philosfrREADYNETGO.COM

• Next message: Brian Bernardo: "Re: Regarding *.pwl files..."
• Previous message: Henry Sieff: "Re: Ethical/Theoretical Question"
• In reply to: Stephen McNaught: "Re: Ethical/Theoretical Question"
• Next in thread: Daniel Avila: "Re: Ethical/Theoretical Question"
• Reply: Krystophyr Trezevant: "Re: Ethical/Theoretical Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The other problem is where the line is. Where does adding security end and
removing functionality start? My users may demand .vbs and .js files to work
as they currently do.

The idea has a lot of merit as it would allow non-security minded users to
patch their system, however it would seriously hamper organizations that did
not need or want the assistance.

-----Original Message-----
From: Focus on Microsoft Mailing List
[mailto:FOCUS-MSSECURITYFOCUS.COM]On Behalf Of Stephen McNaught
Sent: Thursday, June 01, 2000 5:48 PM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: Ethical/Theoretical Question

Besides, you know that as soon as it's released, someone out there
will change it to make it malicious. - Steve

On Thu, 1 Jun 2000 13:41:37 -0700, you wrote:

>I was just discussing VBScript with some people online, and an interesting
>question came up.
>
>Namely, should we, the security conscious "geeks" of the world, be
designing
>"virii" that shore up holes in "normal" user's security? (Things like
.vbs,
>.js windows scripting associations, password caching, auto-opening EXEs
from
>IE)
>
>Something that tells you what holes there are in your system and offers to
>patch them...
>
>Jonathan

• Next message: Brian Bernardo: "Re: Regarding *.pwl files..."
• Previous message: Henry Sieff: "Re: Ethical/Theoretical Question"
• In reply to: Stephen McNaught: "Re: Ethical/Theoretical Question"
• Next in thread: Daniel Avila: "Re: Ethical/Theoretical Question"
• Reply: Krystophyr Trezevant: "Re: Ethical/Theoretical Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]