>In addition to modeling the level of authentication needed, I've been
>thinking that it might also be important to note how much user/victim
>participation is required for activation of the exploit, i.e. whether
>the issue can be automatically exploited by normal user activity
>(e.g. by simply reading an email message) or whether there's some
>social engineering involved. However, I haven't put much thought into
>terminology for this besides:
>
> - automatic: exploit is automatically activated as a result of
> normal usage of the product
>
>
I call this class "worms", or more grammatically a class of remote
vulnerabilities subject to worm attack. where the malware can propagate
unassisted.
> - complicit: requires some victim participation or inaction
>
>
I call this class "viruses, same grammar hack as above. These require
the victim to click on something, or such like, before the malware can
propagate.
> - opportunistic: can not really control when, or if, the victim
> activates the exploit
>
>
I'm having a hard time seeing the difference between "complicit" and
"opportunistic".
>In addition to modeling the level of authentication needed, I've been
>thinking that it might also be important to note how much user/victim
>participation is required for activation of the exploit, i.e. whether
>the issue can be automatically exploited by normal user activity
>(e.g. by simply reading an email message) or whether there's some
>social engineering involved. However, I haven't put much thought into
>terminology for this besides:
>
> - automatic: exploit is automatically activated as a result of
> normal usage of the product
>
>
I call this class "worms", or more grammatically a class of remote
vulnerabilities subject to worm attack. where the malware can propagate
unassisted.
> - complicit: requires some victim participation or inaction
>
>
I call this class "viruses, same grammar hack as above. These require
the victim to click on something, or such like, before the malware can
propagate.
> - opportunistic: can not really control when, or if, the victim
> activates the exploit
>
>
I'm having a hard time seeing the difference between "complicit" and
"opportunistic".
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
[ reply ]