My father-in-law to be was chatting to me today when we came upon the topic of viruses (virii?). Interesting enough, he made quite a good point today.

Viruses are abusing the OS's and the programs etc, not ONLY because of security vulnerabilities but also because they are supposed to be able to!

Think about it.

When VBScript was first designed it was designed as a scripting language that could help you automate a lot of tasks inside Windows.

Obviously, for this to happen, your operating system had to give full rights/access/permissions to the scripting language, to be able to chat to the operating system's "inner workings". In effect, they allowed VBScript to do what they want it to do and as a cause allowed virus writers to abuse it.

So VBScript is one example.

What about dead standard things like Remote Desktop? Remote Desktop as well as other RAT tools like PC Anywhere and VNC allows you remote access to your computer. So what's so dangerous about that?

Well, if you were to be sitting behind your PC, the only one who could break your PC would be you and only you!

With Remote Desktop, you allow anyone out there to do the same thing. Fine, you could have rigorous firewall settings in place, that allows connections from only one source host, using 1024bit encryption, etc, etc.

The fact of the matter is, most of these technologies are designed to make your machine do more for you, make your life easier, while throwing security to the wind!

While I don't have a point to make here (no, really, I don't) I just thought it needs an interesting mention.