Main Area and Open Discussion > General Software Discussion
windows security - what's really necessary?
J-Mac:
What is necessary is entirely dependent on the people that will use the system. -Tekzel (January 29, 2008, 08:12 AM)
--- End quote ---
I agree as long as you mean it is dependent on the browsing behavior of the person using the system, as opposed to what that person thinks he or she needs! Case in point: My dear little brother, who was without any shadow of a doubt "fully protected" by the demo of Norton that came with his three year old PC, and hits every stinking warez site he can find. Then calls me when his PC starts "acting weird or something". :o :mad:
Lately, I find that the Microsoft OneCare product is nice. Reasonably priced, reasonably effective, and here is the good part, doesn't molest the hell out of a user's PC like anything with Symantec or McAfee in the name.
--- End quote ---
I found early versions of OneCare to be lacking user-configurability, similar to what Lashiec mentioned about Defender in his post above this one. Though admittedly it may have changed for the better since then.
Jim
Stoic Joker:
Okay, First I'd like to thank Target for spinning off this thread.
Now I'm beginning seeing a glimmer of reality appear hear (in this thread) as it is ultimately, completely up to the user as to whether or not their ass stays attached, or gets blown into he weeds. AOL (the ignorance baseline...) had an ad campaign a while back with a tag line of "Safety and Security is Simple ... Just Click Here". To this day when I hear the phrase Just Click Here I still bristle a bit as I actively resist the urge to go ballistic.
I do on-site service work for both large companies and home users, so I get to see a good cross section of best and worst cases. The worst I ever saw were (hands down 5 star winners) the Just-Click-Here AOL machines that were being handled by novice users that just "checked their Email", and swapped greeting cards/Jokes/etc. with "friends" (that they met in chat rooms...). We're talking the High Dollar, Top Shelf, Media Center PCs that were taking 45Min to boot into Safe Mode brand of totally hosed here folks! ...I'm not talking about Kids running Kazaa & surfing Warez, these are middle-aged House Wives and Bank Managers. ...That thought they were "Safe" ... Because the happy little blinking icon told them so. *Bangs head on Desk*
[This Just In...] The Storm Worm, latest of the great (overly hyped) interweb deamons...has a few interesting requirements to infect ones machine:
A. Somebody Must open & run (with scissors...) the Attachment!
B. That someone Must also be running with administrative credentials, so ... the bugg will have PeRmiSsiOn ... to install itself as a Windows System Service. (Ding! Ding! Ding! Ding! ...Hello!!!)
C. Be running a web server that is behind on security updates so it can inject itself into a new distro point.
Q. Which security products would have protected the user from (themselves...) and prevented this little pandemic?
A. None of them.
Item 2 - What constitutes "Bad Places" on the Interweb?
Porn sites?! ...No. Yes they got a bad rap a while back with the dialers and such, but they've really pretty much cleaned up their act. Unless you're looking for something really depraved or illegal you're reasonably safe in that territory. Yes, I've checked.
Warez sites? Meh there are tons of Script Kiddie new comers to the scene that have web-rings of god knows what-all. But there are plenty of the old schoolers still in the game that maintain the Honor-Among-Thieves code closely enough to make for reasonably safe travel if you know what you're doing. Of course piracy is illegal, so if the long arm of the law springs out of you're own ass and grabs you by the throat for stealing ...(hay)... who am I to complain...?
P2P networks? Now here's a budding nightmare. I can get songs for free! True. But if you don't fully understand the file formats you're dealing with ... The service call will likely cost more than the album would have.
Good God, this is turning into a diatribe (not actually my intention), Sorry.
I guess the (short form) point I'm trying to make is that traveling the Internet highway is no different than traveling the interstate highway, If you don't Drive Defensively ... You're going to end up with a wrecked car-puter.
The primary objective is to avoid getting infected in the first place. The outbound firewall game is a nothing more than a plan B attempt to save face after Plan A failed. Sure you prevented your comp from joining in the Zombie Squad, but you're still hemorrhaging resources and leaking the infection out of every hole the thing can find (You send mail...It sends mail).
Common sense and a condom beats the hell out of a lengthy discussion about if we should keep "it".
