Parent Score: 0