Patched Flaw Used in Mayor Attack

Discussion in 'Computer Support' started by Tony, Feb 23, 2007.

  1. Tony

    Tony Guest

    "Au79" <> wrote in message
    news:V0uDh.322351$...
    > Mass-pharming attack targeting 50 banks is shut down
    >
    > By Frank Washkuch Jr. Feb 22 2007 16:10
    >


    Not much point in posting that info here, you're far too late! Wrong group
    anyway.
     
    Tony, Feb 23, 2007
    #1
    1. Advertising

  2. Tony

    Au79 Guest

    Mass-pharming attack targeting 50 banks is shut down

    By Frank Washkuch Jr. Feb 22 2007 16:10

    Fifty financial institutions in the United States, Europe and the
    Asia-Pacific region were hit with a well crafted pharming attack this week.

    In preparation for the attacks, hackers created mock pharming websites for
    each financial institution they targeted, according to press reports from
    the IDG News Service.

    Researchers from Websense told the wire service that attackers lured victims
    to a website hosting malicious code that exploited a patched Microsoft
    vulnerability.

    Microsoft patched the flaw last May. The vulnerability requires a user to
    only visit a website to have his or her PC infected by malware.

    In this attack, the malicious website would download a trojan known as
    ieexplorer.exe, which downloads more malware from Russia. The websites then
    display an error message asking users to shut off firewalls and anti-virus
    software, according to the reports.

    Victimized users are then redirected to the malicious pharming websites that
    appear similar to legitimate financial websites. Attackers can use the
    collected personal information for identity fraud, or sell the details to
    other criminals.

    Dan Hubbard, vice president of security research at Websense, told
    SCMagazine.com today that the attacks were well researched and designed.

    "They are very well planned and thought out. Resilient infrastructures,
    sophisticated malcode and very good back-end control and statistic," he
    said. "The use of malicious code is growing very fast. This is being used
    more and more and we believe it will rise in both frequency and
    sophistication. The attack success percentages are higher also."

    ISPs have shut down websites hosting the malicious code in Germany, Estonia
    and the United Kingdom. The attack also installs a bot on infected PCs,
    according to the report.

    http://scmagazine.com/us/news/article/635161/mass-pharming-attack-targets-50-banks/

    --
    ....................
    http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
    http://rixstep.com/1/20040719,00.shtml
    http://free.thelinuxstore.ca/
     
    Au79, Feb 23, 2007
    #2
    1. Advertising

  3. Tony

    Fuzzy Logic Guest

    Au79 <> wrote in news:V0uDh.322351$:

    > Mass-pharming attack targeting 50 banks is shut down
    >
    > By Frank Washkuch Jr. Feb 22 2007 16:10
    >
    > Fifty financial institutions in the United States, Europe and the
    > Asia-Pacific region were hit with a well crafted pharming attack this
    > week.
    >
    > In preparation for the attacks, hackers created mock pharming websites
    > for each financial institution they targeted, according to press reports
    > from the IDG News Service.
    >
    > Researchers from Websense told the wire service that attackers lured
    > victims to a website hosting malicious code that exploited a patched
    > Microsoft vulnerability.
    >
    > Microsoft patched the flaw last May. The vulnerability requires a user
    > to only visit a website to have his or her PC infected by malware.


    Once again showing the importance of properly maintaining your system.

    If my car has a safety recall and I ignore it and then fall victim to the issue it's NOT the manufacturer's fault.

    > In this attack, the malicious website would download a trojan known as
    > ieexplorer.exe, which downloads more malware from Russia. The websites
    > then display an error message asking users to shut off firewalls and
    > anti-virus software, according to the reports.
    >
    > Victimized users are then redirected to the malicious pharming websites
    > that appear similar to legitimate financial websites. Attackers can use
    > the collected personal information for identity fraud, or sell the
    > details to other criminals.
    >
    > Dan Hubbard, vice president of security research at Websense, told
    > SCMagazine.com today that the attacks were well researched and designed.
    >
    > "They are very well planned and thought out. Resilient infrastructures,
    > sophisticated malcode and very good back-end control and statistic," he
    > said. "The use of malicious code is growing very fast. This is being
    > used more and more and we believe it will rise in both frequency and
    > sophistication. The attack success percentages are higher also."
    >
    > ISPs have shut down websites hosting the malicious code in Germany,
    > Estonia and the United Kingdom. The attack also installs a bot on
    > infected PCs, according to the report.
    >
    > http://scmagazine.com/us/news/article/635161/mass-pharming-attack-targets
    > -50-banks/
    >
     
    Fuzzy Logic, Feb 23, 2007
    #3
  4. Tony

    Au79 Guest

    Fuzzy Logic wrote:

    > Au79 <> wrote in news:V0uDh.322351$:
    >
    >> <snipped>
    >>
    >> Microsoft patched the flaw last May. The vulnerability requires a user
    >> to only visit a website to have his or her PC infected by malware.

    >
    > Once again showing the importance of properly maintaining your system.
    >
    > If my car has a safety recall and I ignore it and then fall victim to the
    > issue it's NOT the manufacturer's fault.
    >


    Windos is a car that gets recalled often. I wonder if users just get sick of
    dealing with it to the point where it's just easier to ignore all the
    warnings.


    --
    ....................
    http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
    http://rixstep.com/1/20040719,00.shtml
    http://free.thelinuxstore.ca/
     
    Au79, Feb 24, 2007
    #4
  5. Tony

    Fuzzy Logic Guest

    Au79 <> wrote in news:ZERDh.14594$:

    > Fuzzy Logic wrote:
    >
    >> Au79 <> wrote in news:V0uDh.322351$:
    >>
    >>> <snipped>
    >>>
    >>> Microsoft patched the flaw last May. The vulnerability requires a user
    >>> to only visit a website to have his or her PC infected by malware.

    >>
    >> Once again showing the importance of properly maintaining your system.
    >>
    >> If my car has a safety recall and I ignore it and then fall victim to
    >> the issue it's NOT the manufacturer's fault.
    >>

    >
    > Windos is a car that gets recalled often. I wonder if users just get
    > sick of dealing with it to the point where it's just easier to ignore
    > all the warnings.


