Knock, Knock, Knock

Knock, Knock, Knock
Kelly Martin, 2004-02-20

If hundreds of thousands of people are still blindly clicking on attachments in their email, is there any hope of mitigating the threat of hundreds of thousands of compromised systems with open backdoors?

Expand all | Post comment

Knock, Knock, Knock 2004-02-20
Dmitriy (1 replies)

Knock, Knock, Knock 2004-02-24
Keith (4 replies)

Knock, Knock, Knock 2004-02-26
Anonymous

Knock, Knock, Knock 2004-02-27
Farzad

Knock, Knock, Knock 2004-03-01
Anonymous

Knock, Knock, Knock 2004-03-01
www.mobasoft.com

Knock, Knock, Knock 2004-02-20
Anonymous (2 replies)

Knock, Knock, Knock 2004-02-25
Anonymous (1 replies)

Hmm you mention skipping html to avoid buffer overflows? well adding another element will certainly increase the probability of buffer overruns, but HTML in itself is not more likely to contain buffer overflows than MIME is.. Often buffer overflows have been found in From:, To:, Date: fields etc.

In my opinion the only way to make systems more secure is to encapsulate the system more. It will for sure be slower, but you gain control by virtually controling everything in a sandbox before executing. Stack-guards can easily be implemented etc. Stupid users can be avoided, but their actions can be handled...

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/221/25186#25186

HTML/MIME vulnerability (and avoidance) 2004-02-26
Anonymous

Knock, Knock, Knock 2004-03-03
Anonymous

Knock, Knock, Knock 2004-02-21
Anonymous

Ok Double Sided Swords 2004-02-21
Anonymous

Knock, Knock, Knock 2004-02-24
Jack (1 replies)

Knock, Knock, Knock 2004-02-28
Anonymous

Knock, Knock, Knock 2004-02-25
Anonymous

Knock, Knock, Knock 2004-02-26
fndude@hotmail.com

Knock, Knock, Knock 2004-02-27
Anonymous

Pretty easy solution 2004-02-27
Potato Head

Knock, Knock, Knock 2004-03-01
Robert Townley