Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: stripes1776

So if I understand right, if the hacker can get the victim to download and save a copy of a file, then the computer can be compromised because that file might be loaded by another application already on the machine.

And this is different from a trojan - how?

Sorry, but the last line of defense is ALWAYS the user, and if you can get them to download and install your application, I don’t care WHAT kind of OS or virus protection they run - you own them.


9 posted on 08/24/2010 1:01:41 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: PugetSoundSoldier

How about a FIRST line of defense, say a bounty on hackers and writers/disseminators of malware?

Maybe just an open season... Bow, muzzle-loader, center-fire, shotgun, 2x4, crowbar???


10 posted on 08/24/2010 1:11:21 PM PDT by BwanaNdege ("There are consequences for being wrong" - Burt Rutan)
[ Post Reply | Private Reply | To 9 | View Replies ]
To: PugetSoundSoldier
So if I understand right, if the hacker can get the victim to download and save a copy of a file, then the computer can be compromised because that file might be loaded by another application already on the machine.

It has to do with the way that Windows loads .dll files. These files are executable code that the operating system loads dynamically and runs. There is a search order that the operating system uses to load these files. Every running application has the concept of a working directory or current directory (folder). Windows has a search order that it uses to find .dll files. By default the Windows operating system looks first in the same folder as the data file that has just been loaded. Then it looks in system folders. All the malicious hacker has to do is place a malicious .dll file in the same folder that you are downloading data from on a network, and the user's machine is now owned by the malicious hacker.

You can change the search order so that Windows looks in the system folders first and last in the working directory that the data came from. But if the name of the .dll is unique, windows will still find the file and load it. The user's system is still compromised.

And this is different from a trojan - how?
Sorry, but the last line of defense is ALWAYS the user, and if you can get them to download and install your application, I don’t care WHAT kind of OS or virus protection they run - you own them.

The user does not have to download and install an application. The application is already installed. The installed applications use .dll files. These .dll files will download automatically and run as part of the application. All the malicious hacker has to do is put a malicious .dll file in the same folder as the data you are looking at in an application. There is nothing to install.

12 posted on 08/24/2010 1:31:54 PM PDT by stripes1776
[ Post Reply | Private Reply | To 9 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson