What would a spyware program look like in codes ?

[Nothinman]

This is going to sound idealistic, but the general requirement is to have some OS/broswer combination that everyone can use AND that is adware-secure.

Define "adware-secure".

Besides the fact that nothing can be 100% secure different people have different opinions on what's good or bad. For example some people think cookies are bad while others couldn't care less.

Just imagining the general public confusion of having more than 4 popular OS's running around is making me shiver!!

The public deals with may different ways to operate most devices, they're just too scared that they're going to break their computer so they don't experiment and figure things out.

 

[Ken g6]

Originally posted by: chronodekar
This is going to sound idealistic, but the general requirement is to have some OS/broswer combination that everyone can use AND that is adware-secure.

Well, there's always a floppy Linux with Links. No images, no Javascript, no problem. 😛

 

[chronodekar]

Originally posted by: Ken g6

Originally posted by: chronodekar
This is going to sound idealistic, but the general requirement is to have some OS/broswer combination that everyone can use AND that is adware-secure.

Well, there's always a floppy Linux with Links. No images, no Javascript, no problem. 😛

As far as that goes, I've used w3m in ubuntu, and well, to avoid flaming, let me just say that it was a very unique experience, one that I hope won't happen too ofen. 😉

Originally posted by: Crusty
Like Markbnj said, if there were to be mass diversification of operating systems there would have be some sort of common framework, otherwise it's just not feasible. With that common framework comes the single point of attack.

As far as it goes Crusty, that would also depend on HOW the framework is implemented, right? While they accomplish the same thing, I don't think MONO2.0 and .NET2.0 run in the same way.

Adware normally target exploits. And an exploit is an exceptional case/situation where something did NOT run exactly as it was intended to.

Now, if things really were running as they are suppossed to be, and STILL we get 'exploits' I'd say that there is a gaping hole in the framework itself, and that's just sloppy design.

(In all fairness, I know making a framework is not an easy task, and mistakes do happen, but if you must make something of the sort, then a design mistake SHOULD be very VERY rare indeed)

 

[Markbnj]

Adware normally target exploits. And an exploit is an exceptional case/situation where something did NOT run exactly as it was intended to.

I actually think that's too optimistic a definition. Security is defense, and defense by nature is always incomplete. Is not protecting something that should be protected a bug?

 

[chronodekar]

Originally posted by: Markbnj
Is not protecting something that should be protected a bug?

I'm not against defending. In fact, I fully recognize the need for it. Also, with today's complex systems I guess something or the other might get overlooked.

But, (talking ideally now) if things work exactly as they should, and YET, we see an exploit come up, then the question should be why was free permission/access granted in the first place?

Defensive steps should be taken, no doubt about it. But having a good defense is NOT an excuse for poor design.

Security helps, yes. But that doesn't mean you should be leaving all your valuables outside the front door. Once a problem is discovered, hire a guard, but don't forget to bring your goods inside as well.