Brian Krebs article - Just Your Basic Windows User
Brian Krebs - (washingtonpost.com):
Mr Feito appears to have forgotten the first rule of business: Business makes money; our well-being and happiness are secondary, and only a goal pursued as long as the financial benefits outweigh the costs.
Here's the short list of what I recommend, in case you cared:
'I was browsing an ordinary commercial Web site, when I got a popup from exitexchange.com (a major U.S. ad network, with headquarters in Portland, Oregon) . The popup sent me to a third party's Web site. (I'll call that third party 'X' for convenience. ... ) Then X ran a series of exploits to take control of my test PC, including using the widely reported WMF exploit uncovered last month.' (This was the flaw in Internet Explorer that allows Web sites to install whatever they want on visiting PCs browsing malicious sites with IE. Microsoft patched this flaw last week.)'Brian Krebs - (washingtonpost.com):
[Mr.] Edelman continues:
'Once X took control of my PC, X caused my computer to install and run 180solutions Zango software, among a dozen other programs. Notably, X fully installed 180's Zango without me taking any action whatsoever -- without me clicking 'I agree,' 'Yes,' 'Finish' or any other button of any kind.'
[Nick] Feito, who uses America Online's high-speed Internet service, said he relies on AOL's built-in security -- which includes free firewall and anti-virus software from McAfee Inc. -- to insulate him from the seamier side of the Net.Yes, they can do that, because virus applications only guard against what their programmers have discovered already out there, and not what's hitting your computer right now. Unfortunately, Mr Feito was a regular user: He occasionally patches his Windows, he was safe behind the protection of the AOL-issued firewall and scanner apps, and he generally avoided the 'bad' sites. It wasn't enough.
What [Mr.] Feito couldn't possibly have known is that (the cracker) had modified his bot program enough so that the majority of anti-virus programs on the market today would not detect it even if they were equipped with the latest updates.
Mr Feito appears to have forgotten the first rule of business: Business makes money; our well-being and happiness are secondary, and only a goal pursued as long as the financial benefits outweigh the costs.
Here's the short list of what I recommend, in case you cared:
- Run the Windows firewall.
The one built into Windows is crap, but more because of how Windows is built rather than how good the firewall itself is; I'm not recommending spending $80 on a 3rd-party firewall right now, simply because MS isn't known to be open about its programming code; potential competitors must work blind, and their stuff will have more bugs. So get some bugs for a minor improvement? Nah.
Get thy windows behind a NAT device. Also called a Hardware Firewall or Broadband Router, the NAT technology running separate from your windows box will provide better security than the windows firewall. The difference is that the seperate box is less vulnerable to attacks because it has less features, and NAT technology protects your computer while it's just sitting there.
I hate D-Link products (I think they have really bad tech support) but their smallest NAT box (the DI-604) is going for $50 at, well, everywhere. $20 more for a USB print server (DI-704p) as well. Some programs hate NATs, so ask questions and consider the options. - Update your system, often but carefully
The tricky part here is that some companies have been known to shove crap into their updates, stuff that either benefits them or the people paying them to do so -- again, it's a financial thing, and we need to understand that. I see the irony of saying not to trust the only people who can fix the bugs they accidentally put into your operating system, that's what you have to do. The company was successfully sued for millions for really bad practices. And then again. And again. Avoid the big patches. Install what you have to, and don't trust their motives. - Exercise your right to choose -- use your brain!
Virus writers respond with new 'releases' within hours. Microsoft responds, on average, in 134 days. If the news of a bug is reported publicly, and MS can't delay, it has been known to rush something in 46 days. For catasrophic problems where someone can simply contact your system and get in, they've been known to rush something out in 10 days. That's only 9.9 days where your machine is potentially completely vulnerable to be hacked, just by sitting there without the protection of a seperate hardware firewall. Why? In one case it was a policy decision to wait until the 'regular monthly patch day,' something I look forward to telling the FDIC when I ask for my stolen bank account back.
The company is turning a nice profit because we continue to let them. But I don't care about the economics, really, so much as I care that you avoid as much of this as possible. So, find an organization which responds more quickly and offers a similar feature set - most offer more - and use their stuff. Especially if they work better with others and adhere better to the building codes.
Get that ounce of prevention going.
- Question everything, trust nothing
Consider the source. Examine email for validity. Question the motives of the company offering you this software update 130 days late, and beware their promise of 'more features' from a software fix. Question why you're using this expensive application, and ask if there's something that can do the same thing, exactly the same, without costing as much or anything at all. Ask why you're doing what you're doing. Ask if you can do it better, or if, for that money, it should have been done better.
You're the customer: You have no money to waste and very little time. Spend them both wisely.
posted by Westley | 5:41 AM
0 Comments:
Post a Comment
<< Home