Dogmas r Unconventional beliefs

No Antivirus Solution (and/or) Combinations of layered security apps can protect you from yourself.

See my answer 1. It always depends for WHOM. If you click on everything then you might get infected - even with KAV installed.

Again, depends on the user and on the Operating System. I've never installed any AV for the past 8 years - not even on windows.

You always find some rubbish "Payware" which is worse than some Freeware.

Now it becomes interesting

How long? And by the way... Kazaa Lite is free of spyware.

IRC Port? huh? They usually take advantage of vulnerabilities (such as PnP for instance) Example: Zotob Worms.
To add is here that worms also spreading via email.

Trojan? EULA? What you mean is spyware/Adware.

They can only cost you thousends of dollars when you are connected via phone line (dialup) but not via Cable/DSL. Otherwise they are just wasting resources and dangerous as flyshit on your desk.

I don't agree. AVG is really not that good (yet) to win a race against Antivir for example. They lack serious detection.

Somehow i get bored now. Need some coffee

 

Argumentative aren't we?

I could go down the list and argue every point, but that would be...

 

Ok I am confused yet again

I thought HB had the testing site and tested AV's but that must be someone else.

 

Come on DA,
One topic is enough.
Ofcourse all these are true!
These are facts.
What do you want with these discussions?
Are opions and facts believes because you want some discussion?
Surf for one hour with no antivirus and firewall and tell us what you experienced.

 

I surfed for years on OpenBSD with no real-time antivirus protection and no firewall and nothing happened, ever. I've been surfing for weeks now on Windows with no real-time antivirus (Kaspersky expired) and nothing happened, ever. You don't need an antivirus if you put other means of protection in place.

 

Hello,
I strengthen the nothing-will-happen idea.
Not only that, massive frequenting of pron, p2p 24/7 etc, nothing happens.
Mrk

 

@controler, HB has a testing site? Where?

@Stevio, I don't claim to know the answers. When I say i goofed, I mean, I assume the statements I made were believed by the majority of people (right or wrong), but the majority of people posting *disagreed* with the statements.

Has it happens I disagree with most of them too, but that's not the point.

And the second set of statements (The sky is falling, the future will be more dangerous) by the way for which you agreed to, were inspired by you!

Spike, both would be fine. Everyone in this thread so far has chosen only to comment on my statements (and to affirm that these statements are not quite true), because maybe none are so bold as me to try to guess at the attitudes of posters in this forum!

But I welcome any additions to the list. Some belief that you feel that a lot of people hold, that might not be quite accurate.

Actually my current feeling is that you can get away with a lot less than what most people think are necessary. The major view as I see it is that you *NEED* each of them.

But attitudes such as yours, where you believe (possibly) that only HIPS is necessary and nothing else, is not very common I think. And i dont think the people disagreeing so far, are thinking along these lines.

I'm trying to be nice. And It's hard to be blunt and sarcastic in a thread starter! Anyway I think my phrasing is the problem, when i ask if something is "necessary", you can easily conjure up unusual/uncommon setups ( 'air gapped' systems for example) that make it unnecessary so the answer is "No it is not always necessary" while still maintaining that it is almost always necessary.

Also, with so many people saying it's not unnecessary (since it all depends), including one AV researcher, one HIPS vendor, a couple of other 'big guns', I wonder if others who agree with the "statements" might be intimidated.

Well all except PCJohn anyway.

@PCjohn

Yes, I have tried it, no firewall, no antivirus for days on end. Still standing. If you are so adamant it can't be done, I assume you have done the test before? If so can you tell us what happened?






Reply With Quote[/quote]

 

Well i think that Some of the coders are Most definately much more skillful than ever before. They have to be more crafty than in the past to find new ways into peoples PC's, and through their browsers, and to try and defeat security Apps etc. This now includes non IE and Windows enviroments also more frequently, as has been witnessed many times even very recently. I believe this will not ease up at all, and why should we expect them to give up trying. After all to a lot of them, they just see it as a game/challenge to prove it can be done, and then take the credit for doing so amongst their peers/friends. That's apart from crims who also now need to find new ways in, and back out again of course.

Whether they are more professional or not is kinda beside the point !

"The sky is falling, the future will be more dangerous" Hey i never ever said anything about the sky falling, nor do i believe it. I imagine that was other people embelishing my words, as some like to do for whatever reasons now and again !

