INSECURE?

Discussion in 'privacy problems' started by sweater, Sep 25, 2005.

Thread Status:
Not open for further replies.
  1. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    I know the main reasons why we’re here, talking ‘bout security issues and privacy problems; it was because many have already experienced the negative effects of being victimized by hackers and Trojans, of being infested by viruses and spywares etc. Of course some also in this forum was “just curious” for what they can possibly learn, observed or saw here, and me even myself, I just discovered this forum by “accident” and I have really no idea or interests of whatsoever about security software programs they’re talking about when I first visited this site (I even think before that this was just a waste of time being here). But after several visits, I got “addicted”, returning to this site like a little child w baskets of questions, browsing for answers asking why chocolates are bad for our teeth and how to keep them clean and free from cavities and germs, and I’m glad many papa’s ‘and mama’s, uncles and aunts, grandpa’s and grandma’s in this forum (just kidding, pls don’t be offended) are very responsive, eager to help the innocent ones (maybe some are hackers!!! pretending to be an ignorant!!!). Then I decided to register coz’ whether like it or not, it was obviously clear that I’ve learned so many things from here and for the fact that computers are evolving much more faster than a speeding bullets and so cyber criminals and “net goons” are also fast in learning the know-how to penetrate and steal data’s from our pc, and also some big companies has the capacity to finance and hire some of the brilliant programmers to write programs to produce a more advance type of spywares and malwares to control our pc unnoticed. Scary isn’t it. But, thanks God wilderssecurity.com exists (and all sites w same purpose), my computer knowledge bout security and privacy expanded unexpectedly. ;)

    Some who have not experience yet to be victimized by cyber net criminals and viruses, spyware or Trojans are very lucky, but even though they have not experience those bad things yet, I know some of them were already becoming nervous, worried and maybe “paranoid” for finding a way to protect their pc because they learned lots of “bad news surfing the net” and also from what they’ve read from several computer magazines, pc news and even on visiting a sites like this one (obviously, the more I learned the more I got worried, but it’s ok maybe it’s a part of being “knowledgeable”) and to tell ya that those who didn’t know more are not as worried as we are, even some of the computer science graduates I know of and even internet cafes operators- for what I learned some didn’t even have a good anti-spyware program and even if they have they only uses one anti-spyware and they’re only using Windows SP2 Firewall. When I use their pc for surfing I was annoyed w lots of pop-ups and they are just using an Internet Explorer browser (my golly it’s very slow)... But still their business works fine just like the others. As I said before they’re happy for what they are and not worried for what they didn’t know. :D

    Anyway… so much for that. I have an advice for anyone whether you’re an expert or a beginner. It’s up to you, but to tell you, this is far more effective than any of the advance protective software that you know of. :cool:

    The best way to reduced the worries that you have and maybe to completely eradicate any possible problem of infestations of virus, spywares, Trojans or problems w hackers is to have and use two personal computers. That’s it!!! Two computers are better than one and that was the same w two heads are better than one. The other one should be only use for surfing the net, and the other pc should be solely use only as a workstation and this should not be used or connected to the internet. The one that you use for surfing the net can be loaded w “heavy armor”, all the protective and preventive software programs that you know of and can afford of (even free ones will suffice), this pc for surfing the net as much as possible should not contain any important data or has a very limited time staying on this pc or as much as possible data should be immediately be transferred to another pc not connected to net. So that just in case this pc was unexpectedly penetrated by hackers or infested by virus or spywares or trojans then there’s nothing to worry about coz there’s nothing they could see or steal in it or files that could be damage. The other pc as a workstation should not be used to the internet at any cost because this contains all of your important data’s. This workstation only need an anti-virus program just in case by accident you insert some virus infected disc, there’s no need to install anti-spywares, anti-trojan or firewalls on this workstation coz this was useless for pc not connected to net. But still it needs some other “protection software”, aside from CD or DVD back-ups you might consider using encryption software program so that no one can open some files on this workstation but only you, who knows someone in your office/home got access in secret opening or using your pc w/out your knowledge and steal something inside. :mad:

    I know that what really worries about for most people was that – even if they know and are aware that they have the most expensive and the most sophisticated protection and prevention software programs installed to protect their pc when connected to the internet still there is a probability and possibility that it might still get infected or penetrated by a hacker in an unexpected way. Remember, that hackers, virus makers and spyware developers have always have a burning desire and passion to get their goals and statistics says that some succeeds. That’s why Microsoft never stopped in upgrading their system software and an endless update of patches just to prevent the unexpected possibilities, and Anti-virus, Anti-spyware and Anti-Trojan Software Companies never stops updating and upgrading their software. New threats always comes out, experts knows that. And that the only best thing to do if you really want to protect valuable data’s is not to connect to the internet, and that is by using two pc for total peace of mind.

