There is a most dangerous development in the spreading of spyware through RSS (Real Simple Syndication). Marketeers are looking at RSS (no spam complaints is a great bonus for them). Where marketeers go, ad- and spyware is soon to follow. Another possibilty is spreading spyware through a big hole in a big blogging service. If a spyware author finds a way to inject code into a blogging site, that can take the form of a SOAP object, every subscriber of the blog RSS feed can get infected. This would mean a gigantic attack.
Also the prediction that rootkits are gonna be adopted by spyware authors stands. It is just a matter of time.
I also foresee the use of rootkits in spyware. Rootkits can be very difficult to detect and remove. It seems inevitable that, because of this, scumware purveyors will incorporate them in their malware.
Go to this very interesting site. This lady Pani Joanna Rutkowska is making furore everywhere. She is a specialist on the hidden rootkit e.g. kernel rootkits. She has found a routine call which the rootkit cannot answer but buggy and come unhidden. That made her write the program flister. Go here to read about her tool : http://invisiblethings.org/tools.html I told Mark Loman of Hitman Pro 2.0 about this, and he is contemplating to add tools against rootkits in a next version, he told me. He is looking for a fitting tool for some time now, he remarked.
Polonus, I think I began to understand your concerns and this may be a stupid question but, at least about this threat, if we don’t use script, no matter they are RSS or HTML, they shouldn’t be terrible threats, should they?
They are a threat because if there is embedded script, it can open up to other malware, or be malware itself. RSS is something that you load as a newsfeed. The number of infections in one go could be enormous. Think of something in between html and with the autonomous functionality of the e-mail attachment. Very difficult to keep in secure. Were marketeers go, because with RSS you have less complaints, ad- and spyware tend to follow, the virus factory is next. Read this article: http://www.marketingstudies.net/blogs/rss/archive/000421.html Don’t you agree that this is a coming threat, or don’t you? It is not the actual malware, it is the instantaneous scale of infection, all these newsfeed or blogfeed readers loading this crap at one go. And it can be slow-burn, so you would not even notice.
I don’t argue against that, sociologically, RSS could be a threat in the near-future.
However, how dangerous is it technically? Can’t we avoid the threat by simply turning off java script of our RSS readers in the same manner we do with our browsers? In fact, my browser (with java off) seems to be able to read RSS.
There is a twofold answer to that. There could be a solution in the way of new safer protocols. E.g good safe protocol that checks, no more spoof, safe scripting. The other solution is another OS. Building a browser that has access to all of the system like Microsofts was unsafe from the start, ActiveX was unsafe from the start for the same reason. Now they are seeing that “click and go” does not work in the long run. Then there is closed software which makes it buggy a priori, because "third"parties do not know where to begin to protect, and what is going on actually. But we have this situation as it is at our hands, of course if computers only worked with RTF (rich text format), we would not have these problems, and not even this forum, I guess.
RSS and all types of newsreaders are a real danger, yes. Why the humans can’t resist when some new lovely toy appears? There is no reason to check for our cookies rules and other complicated settings if we fall every day in the same errors! :-\ A safe and easy way to prevent a lot of damages is: 1- Set Windows in order to open all strange files in text mode; 2- Set the option to show always the complete extensions of the files.
You seem to be still talking of bigger picture somehow. : the end of the anonymity on the net and open-source developments.
I think ending the net anonymity is not a job for average users but choosing open-source apps is not that difficult. In fact, the recent popularity of Firefox is a good sign. Of course, FF is not perfect but it has less severe vulnerabilities than IE has and, with java off, it’s quite safe…not safer than Lynx but it’s a better compromise.
Even for RSS, I think there should be some ways to avoid the threat since FF is already one of well-known RSS readers as well. If IE 7 fails, I don’t think it is necessarily a bad thing especially if Microsoft is to face the change of their development philosophy. People may also go for alternatives such as open-source in business and take Mictosoft products just for leisure or entertainment.
Of course, the very nature of the anonymity on the net is a real threat considering how much our society relies on it, but, as you wrote, this is how the net started and it is tough to change it.
Kamulko!
I am already practicing your rule #2 but, I don’t know how to do your rule #1. I know email apps and a text browser but don’t know if there is RSS reader, which allows me to do this option. Or do you mean I can do this through Windows setting? ???
If IE 7 fails, I don't think it is necessarily a bad thing especially if Microsoft is to face the change of their development philosophy.
If IE7 is still in integral part of the OS (even with new and improved security, just like IE6 SP2), which it probably will, then it is still in the same position as IE6, when you have compromised the browser you have compromised the OS.
We will have to wait and see what new and improved security measures IE7 brings to the table, but I doubt it will woo me away from firefox.
I agree. I’m not a specialist but even common sense tells me that it is better to use apps which are not integrated to the system when dealing with information on the net. Windows should not be that dangerous if it were not integrated with IE, OE, and MSN messenger.
Apps which allow users to reduce the functions depending on the demands are also desirable. Most of the web sites and email messages have good enough information in text for me and probably to the most of people. Simple sites are often informative and easier to browse, too.
Probably, one of the most important skills for modern mankind is to judge what kind of information is necessary for ourselves and not for the other anonymous imposters.
While I am writing this, (probably because I wrote about Mycroft in another thread…) I remembered Holmes telling to Dr. Watson that he tries to forget even the Copernican theory since the knowledge is unpractical and unimportant. Of course, Doyle must have intended humour in describing the eccentric character (I have to note that I tend to find humour where some Sherlockian find heroism, though.) but seeing ad-fiesta and con-game-ish phishing e-mails on the net, I began to think that his “philosophy” has something to do with our modern lives. At least, Holmes’ eccentricity is free from mass-manipulative flood of information. However, this time, I guess it is me who is getting too “sociological.”
It is not a situation we have actually at our hand now, but these are threats for the future. So we better get ourselves prepared for the embedded scripts and the kernel root trojans in spyware. Words from security experts, which see a trend for the future. I agree with your copernical theory as much that I have visited the house of the great Copernic or Kopernik in Torun (Poland), despite him living and publishing, still one third of the European population thinks the sun turns round the earth. That must be a reassuring thought for the Inquisition. They held these views well over the heads of the population. The same with computer systems. If you only hear of the benefits of the prevailing OS, it is difficult to think outside these views.