Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > 100% virus and worm-free

Reply
Thread Tools

100% virus and worm-free

 
 
dOTdASH
Guest
Posts: n/a
 
      08-23-2003
and no I'm not just talking about your's truly

Having read a huge amount of rhetoric, uninformed opinion and just plain
crap posted over the last few days regarding the security issue I thought
I'd post my $0.02 worth.

FWIW, I've been using PC's since the mid-1980's and I've been using the
internet since the mid-1990's. The PC is my primary tool of trade and I've
used (and still use) a wide variety of software but predominantly Windows
and Microsoft Office. In all that time I have never had one single infection
with either a worm or virus. I'm not an uber-geek, I just see that keeping
my PC current with virus sig updates and patches etc is part and parcel of
using IT. It doesn't require a degree in computer science, just plain common
sense. And my PC doesn't sit behind any fancy security hardware, all I'm
currently using is the firewall in Windows XP although I have also tried
Kerios and Zonealarm

IMHO, securing any PC isn't particularly difficult but it could always be
easier. User education is the key.



 
Reply With Quote
 
 
 
 
Anthony Neville
Guest
Posts: n/a
 
      08-23-2003

"Nicholas Sherlock" <(E-Mail Removed)> wrote in message news:bi6f47$hek$(E-Mail Removed)...
> dOTdASH wrote:
> > and no I'm not just talking about your's truly
> >
> > Having read a huge amount of rhetoric, uninformed opinion and just
> > plain crap posted over the last few days regarding the security issue
> > I thought I'd post my $0.02 worth.
> >
> > FWIW, I've been using PC's since the mid-1980's and I've been using
> > the internet since the mid-1990's. The PC is my primary tool of trade
> > and I've used (and still use) a wide variety of software but
> > predominantly Windows and Microsoft Office. In all that time I have
> > never had one single infection with either a worm or virus.

>
> Same here!


And me. To think, we didn't need to wait for some patronizing smarmy git
to tell us to secure our machines.

Tony.


 
Reply With Quote
 
 
 
 
Gavin Tunney
Guest
Posts: n/a
 
      08-23-2003
On Sat, 23 Aug 2003 12:08:37 +1200, "dOTdASH"
<(E-Mail Removed)> wrote:

<snip>
>IMHO, securing any PC isn't particularly difficult but it could always be
>easier. User education is the key.
>


User education is the key with many worms & viruses, although it does
have to be said that a lot of worms in recent years got through by
exploiting security flaws in Windows....there was no user intervention
required for the worm to infect a PC.

Educating users isn't an easy task though. I've lost count of the
number of attempts I've made to explain file extensions to people, and
am not confident I've ever got the message through about the
significance of those three letters at the end of the name of the file
they just received in their inbox....

I'm quite surprised at the extent of the Sobig worm infections. Most
users know not to run attachments, at least I thought they did, and
yet Sobig ran rampant. Maybe it's been so long since we had such a
simple worm that everyone got complacent. Doesn't bode well for the
future if a new worm based purely on social engineering can get thru
so easily.

Gavin
 
Reply With Quote
 
Evil Bastard
Guest
Posts: n/a
 
      08-23-2003
On Sat, 23 Aug 2003 13:34:43 +1200, Anthony Neville wrote:

> And me. To think, we didn't need to wait for some patronizing smarmy git
> to tell us to secure our machines.


Good on you guys - you've done better than I did when I got my first
Windows PC in '99 (was using and programming *nix machines from
1982-1994).

I look back at those times when my system was totally spyware infected,
getting hacked every other week, and am amazed it wasn't even worse.

Didn't take me long to learn how to cleanse and secure my box. But it
still feels strange that Windows out of the box is so insecure.

Maybe the Commerce Commission should order all computer retailers to sell
M$ software with a sticker with the words:

"This software may be highly vulnerable to attacks from across the
internet. It may contain programming errors which result in malicious
people anywhere in the world stealing personal information, crashing or
destabilising your system, possibly resulting in data loss, identity
theft, fraud or worse. Use this software strictly at your own risk, and
take the time to research the current security literature and acquaint
yourself with all the available countermeasures against attack."


 
Reply With Quote
 
Evil Bastard
Guest
Posts: n/a
 
      08-23-2003
On Sat, 23 Aug 2003 02:04:05 +0000, Gavin Tunney wrote:

> Educating users isn't an easy task though. I've lost count of the
> number of attempts I've made to explain file extensions to people, and
> am not confident I've ever got the message through about the
> significance of those three letters at the end of the name of the file
> they just received in their inbox....


I just gotta say to you MS support folk - YOU POOR BASTARDS!!! ;>

On one hand, you did a marvelous, albeit incomplete, job of integrating
hunks of disparate software into a package that can (to a large extent) be
used out of the box by the masses.

At that time, Unix/Linux/BSD was way back in the caves from a
user-friendliness point of view.

But then, you lumbered yourselves with the burden of users who expect
Windows-based PCs to run like any other appliance. It's like people expect
some kind of inbuilt AI that's 30 years ahead of its time.

There surely must be some amazing stories of encounters with users.

I could just imagine within MS a database of 'top 100 most ridiculous
support calls'. Maybe the story of the blonde secretary using physical
white-out on the screen while running Word is not totally an urban myth.

I do feel though that much more of MS's astronomical software-markups
should have been invested in software which educates people about their
PCs, step by step, blocking their full access to the system until they're
showing some understanding. Similar to the principle that you don't take
the hood off a power-plug until you know the difference between
phase/neutral/earth.

