With the pending inconsistencies and ambiguities around malware and its propogation through websites, it has become apparent that a change is in order. After long conversations with my good friend Imul from lul-disclosure labs, a solution has manifested: the malware tag. A revolutionary concept, this tag aims to unify how malware is represented -- allowing web browsers and their users to act accordingly.
The advantages of the malware tag are vast. Deep inspection firewalls would be able to filter traffic upon layer 7 detection of markup tags (previously the layer 3 evil-bit was the only option available). The combined ability of both evil-bit and malware tag detection gives network appliance vendors a very sexy yet functional and markettable product. The malware tag will redefine world class paradigms, and spearhead Web 3.0 as bleeding edge technology. Heres how it will work:
- Sites with malware must place
- Sites which do not host malware should not use this tag, as it is misleading to users and may ultimately result in mis-representation/public relation issues.
- Starting in Web 4.6, all Browsers must observe the malware tag, and present the user with options pertaining to the malware type. Some suggestions would be to request the user to type in or email the site owner with all passwords/credentials (as to ease the transition into being owned). Randomly deleting files or sending the malware on to other users by hand are also options.
- Malware writers should categorize their products so that they may be easily representable in markup languages. This will allow for the creation of other tags like <deletes_files>
-AV products may search for specific tags, which will determine how they should act:
This is just a draft, and some of the Web versions might need to be adjusted (for Ajax and things), however once thing is certain: <malware> is the new hotness. Suggestions/input/tag features are welcome via email, as long as they are in before I send in the tag proposal to w3c.
0 comments:
Post a Comment