I do however think being online these days is potentially more dangerous in many ways, with both old and new threats. And as newer expolits surface, as i'm sure anyway they will, watch this space, then a lot of people out there will get blasted. Hopefully not us lot on here etc with the things with have put in place etc and how we surf. It's the vast majority of all those out there online who arn't in our positions will have to try and pick up the pieces afterwards. Of course i can't prove it, but i have observed the general trend in that direction, especially in the last year. And the stuff is getting more and more stealthy, so once inside it could be a nightmare for them to remove, that's if they even know that it's in there !


StevieO

 

Yes i believe that it is of vital importance for hackers who are seeking to build a bot net to figure out how to defeat the typical wilder's user security setup which is brizzling with all sorts of obscure security apps, because you know SO MANY people run those.

Come on S, most people don't run all the gizmos that are popular here. Mostly antivirus (if not expired) and then maybe zone alarm. And this hasn't changed for years.... If you think hackers are beating their brains out trying to figure out how to beat Online Armor, or PG in a *realistic scenario*, just to own his computer you are crazy.

At best they just need to pass the antivirus that's it which isn't hard. What is hard is figuring out how to get it to run in the first place.

I thought the current thinking is people do this for money now, so they are more dangerous ?

 

huh?

 

Yes, if the world were "according to the Gartner Group" then everyone would be accessing their corporate emails and calendar over their mobile phone by 2001 and I would be rich!

Actually, it would be quite a funny project to go get some of those analysts reports from 5 years ago and compare them to reality.

 

I am sorry HB I confused you with IBK for some unknown reason.

I agree with Mike, look at the past posts.

Not one can argue that rootkits are here. Look at Sony.
look at all the security software now days. All using rootkit type technology.
Why do you think they are doing that? I remember Kevin saying he did not need to. Don't you?
To the person that surfs porn, P2P ect!!!! The only reason you don't get infected is because you use an alternate OS. This has nothing to do with the normal home user, right? You still need to download crap for your OS. DVD's ect.
Maybe they are not yet targeted?

About the government spying? um you been reading the news lately?
2/3 rds the internet traffic goes through the USA. Doesn't that make it alot easier to spy? Yes it sure does.

Remember the old saying it is better to be safe than sorry?

The reality is this, rootkits here to stay in the Windows world.

Do you remember me asking why holy father did not mention BoClean in his
special builds? He mentions all the AV's doesn't he?

yea yea yea, BoClean is not one of those freewares.

Even though DA seems to have an agenda with me, You won't find me on the latest and greatest band wagon. I use to brag Norton and LockDown but yes I got whipped for it by all the security experts here.

It is pointless to post about alternative OS's when the majority of home users use Windows. It matters not how secure those other OS's are.
Also the money is in Windows security software.

controler

 

DA

"most people don't run all the gizmos that are popular here"

Yeah i know, that's why i said it's them who are gonna get blasted, and they do daily. And that funnily enough means the majority of people using XP ! But yes patches etc are released, when They get round to it, and the belt tightens a little more, so the coders have to think up newer ways to infect etc. Call me crazy if you like, oh you just did lol. Well anyway i imagine that for eg Mike Nash and Co with OA expect their fine App to succeed, otherwise they wouldn't have set up the infrastructure in the first place. And this particular App is aimed at the ave Jo's as well as techies, unlike lots of others we are aware of and some of use. So why wouldn't the coders target Apps etc such as that sooner rather than later ?

Oh yeah i happen to use ZA Free, and have done from the first day i went online, no probs here.

I already acknowledged that the keyboard and mouse driver/s are on the front line in the vigilance department. That includes keeping updated with everything, which of course a lot of them are very lapse at doing, or just plain unaware.

"I thought the current thinking is people do this for money now"

I did say "That's apart from crims who also now need to find new ways in, and back out again of course" Crims as in criminals, as well.

( 1 ) I didn't say they were trying to hack me for definate, but LOTS of Gov/Mil etc type IP numbers are most definately scanning me daily. For what reason i don't know but they are, and like i said they could be doing a full wide scan across my ISP and/or many ISP's. All i know is what i see, and the IP numbers check out if you take a look in the thread of mine i mentioned. And yes they are, not so much strange, but pretty unusual sources. I could chosen not to have made all this public knowledge, but i'm not worried if people don't believe me, not that i'm saying you don't. I just think people should be aware that those agencies etc are doing this daily. And don't forget, they are not using private secure comms trying to communicate with each other via satelite etc, but probing through a public ISP network, and at the very least my IP.