    All major OS's get frequent 'recalls'. For example I know of 4 patches this month for SuSE alone:

    http://www.linuxsecurity.com/content/blogcategory/100/112
     
    Fuzzy Logic, Feb 27, 2007
    #5
  6. Tony

    Fuzzy Logic Guest

    Au79 <> wrote in news:b8pFh.26051$:

    > Fuzzy Logic wrote:
    >
    >> Au79 <> wrote in news:ZERDh.14594$:
    >>
    >>> Fuzzy Logic wrote:
    >>>
    >>>> Au79 <> wrote in news:V0uDh.322351$:
    >>>>
    >>>>> <snipped>
    >>>>>
    >>>>> Microsoft patched the flaw last May. The vulnerability requires a user
    >>>>> to only visit a website to have his or her PC infected by malware.
    >>>>
    >>>> Once again showing the importance of properly maintaining your system.
    >>>>
    >>>> If my car has a safety recall and I ignore it and then fall victim to
    >>>> the issue it's NOT the manufacturer's fault.
    >>>>
    >>>
    >>> Windos is a car that gets recalled often. I wonder if users just get
    >>> sick of dealing with it to the point where it's just easier to ignore
    >>> all the warnings.

    >>
    >> All major OS's get frequent 'recalls'.

    >
    > The key word here is 'frequent'. windos is the king of 'frequent' recalls.
    >
    >> For example I know of 4 patches
    >> this month for SuSE alone:
    >>
    >> http://www.linuxsecurity.com/content/blogcategory/100/112

    >
    > I haven't heard of SuSE providing a patch for a patch, or have "Patch
    > Tuesdays" with up to twelve critical holes that never seem to go away.


    I supplied this example in another post to you. In case you missed it.

    Here are two patches for the SuSE Kernel released within 3 months of each other:

    http://www.linuxsecurity.com/content/view/127226/170/
    http://www.linuxsecurity.com/content/view/126321/170/

    There are many good reasons for "Patch Tuesday":

    http://en.wikipedia.org/wiki/Patch_Tuesday

    Also of the 12 most recents Windows updates close to half were Office related. If you are including non-OS
    patches there were 15 security updates for SuSE in January:

    http://www.linuxsecurity.com/content/blogcategory/100/112/
     
    Fuzzy Logic, Mar 1, 2007
    #6
  7. Tony

    Au79 Guest

    Fuzzy Logic wrote:

    > Au79 <> wrote in news:b8pFh.26051$:
    >
    >> Fuzzy Logic wrote:
    >>
    >>> Au79 <> wrote in news:ZERDh.14594$:
    >>>
    >>>> Fuzzy Logic wrote:
    >>>>
    >>>>> Au79 <> wrote in news:V0uDh.322351$:
    >>>>>
    >>>>>> <snipped>
    >>>>>>
    >>>>>> Microsoft patched the flaw last May. The vulnerability requires a
    >>>>>> user to only visit a website to have his or her PC infected by
    >>>>>> malware.
    >>>>>
    >>>>> Once again showing the importance of properly maintaining your system.
    >>>>>
    >>>>> If my car has a safety recall and I ignore it and then fall victim to
    >>>>> the issue it's NOT the manufacturer's fault.
    >>>>>
    >>>>
    >>>> Windos is a car that gets recalled often. I wonder if users just get
    >>>> sick of dealing with it to the point where it's just easier to ignore
    >>>> all the warnings.
    >>>
    >>> All major OS's get frequent 'recalls'.

    >>
    >> The key word here is 'frequent'. windos is the king of 'frequent'
    >> recalls.
    >>
    >>> For example I know of 4 patches
    >>> this month for SuSE alone:
    >>>
    >>> http://www.linuxsecurity.com/content/blogcategory/100/112

    >>
    >> I haven't heard of SuSE providing a patch for a patch, or have "Patch
    >> Tuesdays" with up to twelve critical holes that never seem to go away.

    >
    > I supplied this example in another post to you. In case you missed it.
    >
    > Here are two patches for the SuSE Kernel released within 3 months of each
    > other:
    >
    > http://www.linuxsecurity.com/content/view/127226/170/
    > http://www.linuxsecurity.com/content/view/126321/170/
    >
    > There are many good reasons for "Patch Tuesday":
    >
    > http://en.wikipedia.org/wiki/Patch_Tuesday
    >
    > Also of the 12 most recents Windows updates close to half were Office
    > related. If you are including non-OS patches there were 15 security
    > updates for SuSE in January:
    >
    > http://www.linuxsecurity.com/content/blogcategory/100/112/


    ....and yet, Linux is clearly far more secure than windos.

    --
    ....................
    http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
    http://rixstep.com/1/20040719,00.shtml
    http://free.thelinuxstore.ca/
     
    Au79, Mar 2, 2007
    #7
  8. Tony

    Fuzzy Logic Guest

    Au79 <> wrote in news:SwNFh.233606$:

    > Fuzzy Logic wrote:
    >
    >> Au79 <> wrote in news:b8pFh.26051$:
    >>
    >>> Fuzzy Logic wrote:
    >>>
    >>>> Au79 <> wrote in news:ZERDh.14594$:
    >>>>
    >>>>> Fuzzy Logic wrote:
    >>>>>
    >>>>>> Au79 <> wrote in news:V0uDh.322351$:
    >>>>>>
    >>>>>>> <snipped>
    >>>>>>>
    >>>>>>> Microsoft patched the flaw last May. The vulnerability requires a
    >>>>>>> user to only visit a website to have his or her PC infected by
    >>>>>>> malware.
    >>>>>>
    >>>>>> Once again showing the importance of properly maintaining your system.
    >>>>>>
    >>>>>> If my car has a safety recall and I ignore it and then fall victim to
    >>>>>> the issue it's NOT the manufacturer's fault.
    >>>>>>
    >>>>>
    >>>>> Windos is a car that gets recalled often. I wonder if users just get
    >>>>> sick of dealing with it to the point where it's just easier to ignore
    >>>>> all the warnings.
    >>>>
    >>>> All major OS's get frequent 'recalls'.
    >>>
    >>> The key word here is 'frequent'. windos is the king of 'frequent'
    >>> recalls.
    >>>
    >>>> For example I know of 4 patches
    >>>> this month for SuSE alone:
    >>>>
    >>>> http://www.linuxsecurity.com/content/blogcategory/100/112
    >>>
    >>> I haven't heard of SuSE providing a patch for a patch, or have "Patch
    >>> Tuesdays" with up to twelve critical holes that never seem to go away.

    >>
    >> I supplied this example in another post to you. In case you missed it.
    >>
    >> Here are two patches for the SuSE Kernel released within 3 months of each
    >> other:
    >>
    >> http://www.linuxsecurity.com/content/view/127226/170/
    >> http://www.linuxsecurity.com/content/view/126321/170/
    >>
    >> There are many good reasons for "Patch Tuesday":
    >>
    >> http://en.wikipedia.org/wiki/Patch_Tuesday
    >>
    >> Also of the 12 most recents Windows updates close to half were Office
    >> related. If you are including non-OS patches there were 15 security
    >> updates for SuSE in January:
    >>
    >> http://www.linuxsecurity.com/content/blogcategory/100/112/

    >
    > ...and yet, Linux is clearly far more secure than windos.


