[svlug] Good points, but Outlook still needs a LOT of work -- Re: eWeek article on MS Outlook

Bryan -TheBS- Smith thebs at theseus.com
Mon May 15 13:44:41 PDT 2000


On Mon, 15 May 2000, Rick Moen wrote:
> It's interesting to contemplate the user-level view at the crucial
> moment, when the user executes the viral code.  (It's been difficult
> for me to do this, for lack of access to Win32 boxes.)

It's sad that user-level security issues are the focus of Windows
holes.  Windows 9x has NO security, and most of the security of
Windows NT/2000 has to be DISABLED (e.g., give users admin-level
privaledges) so applications run correctly (very sad that even
Microsoft's own applications are NT/2000 ignorant).

> Microsoft OSes have a concept called "opening" or "launching" 
> a file, an action usually performed by double-clicking on something.  
> This characterisation conceals the vital question, which the user
> _should_ be concerned about, of whether one is merely viewing the 
> file, or executing (running) it.

If Microsoft just added a basic "right click" so you could view the
potentially hazardous script or text (unfortunately, QuickView has
to be enabled for most documents manually, that would be great. 
Heck, I would argue that any UNIX window manager that "acts" like
Windows should have the option to do such.  Here would be the
algorithm ...
 - Check if file is binary or text (e.g., run "file" on it)
   - If text, pump to default text viewer
   - If binary, extract text from it (e.g., run "strings")

> To the extent Microsoft OSes make information available at all, on the
> executable vs. non-executable question, they do so via an impossibly 
> large and disorderly array of file "type" indicators, implemented as 
> three-letter filename extensions.  Unfortunately, those OSes suppress
> display of such extensions by default (!).

Yes!  And they do other, funky things with filenames and usage. 
And even Windows 9x (aka MS-DOS 7.x) and NT/2000 approach
filesystems COMPLETELY DIFFERENT from an low-level API perspective.

> So, even if the user were wary of common executable file "types" and
> his system happened not to support any uncommon ones, he still won't
> even see the necessary extension information unless he has dug into the 
> shell options and re-enable their display.  Furthermore, even after
> _that_, at least one filename extension (.lnk) will still remain
> undisplayed, as we know from the current Eudora for MS Windows security
> hole:  http://www.eudora.com/security.html

I would still like to see a prompt.  E.g., scripts and macros can
automatically execute in Outlooks "preview pane" if enabled,
withOUT prompting the user.  Microsoft really needs to "disable"
scripting in the preview pane, or prompt the user whether or not to
run it.  Also, separating security settings in IE from Outlook
would be a nice plus.  I don't know how many times users cannot
download things in IE because of the security I set in Outlook.

[ Note:  I *DO* try to get users to use Netscape instead. ]

> Obviously, there is a ghastly user-level hazard here that is in no way
> limited to Visual BASIC Scripting or to MS Outlook / MS Outlook Express:
> The OS's fundamental design actively _encourages_ cluelessness and
> ignorance, _and_ actively stands in the way of users having crucial
> knowledge.   

Not even that!  But it minimizes button clicks, even when it is
questionable from a security standpoint!  And Microsoft continues
to defend that stance!

I don't expect users to understand everything, but when Microsoft
assumes the whole world is friendly by default, that's the problem!
 Add in the whole creation of Windows 9x when Windows NT was the
*OBVIOUS* better OS for the future (and Microsoft continues to
"backseat" Windows 2000 aka NT 5) and it's NUTS!

Not that 2000 is good, but it's at least a REAL OS that has
separate kernel and user modes, user accounts, etc... (although
what they put in the kernel is VERY QUESTIONABLE!).  And user
accounts seem to matter little when you have to make users
Administrators in order for various applications and functions to
work.

[ I can still remember the cries of NT developers when Gates choose
to support "Chicago".  The beginning of the end.  It was at that
point that I felt like an idito ]

> In short, it's pretty much horrific from every angle:  The userbase
> tends to be a bit dim to begin with, and the smart ones are actively
> deprived on crucial data and crucial distinctions are concealed from
> them.  No wonder they have an ongoing virus disaster.  It's a wonder the
> whole house of cards hasn't collapsed on them before now.

Yes!  Yes!  That is the point!

Regardless of your expertise, so much is hidden, you don't have the
option.  Just f---ed with an NT 4.0 setup today.  Trying to install
the network support, it crapped out.  Then I couldn't do it again. 
Had to spend 15 minutes hacking the registry to finally delete the
f---ers before I could re-install!

> And blaming MS Outlook and/or Visual BASIC Scripting ignores the real
> problem.  Glad it's not mine.

True.  But Outlook is the epitome of applications.  I agree that
viri will always be a problem to the ignorant, but Outlook really
goes out of its way with defaults to make it so.

-- TheBS

-- 
 Bryan "TheBS" Smith -- Engineer, IT Professional and Hacker
      E-mail:  mailto:thebs at theseus.com,b.j.smith at ieee.org
  Disclaimer:  http://www.SmithConcepts.com/legal.html
*************************************************************
  TheBS ... Serving E-mail filters to /dev/null since 1989






More information about the svlug mailing list