( 2 ) I didn't say all that, but maybe you think that things will just automatically get better and the baddies etc will stand still, i don't, but do i know !

( 3 ) Never said that either. But seeing as you mentioned it, why not more knowledge, and maybe one or more dedicated solutions. What's wrong there ?

( 4 ) Rookits and stealth type spyware has already landed, the future is here. Take Spyware Apropos in it's many guises just for starters. That caused and still does lots of trouble for many people. So yes i do think it will get worse, and there will be more stuff like that, and maybe worse. Why would they back off and make it less so ?

The sky falling has never been an expression, or belief of mine. But others can call things whatever they choose to. Get worse in many different ways, for lots of people out there, i certainly believe that anyway. I don't worry for me though, but i feel plenty of people out there would if they knew how insecure they really are.

"One thing i noticed about some people is that they buy into too much about what experts say about future trends"

I agree with that. But my postings are based on my own observations on how things have deteriated, this past year in particular.

Getting blasted in new ways by more devious means is new though.


StevieO

 

All those forums where people seek help for their infected pc are not there because they had enough protection on their pc.
There are enough tests done that make clear that a windows pc is numb after 1 hour even without surfing when its connected to the internet.
So don`t spread around falls believes.
And waist our time and draw,nag and needle people who like help anyone with a small pc problem and enjoy surfing.

 

Hello,
John, what you say is only partially true. Windows can survive more than 1 hour connected to the Internet, even without fancy stuff.
Second, this post is not about needling and nagging, it's about acupuncture. The thread starter's intentions are benign. He did not mean to belittle the efforts of those helping people with pc troubles, on the contrary, the idea was to prevent 'damage' given by advice lightly thrown.
Mrk

 

Surfing without a AV and a firewall is like having unprotected sex.
Do you leave your car on a parking without locking your doors?
When people invest 1000 usd in a pc they obvious want enjoy their purchase for a long time.
So don`t tell fairytales.
Its stupid to say that you don`t need any Antivirus or Firewall.
There are enough reports made that tell you that virusses and spyware cost billions to companys and consumers.
To be rude, nag and bully is not acupuncture it is antisocial.
If you have good intententions use your energy and knowledge to help people and start a website or give free help.

 

Hello,
I'm giving help, both privately and both in advice in forums.
I have invested not 1,000 dollars in a PC, but close to 2,000 dollars, and still I do not share your sentiment. THE WORST thing that can happen is, THE WORST, you will lose 10 hours to a good solid format and reinstallation of all your programs... That's the worst. You won't lose 2,000 dollars, if you're a home user. These are not 'fairy tales' or 'stupid stories' - talking about being rude or bullying...
If you do not know how to use your OS properly or are afraid, then firewall and anti-virus are nice. But if you do, you can go without them without any problem. They become a luxury rather than fear-gripping reality. And that's the best tool to invest in. Getting yourself past fear into good solid education.
Once again, PC - a dumb machine.
Mrk

 

Ah controler I forgot you are part of the same school as S, after all you are one of the exceptions to the rule, since unlike most experts, your predictions always come true

Let's be clear here, I'm arguing that you don't need to be more knowledgable or use more software to stay clean in the near future. People who disagree generally cite trends like "rootkits are stealthy"

Two things.

1. Rootkits can't install magically. So knowledge wise, you don't need to really become more knowledgable to keep them off.

2. If rootkits or whatever become popular, all the scanners will start building counter measures to them. This is transparent to the user! If you use Antivirus X one year ago, you will still use Antivirus X one year later. I certainly don't think everyone suddenly needs to run icesword, blacklight, rootkitrevealer etc and all the nonsense in Spanner's 'rootkit treasure trove'
most of which are not applicable to windows home user anyway.

Nonsense. The key thing about P2P is that experienced people are better at knowing how to avoid running dubious stuff they got off P2P. OS is mostly irrelevant. I have never heard of anyone getting 'hacked' directly through P2P flaws have you?

And as for security software, most people configure their personal firewall to give their p2p application pretty wide access, so what protection in the world does that offer?

Irrelevant to the matter at hand. In any case Spanner claims gov entities are directly trying to hack him, which is a completely different matter.

Well then don't turn on your computer. That's even safer.

