OpenOffice.org "Badbunny" worm hops across operating systems

Sat Jun 16 16:58:16 BST 2007

On 15/06/07, Scott (angrykeyboarder) <geekboy at angrykeyboarder.com> wrote:
>
> Derek Broughton spake thusly on 06/14/2007 06:28 AM:
> > Scott (angrykeyboarder) wrote:
> >
> >> Nils Kassube spake thusly on 06/11/2007 11:36 AM:
> >>> Scott (angrykeyboarder) wrote:
> >>>> Malicious software targeting OpenOffice.org documents is spreading
> >>>> through multiple operating systems (Including Linux), according to
> >>>> Symantec....
> >>>>
> >>>>
> http://news.com.com/OpenOffice+worm+Badbunny+hops+across+operating+syst
> >>>> ems/2100-7349_3-6189961.html?tag=html.alert.hed
> >>>>
> >>>> (or http://preview.tinyurl.com/2qmqjj if you prefer).
> >>> Which is mostly harmless according to
> >>>
> >>> <http://blogs.sun.com/malte/entry/sb_badbunny_a_harmless_little >
> >> If you have a brain, then yes that's correct.
> >>
> >> However, not everyone fits in that category. :)
> >
> > LOL.  If you have a brain, viruses aren't a problem on Windows either
> :-)
>
> That was precisely my point.  Windows bashers love to point out how
> insecure Windows is. While I agree it's typically less secure than
> Linux, I also point out that the biggest Windows security problem isn't
> Windows, it's (most) Windows users.
>
> And just because a program doesn't have root/administrator access
> doesn't mean it can't do damage.
>
> The last I checked most Linux users don't have to have root access to
> open their personal files (e.g. Photos, Videos, "important" documents
> and so forth).
>
> There are plenty of ways to do damage to those files without root
> access.  After all, I as a user can install and run software in ~/foo
> can I not?

Actually it's not that simple. Whose was the original sin? The windows users
being stupid or windows's bad design teaching the users to be stupid? It's a
chicken and the egg problem. As a windows design fault let's take for
example the current Vista 'Cancel or Allow' dialogs. Because you need to
click 'allow' in order to do some simple tasks, the users gradually learns
that it is Ok to click the 'allow' button because it is probably something
simple anyway. While this particular example is a new design flaw, windows
has had many more in the past, all of which have helped to create the
'stupid windows user' of today.

Of course windows isn't the only one that suffers design flaws of this kind.
Indeed a very on-topic example would be OpenOffice.org's very own 'Cancel or
Allow' dialog. If you want to add a button to change a paragraphs colour for
instance, that would naturally require a script. If you wanted a button to
gather info on the file you just wrote and send that data of http to a
remote server, that too would require writing a script. In both instances
you'd get the macros 'Cancel or Allow' dialog when loading the file. Most
scripts are of the 1st type, harmless, affecting the local document only.
Such scripts do not need a Cancel or Allow dialog as they are harmless
outside the local document in which they are contained, but because the
dialog keeps popping up people get used to clicking allow for trivial
things. So now when an ugly bunny raises it's head, there are a number of
people who see the 'Cancel or Allow' and think 'Yes please, I'd like pretty
colours, thank you.'. Is it their fault for being naive or is it the program
designers fault for teaching them to be?

As you can probably tell from the above I'm of the opinion that the
oo.orgsecurity team needs to be hit with a clue stick and quickly,
before
something nasty gets through. The 'Cancel or Allow' dialog is at best a
quick hack, not an almighty security feature like the oo.o people seem to be
saying it is.

Arwyn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/sounder/attachments/20070617/2a123eb0/attachment.htm 