[LINK] OpenOffice.org less secure than Microsoft Office?

Karl Auer kauer at biplane.com.au
Wed Jul 19 23:08:27 AEST 2006 

On Wed, 2006-07-19 at 21:15 +1000, rchirgwin at ozemail.com.au wrote:
> Like Karl, I can't read French. But I can say this: anyone can easily 
> defeat any attempt on their Office suite, whether Open or MS. If the 
> software can't see the Internet, it can't be attacked from the Internet. 
> So if the firewall says "OO.exe has no Internet access" or "word.exe has 
> no Internet access", then hackers to either suite can do as they please 
> and not bother me.

I'm not sure that makes sense, Richard.

Most attacks destroy something unrelated to the vector they came in on.
A firewall can't identify an application (in general), it identifies and
supervises protocols. Any application can use any protocol. The more so
if it is hacked :-)

A firewall *in the operating system* could perhaps identify applications
as you suggest, but this would only be useful if the operating system
ran at a higher privilege than the applications (otherwise the
application could simply turn off or modify the firewall).

Security flaws in an application like Word or OO are typically not
something a firewall can "see" or mitigate anyway. They are in things
like  macro capabilities. Send someone a document with a nasty macro in
it, get them to open the document, and bang. Even then, the flaw is not
that the macro can do nasty things - some nasty things are good and
useful in the right context, like "delete file", or even "execute
external script". The security flaw is generally that the access model
is too coarse, the defaults too open, or the checks too weak. A macro
language that allows a file to be deleted should at very least confirm
with the user by default. Documents should not have autorun macros
enabled by default, it should be something the user has to enable for
each specific document. And so on.

I would really like to know what the flaws were that the French military
found...

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/                  +61-428-957160 (mob)

More information about the Link mailing list