    You appear to be looking through rose coloured glasses. I continue to refute you arguments and yet you
    persist.

    You have stated in previous posts that an unpatched *nix box is still more secure than a fully patched
    Windows box. I really have to question your reasoning. For example if you are running Sun Solaris and you
    haven't installed the appropriate patch you will shortly be a victim of a telnet worm and your system seriously
    compromised:

    http://www.us-cert.gov/cas/techalerts/TA07-059A.html

    You probably don't need to worry about this as you run SuSE and also believe there is no malicious software
    for *nix. I even offered you a "free sample" but you denied such a thing even existed. Keep your head in the
    sand and ignore the signs that as *nix gets more common it's also going to become a more popular target for
    exploitation. Invariably these attacks will take advantage of well documented flaws that have already been
    patched similar to attacks on Windows systems. Most Windows attacks involve an already patched exploit or
    an attack requiring user intervention (opening an unsolicited attachment or running questionable programs that
    the user is enticed to do via social engineering).

    So again I will state your overall system security has more to do with how well it's maintained and used than
    your actual OS. If you don't maintain your OS and/or do stupid things like open unsolicited attachments or
    execute questionable programs you will eventually get burned regardless of the OS. To put it another way
    security is a process that has little to do with the hardware or software you use. No OS is 100% secure and
    your overall system security is a moving target as new flaws are found and fixed. So saying product A is
    'more secure' than product B is nearly impossible unless you are willing to nail down EXACTLY what hardware
    and software you are running, the patch levels and versions of all software on the system including device
    drivers.
     
    Fuzzy Logic, Mar 2, 2007
    #8
  9. Tony

    Au79 Guest

    Fuzzy Logic wrote:

    >> ...and yet, Linux is clearly far more secure than windos.

    >
    > You appear to be looking through rose coloured glasses. I continue to
    > refute you arguments and yet you persist.
    >


    I don't believe that you have refuted any arguments credibly. I continue to
    post voluminous stories from journals around the world about new and
    improved windos vulnerabilities, old vulnerabilities left unpatched, and
    patches that require patches.

    Your entire stance seems to be that it is the user that is the problem, and
    not some arrogant and incompetent conglamorate. Their marketing teams spend
    countless hours touting windos as being the "most secure", only to get egg
    in their face.

    Microsoft, like your arguments, is a technical failure.

    > You have stated in previous posts that an unpatched *nix box is still more
    > secure than a fully patched Windows box. I really have to question your
    > reasoning. For example if you are running Sun Solaris and you haven't
    > installed the appropriate patch you will shortly be a victim of a telnet
    > worm and your system seriously compromised:
    >
    > http://www.us-cert.gov/cas/techalerts/TA07-059A.html
    >


    And while users patch their windos and Unix boxes, the fact remains that
    windos will sprout brand new holes at such an accelerated rate to make Unix
    seem virtually indestructible, patches and all.

    > You probably don't need to worry about this as you run SuSE and also
    > believe there is no malicious software for *nix.


    There's no malicious software that can cause the same amount of damage and
    destruction as in a winbox.

    > I even offered you a
    > "free sample" but you denied such a thing even existed.


    Talk about delusional. Why don't you release this wonder of yours into the
    wild and rid the world of Unix once and for all?

    > Keep your head in
    > the sand and ignore the signs that as *nix gets more common it's also
    > going to become a more popular target for exploitation.


    This old argument has been around for too long. Since 80% of the Internet
    depends on Unix and Unix-based software to run, it is a mighty big target
    that has not been brought down. The fact is that Unix is already a target
    for hard-core hackers, the best coders with the biggest brains have not
    succeeded in turning the net off.

    > Invariably these
    > attacks will take advantage of well documented flaws that have already
    > been patched similar to attacks on Windows systems. Most Windows attacks
    > involve an already patched exploit or an attack requiring user
    > intervention (opening an unsolicited attachment or running questionable
    > programs that the user is enticed to do via social engineering).
    >


    Not Mr. fuz, the worst viral attacks turn PC's into zombies without user
    intervention. Worms and viruses simply get in and meddle with the registry
    and other system areas, sans help.

    > So again I will state your overall system security has more to do with how
    > well it's maintained and used than your actual OS. If you don't maintain
    > your OS and/or do stupid things like open unsolicited attachments or
    > execute questionable programs you will eventually get burned regardless of
    > the OS.


    Yes, your broken record argument. I really don't see how you can believe
    that anyone with a high school education can take you seriously. Every
    thing that you describe above is only- and only- found in a windos
    environment.

    > To put it another way security is a process that has little to do
    > with the hardware or software you use. No OS is 100% secure and your
    > overall system security is a moving target as new flaws are found and
    > fixed.


    Again, all relative, by itself Linux may not be 100% secure against a hard
    core hacker, but comparing it to measly windos, it is 100% secure against
    winbox programmers.

    > So saying product A is 'more secure' than product B is nearly
    > impossible unless you are willing to nail down EXACTLY what hardware and
    > software you are running, the patch levels and versions of all software on
    > the system including device drivers.


    Again, you gotta clear that fuzz off your logic. We are comparing two vastly
    different architectures: One offers its system areas to anyone that passes
    by. The other was design with the assumption that multiple users sharing
    resources within the same system cannot be left unchecked.

    So from the ground-up Unix internal mechanisms do not allow the same
    promiscuity as windos. Oh, but its a good business strategy by MS.


    --
    ....................
    http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
    http://rixstep.com/1/20040719,00.shtml
    http://free.thelinuxstore.ca/
     
    Au79, Mar 3, 2007
    #9
  10. Tony

    Fuzzy Logic Guest

    Au79 <> wrote in news:YB4Gh.120357$:

    > Fuzzy Logic wrote:
    >
    >>> ...and yet, Linux is clearly far more secure than windos.

    >>
    >> You appear to be looking through rose coloured glasses. I continue to
    >> refute you arguments and yet you persist.
    >>

    >
    > I don't believe that you have refuted any arguments credibly. I continue
    > to post voluminous stories from journals around the world about new and
    > improved windos vulnerabilities, old vulnerabilities left unpatched, and
    > patches that require patches.