The reality is, as the threats rise, the defense rises in response, and you end up in a rough equliibrum.

Talking about HF is a red herring at best if you want to support the point that rootkits are specially dangerous because they can't be detected.

There have always being people who can create custom made malware (not rootkits) that evades all antiviruses. Of course, if the good guys get a copy of it, they can create signatures for it and it's detected. Of course, the bad guy can just alter it so that is not detected again. That's why we have AVs updating all the time to detect variants of even dumb worms.

HF's vaunted rootkit brillant is similar, that is why his license allows users to 'update' with new versions once the copies they have are detected. This cat and mouse game is not new.

Just as a sidenote, what's your reason for bringing up Boclean? You saying HF doesn't have the resources to get a copy of it to analyse because it's not freeware and hence cannot fool Boclean? Or that Boclean has some magic, that makes it beyond everything else?

Your own personal observation of what? Seeing the lowest of the low who don't care the tinyest bit about security getting zapped? (As if that didn't happen in the past) Reading news articles which you post in various forums that predict scary trends?

For the lowest of the low, I might agree things are getting worse since they are being targetted like crazy. But if you move up slightly above that level (to the level of people here), I see no evidence at all that things are getting worse for people who are semi-knowledgable.

So they COULD be hacking you... Wow scary.... They sure messed with the wrong guy huh....

Sure you did. You agreed with all 3 statements , including the one on things are getting worse.

Oh I'm sure the bad guys will try hard, but I can be sure the good guys will not be standing still either. It's the same old game nothing new.

BTW It IS possible that things will get better, for example this spam thing is pretty much levelling off. And certainly Bayesian filters are holding despite spammer attempts to trick them and there are many other filtering technologies that can boast accuracy, but most people are not interested because 99.5+ is enough.Worms are getting through a lot less compared to 2 years ago. Macro viruses are pretty much a none-issue etc.

But for most part, I suspect on the most broadest level, there will be a dynamic equilibrium , and things will stay roughly the same. Oh sure if you like to keep up with the game, you can follow all the ups and downs, but if you don't care, you don't need to.

The bottom line is, compared to 1-2 years ago, I don't really feel more concerned/scared/afraid etc. Being careful with downloads, keeping up with patching of systems are still more than a match for anything...


To be honest S, you say a lot of things (rookits are very dangerous, hackers are getting smarter, governments are trying to hack you etc) any reasonable person would conclude that the sky is going to fall in any time now if it hasn't already/

But you then say you are not scared. How do you explain this? Is the reason you are not scared merely because you are very knowledgable, but the rest of us who are not knowledgable should be scared?

 

Mrkvonic,
I agree with you that people should educate themselves about how to use their pc and os.
But company`s and most individuals don`t want to spend time in reformatting their HD and installing all software again.
How much money will it cost a company when their systems are down for many hours or a student that has to make a paper?
Often that is even more then the investment in the hardware.
So if you want to surf without it and test different OS that is nice when you are a hobbyist.
For business and the average computer user the only option is to use security software.

 

Why do you call some people "lowest of the low" ? Some people just plain are not aware of even simple things like windows updates etc. Yes we think they should be, and a lot more than that. But how can they know things nobody has ever told or shown them ? Do you read every single word in the manuals for all your equipment/vehicles/stuff etc, i doubt it. Most people know how to get in a car and drive it, and put fuel/oil/water into it, but that doesn't mean they have to understand about engineering or electronics. Would at least some knowledge help them on occasions, sure it would, but they expect the garage to take care of the tech and repair things, so they don't feel they need to know, so don't even think to find out. It's the same with PC's and everything else, that's how most people see things and life. They do what they do and others are there to do what they can't and/or don't have time for.

Apart from those souls, yes there are plenty of others who couldn't really care less etc. But i've found through my own interactions/observations with people, that it's mainly kids/teenagers that actually know more, but don't care. Why ? because it's usually their parents etc that have to spend the time and money picking up the pieces from infected PC's, not them. So even though they are often aware of the dangers of p2p and DL stuff and dodgy emails etc etc, they should worry ! And of course it's never their fault, they don't know how it all happened, yeah not much lol.