So IMO, MS does have a case to answer from its shortcuts.

I do sympathise with the message embedded in the Blaster virus - "Billy
Gates, stop making money and fix your software".


 
Reply With Quote
 
Nicholas Sherlock
Guest
Posts: n/a
 
      08-23-2003
Evil Bastard wrote:
> Maybe the Commerce Commission should order all computer retailers to
> sell M$ software with a sticker with the words:
>
> "This software may be highly vulnerable to attacks from across the
> internet. It may contain programming errors which result in malicious
> people anywhere in the world stealing personal information, crashing
> or destabilising your system, possibly resulting in data loss,
> identity theft, fraud or worse. Use this software strictly at your
> own risk, and take the time to research the current security
> literature and acquaint yourself with all the available
> countermeasures against attack."


The same can be said for Linux.

Cheers,
Nicholas Sherlock


 
Reply With Quote
 
Enkidu
Guest
Posts: n/a
 
      08-23-2003
On Sat, 23 Aug 2003 14:09:43 +1200, Evil Bastard
<postmaster@127.0.0.1> wrote:
>
>Didn't take me long to learn how to cleanse and secure my box. But it
>still feels strange that Windows out of the box is so insecure.
>

....compared to what? The average Unix box is insecure "out of the box"
too, especially these RH install everything jobs. The first thing I do
with a new Unix box is download all the security patches and updates
that I can find and there are lots. And I turn off all those silly
things that get installed whatever you do. You still need to harden a
Unix box before connecting it to the Internet, especially a RH one. I
also install tripwire and a couple of other things I'm not going to
mention (grin!).

Cheers,

Cliff
--

Signed and sealed with Great Seal of the Executive
Council of the Internet, by The Master of The Net.
 
Reply With Quote
 
Evil Bastard
Guest
Posts: n/a
 
      08-23-2003
On Sat, 23 Aug 2003 14:53:12 +1200, Nicholas Sherlock wrote:

> Evil Bastard wrote:
>> Maybe the Commerce Commission should order all computer retailers to
>> sell M$ software with a sticker with the words:
>>
>> "This software may be highly vulnerable to attacks from across the
>> internet. It may contain programming errors which result in malicious
>> people anywhere in the world stealing personal information, crashing
>> or destabilising your system, possibly resulting in data loss,
>> identity theft, fraud or worse. Use this software strictly at your
>> own risk, and take the time to research the current security
>> literature and acquaint yourself with all the available
>> countermeasures against attack."

>
> The same can be said for Linux.


But people have a reasonable expectation of safety when they purchase
*any* software.

Like, if you buy a car and have stuff stored in the boot, you have a
reasonable expectation that it won't be destroyed by corrosives when you
least expect it.

And to date, Windows exploit incidents outnumber Linux exploit incidents
by orders of magnitude. Even on a per-capita basis, the incident rate for
Windows is much higher.

IF there was even a quarter of the political reaction to M$ bugs as there
has been to the leaky buildings scandal, M$ would be running for cover
here in NZ.


>
> Cheers,
> Nicholas Sherlock


 
Reply With Quote
 
Nicholas Sherlock
Guest
Posts: n/a
 
      08-23-2003
Evil Bastard wrote:
> And to date, Windows exploit incidents outnumber Linux exploit
> incidents by orders of magnitude. Even on a per-capita basis, the
> incident rate for Windows is much higher.


That's because to even get Linux installed, running and working, you need a
moderate level of computer skill. This means that you are more likely to
know how to set up a computer correctly.

Cheers,
Nicholas Sherlock


 
Reply With Quote
 
Enkidu
Guest
Posts: n/a
 
      08-23-2003
On Sat, 23 Aug 2003 15:18:55 +1200, Lennier
<(E-Mail Removed)> wrote:

>On Sat, 23 Aug 2003 15:08:11 +1200, Enkidu wrote:
>
>> The first thing I do
>> with a new Unix box is download all the security patches and updates that
>> I can find and there are lots.

>
>If you're dealing with new Unix boxen, why is it that they need to be
>patched so very soon after installation?
>
>Surely if you're dealing with Unix you've been given the latest
>version of your particular variety of Unix, and the latest versions of the
>software that the client has requested.
>

Because if you get an ISO of, say, RH8, it will have been made some
time ago. RH do not upgrade their ISO with every new patch, I believe.
The latest ISO is dated 13/3/2003 on the RH site, which is pretty old.
If you have a boxed set it will be *at least* as old as that.

You do not normally get given a copy of Linux with a server machine.
For instance, on the Compaq DL360s that I have installed RH Linux, you
get no operating system with the box.
>
>Besides, I imagine that these days there aren't all that many new
>installations of Unix.
>

You are joking! Apart from anything else, hardware and software
upgrades need to be done and sometimes it is easier to re-install than
upgrade software.

Cheers,

Cliff
--

Signed and sealed with Great Seal of the Executive
Council of the Internet, by The Master of The Net.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Tetration (print 100^100^100^100^100^100^100^100^100^100^100^100^100^100) jononanon@googlemail.com C Programming 5 04-25-2012 08:49 PM
100% TABLE + 100% ROW + 100% DIV..? fred Javascript 3 03-17-2005 04:25 AM
Virus, Virus, Virus..... Phil B Computer Support 2 09-22-2003 05:02 PM



Advertisments