Thursday, May 26, 2005
Phone home
When I ran a utility for the first time the other day I got a familiar alert from my firewall software. The program was trying to "phone home". It's commonplace for applications to rely on Internet access to check for updates, verify software licenses, etc. It's also all too common for spyware and malware to attempt to access the network. The challenge is to be able to tell the difference between legitimate and malicious access. You can err on the side of caution by denying network access to an application but you may end up disabling some of its functionality. For example, a few weeks ago a developer on our team was getting weird error messages when using the source control system. It turned out that he had accidently denied network access to one of the programs used for source control.Back in the days before ubiquitous Internet access, I worked on a product on a Unix-based OS. One of our product managers had managed to get a Beta copy of a competitor's product. Several of us installed it to try it out. After launching the program, I noticed an odd message in my email system indicating a bounced email. The program had invoked /bin/mail to "phone home". It was sending a notice to indicate that it had been run. Fortunately email sent to the outside world had to include a gateway suffix so this particular email bounced. It would have been embarrassing if our competitor received a raft of messages from the Beta software that could easily be traced back to our domain.
RSS 0.92 Feed