    ;)
     
  2. Rainwalker

    Rainwalker Registered Member

    Joined:
    May 18, 2003
    Posts:
    2,106
    Location:
    USA
    Yes, Wilders has done so very very much for all of us......the best site of it's kind.......IMHO
    FUN TOO :D
     
  3. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    in the short time i've been here i've learned a great deal - every day i learn that there's twice as much to learn as i thought the previous day. :D
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    sweater,
    I know you mean it well, but you don't know my wife. She doesn't want a second computer in our apartment.
    She is already a computer widow and if I don't listen to her, she will use her body to blackmail me. It's a domestic problem. :blink:

    I learned alot too at SWI, Wilders and other security websites.
    Upto now I have 5 softwares, I really like.
    SWI : ZoneAlarm, CCleaner and Firefox.
    Wilders : Thunderbird and Hostsman.
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hi,
    I thought you Belgians were supposed to be tough. Look at Jean Claude van Damm. Would he let his wife boss him around? I don't think so .... :)
    On topic,
    You don't need to use a computer solely for offline work.
    You can create a linux partition and keep your data there, it will not be accessible by Windows. Or you can dual boot in Windows, with primary part as fat32 and another as ntfs. You disallow the ntfs partition to connect to the internet and it cannot be read from fat32 boot, so you're set.
    Mrk
     
  6. Pollmaster

    Pollmaster Guest

    Don't you know? Van Damm is no martiart artist. People like Chuck Norris, Bruce Lee, Jet Lee, Jackie Chan, Steven Segal, at least can fight.

    Van Damm is a dancer. That's all. He's a wuzz.
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    You don't have to believe everything, what is written in a forum.
    I like to joke about my private life and my wife loves it, when I play the henpecked husband in a forum or when I'm attacked by other members. After all it has nothing to do with security and I don't need to tell the truth about my private life.

    I fully agree with that. He even studied ballet. So you could call him a ballet dancer and he uses ballet in his fighting scenes.
    In Belgium we call Jean-Claude, the "Muscles of Brussels" for what it's worth of course LOL.
    Personally, I only like Bruce Lee. IMO, he was the only one with style.
     
  8. Pollmaster

    Pollmaster Guest

    Over here we call him , Muscle *from* brussels.
     
  9. _Lyn_

    _Lyn_ Guest

    run your OS off CD and hackers aint getting ****.
     
  10. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That's a good one : the "Muscle from Brussels" :D :cool:
     
  11. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    I agree 100%.

    No one can (or will ever) match Bruce Lee's calibre.
     
  12. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    I dunno, I quite like Jackie Chan's choreography, use of his environment, and that he does his own stunts himself. I also like the sense of humour his movies display. He can fight too.

    Never seen a Jet Lee movie, only previews, so can't really comment on his movies. Bruce Lee was the original best though, so I think we can all agree he was pretty damned good.

    Don't know that I'd put Segal etc in the same category, although their movies are usually fun.
     
  13. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Segal hs six different Black belts in six different styles of martial arts. I have no doubts he could kick all our butts :D He grew up in Japan from a young age and trained every day. And Jet Lei is no slouch either.
     
  14. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    Heh, never said he couldn't kick all our buts - that I've no doubt of.

    But there's something about his fight scenes that just don't stack up against Bruce Lee/Jackie Chan (not that they are bad - purely as a comparison)
     
  15. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    To me, all Segal can do is snap necks.
     
  16. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hi,
    Segal is the only white guy to ever have been given the title of Dojo Master in Japan, so he takes the bad ass winner here. Segal also never sweats in his movies when he kicks the living daylights out of the bad guys.
    Jackie Chan is also very good, and like Vikorr said he's his own stuntsman.
    Good old Chukie, Bruce, even Jet Lee, all good fighters I have to admit.
    Mrk

    P.S. Did you know that that van Damm lost his virginity at the age of 23, but now he has six children?

