George N. White III wrote:
> One problem area that needs to be addressed in open standards is how to
> remain open and still support intelligent devices in a secure fashion. One
> can imagine worms and viruses that program graphics interfaces to display
> commercial messages, printers to add p0rn images to documents, wireless
> cards to broadcase commercial messages to devices operating on other
> frequencies, etc. Some vendors are using "security by obscurity" as an
> excuse for keeping interfaces hidden, but since we know that
> obscurity has marginal security benefits, so must doubt the
> sincerity of those vendors.
Yes, I can imagine that.
But I can also imagine viruses that do that by hooking into the OS
interface (I'm thinking of a number of Amiga viruses that displayed
obscene messages on-screen fifteen years ago).
The whole point of drivers is to present a (relatively) hardware-
independent standard to the rest of the operating system. Once that
happens, virus writers, just like any other programmer, can address
the driver API, and the question of whether it's an open standard API
or not is not one that taxes your average virus writer.
Those viruses on the Amiga tended not to spread too well, as it was
too obvious that a machine was infected, so users tended to do
something about it before they could spread. (In those days, the
main transmission vector was infected floppies and infected programs
on floppies).
James.
--
E-mail address: james@ | The camel has a single hump;
westexe.demon.co.uk | The dromedary two;
| Or else the other way around.
| I'm never sure. Are you? -- Ogden Nash