    I will try and put this in simple terms that hopefully you can understand:

    1) All OS's have vulnerabilities and will continue to have them.
    2) There are often patches for the same component as new vulnerabilities are found in that component (I
    sent you links for 2 patches for the SuSE kernel that have been released within months of each other).
    3) Hackers typically exploit documented vulnerabilities (half the work is done for them) so it's important that
    you apply patches ASAP
    4) If you are not practising safe computer techniques the OS may not be able to protect you from yourself
    (and why should it?).

    > Your entire stance seems to be that it is the user that is the problem,
    > and not some arrogant and incompetent conglamorate. Their marketing
    > teams spend countless hours touting windos as being the "most secure",
    > only to get egg in their face.


    The weakest link in computer security is the user not the OS. Failing to install ONE critical patch is all it takes
    for the bad guys to gain access to your system regardless of the OS.

    > Microsoft, like your arguments, is a technical failure.
    >
    >> You have stated in previous posts that an unpatched *nix box is still
    >> more secure than a fully patched Windows box. I really have to question
    >> your reasoning. For example if you are running Sun Solaris and you
    >> haven't installed the appropriate patch you will shortly be a victim of
    >> a telnet worm and your system seriously compromised:
    >>
    >> http://www.us-cert.gov/cas/techalerts/TA07-059A.html
    >>

    >
    > And while users patch their windos and Unix boxes, the fact remains that
    > windos will sprout brand new holes at such an accelerated rate to make
    > Unix seem virtually indestructible, patches and all.
    >
    >> You probably don't need to worry about this as you run SuSE and also
    >> believe there is no malicious software for *nix.

    >
    > There's no malicious software that can cause the same amount of damage
    > and destruction as in a winbox.
    >
    >> I even offered you a
    >> "free sample" but you denied such a thing even existed.

    >
    > Talk about delusional. Why don't you release this wonder of yours into
    > the wild and rid the world of Unix once and for all?


    I really have no desire to spend time behind bars.

    >> Keep your head in
    >> the sand and ignore the signs that as *nix gets more common it's also
    >> going to become a more popular target for exploitation.

    >
    > This old argument has been around for too long. Since 80% of the
    > Internet depends on Unix and Unix-based software to run, it is a mighty
    > big target that has not been brought down. The fact is that Unix is
    > already a target for hard-core hackers, the best coders with the biggest
    > brains have not succeeded in turning the net off.


    The Internet hardly DEPENDS on *nix. Certainly many servers on the Internet use *nix but that server could
    just as easily be a Windows box running equivalent software. There is no money to made in turning the net
    off so that's unlikely to happen anytime soon.

    >> Invariably these
    >> attacks will take advantage of well documented flaws that have already
    >> been patched similar to attacks on Windows systems. Most Windows
    >> attacks involve an already patched exploit or an attack requiring user
    >> intervention (opening an unsolicited attachment or running questionable
    >> programs that the user is enticed to do via social engineering).
    >>

    >
    > Not Mr. fuz, the worst viral attacks turn PC's into zombies without user
    > intervention. Worms and viruses simply get in and meddle with the
    > registry and other system areas, sans help.


    That's correct the user didn't install a patch that would have prevented this from happening.

    >> So again I will state your overall system security has more to do with
    >> how well it's maintained and used than your actual OS. If you don't
    >> maintain your OS and/or do stupid things like open unsolicited
    >> attachments or execute questionable programs you will eventually get
    >> burned regardless of the OS.

    >
    > Yes, your broken record argument. I really don't see how you can believe
    > that anyone with a high school education can take you seriously. Every
    > thing that you describe above is only- and only- found in a windos
    > environment.


    So you are saying there are no critical vulnerabilities in *nix? That patches don't come out on a regular basis
    for *nix? That maintaining your system is NOT important to your security? That the failure to apply a patch
    for a single critical vulnerability is all it takes to compromise your system? That opening unsolicited
    attachments is OK? That downloading questionable software is fine?

    If so there is no point in any further discussion.

    >> To put it another way security is a process that has little to do
    >> with the hardware or software you use. No OS is 100% secure and your
    >> overall system security is a moving target as new flaws are found and
    >> fixed.

    >
    > Again, all relative, by itself Linux may not be 100% secure against a
    > hard core hacker, but comparing it to measly windos, it is 100% secure
    > against winbox programmers.
    >
    >> So saying product A is 'more secure' than product B is nearly
    >> impossible unless you are willing to nail down EXACTLY what hardware
    >> and software you are running, the patch levels and versions of all
    >> software on the system including device drivers.

    >
    > Again, you gotta clear that fuzz off your logic. We are comparing two
    > vastly different architectures: One offers its system areas to anyone
    > that passes by. The other was design with the assumption that multiple
    > users sharing resources within the same system cannot be left unchecked.
    >
    > So from the ground-up Unix internal mechanisms do not allow the same
    > promiscuity as windos. Oh, but its a good business strategy by MS.
     
    Fuzzy Logic, Mar 7, 2007
    #10
  11. Tony

    Au79 Guest

    Fuzzy Logic wrote:

    > Au79 <> wrote in news:YB4Gh.120357$:
    >
    >> Fuzzy Logic wrote:
    >>
    >>>> ...and yet, Linux is clearly far more secure than windos.
    >>>
    >>> You appear to be looking through rose coloured glasses. I continue to
    >>> refute you arguments and yet you persist.
    >>>

    >>
    >> I don't believe that you have refuted any arguments credibly. I continue
    >> to post voluminous stories from journals around the world about new and
    >> improved windos vulnerabilities, old vulnerabilities left unpatched, and
    >> patches that require patches.

    >
    > I will try and put this in simple terms that hopefully you can understand:
    >
    > 1) All OS's have vulnerabilities and will continue to have them.


    And windos continues to be the weakest of the OS's. It's unprecedented how
    buggy and unreliable this piece of coding embarrassment has been since its
    inception... And all the king's men, and all the king's money can't put it
    together.

    > 2) There are often patches for the same component as new vulnerabilities
    > are found in that component (I sent you links for 2 patches for the SuSE
    > kernel that have been released within months of each other).


    And when Linux needs to be patched, the response from the community is
    swift. Unlike MS which takes forever to release a patch, only to re-relase
    it IF it is released.

    > 3) Hackers
    > typically exploit documented vulnerabilities (half the work is done for
    > them) so it's important that you apply patches ASAP 4) If you are not
    > practising safe computer techniques the OS may not be able to protect you
    > from yourself (and why should it?).
    >


    A well designed system, such as any that is Unix based, can minimize or
    completely eliminate threats and exposures, thus protecting the user. Even
    with all the best practices applied to a windos environment, it will never
    be as secure and reliable as a Linux based environment. This is a fact.

