These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

Player Features and Ideas Discussion

 
  • Topic is locked indefinitely.
Previous page12
 

disable shellexec in IGB
Author
Previous Topic Next Topic
John FlyingTrucks
Perkone
Caldari State
#21 - 2016-03-06 06:00:59 UTC
Miss 'Assassination' Cayman wrote:
And what happens when the ingame browser is removed and all links open in an external browser? Or what if someone links something like that and tells people that it doesn't work in the ingame browser so they open it in an external browser themselves?


I see your point.

The makers of Teamspeak faced the same problem. Their solution was to present a warning dialog to the user, showing them the actual URL they'd be going to, and giving them options of [ Open Link ] or [ Abort ].
Iain Cariaba
#22 - 2016-03-06 06:08:55 UTC
John FlyingTrucks wrote:
Miss 'Assassination' Cayman wrote:
And what happens when the ingame browser is removed and all links open in an external browser? Or what if someone links something like that and tells people that it doesn't work in the ingame browser so they open it in an external browser themselves?


I see your point.

The makers of Teamspeak faced the same problem. Their solution was to present a warning dialog to the user, showing them the actual URL they'd be going to, and giving them options of [ Open Link ] or [ Abort ].

You can already see what the link you're clicking on is by hovering over it. The tooltip will display the url for web links.
John FlyingTrucks
Perkone
Caldari State
#23 - 2016-03-06 11:22:42 UTC
Iain Cariaba wrote:
[quote=John FlyingTrucks]
You can already see what the link you're clicking on is by hovering over it. The tooltip will display the url for web links.


There is a 1 to 2 second delay on those that doesn't fit well with competitive situations.
Miss 'Assassination' Cayman
CK-0FF
#24 - 2016-03-06 16:43:24 UTC
John FlyingTrucks wrote:
Iain Cariaba wrote:
[quote=John FlyingTrucks]
You can already see what the link you're clicking on is by hovering over it. The tooltip will display the url for web links.


There is a 1 to 2 second delay on those that doesn't fit well with competitive situations.


What are these competitive situations? The only thing I can think of is trying to grab a contract before anyone else, and that's just begging to be scammed. Also you can reduce the tooltip delay in the options.
John FlyingTrucks
Perkone
Caldari State
#25 - 2016-03-06 18:06:10 UTC
Miss 'Assassination' Cayman wrote:
John FlyingTrucks wrote:
Iain Cariaba wrote:
[quote=John FlyingTrucks]
You can already see what the link you're clicking on is by hovering over it. The tooltip will display the url for web links.


There is a 1 to 2 second delay on those that doesn't fit well with competitive situations.


What are these competitive situations? The only thing I can think of is trying to grab a contract before anyone else, and that's just begging to be scammed. Also you can reduce the tooltip delay in the options.


Yes, just so, trying to grab a contract from a known client who advertises their contracts.

Thank you for the pointer to the tooltip delay, I didn't know about that one!
MekaJonna
Nehalem Inc.
#26 - 2016-04-06 22:51:59 UTC  |  Edited by: MekaJonna
Holy ****, just found out about this first hand.
This should be removed immediately, it's massive security vulnerability.
At a bare minimum there needs to be a yes or no prompt window on this command.

Iain Cariaba wrote:

If you take a tiny bit of time to hover on a link before clicking on it, it tells you what the link is. I've never seen a destination posted that was so time critical that you couldn't wait for the pop-up to verify what you're clicking on.

Also, last I checked, spreading malicious code in that manner not only violates the TOS, which will get them banned, but actually violates the law in many countries. Try reporting it when you see it.


This is the stupidest thing I have ever read. Nobody waits for the tool tip to pop up before clicking ****, someone who is going to use this maliciously doesn't give a **** about being 'banned' they'd probably do it on a trial account anyway. I'm not going to go into details here, I'll be submitting a ticket about this right after I post, but leaving this feature in the game runs the risk of infecting every eve pilot.
Miss 'Assassination' Cayman
CK-0FF
#27 - 2016-04-06 23:20:51 UTC
MekaJonna wrote:
Holy ****, just found out about this first hand.
This should be removed immediately, it's massive security vulnerability.
At a bare minimum there needs to be a yes or no prompt window on this command.

Iain Cariaba wrote:

If you take a tiny bit of time to hover on a link before clicking on it, it tells you what the link is. I've never seen a destination posted that was so time critical that you couldn't wait for the pop-up to verify what you're clicking on.

Also, last I checked, spreading malicious code in that manner not only violates the TOS, which will get them banned, but actually violates the law in many countries. Try reporting it when you see it.


This is the stupidest thing I have ever read. Nobody waits for the tool tip to pop up before clicking ****, someone who is going to use this maliciously doesn't give a **** about being 'banned' they'd probably do it on a trial account anyway. I'm not going to go into details here, I'll be submitting a ticket about this right after I post, but leaving this feature in the game runs the risk of infecting every eve pilot.

Ok, how exactly does it run the risk of infecting every Eve pilot? First of all, just because you don't take the time to check what you're clicking on doesn't mean nobody else does. Many of us are careful and don't blindly click links. Second, not everyone has a vulnerable web browser that allows all the nasties in. Third, not everyone has a vulnerable computer that lets the web browser do malicious things. Fourth, people run Eve on different operating systems that aren't vulnerable to the same things.

Yes, there's is some little bit of added risk, but I don't believe it comes anywhere close to outweighing the usefulness of the feature.

