When Agents Attack

Submitted by Christopher on Thu, 2006-12-14 22:25

We've all seen them - software agents lurking in our system trays. They're useful for all kinds of stuff from antivirus and backup to systems management. However, as Thomas Ptacek at Matasano Security points out, blind usage of agents without considering the potential for vulnerabilities can cause disaster.

Some problems with agents:

Agents often run with system privileges
Agents often form a communication mesh through which they could be exploited
Some software providers don't follow secure programming practices
An exploit for a system agent can be cross-platform due to a single code base

Check out the article from Matasano linked below and if you have more time, read Richard Bejtlich's response at Taosecurity.

Add new comment

About Christopher

Full Name
Christopher Byrd

LinkedIn Profile
http://www.linkedin.com/in/cbyrd01

Twitter
http://twitter.com/cbyrd01

View full user profile

Popular content

All time:

Last viewed:

So the firewall offers great protection if your adversary is using Visio, but otherwise its mostly useless.

— Gunnar Peterson