perfidy

I just read that there's another mass email worm on the loose. Yeah, denial of service is bad and all that, but this one apparently targets DarkProfits.com. They're the friendly folks who sent me (and my mother) a few dozen emails that loudly proclaim, in the subject line, "your credit card has been charged $247.35 for child porn", and provide a convenient HTML form where you can enter in your credit card details if you disagree with that charge.

It's an anti-spammer worm, which is an interesting development. It's sort of a stupid one, though...it makes no sense whatsoever to create a worm that only does one thing. You really want the bot army if you can get it, and it's a lot simpler to build something that morphs itself from one form to another, that is very general, that has little for scanners to get a hold of.

The bottom line is that Windows-based computation is in some pretty severe danger right now. Microsoft has absolutely insisted that the default state of the OS be that processes can do whatever they want, wherever they want. Unix takes the opposite view, that much of the system is protected from processes unless they can get rooted. Guess which one makes for a more secure system?

Of course all of that can be subverted, instantly, by one crappy program running setuid root. C may be a good language for writing bits and pieces of an OS, but it's lousy at security.