From: "Paul Ranson" 

If you can write to the registry as administrator then you can do anything.
That's the underlying point. If Adobe Acrobat allows you to do that from
JavaScript then worrying about disabling the firewall is really the least
of your bothers.

Paul

"Geo"  wrote in message
news:4328d83c$1{at}w3.nls.net...
> "Paul Ranson"  wrote in message
> news:4328b57d{at}w3.nls.net...
>> Encrypting the registry would just mean at a simplest level running the
>> firewall configuration app and poking keystrokes at it rather than just
>> editing the registry. Keeping it hidden isn't rocket science.
>
> Poking keystrokes isn't as easy as it sounds when you are limited to
> scripting via a PDF file or some other method. You are still thinking like
> you have code running on the machine. The idea is you take what you can
> get,
> usually that's some browser exploit or some control marked safe for
> scripting but isn't, something along those lines. You exploit that to gain
> more access.
>
> The higher you can raise the bar for those initial steps, the tougher it
> is
> to crack the machine. As you say, once you reach the point where you have
> your exe running on the box, it's anything goes. But getting there is the
> tough part. (or should be the tough part)
>
>> Not running untrusted code would seem to be the first line of defence.
>
> I agree, and active or javascript should be considered untrusted code.
>
>> And
>> having the firewall physically distinct a distant second.
>
> No, not at all. Think of it like antivirus. Yes it's possible to defeat it
> once you have code running, but that doesn't mean it doesn't help. The
> tougher it is to defeat the firewall the better and that's really all I'm
> saying.
>
> Geo.
>
>

--- BBBS/NT v4.01 Flag-5