Well we're all semi-knowledgable to a greater or lesser degree, some know more about certain things, and others about different stuff. Sure on here a lot of people know a lot about all sorts, and plenty know more than i do too. I was making a personnal observation that i have seen out there in the real world, more stuff is getting into peoples PC's than ever before. And yes some of it is much more trickier to completely eliminate than ever before, like the Apropos example i gave. And like i said, i don't see why the coders/crims are going to want to lighten up or make things easier or less stealthy, why should we expect them to. Of course the stuff has to get in to peoples PC's in the first place, but based on what i said above about most people out there, then it will contunue to keep happening.

"They sure messed with the wrong guy" yeah because i know of a person called Devil's Advocate who will help me sort it all out if i really am being hacked and they get in, because i'm not smart enough to do it, wontcha !

So somebody claims gov entities are directly trying to hack them, interesting. Except i'm not saying that they are, i'm saying that i get multiple daily port scans from all those sources, but i do NOT know why.

In theory we could end up with an equlibrium, but that presupposes that either side doesn't gain some kind of permanent or semi permanent upper hand. That wouldn't stop the opposite sides from still trying, it all depends on how skillful the upper hand/s were.

As far as i'm aware BOClean does possses features which other Apps don't, that enable it to be able to strike when and where other Apps can't/don't.

I agree that spam and worms are receding, that's because as i understand it, more baddies are concentrating on more devious things.

Nope, the sky is still here, and it's been a beautiful blue one today with lots of sunshine, a bit cold but very nice. I'll just go and have another quick check .............. yes still there ! I've said before, that if something/s did get into my PC, it wouldn't be the end, the sky would still be there, it really wouldn't bother me that much. Inconvenient and a waste of my time sorting it out, for sure, but that's all ! And the great thing would be what i learnt from it, and oh yeah, i could pass it on so you could all have a good laugh lol.

"Is the reason you are not scared merely because you are very knowledgable, but the rest of us who are not knowledgable should be scared?" Yes of course that's the reason, Err not ! I'm not scared etc, because i'm just not scared of things like this at all, or anything or anybody quite frankly. Why waste energy/time on being scared etc of things you don't need to be ? Bit i ain't gonna start surfing naked, because as far as i'm concerned i think it's stupid. I gave the reasons why earlier on. Everybody else can make up their own minds on what to do, or not.


StevieO

 

Honestly, I am totally lost by this sentiment. The worst thing that can happen is someone retrieves your financial information and your credit is ruined for years. Do you know some magic hardening technique where someone wouldn't need to use a hardware or software firewall? Some new nasty makes its way on your unprotected machine, you figure it out after a few hours, but in the meantime it reports your banking and credit card information or whatever to the criminal. You reformat, and the malware is gone, but you are already screwed. Do you sit for hours watching your port activity and running processes while doing work on your PC online? Do you have knowledge of every unpublished exploit in your OS? What are the chances of this happening? Maybe once per decade? What is it that worth? Ten years is more than the half life of the WWW. Malware writers have only been targeting financial information on home PC's just these last few years. So say you run with nothing more than a PC with a direct line to net, and a patched OS. Say you get infected by an unpatched exploit in 2009, and some criminal syndicate takes you to the cleaners.

I'm asking because I'm sitting here wondering as a newb how it is someone, no matter how knowledgable, could run without any security software at all and feel the only thing they have to lose is the time it takes to reformat. I say this as someone who hasn't gotten any malware in years. I have friends who essentially run no security software and have no malware on their system, I assume they got this way because their ISP blocked malware at the server level and they never visit bad sites. They would have no clue how to get malware off their system or even know it is there. In these cases, they are lucky. They are also atypical.

I DO believe like Devil's Advocate, if you use decent security, you are pretty damn safe. Except against the government. There I have to disagree. My paranoia in this regard knows no boundaries. After this post I plan on taking a ball bat to the rig to prevent them from getting me

 

