Jump to content
Sign in to follow this  
Doug

Second hand smoke ?

Recommended Posts

It's a good idea, but hard to implement in my opinion. People who think their computers are fine but actually are botnets will not believe the accusations since they cannot see anything wrong and will get :filtered: off.

 

Let's be real though...a lot of this stems from the fact that Windows is vulnerable. Shouldn't Microsoft be held more responsible?

Share this post


Link to post
Share on other sites

A lot of people are clueless what a botnet is, much less in what it does. If their pc runs slow, they put up with it until it will not run and then that's when they decide they need somebody to look at it. Does it infringe on a freedom? does it infringe on another freedom more than your freedom? Will people give their ISP's that much control? Many questions and no answers

Share this post


Link to post
Share on other sites

It's a good idea, but hard to implement in my opinion. People who think their computers are fine but actually are botnets will not believe the accusations since they cannot see anything wrong and will get :filtered: off.

 

Let's be real though...a lot of this stems from the fact that Windows is vulnerable. Shouldn't Microsoft be held more responsible?

 

Still wishing to hear from other knowledgeable members, I disagree in general with the Microsoft idea of quarantine as a sole solution without necessary support to remedy situations as they are discovered.

 

And while I acknowledge that Windows is buggy, I would point out that Linux and other OS users may pass along infected attachments without knowing it. Additionally, MS took a good step forward with UAC in Vista and with IE 8.0 default settings. We should be able to expect more from MS, but theirs is a huge problem (yes at least mostly of their own making)

 

MS should be encouraged to do more to fit their OS with enhanced security at least to the standards available from third-party antivirus and antispyware.

 

Laying the problem off on the user probably won't work.

Laying the problem off on ISP's may cause some improvements in some instances, but plenty of ISP's world-wide will most likely reject any burden upon themselves.

Share this post


Link to post
Share on other sites

I know that Linux machines pass along malicious files without knowing it, but they vulnerable machines they are passing it on to are usually running Windows, hence the Microsoft responsibility. The UAC and Security Essentials are a decent start, but why stop there? This isn't the discussion though so I will not harp on this any longer.

 

As for the quarantine, it just makes sense. The people who get infected have no regard for their machine or others. They will click on any link, run as administrator, and then not use any security software. Smoking was acceptable in public and was very common until the dangerous and public concerns came out. This is the same way. It's understood how dangerous the internet is now and how to protect your computer is information that is widely available, so why do we put up with the reckless few who put everyone else at risk? The ends are clear, and good. The means, however, are the question. It's going to take resources to root out the violators, and even then, you might have people who do everything right but still get infected. The privacy question doesn't come in to play here. If it did, then public smoking would still be allowed, since, after all, why should anyone care what anyone else does to themselves? But the fact is it puts others at an unnecessary risk. As for the end of that article, the advice leaves a bit to be desired. Running as admin should be included, as well as the fact that running multiple security suites does more harm than good.

Share this post


Link to post
Share on other sites

I wonder if the solution proposers will try to place any responsibility upon Forums that offer Malware Removal?

It would certainly be a matter of biting the hand that helps you, but I wouldn't put it past them to try.

 

I'm guessing that the vast majority of repairs for infected machines, come down to format and re-install.

I'm further guessing that Malware Removal assistance via Forums amounts to a tiny percentage of total repairs.

But such specialists as our Trusted Advisors are quite visible and could catch some of the blame and/or be pressured to "report".

 

Any such "pressure to report" would be a travesty in my opinion.

 

And from a different perspective, though dealing with only a small percentage of infected machines, I would guess that the combined repair efforts and research of Trusted Advisors and tool Developers account for a significantly large portion of new protection and improvement of existing tools offered by free and retail vendors.

Share this post


Link to post
Share on other sites

M$ has come out with their own flavor of an antivirus/antispy software and believe it or not, I'm hearing good reports about it still....but I'm not holding my breath

Share this post


Link to post
Share on other sites

I think it's a great idea so lets start at point A ban all Microsoft products until Microsoft can secure them properly.

 

Don't :filtered: around with what happens after the software leaves, nip it right in the bud at the source of the problem, in Redmond

Share this post


Link to post
Share on other sites

I think it's a great idea so lets start at point A ban all Microsoft products until Microsoft can secure them properly.

 

Don't :filtered: around with what happens after the software leaves, nip it right in the bud at the source of the problem, in Redmond

 

I think the 94% of people that use computers might get :filtered: off about that...but then they would either switch or demand M$ fix the problem....well, that might work,

Share this post


Link to post
Share on other sites

Time Warner here does this already. The first time they will accept the customers word it was fixed, The next time they make customers seek professional help and fax in a receipt showing it is clean again.

 

3 this month already ;) $$$

Share this post


Link to post
Share on other sites

Why bother. Google says the desktop PC will be dead in 3 years and Microsoft is betting the company on the cloud. IF we cant store and gather data and all of it will be on the cloud then its up to those two big dumb juggernauts to worry about these threats.

 

I dont really believe any of that. I think the desktop PC will continue on for a long long time thanks to gamers, hobbyists, and video editors. I also think the cloud is a joke and not only will it not work but no one in their right mind would participate. If you think your interested in the cloud you may want to research it and get to know some of these companys who cant handle the data they are responible for now.

