- Replicate and
- Remain Hidden,
One method for limiting viral harm is limiting exposure. This can, in most instances, be done simply by only allowing connections to known secure IP addresses. This means that any virus incomming has also circumvented the security of a secure peer.
Sadly, this is made impossible by some product designs. Steam being the worst case. Internet load balancing should not be happening at the user client (in Steam client this is the case). Regional internet servers should be setup and DNS resolution should load balance within a small range of IP addresses for each area / network region. So, for example, Steam requested in Chicago should not be contacting an address in China (as an example found happening using Windows Update) for an update. It should be load balanced between up to 10 servers within a sensible range.
Steam just appears to try to load balance between 100's of servers. It could be possible they may have 100's of servers within my region, I am however exceedingly dubious of this (I don't think so).
Anyway, the point is, because steam connects to a massive range of IP addresses it is not easily possible to secure against viral attack, since either one must learn every single IP used by steam or just give up and allow Steam total free communications (inviting it as a great launch platform for any form of viral infection. Infect the process with the most permissions and or the most freedom).
The second evil of steam is it cannot run in a non elevated state.
I actually find myself HOPING someone targets Steam because they are behaving like Tyrants.
Oh, and yes.. Windows Update is nearly as bad (but at least I could conceivably mangage Windows Updates Manually).
No comments:
Post a Comment
What do YOU think?