Scripts solution ?

Discussion in 'other anti-malware software' started by Fly, Apr 30, 2008.

Thread Status:
Not open for further replies.
  1. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    A rather major attack vector, viruses or other malware, is through malicious use of scripts.

    Disabling scripts (FireFox or otherwise), including Flash and similar issues, is just rather inconvenient. And there is the issue of cross-site scripting.

    It has occured to me that this issue might be circumvented by writing a script/coding by programming code that does not execute the scripts, but writing a script or code that takes a SAFE code that will not execute the original script, but a safe version of the script. In other words, what is presented as a script, should be replaced by a safe script.

    What do you think ?
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,700
    Hello,

    And how do you tell safe from dangerous?
    This is the most difficult question you can ask a machine. To interpret feelings and intentions.

    For example, code to format partition. Sinister if not intended, benign if not. So, what do you do? Ask the user? And you get a classic HIPSoism problem.

    Besides, you can conveniently manage scripts with Firefox + Noscript and solve quite a few problems.

    Besides, scripts are not that problematic - because in normal browsers, they are limited what they can do. For example, javascript cannot access local files. However, if there's a bug in the browser engine, then you might break through. This is where good and quick patching policy and Noscript help.

    But for example IE has the FSO, which allows you to read and manipulate local files, making it very dangerous.

    So, good choice of a browser is the first step. Good updates, the second. Noscript the third.

    Mrk
     
  3. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Hopefully I'm more clear this time

    I must have been somewhat sleep-deprived when I wrote my first post, it's hard to understand what the writer (me) meant.

    What I proposed: create software that reads the scripts from websites and does not directly execute that, but converts it into a SAFE NEW TYPE OF SCRIPT/CODE. (Or alternatively, multiple scripts). This SAFE NEW TYPE OF SCRIPT/CODE (scripting language, code, whatever you want to call it) should not allow any action that can be potentially hazardous. Basically, just displaying a webpage (with limitations), and with a very limited ability for a web page to accept input, and no or very limited ability to track a visitor. This SCRIPT/CODE should be much more simple and have fewer abilities than, for example, Javascript.
    Alternatively, an ENGINE could be created that would only execute scripts that are completely safe and would not violate a visitor's privacy. (Some antivirus engines block some malicious scripts/actions, but I'd want to go further).

    I know that nothing is 100 % safe, but I'd think it could be an alternative for FireFox' somewhat extreme 'NoScript'. Everything would not look that pretty, and some webpages would just not work. But things would be safer, no 'web bugs', no or very limited ability to collect information, code that would be so simple that vulnerabilities would not be an issue.

    But I can't really judge that as an option (?), the last time I did some programming was over 15 years ago.

    I'll share an experience of mine: a malicious piece of Javascript tried to download and install a trojan, but McAfee's engine prevented the trojan from installing.
     
    Last edited: May 1, 2008
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Re: Hopefully I'm more clear this time

    Proxomitron
    WebCleaner
    :)
     
  5. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Re: Hopefully I'm more clear this time

    Thanks :)

    How good are they, in particular WebCleaner ?

    Any issues with security software you know of ?
     
  6. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Re: Hopefully I'm more clear this time

    Proxomitron is the "gold standard" in local proxies. WebCleaner seems to have great potential.
    You may have problems with web/HTTP scanners which are proxy-based and firewall rules.
     
Thread Status:
Not open for further replies.