 

The only way to control these threats is by education. My High School had a room full of PC's. They tried to teach me how to type on them and never tried to teach me about maintaining them or anything important. I learned on my own but I wish I was taught this then. Would have saved me alot. Thats needs to happen today and can very easily be done in place of Home Ec. or any other class that doesnt prepare a student to earn a living. Like Social Studies.

 

Or whatever. I make a very good living fixing computers for people on the side. Getting rid of virus's, optimizing their pc's, replacing parts. They cant be bothered. I can for a price.

Share this post


Link to post
Share on other sites

The only way to control these threats is to stop it at the source of the problem.

 

Make the software vendors financially liable for the billions and billions of dollars in losses their inherently insecure systems.

 

No other industry gets a pass on creating crappy products. The software industry shouldn't either.

 

If they spent as much on actually writing good, secure software, as they do on marketing that would be a small step in the right direction.

Share this post


Link to post
Share on other sites

Yes, and lets close all retail stores untill they can't be robbed, or insist you can't appear in public unless you can adequately protect yourself from thugs. :rofl2:

Share this post


Link to post
Share on other sites

Nope not what I am saying at all.

 

But lets not open retail stores with no doors and windows.

 

Lets not open banks with plywood doors on their vaults.

 

Lets not pay for bowls that are supposed to hold water but instead are colanders with thousands of holes in them.

 

But finally when we pay for something, lets make sure that the same rules apply to that product as do all others.

 

A person appearing in public and being mugged, has nothing to do with purchasing a product that is claimed to safe and secure, only to find out that you were not only mislead, but outright lied to.

 

There is a difference between a system being "mugged" (hacked) and common known security problems that allow systems to be compromised by the millions everyday because those security issues are not resolved, continue to be unresolved and there are no plans to resolve them.

Edited by Bruce

Share this post


Link to post
Share on other sites

The only way to control these threats is by education. My High School had a room full of PC's. They tried to teach me how to type on them and never tried to teach me about maintaining them or anything important. I learned on my own but I wish I was taught this then. Would have saved me alot. Thats needs to happen today

I just cleaned an 11 year olds' computer. He saved his money and bought his own Toshiba laptop.

When should educating against the dangers of downloading from someone else's file from a dirty flash drive start? Who does it start with... the parents (who know nothing), or possibly a CD that comes with the computer. PC Pitstop had a really good CD (at one time) warning about the dangers that lurk within the Internet.

Share this post


Link to post
Share on other sites

It has never worried or bothered me to copy thousands of files from someone elses flash or USB drive.

 

The reason being, my operating system isn't prone to be compromised by such a simple process as copy and paste.

 

Education should start with the people who write the code. Perhaps when they learn how to write code that isn't full of holes a simple copy and paste procedure won't be a big bad scary thing :lol:

Share this post


Link to post
Share on other sites

Ah ... but his friend downloaded pirated games, and he loaded the whole ball of wax onto his computer. He didn't know the games were filled with Trojans and a rootkit.

Share this post


Link to post
Share on other sites

I fail to see the point?

 

What does where he gets the trojans from matter?

 

The fact that the system allows such things to happen is the problem, not where they came from.

Share this post


Link to post
Share on other sites

All operating systems are vulnerable to rootkits, and getting software illegally only adds to that risk

Share this post


Link to post
Share on other sites

Yes it is a fact that all systems are vulnerable to such things Joe.

 

Some of course more so then others, and root kits need administrator privelidges to be installed.

 

Thus the problem that the system shouldn't allow it to happen without the users knowledge.

 

I love the fact that if I choose to I can see all the code to anything I might install on my system, but even better, thousands of other eyes pour over the code looking for such things making it that much safer, and 99% of everything I install either has an md5 sum, or a pgp key.

 

The things that don't I don't install system wide.

 

But best of all I don't have to worry about an mp3 or some video file or web site bringing my system down ;)

 

Just about every operating system out there other then windows requires physical access to hack with a root kit or trojan.

Share this post


Link to post
Share on other sites

Bruce, you aren't 11 years old either. :P

 

"Knowledge and Prevention" are the key words here .... when and how do we teach this factor?

 

There are holes in applications... not just in Windows OS, waiting for the malicious code writers to do their best work. Shutting down the computer, or putting it in a 'rubber room' is not the answer!

 

How about a written test (like a driver's license test) before you can even operate the system? Would that prove to be helpful? :huh:

Share this post


Link to post
Share on other sites

At the source. I have already said that a few times.

 

It needs to be taught to the people who write the code for the operating systems that get compromised so easily.

 

As for applications with holes, yep they exist. But why is it those applications are allowed by the operating system to alter core kernel directories, and system settings?

 

That would be because the system itself is the problem. ;)

Share this post


Link to post
Share on other sites

The fact that Windows runs in admin virtually the entire time by default is a huge problem. If you get your system optimized by Best Buy (which apparently many ignorant people do) then they make the admin account for you and when you turn the computer and and click the web browser, you're already running it as a super user, thus being prone to malicious code injected into sites which then in turn will affect the entire system.

Edited by adam22

Share this post


Link to post
Share on other sites

Jacee,

 

Of course shutting down the computer and putting it in a rubber room (take it off line) "is the answer".

 

Leaving Trojan, bot infected, root kitted computers on the Internet to spread their malware is not only a major part of the problem but is irresponsible.

 

Education should start with the people who write code for the system. Then the people who fix those computers should be taught proper security measures, with the first step being never connect an infected machine to a network, and especially never to the Internet.

 

Before you can educate, you have to have competent teachers. ;)

Edited by Bruce

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...