    >> Your entire stance seems to be that it is the user that is the problem,
    >> and not some arrogant and incompetent conglamorate. Their marketing
    >> teams spend countless hours touting windos as being the "most secure",
    >> only to get egg in their face.

    >
    > The weakest link in computer security is the user not the OS. Failing to
    > install ONE critical patch is all it takes for the bad guys to gain access
    > to your system regardless of the OS.
    >


    Again, and again, windos has MANY, (too many) vulnerabilities with new ones
    springing just about every week. At that rate, hackers will continue to be
    ahead of the patching cycle, and as it happend before, continue to make
    zombies out of winboxes (to be fair, windos is can turn a PC into a walking
    cadaver without hacker help).

    >> Microsoft, like your arguments, is a technical failure.
    >>
    >>> You have stated in previous posts that an unpatched *nix box is still
    >>> more secure than a fully patched Windows box. I really have to question
    >>> your reasoning. For example if you are running Sun Solaris and you
    >>> haven't installed the appropriate patch you will shortly be a victim of
    >>> a telnet worm and your system seriously compromised:
    >>>
    >>> http://www.us-cert.gov/cas/techalerts/TA07-059A.html
    >>>

    >>
    >> And while users patch their windos and Unix boxes, the fact remains that
    >> windos will sprout brand new holes at such an accelerated rate to make
    >> Unix seem virtually indestructible, patches and all.
    >>
    >>> You probably don't need to worry about this as you run SuSE and also
    >>> believe there is no malicious software for *nix.

    >>
    >> There's no malicious software that can cause the same amount of damage
    >> and destruction as in a winbox.
    >>
    >>> I even offered you a
    >>> "free sample" but you denied such a thing even existed.

    >>
    >> Talk about delusional. Why don't you release this wonder of yours into
    >> the wild and rid the world of Unix once and for all?

    >
    > I really have no desire to spend time behind bars.
    >


    This is quite laughable: who's going to turn you in, Mr.
    I-can-bring-down-Linux?

    >>> Keep your head in
    >>> the sand and ignore the signs that as *nix gets more common it's also
    >>> going to become a more popular target for exploitation.

    >>
    >> This old argument has been around for too long. Since 80% of the
    >> Internet depends on Unix and Unix-based software to run, it is a mighty
    >> big target that has not been brought down. The fact is that Unix is
    >> already a target for hard-core hackers, the best coders with the biggest
    >> brains have not succeeded in turning the net off.

    >
    > The Internet hardly DEPENDS on *nix. Certainly many servers on the
    > Internet use *nix


    80%

    > but that server could just as easily be a Windows box


    No, it could not. What kind of IDIOT sysadmin or CIO would use the weakest,
    most unreliable operating system to run critical processes.

    > running equivalent software. There is no money to made in turning the net
    > off so that's unlikely to happen anytime soon.
    >


    Hackers, especially the most adept, are not driven by financial incentives
    but by sheer ego; They challenge themselves continously to see who can pull
    off the greatest feat.

    > >> Invariably these
    >>> attacks will take advantage of well documented flaws that have already
    >>> been patched similar to attacks on Windows systems. Most Windows
    >>> attacks involve an already patched exploit or an attack requiring user
    >>> intervention (opening an unsolicited attachment or running questionable
    >>> programs that the user is enticed to do via social engineering).
    >>>

    >>
    >> Not Mr. fuz, the worst viral attacks turn PC's into zombies without user
    >> intervention. Worms and viruses simply get in and meddle with the
    >> registry and other system areas, sans help.

    >
    > That's correct the user didn't install a patch that would have prevented
    > this from happening.
    >


    And yet, there are new (successful) worms and viruses all the time. windos
    really sucks.

    >>> So again I will state your overall system security has more to do with
    >>> how well it's maintained and used than your actual OS. If you don't
    >>> maintain your OS and/or do stupid things like open unsolicited
    >>> attachments or execute questionable programs you will eventually get
    >>> burned regardless of the OS.

    >>
    >> Yes, your broken record argument. I really don't see how you can believe
    >> that anyone with a high school education can take you seriously. Every
    >> thing that you describe above is only- and only- found in a windos
    >> environment.

    >
    > So you are saying there are no critical vulnerabilities in *nix? That
    > patches don't come out on a regular basis for *nix?


    Not at the alarming rate in which windos has to patch its mediocre system.

    > That maintaining your
    > system is NOT important to your security?


    It is important. That's why Linux is better: Patches do their job.

    > That the failure to apply a
    > patch for a single critical vulnerability is all it takes to compromise
    > your system? That opening unsolicited attachments is OK? That downloading
    > questionable software is fine?
    >


    Linux and Mac users have not seen the hell that windos users have seen.
    Microsoft, which caters to the consumer market, has condemned its users to
    a vicious and contemptuous cycle of self-monitoring, self-maintenance, and
    forcing users to patch a system that will never be secure or reliable.

    It isn't Linux that needs to be re-booted or re-installed on a regular
    basis. windos users are accustomed to third party software for OS support,
    the reset button, and System Restore.

    > If so there is no point in any further discussion.
    >


    Please, do shut up.

    >>> To put it another way security is a process that has little to do
    >>> with the hardware or software you use. No OS is 100% secure and your
    >>> overall system security is a moving target as new flaws are found and
    >>> fixed.

    >>
    >> Again, all relative, by itself Linux may not be 100% secure against a
    >> hard core hacker, but comparing it to measly windos, it is 100% secure
    >> against winbox programmers.
    >>
    >>> So saying product A is 'more secure' than product B is nearly
    >>> impossible unless you are willing to nail down EXACTLY what hardware
    >>> and software you are running, the patch levels and versions of all
    >>> software on the system including device drivers.

    >>
    >> Again, you gotta clear that fuzz off your logic. We are comparing two
    >> vastly different architectures: One offers its system areas to anyone
    >> that passes by. The other was design with the assumption that multiple
    >> users sharing resources within the same system cannot be left unchecked.
    >>
    >> So from the ground-up Unix internal mechanisms do not allow the same
    >> promiscuity as windos. Oh, but its a good business strategy by MS.


    --
    ....................
    http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
    http://rixstep.com/1/20040719,00.shtml
    http://free.thelinuxstore.ca/
     
    Au79, Mar 9, 2007
    #11
  12. Tony

    Tester Guest

    One of my local supermarkets has an awning which advises that they
    accept "all mayor credit cards". Many of the employees are from Latin
    America and I assume this is an instance of what language teachers
    call "false friends".