Hello,
Exactly what I was talking about - fear.
Steal your credit card?
How exactly?
Do you have your credit card number and details stored as a file on your hard disk? So even if someone breaks into your computer, they can only steal stored filed - they cannot guess what's in your wallet.
The only way someone can steal your credit card info is if they happen to have a keylogger or such present and working while you input credict card details during an online purchase. Furthermore, most credit card companies have insurances exactly against these kinds of things, plus 30-day report-time money-back guarantee.
Now, you're talking about getting hacked.
Do you know how this procedure happens?
Basically, the gist of it is - your computer communicates with the world - Internet using ports (you got some 65,000 of them). Applications installed on your computer, plus system resources uses some of these ports, to establish connections. For instance, eMule (p2p) uses port 4662.
A hacker uses his softwares to scan your ports, and is looking for those that are open. Through the open port, he sends information to the application or process listening at this port, trying to gain access to system.
This can be successfully achieved if the application / process are vulnerable to the technique. I go back to eMule.
When you use eMule, REGARDLESS of whether you have a firewall or not, port 4662 is open!!! It's open because packets need to go in and out. Theoretically, any port scanner used by a 'hacker' will know that the ip this and that has this port open. So he / she can try to deliver malicious payload through and exploit eMule.
Now eMule has its own restrictions and limitations - it cannot invoke system calls as easily as, let's say IE. That's why chances you will get hacked through a browser exploit is 100,000 higher than through a p2p, because eMule does not have to play with scvhost.exe or alg.exe or such.
I take eMule as example because it has one neat option - run as unprivileged user. This means that even if zero-day exploit is found - the payload send through cannot access system functions. Add to that the vigilance of the community etc...
Now, back to ports.
If you dare, disable your firewall and do a scan at grc.com.
You will see that very few ports are permanently open. Most are closed. Some ports, like 135, 139 etc are particularly vulnerable, and this is why most ISPs stealth these at their servers. But the rest are not very frequently used.
Now, how can you make yourself secure without firewall?
First, you can limit the applications that connect to the Internet. This means that you can run these with limited privileges, or run a limited account. This will prevent installs.
You can use DropMyRights for that purpose, or run LUA.
Another way of achieving your goal is to use Restriction Policies and prevent running of executables or installations or ... whatever you fancy, without explicit whitelist approval. This way, whatever tries to run on your computer will not be able to. Unless you put your white list checkmark.
Finally, you can configure Internet Connection Sharing (you need 2 pcs or more), and this will turn the gateway computer into NAT firewall. You will magically achieve the closed status during a port scan. Machines behind your gateway will perform as if through a hardware firewall. The gateway machine can be a simple P2 / P3.
I have given you 3 alternatives to using firewall, all viable.
Most people do not bother to use these, or learn how to use these, so they opt for lots of programs that do these for them.

NOW - I DO SUGGEST USING A FIREWALL. I THINK FIREWALL IS IMPORTANT AND MOST PEOPLE SHOULD BENEFIT FROM USING ONE, ESPECIALLY IF THEY ARE UNSURE WHAT CAN OR MAY HAPPEN. FIREWALLS ARE ALSO NICE FOR CONTROLLING YOUR TRAFFIC. BUT ... YOU CAN LIVE WITHOUT THEM. MAGIC APOCALYPSES DO NOT HAPPEN IF YOU DO NOT USE FIREWALL.

HOWEVER, I ALSO SUGGEST YOU LEARN HOW TO ACHIEVE THE SECURITY WITHOUT FIREWALL. YOU DON'T NEED TO RUN WITHOUT ONE. BUT IF YOU KNOW YOU CAN DO IT, THEN YOU'VE LEARNED A VALUABLE LESSON.

Invest some of your time - learn how to use Limited Account, learn how to setup Internet Connection Sharing, learn how to manually harden applications by limiting their system privileges, learn how to use Restriction Policies. You will benefit greatly from these, and feel much better for it.

AGAIN, I'M NOT TRYING TO SNUB NOSES. I'M TRYING TO HELP PEOPLE OVERCOME THEIR FEAR. DO NOT DROP YOUR FIREWALLS AND HIPS. BUT DO LEARN THE LITTLE ASPECTS, YOU WILL HAVE SO MUCH MORE FREEDOM AND CONTROL.

Cheers,
Mrk

P.S. If you want links, particularly to Microsoft database, I will gladly provide them for you.

 

http://www.zdnet.com.au/news/securi...under_30_minutes/0,2000061744,39241748,00.htm

I imagine you have read this. This paragraph is telling:

"There are various Mac OS X hardening guides out there that could have been used to harden the machine, however, it wouldn't have stopped the vulnerability I used to gain access."

I realize this is a unique event, it doesn't represent the setup for someone running a mac at home, not as a server and with local access. But it does give food for thought.

I know you aren't trying to snub noses, and are trying to help.