    P.S.S. Erik, I KNOWS you're making fun . . . so am I . . . Besides being bossed around by a woman can be fun ... sometimes.
     
  17. Pollmaster

    Pollmaster Guest

    Yes, but segal is in disgrace now in the martial arts world.

    Jackie Chan is (was) very agile and tough, but I don't think he has much formal martial arts training for competition as opposed to performance art.

    Jet Lee is somewhat similar. The martial arts he is known for is more for performance than sparring.

    Segal was already mentioned.

    Bruce Lee needs no introduction. Chuck too. Both of them plus maybe Segal probably have most claim to be real combat fighters.

    I wouldn't judge them on the stunts you see in their movie though to decide who is toughest. Camera tricks, stunt men etc muddle the waters. It's one thing to look tough and graceful, but completely different thing to be an effective fighter who can prevail.

    But any of these people above can beat up ballet dancer van damm (who does very little of his own stunts) without breaking a sweat.

    The 'muscle from brussels' is probably as good a fighter as say action bourne star - Matt Damon :) . A better comparison i suppose might be arnold, all muscles no fighting skill.
     
  18. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    On topic,
    You don't need to use a computer solely for offline work.
    You can create a linux partition and keep your data there, it will not be accessible by Windows. Or you can dual boot in Windows, with primary part as fat32 and another as ntfs. You disallow the ntfs partition to connect to the internet and it cannot be read from fat32 boot, so you're set.
    Mrk[/QUOTE]

    Its a great idea!!! I didn't know it yet... but I think I would still prefer using 2 pc one for work and one for surfing the net for a total peace of mind. Well, that's if you can afford to buy 2 pc.. but if your suggestions can then make big savings to pc users then it would be more preferable. Coz there's still a possibility that you may or some may forgot that to use one thing and the other thing for some thing... and beside the "reality of really having two things psychologically for comfort". Did you notice some are not content w having only one car or having only one home? One is for dirty sports and one car is very elegant... the one house is called home and the other is called rest house. I am out of word here... I hope you know what I meant. ;)

    Besides... my suggestions could be considered extreme. :D
     
  19. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Its a great idea!!! I didn't know it yet... but I think I would still prefer using 2 pc one for work and one for surfing the net for a total peace of mind. Well, that's if you can afford to buy 2 pc.. but if your suggestions can then make big savings to pc users then it would be more preferable. Coz there's still a possibility that you may or some may forgot that to use one thing and the other thing for some thing... and beside the "reality of really having two things psychologically for comfort". Did you notice some are not content w having only one car or having only one home? One is for dirty sports and one car is very elegant... the one house is called home and the other is called rest house. I am out of word here... I hope you know what I meant. ;)

    Besides... my suggestions could be considered extreme. :D[/QUOTE]

    Hi,
    Same should apply for women, one for dirty sport and one for the kitchen and stuff .... uuuuuh
    Anyhow, you can have both multiple partitions on each computer AND several computers. It's good for backup.
    Mrk
     
  20. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    I don't see what is so secure about storing your data in a Linux partition.
    There are utilities and drivers that let you access Linux partitions from Windows.
    Sure Windows doesn't support it natively, but if you let the malware execute, why couldn't it just install one of these utilities and infect/delete your data in the Linux partition from windows. For that matter, if the malware is simply destructive, it could repartition and format the Linux partition with your data without any other utility or driver.
     
  21. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    If nothing else you could get a Linux LiveCD, like Knoppix, and do your surfing exclusively with that.

    Personally I don't find this as an adequate solution. A lot of what I like to do is download stuff. This would create another step that I would have to take to get the file to where I can look at it, and I wouldn't be much better off since I almost never see any drive-by-downloads anymore with the setup I have now.. so I would still need security apps for those things. I also get a files that I would need to run by email. I realize that getting a second computer or using Knoppix may be ideal for some, but I think there's a lot of people out there that it just wouldn't be practical for.

    Another alternative, though, would be to set up a limited user account with XP SP2, set up software restriction policies (don't let any kind of executable or script run), and use the Microsoft Shared Computer Toolkit to enforce more restrictions and clear away any changes after logging out. You could then switch to the admin account for non-internet related activities. This still wouldn't be perfect, but some might find it a little more practical :)
     
  22. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Great ideas Notok.