    --
    Posted via a free Usenet account from http://www.teranews.com
     
    Tester, Mar 9, 2007
    #12
  13. Tony

    Fuzzy Logic Guest

    Au79 <> wrote in news:qZ7Ih.317473$:

    >> So you are saying there are no critical vulnerabilities in *nix? That
    >> patches don't come out on a regular basis for *nix?

    >
    > Not at the alarming rate in which windos has to patch its mediocre system.


    What is an alarming rate? SuSE had more patches for January than Windows. There are no patches planned
    for Windows for March.

    >> That maintaining your
    >> system is NOT important to your security?

    >
    > It is important. That's why Linux is better: Patches do their job.


    As they do in Windows.

    >> That the failure to apply a
    >> patch for a single critical vulnerability is all it takes to compromise
    >> your system? That opening unsolicited attachments is OK? That downloading
    >> questionable software is fine?
    >>

    > Linux and Mac users have not seen the hell that windos users have seen.
    > Microsoft, which caters to the consumer market, has condemned its users to
    > a vicious and contemptuous cycle of self-monitoring, self-maintenance, and
    > forcing users to patch a system that will never be secure or reliable.
    >
    > It isn't Linux that needs to be re-booted or re-installed on a regular
    > basis. windos users are accustomed to third party software for OS support,
    > the reset button, and System Restore.


    I'm not sure how you can speek for Windows users as I get the impression you stay very far away from that
    environment. I support 600+ Windows users and that certainly hasn't been my experience because we
    properly maintain our systems and offer user training on the safe use of computers.

    My argument is, and will continue to be, that proper system management and safe computing is more important
    to your OVERALL security than the OS you use.

    To put it another way you can have the safest car in the world but if you are a terrible driver it's not going to
    prevent you from having an accident. It MAY mitigate the damage but ultimately it's better to avoid the accident
    altogether.
     
    Fuzzy Logic, Mar 9, 2007
    #13
  14. Tony

    Au79 Guest

    Fuzzy Logic wrote:

    > Au79 <> wrote in news:qZ7Ih.317473$:
    >
    >>> So you are saying there are no critical vulnerabilities in *nix? That
    >>> patches don't come out on a regular basis for *nix?

    >>
    >> Not at the alarming rate in which windos has to patch its mediocre
    >> system.

    >
    > What is an alarming rate? SuSE had more patches for January than Windows.
    > There are no patches planned for Windows for March.
    >


    How about totaling ALL patches for windos vs SuSE from 2005 to 2007?

    >>> That maintaining your
    >>> system is NOT important to your security?

    >>
    >> It is important. That's why Linux is better: Patches do their job.

    >
    > As they do in Windows.


    Bullshit.

    >
    >>> That the failure to apply a
    >>> patch for a single critical vulnerability is all it takes to compromise
    >>> your system? That opening unsolicited attachments is OK? That
    >>> downloading questionable software is fine?
    >>>

    >> Linux and Mac users have not seen the hell that windos users have seen.
    >> Microsoft, which caters to the consumer market, has condemned its users
    >> to a vicious and contemptuous cycle of self-monitoring, self-maintenance,
    >> and forcing users to patch a system that will never be secure or
    >> reliable.
    >>
    >> It isn't Linux that needs to be re-booted or re-installed on a regular
    >> basis. windos users are accustomed to third party software for OS
    >> support, the reset button, and System Restore.

    >
    > I'm not sure how you can speek for Windows users as I get the impression
    > you stay very far away from that environment. I support 600+ Windows users
    > and that certainly hasn't been my experience because we properly maintain
    > our systems and offer user training on the safe use of computers.
    >
    > My argument is, and will continue to be, that proper system management and
    > safe computing is more important to your OVERALL security than the OS you
    > use.
    >


    The OS you use is an INTEGRAL part of an effectively secure environment.
    User education is good, but only to advert social engineering, not to
    convert users into sysadmins.

    > To put it another way you can have the safest car in the world but if you
    > are a terrible driver it's not going to prevent you from having an
    > accident. It MAY mitigate the damage but ultimately it's better to avoid
    > the accident altogether.


    If you have the choice of going cross-country in a Ford Pinto or a BMW,
    well, you should take the most reliable and secure vehicle. I could get by
    on the Pinto if I constantly patch it and kludge it, and re-boot it, and
    use third party parts, and...

    Heck, I'll take the BMW and try not to get a ticket.


    --
    ....................
    http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
    http://rixstep.com/1/20040719,00.shtml
    http://free.thelinuxstore.ca/
     
    Au79, Mar 10, 2007
    #14
  15. On Fri, 09 Mar 2007 20:17:33 -0800, Au79 wrote:

    > Fuzzy Logic wrote:
    >
    >> Au79 <> wrote in news:qZ7Ih.317473$:
    >>
    >>>> So you are saying there are no critical vulnerabilities in *nix? That
    >>>> patches don't come out on a regular basis for *nix?
    >>>
    >>> Not at the alarming rate in which windos has to patch its mediocre
    >>> system.

    >>
    >> What is an alarming rate? SuSE had more patches for January than
    >> Windows. There are no patches planned for Windows for March.
    >>
    >>

    > How about totaling ALL patches for windos vs SuSE from 2005 to 2007?


    As i've said before, you're wasting your time trying to "educate" that
    idiot.

    Not all the patches are applicable, as they're mostly for applications
    which *may* or may *not* be installed by the user (for example:
    A security patch for Opera, *if* you're running Opera, &.....erm...that's
    *not* a SUSE patch!

    Security update patches for the DazukoFS kernel (from RedHat) & *not*
    installed by default, so......anyone running that? (SuSE offers a
    pre-built Dazuko kernel, but not everyone uses it. Besides AppArmor
    conflicts with it.)

    A security patch for Acroread, *if* you've got Acroread installed,
    &.....erm...that's *not* a SUSE patch!

    And so on.....& so on....)

    NOR were January's patches *all* security ones, merely upgrades.

    So saying that "SuSE had more patches for January than windows" is like
    comparing apples & oranges.


    >>>> That maintaining your
    >>>> system is NOT important to your security?
    >>>
    >>> It is important. That's why Linux is better: Patches do their job.

    >>
    >> As they do in Windows.

