Get started for free
Visual Studio Developer Center >
Commentary: How to avoid aiding the development of malicious code

常规讨论 Commentary: How to avoid aiding the development of malicious code

All Replies

  • Friday, August 05, 2011 5:28 AM
     
     
    Sign In to Vote
    1

    Hi Rudy,

    I agree, that helping others to develop malware should not be supported. But I fear that it is not that easy to know, what the person really wants to do.

    I don't think that helping on a technical issue will break the rules of microsoft. Even in the us the manufacturer of a weapon is not responsible for the crimes done with their weapons. (As far as I know.)

    And agreements of companies are often NOT valid contracts. At least in germany users are protected because some bad people try to make some easy money. So I remember that a court decided in the past, that some OEM rules of Microsoft are not valid (in germany) and companies were allowed to sell cheap OEM Licenses (deboundled from a system).

    Of course: Microsoft owns this site. If they do not want me to post here, they are allowed to block me. They do not need any rule breaking for that. In germany it is called "Hausrecht" - in your house you can decide who is allowed in or is not allowed in. Which is important on a website, because Microsoft is responsible for everything published on their site (regarding german rules).

    (Maybe the laws in other countries are harder. So maybe because of some posts I should never ever visit the US because I would be arrested directly because someone used the information I provided to do something illegal. But I hope that this will not happen because I am also thinking about some holiday in the US. :) )

    So yes, I agree mostly to you but I doubt that you can know the intention of the user to decide that clearly.

    With kind regards,

    Konrad

     
  • Friday, August 05, 2011 9:30 AM
     
     
    Sign In to Vote
    0

    Hi Rudy,

    I also like Konrad I fully agree with what you wrote, but unfortunately it is sometimes difficult to understand what you are going to esegure whether for work, hobbies, hobby or as mentioned in the question put to as malware, or malicious intent create malicious code for other purposes.

    Sometimes I prefer to help the user in simple things, but when I see the posts on the web as with "how do I change my address at runtime?" I avoid answering, or other types.

    In conclusion I thank you for this post, in the hope that this site always remains exceptional.

    Best Regaeds.

    Carmelo La Monica  http://community.visual-basic.it/carmelolamonica/

     
  • Friday, August 05, 2011 11:14 AM
    Moderator
     
     
    Sign In to Vote
    0
    Thanks, Konrad and Carmelo.  I split your comments into a separate discussion thread and added some links to the existing threads that inspired the sticky thread in the C# General forum.
    Mark the best replies as answers. "Fooling computers since 1971."

    http://thesharpercoder.blogspot.com/

     
  • Monday, December 03, 2012 8:31 AM
     
     
    Sign In to Vote
    0

    Hi,

    One may use Code Access Security  CAS

    http://www.codeproject.com/Articles/5724/Understanding-NET-Code-Access-Security

    CodeDom to generate security blocks from the above.

    http://www.codeproject.com/Articles/7119/Compiling-with-CodeDom 

    Regards.

    Please remember to mark the replies as answers if they help and unmark them if they provide no help , or you may vote-up a helpful post


    • Edited by murtazagandhi Monday, December 03, 2012 8:34 AM edit
    •  
     
  • Friday, April 12, 2013 12:30 PM
     
     
    Sign In to Vote
    0

    Instead of ignoring the request for help completely perhaps asking for a little more info about the project.

    I had a rather odd request early on in my freelance career, I was asked to scan outlook inboxes for credit card numbers in attachments and backup these docs to a drive without the user being involved. As you can probably imagine it set alarm bells ringing! I asked about the reason for the project and I was subcontracted to a bank for ediscovery purposes - a number of important financial documents were passed around via email and no collaboration system was in place!

    Things are not always as they seem, good or bad...

     
  • Monday, April 29, 2013 1:08 PM
    Moderator
     
     
    Sign In to Vote
    0

    Instead of ignoring the request for help completely perhaps asking for a little more info about the project.

    I had a rather odd request early on in my freelance career, I was asked to scan outlook inboxes for credit card numbers in attachments and backup these docs to a drive without the user being involved. As you can probably imagine it set alarm bells ringing! I asked about the reason for the project and I was subcontracted to a bank for ediscovery purposes - a number of important financial documents were passed around via email and no collaboration system was in place!

    Things are not always as they seem, good or bad...

    I do not suggest that the request be ignored.  I'm simply pointing out that their stated intent is completely irrelevant.  Posting potentially abusive code on public web sites is unwise, IMHO.  Anyone can come along and read it, without ever having to log in and post a question.  A simple web search can find it.

    I repeat.  Trying to determine the OP's intent is really a complete waste of time.  Trying to do so usually wastes time and all too frequently turns into a flame war.  My point is simple.  We shouldn't leave loaded weapons laying on the coffee table.  Someone could get hurt.

    Thanks for sharing your opinion.

    Rudy   =8^D

    Mark the best replies as answers. "Fooling computers since 1971."

    http://thesharpercoder.com/