I want to point out that using a gateway computer as a NAT firewall, is using a firewall. I imagine using Smoothwall with Linux would provide nice security, but again that is a firewall. In your previous post it sounded like you could run without anything, just harden everything and be fine. The above example shows this not to be true, doesn't it? I understand how to use DropMyRights and LUA. I just don't feel this is enough.

Any links you want to provide Microsoft's database, I'd love to read.

 

Hello,
I'll provide links when I get home. I have them stored offline.
You mentioned firewalling - if you mean preventing traffic - then yes, you can call that firewalling. But of the methods mentioned, only one is like that. The others are alternative approaches - not stopping traffic but neutering it.
As to the article - it says server running various remote .....
How many home users run server-like apps? Some p2p users, some gamers, some web developers. Not really the mainstream.
Yes, everything can be hacked, given x factors, x time and x opportunity. But you need to rationalize the risk. Large meteors can hit the earth! It has happened thousands of times before. Some almost destroyed the entire life on earth. You know this can occur. But I don't see people building subterrain shelters against meteors, or preparing for the judgment day (in the year 2525).
Yes, you can be hacked. Chances? Slim.
And finally, experience. How long have you been online? Let's say 4-6 years. Let's say you have not been hacked in that time - even though the first few years, like almost everyone, you did not quite care or know what Internet is or what happens out there. Why should things change all of a sudden? Statistically, if you have not been hit - and if you believe the analyses that say 9 out of 10 pcs have spyware on them - then why should something change right now.
And you say lua or drop is not enough? What is enough? Of course, everyone has their level of 'enough'. And apprently, you think my enough is too little. But I'll always give you my brother (and some of my friends, if I must) as an example - 24/7 p2p + porn, firewall and av, since 1999. Not one tracing cookie even.
And ask around - how many people got infected and how? Also you can read an article on spywarewarrior.com - How did you get infected?
http://spywarewarrior.com/viewtopic.php?t=1063
You will see all these infections were user-made, by themselves, not by remote hacking. You don't need external enemies. Ignorance is good enough.

Again, use any setup you like, of course. It's just it's so much better knowing you use it out of free choice and not blood-curdling necessity.

Mrk

 

You say your brother hasn't gotten one single tracking cookie in 7 years? Are you exaggerating? I haven't used p2p since napster was in its heyday. I've been online for ten years outside of college. I received my last infection in late 2000 early 2001, and I had to reformat. It was on a windows 98 se box if I remember. I started using ZA and adaware about that time. And you are right, before this time AV was all I used. Windows has come along way since then. There is a massive difference between Windows 95, and XP SP2 with respect to hardening. I have never been hacked. I've tried to infect myself recently, it takes a lot of effort, and even then the malware was broken.

I don't live in fear of malware writers. Like I half joked before, I only fear the government. Time, money, interest, a malware criminal would probably take no interest in me or anyone who frequents forums like this. The government might though. I know political discussions are taboo on Wilders. I also don't know what country you live in.

of paranoia: again I don't mean to make this a political discussion. If this violates TOS moderator delete this post, it's cool with me. I have no intention of getting a thread locked.

I understand the CIA has budget around $40 billion US, supposedly the NSA has a budget twice that. So we are talking $80 billion a year for signals intelligence. The President has openly admitted his right to do warrantless wiretaps of American citizens. Telecommunications executives have openly admitted last month they have given multi terabyte databases to the government to do with as they please. I have no idea what the capabilities of the US government is. Nor do I know intent. But I have seen activities out here in the real world, out in the street so to speak that leads me to believe anything is possible. Sometimes I use anonymizing internet servers, I have no idea how secure this is, probably no more secure than anyone walking in and placing a tap in the middle of the night. I don't use PGP, or other encryption for email, although I probably should. I don't do anything illegal, it's just the idea that I can be watched that disturbs me. Of course the secure thing is never go online, never use the telephone etc. What kind of world is that though? The latest ZA flap is a case in point. Encrypted transmission to a server. You can block the server, and lose functionality of the firewall or you can wait for patch, which apparently is the case with ZA as they released a new build.

It is all a matter of trust. Do you trust that email attachment your cousin sent you? No, delete it. Do you trust that link? Don't click it. Do you trust that OS patch? Don't install it. Do you trust your phone service provider? No, don't use them. There are limits to knowledge and limits to trust. Like you pointed out, it's whatever you are comfortable with. I haven't found my comfort zone yet.

I think it's awesome your brother and friends stayed several steps ahead of any malware coders these many years from knowledge.