I'm not against adding a prompt though, as long as it has an option to be turned off. They're are few things more annoying than looking at a harmless link, knowing exactly what it will do, and still having to ok it.

Also, why should we care if you file a ticket? Was that supposed to be a heads up that another useful feature is about to be thrown away like right click camera panning, pressing tab to roll up windows, or not having to render a resource-intensive station environment we don't care about?
MekaJonna
Nehalem Inc.
#28 - 2016-04-06 23:53:02 UTC
Miss 'Assassination' Cayman wrote:

Also, why should we care if you file a ticket? Was that supposed to be a heads up that another useful feature is about to be thrown away like right click camera panning, pressing tab to roll up windows, or not having to render a resource-intensive station environment we don't care about?


As mentioned in my original post, I submitted a ticket with information on how this could infect many pilots. I was not about to put that information in the public domain.
Aliana Heartborne
Center for Advanced Studies
Gallente Federation
#29 - 2016-04-10 20:35:06 UTC
Add a warning for opening links (with option to turn off) and its the best feature ever. Hell most other games with url-completion/opening dont ever warn about opening links in your browser

This is a great thing, instead of having IGB die to google forms and having mac users crash constantly because of the horribleness of IGB
Celesae
Clan Shadow Wolf
Tactical Narcotics Team
#30 - 2016-04-16 08:22:52 UTC  |  Edited by: Celesae
Masao Kurata wrote:
As far as I can tell, there's no obvious way to exploit this. EVE only attempts to open the link if it is of the form shellexec:http:... or shellexec:https:... , making it as safe as your browser. In contrast, the IGB is obviously and demonstrably insecure, and rooting the computer of anyone who clicks an IGB link to a site hosting exploits for the out of date chrome version used is trivial.

It's possible that I'm missing something of course, but the shellexec links are handled by executing rundll32.exe url.dll,FileProtocolHandler URL . rundll entry points get everything after the function name passed to them as a single string, so executing another local command by manipulation of the URL doesn't seem to be possible, but maybe a buffer overflow could be triggered in url.dll's FileProtocolHandler or (more likely) in EVE. A brief investigation didn't reveal any such vulnerabilities, so I'm inclined to say this is vastly more secure than the IGB.


No. This opens up a HUGE list of exploits and vulnerabilities.

Google "Drive by download attacks", things like the Angler Exploit Kit.

This is a huge security risk, and CCP has no business allowing user browsers to be hijacked by other users in that fashion. Yes, yes, read links before you click - but mistakes can be made. This is terrible security practice.


All it takes is someone linking to a known site for malware, such as a site hosting a ransomware kit - the user only has to visit the page - they don't have to click yes or anything - then suddenly all their files are encrypted and they either have to start from scratch and pray they have backups, or pay a $500 ransom to unlock their stuff.
Shallanna Yassavi
qwertz corp
#31 - 2016-04-16 08:47:34 UTC  |  Edited by: Shallanna Yassavi
I read an IT horror story once about a tech who got a ransomware email in his inbox, identified it as ransomware, and forwarded the message with a "Do not click these links" warning so everyone in the building could learn what spearphishing looked like. Guess what happened?

People clicked the links.

A signature :o
Miss 'Assassination' Cayman
CK-0FF
#32 - 2016-04-16 09:16:42 UTC
Celesae wrote:
Masao Kurata wrote:
As far as I can tell, there's no obvious way to exploit this. EVE only attempts to open the link if it is of the form shellexec:http:... or shellexec:https:... , making it as safe as your browser. In contrast, the IGB is obviously and demonstrably insecure, and rooting the computer of anyone who clicks an IGB link to a site hosting exploits for the out of date chrome version used is trivial.

It's possible that I'm missing something of course, but the shellexec links are handled by executing rundll32.exe url.dll,FileProtocolHandler URL . rundll entry points get everything after the function name passed to them as a single string, so executing another local command by manipulation of the URL doesn't seem to be possible, but maybe a buffer overflow could be triggered in url.dll's FileProtocolHandler or (more likely) in EVE. A brief investigation didn't reveal any such vulnerabilities, so I'm inclined to say this is vastly more secure than the IGB.


No. This opens up a HUGE list of exploits and vulnerabilities.

Google "Drive by download attacks", things like the Angler Exploit Kit.

This is a huge security risk, and CCP has no business allowing user browsers to be hijacked by other users in that fashion. Yes, yes, read links before you click - but mistakes can be made. This is terrible security practice.


All it takes is someone linking to a known site for malware, such as a site hosting a ransomware kit - the user only has to visit the page - they don't have to click yes or anything - then suddenly all their files are encrypted and they either have to start from scratch and pray they have backups, or pay a $500 ransom to unlock their stuff.

Or you know, set up their browser security to not execute anything pages try to push their way?
Celesae
Clan Shadow Wolf
Tactical Narcotics Team
#33 - 2016-04-16 09:26:24 UTC  |  Edited by: Celesae
Miss 'Assassination' Cayman wrote:
Or you know, set up their browser security to not execute anything pages try to push their way?


Yes, but the problem is not everyone is as smart as you perceive yourself to be, or are even aware of the need to do such a thing for their security.

Security should always factor in the lowest common denominator - leaving it all up to the end users to figure everything out on their own is how we got into this mess in the first place.

The issue is that CCP enabled this "feature" - they are responsible for its (mis)use.
Previous page12