J-Mac:
Stoic Joker,
Probably preaching to the choir here at DC, but still a good post! Common sense, so sadly lacking in those from whom we would usually expect better, is still the rule.
Thanks.
Jim
Target:
there's no getting around the user, but it's probably safe (:huh:) to assume that most here are reasonably savvy about the dangers
I have heard several opinions expressed regarding the relative value of outbound firewalling, but can't help but consider it essential
I'm on dialup so a router isn't an option, and like Nosh, I hoard my bandwidth and really <i>really</i> don't like the idea of anything calling out (regardless of it's intent) without my knowledge.
Basically I see it as just another tool, a means of identifying a potential infection/compromise, and given that most infections these days are likely to come from inside your firewall (see StoicJokers input above regarding PEBKAC* problems) it would seem prudent to implement this feature.
it's also hard to take a recommendation from <i>any</i> of the discussions I've seen so far. For every person who has a good experience of firewall X, there is at least one with bad...
Not much said about the other options (AV, antispy/malware) so far - as Lashiec said, there are heaps of choices out there, but what to choose??
Do we <i>really</i> need spyware detection? Do we <i>really</i> need ad blocking? Do we <i>really</i> need a trojan hunter? Do we <i>really</i> need <insert you're choice here>?
and if we do, how do we measure it's effectiveness/value?
Personally I've used both Spybot and AdAware (and probably others) at various times and found little benefit from either - maybe I've been lucky, who knows, but the upkeep certainly wasn't worth the returns.
Another thought occurs to me - just what is the real danger here?
others have referred to this obliquely, but are we so caught up in the general hype surrounding the latest crop of super wonder mega fireproof antimalware pro apps that we've lost sight of what it is we're actually trying to guard against? Is the threat <i>really</i> as serious as industry and the media would have us believe?
I've seen references that these days virii don't seem to be destructive (ie they don't trash you're data/hardware). If this is the case, and I suspect it is, then what are they doing, sending spam emails? if this is the worst of it then it doesn't seem like a serious issue (apart from the potential liability issues :o). What about fraud/identity theft? is this a common problem that could be minimised using the available tools? (this isn't a problem for me - I have a simple rule about this stuff, if I don't want anyone to know, or I can't afford to lose it, I don't keep it on my PC. I know this isn't practical/possible for everyone, but the sentiment stands)
Target
* PEBKAC - <b>P</b>roblem <b>E</b>xists <b>B</b>etween <b>K</b>eyboard <b>A</b>nd <b>C</b>hair
J-Mac:
I am probably a cynic (well, actually I am a cynic; I realize fully that! But here I mean the cynic in me speaking out!), but personally I feel that much of the hype about malware infections is generated to keep PC security products moving off the shelves. I truly am not a conspiracy theorist by any stretch, but I do think that the problem is significantly overstated by the software industry and much of the media that covers it. As much as I read about computer security, including all the warnings and cautionary stuff that hits my RSS reader and mailbox daily, I can't help but to notice that I never see very much about mass identity thefts, loss of tangible assets, etc. due entirely to malware infections.
The predominant goal of most malware I see hitting the masses is to grab people's attention for the purpose of getting a larger share of their spending. Adware, browser hijacking, redirecting people's search toolbars to show targeted advertising. This is where I see most malware hitting. And, of course, to create zombies of the computers of the largely uneducated masses (and I don't mean folks who have no or little schooling, but those who have no earthly idea what they are doing when they open their browsers) for the strict purpose of propagating the above-mentioned adware, BHO's, redirecting search facilities, etc. And spam of course!! Spam, by the way, which seems to be pointless if you think logically about it. Haven't you all wondered who in their right minds would ever respond to these ridiculous spam emails? Actually spam snags enough folks who buy these outlandish products to make it enormously profitable. These spammers aren't sending out millions of messages hourly so they can picture you spending so much time and effort cursing and deleting their emails. They do it only because enough people actually buy the crazy stuff they're pushing!!
But the virus that will destroy your machine, steal your identity, and make your life a complete mess? Sure, it does happen, but to a much smaller percentage of web surfers. But the software companies who develop newer, bigger, and better computer security applications need desperately for us all to be very fearful of malware!! It is an unbelievably rich industry which they are not going to abandon because the threat is not as big as you think it is.
My opinion, anyway!
Jim
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version