    >
    > Bullshit.
    >
    >
    >>>> That the failure to apply a
    >>>> patch for a single critical vulnerability is all it takes to
    >>>> compromise your system? That opening unsolicited attachments is OK?
    >>>> That downloading questionable software is fine?
    >>>>
    >>> Linux and Mac users have not seen the hell that windos users have seen.
    >>> Microsoft, which caters to the consumer market, has condemned its users
    >>> to a vicious and contemptuous cycle of self-monitoring,
    >>> self-maintenance, and forcing users to patch a system that will never
    >>> be secure or reliable.
    >>>
    >>> It isn't Linux that needs to be re-booted or re-installed on a regular
    >>> basis. windos users are accustomed to third party software for OS
    >>> support, the reset button, and System Restore.

    >>
    >> I'm not sure how you can speek for Windows users as I get the impression
    >> you stay very far away from that environment. I support 600+ Windows
    >> users and that certainly hasn't been my experience because we properly
    >> maintain our systems and offer user training on the safe use of
    >> computers.
    >>
    >> My argument is, and will continue to be, that proper system management
    >> and safe computing is more important to your OVERALL security than the
    >> OS you use.
    >>
    >>

    > The OS you use is an INTEGRAL part of an effectively secure environment.
    > User education is good, but only to advert social engineering, not to
    > convert users into sysadmins.


    What the bozo forgets is, that a lot of linux users are *ex*windoze users,
    or in some cases still use windoze in their work place, so they *can*
    speak about it.

    >> To put it another way you can have the safest car in the world but if
    >> you are a terrible driver it's not going to prevent you from having an
    >> accident. It MAY mitigate the damage but ultimately it's better to avoid
    >> the accident altogether.

    >
    > If you have the choice of going cross-country in a Ford Pinto or a BMW,
    > well, you should take the most reliable and secure vehicle. I could get by
    > on the Pinto if I constantly patch it and kludge it, and re-boot it, and
    > use third party parts, and...
    >
    > Heck, I'll take the BMW and try not to get a ticket.


    If you have an OS that let's you be an admin by *default*, & can be
    damaged/infected with almost *every* click on *whatever* you fancy, & one
    that won't let anything be installed without you knowing the root
    password, I'll take the latter. Linux, inherently safer by design.

    --
    Contrary to popular belief, the M$ trolls & shills
    *can* tell the difference between their arse
    & their elbow.
    They can't talk out of their elbow.
     
    William Poaster, Mar 10, 2007
    #15
  16. Tony

    Maximum Dog Guest

    Re: Come on Au79 return the favor and toss Sir Rightous Billy's salad.

    Sir Righteous Billy Poaster wrote:

    <snipped>
    > As i've said before, you're wasting your time trying to "educate" that
    > idiot.


    As usual with the name calling, as he and other Linux users, for the
    most part, think they are better than anyone else. They are Super
    Beings, because they are using an O/S a bunch of programs. You strip him
    butt necked and you'll find he is no better than any other man or woman.

    >
    > Not all the patches are applicable, as they're mostly for applications
    > which *may* or may *not* be installed by the user (for example:
    > A security patch for Opera, *if* you're running Opera, &.....erm...that's
    > *not* a SUSE patch!


    Suse is getting patched security wise. I got Suse. Don't let him fool you.
    >
    > Security update patches for the DazukoFS kernel (from RedHat) & *not*
    > installed by default, so......anyone running that? (SuSE offers a
    > pre-built Dazuko kernel, but not everyone uses it. Besides AppArmor
    > conflicts with it.)


    Who cares?

    >
    > A security patch for Acroread, *if* you've got Acroread installed,
    > &.....erm...that's *not* a SUSE patch!


    Who cares?

    >
    > And so on.....& so on....)
    >
    > NOR were January's patches *all* security ones, merely upgrades.


    Oh, Jan., Feb. and Mar. and the fact remains that Suse and Linux in
    general is being patched, because it's written by fallible Human Beings.
    They are not Supermen or Superwomen.

    >
    > So saying that "SuSE had more patches for January than windows" is like
    > comparing apples & oranges.


    A security patch is a security patch no matter what it may be, let's
    call the patches Fruit Loops.
    >
    >
    >
    >>>>>That maintaining your
    >>>>>system is NOT important to your security?
    >>>>
    >>>>It is important. That's why Linux is better: Patches do their job.
    >>>
    >>>As they do in Windows.

    >>
    >>Bullshit.
    >>
    >>
    >>
    >>>>>That the failure to apply a
    >>>>>patch for a single critical vulnerability is all it takes to
    >>>>>compromise your system? That opening unsolicited attachments is OK?
    >>>>>That downloading questionable software is fine?
    >>>>>
    >>>>
    >>>>Linux and Mac users have not seen the hell that windos users have seen.
    >>>>Microsoft, which caters to the consumer market, has condemned its users
    >>>>to a vicious and contemptuous cycle of self-monitoring,
    >>>>self-maintenance, and forcing users to patch a system that will never
    >>>>be secure or reliable.
    >>>>
    >>>>It isn't Linux that needs to be re-booted or re-installed on a regular
    >>>>basis. windos users are accustomed to third party software for OS
    >>>>support, the reset button, and System Restore.
    >>>
    >>>I'm not sure how you can speek for Windows users as I get the impression
    >>>you stay very far away from that environment. I support 600+ Windows
    >>>users and that certainly hasn't been my experience because we properly
    >>>maintain our systems and offer user training on the safe use of
    >>>computers.
    >>>
    >>>My argument is, and will continue to be, that proper system management
    >>>and safe computing is more important to your OVERALL security than the
    >>>OS you use.
    >>>
    >>>

    >>
    >>The OS you use is an INTEGRAL part of an effectively secure environment.
    >>User education is good, but only to advert social engineering, not to
    >>convert users into sysadmins.

    >
    >
    > What the bozo forgets is, that a lot of linux users are *ex*windoze users,
    > or in some cases still use windoze in their work place, so they *can*
    > speak about it.
    >

    And once again, the name calling from a Linux lunatic.

    >
    >>>To put it another way you can have the safest car in the world but if
    >>>you are a terrible driver it's not going to prevent you from having an
    >>>accident. It MAY mitigate the damage but ultimately it's better to avoid
    >>>the accident altogether.

    >>
    >>If you have the choice of going cross-country in a Ford Pinto or a BMW,
    >>well, you should take the most reliable and secure vehicle. I could get by
    >>on the Pinto if I constantly patch it and kludge it, and re-boot it, and
    >>use third party parts, and...
    >>
    >>Heck, I'll take the BMW and try not to get a ticket.

    >
    >
    > If you have an OS that let's you be an admin by *default*, & can be
    > damaged/infected with almost *every* click on *whatever* you fancy, & one
    > that won't let anything be installed without you knowing the root
    > password, I'll take the latter. Linux, inherently safer by design.
    >


    Who cares? There is nothing he can do about this, other than, the usual
    rant, bitch and whine. All one has to do is read this to know that
    there is something inherently wrong with this person.