    Sweater,

    Here are some other thoughts.

    The idea of a second computer is good and can work for many people, it just needs some improvement. It is a higher level of security than most people probably need.
    Your second "safe disconnected" computer should have a higher security level, not lower, than your "unsafe connected" computer. And this means that your safe computer needs to be kept updated to patch OS holes, new virus sigs, firewall updates, etc. This means your "safe" computer will need to connect to the internet in a limited(in functionality, possibly in time), restricted way to be kept up to date.
    Just imagine transferring an infected file to work on from the "unsafe" computer to the "safe" disconnected one via floppy,cd, or ufd. How is that outdated anti-virus with signatures from the original CD (months old) going to protect your "safe disconnected" (unpatched OS) computer. Just because the computer is disconnected and the malware can't phone home, doesn't mean your data is safe either. A destructive malware could just delete the data on the "safe" computer. Malware is getting more mobile than it used to, moving from cell phone to PDA to desktop computer and back. While I haven't heard of any doing this, what is to keep your infected(from the file transfer) "safe" computer from saving your important data back to the same disc/UFD that you used to move files over in the first place. Next time the media is used in the "unsafe" computer, the data would be "phoned home". You could use write protect on the media(floppies/UFDs/or use CDRs) to ensure one way transfer. It works, but you have to be vigilant with the write protect state of the media. And that wouldn't cover destructive malware that only wants to delete your data.
    Much easier and more secure to simply not share data between the unsafe and safe computers. Let the kids play video games and surf all over the net (not alllll over) on the unsafe computer and on your "safe" computer use only for your important work (data). On the safe computer only connect to those sites to keep your security up to date and the minimum connections to get your work done. Also don't test beta software or every other program under the sun on your safe computer, single purpose the machine as much as is practical.

    Another idea for a single computer with only one hard drive, you could add a second drive and connect it to a Trios Hard Drive Switch Box. You press a button on the Trios to select the hard drive to boot from and power up. It won't let you switch over while the computer is on. Press the button while it is on and nothing happens till next reboot, when it switches over to the other drive. Data could not be moved from one hard drive to the other except by external media (CD,floppy, UFD).
    Here are the weaknesses to this approach.
    People with physical access to your computer could access your "safe" drive by various means.

    An alternative would be to use 2 mobile drive racks. No Trios switchbox needed. Slide in "safe" hard drive get your work done, power down, remove "safe" hard drive and put in a safe place. Slide in the "unsafe" drive, power up, and let the kids or other people at it.

    p.s. Bruce Lee wins hands down. :D
     
    Last edited: Sep 28, 2005
  23. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hi,
    This cannot happen, because Windows cannot read efs encryption. When I say, Linux is unreadable, I mean it's as if the partition does not exist. You cannot damage or format something that does not exist.
    Mrk
     
  24. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Hi Mrk,

    If the partition exists on the hard drive and Windows can connect to it (not necessarily see the Linux partition), then the data hidden there can be deleted. Just fdisk (DOS 5 and up) and the hidden Linux partition with data is gone, encrypted or not.
    Here is an example.
    There are probably other ways also. Any program or utility that could create/delete/resize partitions should be able to affect the area on the drive occupied by the Linux partition. If the drive can be accessed, it can be written to and the data can be overwritten or formatted.

    The only EFS for Linux I could locate was here. This is the Extent File System apparently used for CDs.
    I am familiar with the EFS (Encryption File System) for Windows, but I couldn't locate anything on EFS for Linux other than the link above.
    I did find a couple of links for Linux encryption here and here , but they did not mention EFS.
    I don't want to go off topic, but what is this Linux EFS you are referring to?

    Here are the utilities I was referring to which allow access to "hidden" Linux partitions within Windows:
    Ext2 IFS
    EXT2 IFS
    Explore2fs
    RawWrite
    dd
    So what is to keep malware from using one of these to get to the data?
     
  25. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hi,
    Well that is a bit extreme. You say someone will use a dos utility to destroy partitions? You know you have to boot your computer for that. And then you lose internet access. So that's only viable through physical access.
    Mrk
     
Thread Status:
Not open for further replies.