Internet Connection Security for Windows Users |
by Steve Gibson, Gibson Research Corporation |
FAQ Frequently Asked Questions
Since Trojan horse programs are, by definition, malicious software, and LeakTest is certainly not, we were initially puzzled by this too. So I asked the Moosoft guys what was going on and promptly received this explanation:
So there you have it. I'm completely satisfied with their position. The Moosoft Development folks clearly understand that LeakTest is a good thing, and is not any sort of Trojan. But by design it is a "Trojan Simulator" (although one that wears a bright white hat) so they came under pressure to demonstrate that their detector could detect it. Fine. It does. Case closed.
That's an excellent and important question. It deserves an honest answer. The frightening truth is, there is no way for any of the Windows 9x family of products (Win31, Win95, Win98, WinMe) to be truly secure, and although the Windows NT family (WinNT, Win2000, Whistler) can theoretically be secure, Microsoft has never enforced this built-in capability (and, in fact, Microsoft has been eroding it over time.) In practice this means that while using Windows there is no operating system enforced software "containment". Any program running in the system can do virtually anything it desires. This was not a practical problem back in the "old days" where we were all amazed just to be able to compose and print a letter on a computer that we owned. But in today's world, security has become a huge problem (which Microsoft had better start getting serious about very soon.) In our present context of software-based firewalls, this means that no software-based firewall, running within current versions of Microsoft Windows, can be ABSOLUTELY secure. A Trojan horse program whose author has deliberately reverse-engineered the operation of a specific software firewall can, without question, interfere with and disable that product's proper operation. Therefore, if I wanted LeakTest to deliberately penetrate any specific firewall by reverse-engineering its operation, it could definitely do so. Since that's true, what's the point of doing so? Once we start down that path there is no end in sight and I believe it's a fruitless path to pursue. I have, therefore, deliberately defined LeakTest's boundaries to stop just short of taking that road. LeakTest exploits and demonstrates every GENERIC vulnerability I can imagine and find. But it will decidedly not exploit any firewall-specific knowledge. That's an important, but different, problem. Therefore, I do not, and will not, report specific firewall vulnerabilities here because they do not fall within LeakTest's scope.
|
Gibson Research Corporation is owned and operated by Steve Gibson. The contents of this page are Copyright (c) 2024 Gibson Research Corporation. SpinRite, ShieldsUP, NanoProbe, and any other indicated trademarks are registered trademarks of Gibson Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy. |
Last Edit: Nov 28, 2003 at 11:32 (7,597.62 days ago) | Viewed 4 times per day |