    Man oh man, it's Sir Righteous Billy on the loose.
     
    Maximum Dog, Mar 10, 2007
    #16
  17. On Fri, 09 Mar 2007 20:17:33 -0800, Au79 wrote:

    > Fuzzy Logic wrote:

    <snip>
    >> What is an alarming rate? SuSE had more patches for January than
    >> Windows. There are no patches planned for Windows for March.
    >>
    >>

    > How about totaling ALL patches for windos vs SuSE from 2005 to 2007?


    An update: The reason why there are no windoze patches for March is *not*
    because windoze doesn't *need* any ( It does. Popular versions of Word
    remain vulnerable to an unpatched vulnerability discovered *four weeks
    ago* that might be used to spread malware, so it's not as if there's no
    need for Microsoft to issue patches.) but its apparently due to the
    result of the upcoming Sunday switch in some geographies to Daylight
    Savings (Summer) Time. Redmond will, however, be making its regular
    monthly update to the Microsoft Windows Malicious Software Removal Tool
    and issuing a number of non-security related high-priority updates as
    normal.


    --
    Contrary to popular belief, the M$ trolls & shills
    *can* tell the difference between their arse
    & their elbow.
    They can't talk out of their elbow.
     
    William Poaster, Mar 10, 2007
    #17
  18. Tony

    Maximum Dog Guest

    Re: Someone want to explain why Sir Rightous Billy keeps steppingon someone else's conversations?

    Sir Righteous Billy Poaster wrote:

    <snipped>

    >
    > An update:


    No one gives a rat's butt about Sir Righteous Billy's take on things.
    Sir Righteous Billy is no authority on anything. How did this Linux
    lunatic anoint himself as some kind of an authority on something? Sir
    Billy will do good to make himself an authority on his own little
    worthless existence.
     
    Maximum Dog, Mar 10, 2007
    #18
  19. Tony

    Fuzzy Logic Guest

    Au79 <> wrote in news:FfqIh.16800$:

    > Fuzzy Logic wrote:
    >
    >> Au79 <> wrote in news:qZ7Ih.317473$:
    >>
    >>>> So you are saying there are no critical vulnerabilities in *nix? That
    >>>> patches don't come out on a regular basis for *nix?
    >>>
    >>> Not at the alarming rate in which windos has to patch its mediocre
    >>> system.

    >>
    >> What is an alarming rate? SuSE had more patches for January than Windows.
    >> There are no patches planned for Windows for March.
    >>

    >
    > How about totaling ALL patches for windos vs SuSE from 2005 to 2007?


    Which Windows (3.1,ME,NT,XP,2003)? The total number, while a metric, is for the most part irrelevant. Again it
    only takes one unpatched critical vulnerabilty to bring down your OS.

    >>>> That maintaining your
    >>>> system is NOT important to your security?
    >>>
    >>> It is important. That's why Linux is better: Patches do their job.

    >>
    >> As they do in Windows.

    >
    > Bullshit.


    We've gone in circles about patches for patches. You seem to believe that there has NEVER been more than
    one patch for any component in *nix. I supplied links showing 2 patches to the SuSE kernel in less than 3
    months. The fact is that you believe that Microsoft is incapable of doing anything right and no argument from me
    will dissuade you of this.

    >>>> That the failure to apply a
    >>>> patch for a single critical vulnerability is all it takes to compromise
    >>>> your system? That opening unsolicited attachments is OK? That
    >>>> downloading questionable software is fine?
    >>>>
    >>> Linux and Mac users have not seen the hell that windos users have seen.
    >>> Microsoft, which caters to the consumer market, has condemned its users
    >>> to a vicious and contemptuous cycle of self-monitoring, self-maintenance,
    >>> and forcing users to patch a system that will never be secure or
    >>> reliable.
    >>>
    >>> It isn't Linux that needs to be re-booted or re-installed on a regular
    >>> basis. windos users are accustomed to third party software for OS
    >>> support, the reset button, and System Restore.

    >>
    >> I'm not sure how you can speek for Windows users as I get the impression
    >> you stay very far away from that environment. I support 600+ Windows users
    >> and that certainly hasn't been my experience because we properly maintain
    >> our systems and offer user training on the safe use of computers.
    >>
    >> My argument is, and will continue to be, that proper system management and
    >> safe computing is more important to your OVERALL security than the OS you
    >> use.
    >>

    > The OS you use is an INTEGRAL part of an effectively secure environment.
    > User education is good, but only to advert social engineering, not to
    > convert users into sysadmins.


    If a person doesn't have the basics of computer security/maintenance no OS will protect them. Nearly all
    attacks on systems are a form of social engineering. The rest take advantage of already patched
    vulnerabilities. The OS cannot protect people from these types of attacks (open this friendly greeting card, click
    on this link to install this lovely free program). Computer savvy users generally do not fall prey to these attacks
    and know to keep their systems updated. My experience, unfortunately, is that there are a vast number of
    users who do not have even the most basic computer security skills and this is why (not because of the OS)
    their machines have malware. I stand by my argument that these users will get in trouble with any OS simply
    because they lack these basic skills.

    >> To put it another way you can have the safest car in the world but if you
    >> are a terrible driver it's not going to prevent you from having an
    >> accident. It MAY mitigate the damage but ultimately it's better to avoid
    >> the accident altogether.

    >
    > If you have the choice of going cross-country in a Ford Pinto or a BMW,
    > well, you should take the most reliable and secure vehicle. I could get by
    > on the Pinto if I constantly patch it and kludge it, and re-boot it, and
    > use third party parts, and...
    >
    > Heck, I'll take the BMW and try not to get a ticket.


    I'd take the one that was better maintained. The BMW may not have have any oil in it becuase the owner didn't
    realize it needs regular maintenance.
     
    Fuzzy Logic, Mar 13, 2007
    #19
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. DVD Verdict
    Replies:
    0
    Views:
    471
    DVD Verdict
    Sep 28, 2004
  2. Au79

    IE flaw bypasses fully patched systems

    Au79, Sep 20, 2006, in forum: Computer Support
    Replies:
    6
    Views:
    443
    Tree Air Freshener
    Sep 21, 2006
  3. Au79
    Replies:
    0
    Views:
    491
  4. Au79
    Replies:
    2
    Views:
    506
  5. Au79

    New PowerPoint flaw used in attack

    Au79, Jul 22, 2007, in forum: Computer Support
    Replies:
    0
    Views:
    417
Loading...

Share This Page