Windows cannot really live without IE, too many things embed it. I have
just been playing with Macromedia Breeze and it obviously uses embedded IE
to talk to the Macromedia site in its powerpoint plugin.
Like it or not, the only way to unistall IE is to unistall Windows...
Hrm... doesn't sound like an awful idea ;)
On Mon, Mar 21, 2005 at 09:14:41PM -0800, Ranga Nathan wrote:
> Accessing inernet when you are logged on as administrator is like inviting
> AIDS (sorry, this sounds drastic but it is :) ).
> At home where I dont have too much security, I always log on as a common
> low-privilege user. while on internet. Using Mozilla is always wise.
> I can not believe that there is still no way to remove IE from Windows!!!!
> The worst nightmare is some casino site that attaches to IE like a leech!
> I even called those folks one day and they refuse to own up to anything!
> __________________________________________
> Ranga Nathan / CSG
> Systems Programmer - Specialist; Technical Services;
> BAX Global Inc. Irvine-California
> Tel: 714-442-7591 Fax: 714-442-2840
>
>
>
>
> Bob Rogers <rogers-pm5-CL3RCAQLznucvWdFBKKxig@xxxxxxxxxxxxxxxx>
>
> Sent by: boston-pm-bounces-PqP1ghmmPMdAfugRpC6u6w@xxxxxxxxxxxxxxxx
> 03/21/2005 07:03 PM
>
> To
> Ben Tilly <btilly-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx>
> cc
> boston-pm-aE07yma9hCw@xxxxxxxxxxxxxxxx, Ranga Nathan
> <RNathan-Q9JuGO1wi3AS+FvcfC7Uqw@xxxxxxxxxxxxxxxx>
> Subject
> Re: [Boston.pm] [getting OT] Controlling Windows with Perl?
>
>
>
>
>
>
> From: Ben Tilly <btilly-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx>
> Date: Mon, 21 Mar 2005 18:21:38 -0800
>
> And now that there is serious venture capital behind adware, some
> of the more difficult security exploits are getting hit hard. For
> instance
> I've heard that that internal Windows messages have *no* security
> infrastructure. Any application can send a message to any other
> application and there is no way for the recipient to figure out who the
> message is really from. (To exploit you have to send the right
> message to the right application when it is expecting to see a
> message that can be confused with yours.)
>
> That is correct. It is apparently easy to subvert apps such as
> antivirus that run as Administrator via their GUI, if they are foolish
> enough to present a GUI on a less-privileged desktop.
>
> But if you're using IE as your trojan horse, and you already have
> enough control over it to send messages to other app windows, then you
> have full access to the privs of the IE user, so why bother? Odds are
> it's a home system, and you won't even have to get Administrator privs
> in order to install adware, spyware, etc.
>
> A friend who supports a lot of small businesses is predicting that by
> the end of this year, Windows will essentially be unusable on the
> Internet. This seems extreme to me, but I don't keep track of these
> things, he does, and he has pretty good insight into the industry.
>
> It seems extreme to me, too, even if we were just talking about home
> systems. If I understand correctly, this window message thing is a
> fundamental design flaw in the older Windows APIs, but there is current
> technology that addresses the problem. Unfortunately, it is less
> convenient for users, so the trick will be to get vendors to switch to
> using it. But if it threatens to hit MS in their pocketbook, it will
> happen.
>
> But then, I do my best to ignore Windows, and have been largely
> successful at it, so I'm hardly an expert.
>
> -- Bob Rogers
> http://rgrjr.dyndns.org/
>
> _______________________________________________
> Boston-pm mailing list
> Boston-pm-PqP1ghmmPMdAfugRpC6u6w@xxxxxxxxxxxxxxxx
> http://mail.pm.org/mailman/listinfo/boston-pm
>
>
>
> _______________________________________________
> Boston-pm mailing list
> Boston-pm-PqP1ghmmPMdAfugRpC6u6w@xxxxxxxxxxxxxxxx
> http://mail.pm.org/mailman/listinfo/boston-pm
>
--
www.suave.net - Anthony Ball - ant-CWvJKW/e0ZpeoWH0uzbU5w@xxxxxxxxxxxxxxxx
OSB - http://rivendell.suave.net/Beer
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
"To find fault is easy; to do better may be difficult." - Plutarch
|
