Slashdot Mirror

Regarding Linux & it's "fine security" (not - ESPECIALLY ANDROID (a linux variant)), here http://it.slashdot.org/comments.pl?sid=2504516&cid=37914046 that's VERY CURRENT on all points I posted (of sites running linux being cracked into, including ironically enough LINUX.COM &/or KERNEL.ORG as well, amongst others... including the extremely recently breached CA's too!)

Now, on this note from you? Hehe, ok:

"But yeah, continue to use that toy called Windows and consider yourself secure, I'm sure the hackers will enjoy just how easy you are making it to hack you" - by antifoidulus (807088) on Tuesday November 01, @07:28PM (#37914134) Homepage

You're talking to "the guy that wrote the book" practically, on how to secure Windows, per this evidence thereof, & yes, it really works and CAN be done (patching, security hardening, & 'smart/judicious' websurfing - user education etc. + more):

To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

You haven't done anything, ever, @ all/whatsoever, & you see fit to give others guff who have? Please - people call others like you, this term: "Armchair Quarterback"...

"So you haven't actually done anything in 10 years" - by hakahaka (2485890) on Monday October 31, @04:06AM (#37892290)

First of all - Check the dates of some of what I put up... you don't read very well, do you? They're more recent than that... far more recent.

---

"The only programs you have for show are some little freeware utilities that do exactly one thing." - by hakahaka (2485890) on Monday October 31, @04:06AM (#37892290)

Try 40-50 different things, & over 40 of them over time online... Plus, I haven't even shown you them all, only a tiny partial list of some "favs" of mine.

I've also done 30 "enterprise class" information systems, apps that help doctors diagnose eye conditions, & far more professionally as a coder too circa 1995-presently.

---

"Writing such programs isn't especially hard or time-taking. I bet I did more complicated projects when I was 10 years old." - by hakahaka (2485890) on Monday October 31, @04:06AM (#37892290)

Ok, big talker - Again: Where are your programs you claim to have written then??

1.) Did they make books, magazines, newspapers??

2.) Did they make top rated technical trade show contests???

3.) Did they end up as commercially sold code????

(Mine have done "all of the above", & more than once... & that's only the stuff I have put out above, I have more...)

* Like I said before earlier & I know definitely wager I am correct on - I did all that (doubtless before you were out of diapers!)

APK

P.S.=> As far as my "not knowing anything about modern operating systems"?

"and know nothing about modern operating systems? How nice of you. " - by hakahaka (2485890) on Monday October 31, @04:06AM (#37892290)

I think you'd better look @ this (how to secure modern Windows NT-based Operating Systems - I've been doing THAT type of thing, since 1997 to present as well online, & it works (& is rated very, Very, VERY HIGHLY nearly everyplace online it is):

http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Search

I wrote that, & it's bar-none, the best of its kind (regarding "modern operating systems").

It's used to "immunize" a Windows system, I effectively use the principles in "layered security" possibles!

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Bing shows the same as GOOGLE does, & I get the "top spots" in both search engines (without trying to "SEO" it either as many others do).

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online

Steve Jobs:
"We have always been shameless about stealing great ideas."
"Good artists copy; great artists steal."

http://www.neowin.net/forum/topic/452150-bill-gates-isnt-too-bothered-by-piracy/

Bill Gates:
"It's easier for our software to compete with Linux when there's piracy than when there's not."
"Although about 3 million computers get sold every year in China, people don't pay for the software. Someday they will, though," Gates told an audience at the University of Washington. "And as long as they're going to steal it, we want them to steal ours. They'll get sort of addicted, and then we'll somehow figure out how to collect sometime in the next decade."

Ariel Katz, a law professor at the University of Toronto and an expert on the economics of piracy:
"Microsoft benefits from piracy, then says, 'If you think prices are high, blame the Chinese, because they are the thieves,' "

"They like us to feel guilty — to think that piracy is wrong and immoral. Economically, it's not necessarily true, but it resonates with the public."

RMS? I rather give my body to Bill Gates.

He is waiting.
http://www.neowin.net/forum/uploads/post-59416-1105987532.jpg

Well in 2011, Oracle is the new boogeyman. They love to embrace, extend and extinguish open source projects - far more so than Microsoft.

Um, I don't think so, unless I'm missing something. Oracle still supports several open-source projects, such as OpenOffice. They haven't "extinguished" them, they haven't made them closed-source, they're still there. The problem is that they do a half-ass job of supporting their open-source projects. That's still better than MS, who hasn't stopped trying to extinguish OSS and certainly doesn't produce its own significant open-source projects. The only reason that MS isn't the boogeyman they used to be is because they just don't wield the power they once did; they're slowly fading into irrelevancy.

Looks Like Oracle is no longer supporting OpenOffice as of Friday the 15th

http://www.neowin.net/news/oracle-drops-openofficeorg

What I have been 4 decades (working on service cutoff (no run if no NEED)).

Proof? Ok, & from as FAR BACK AS 1997, to present:

1997: http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml

2001: http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

PRESENT: http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Search

* "Read 'em, & weep", along with my other reply to you here (showing how your "expert", good as he is, is subject to correction, & yes, imperfection...)

The amazing part, is this though (from my perspective): IF you think you can even BEGIN to attempt to "downtalk me"? You had better show me you have done more in the art & science of computing than I have over time... & I truly do NOT think you can!

APK

P.S.=> Lastly/in closing-summation/bottom-line: You've got to remember 1 thing - Like all men, none of us is a "God" - we make mistakes, overlook things, & certainly do NOT "know it all" (& neither does your expert you cited, whom I have had run-ins with a couple times over the years, & with whom I have done work for the same companies with over time, as a peer AND THAT I HAVE CORRECTED and GOTTEN THE "BEST OF" IN DEBATE ON TECHNICAL ISSUES (specifically memmgt, because in the end? The ideas he espoused & that were put into VISTA HAD TO BE CHANGED (cache aggression/memuse for caching))...

... apk

Which is the MAIN "WHY" of why "tuning guides" like I've been doing since 1997 online for users of NT-based OS (& far before that on Win9x/DOS before it), worked for so many others over time. To wit:

"Reducing memory usage in Windows 8 is more about reducing the churn of pages through the various kernel data structures in the memory manager. " -by tgd (2822) on Saturday October 08, @10:19AM (#37647620)

Per the above, in fact, as I told another user here in another thread in this article here?

http://tech.slashdot.org/comments.pl?sid=2466512&cid=37649154

I have literal, actual, concrete & verifiable data from a benchmark test that shows cutting services you DO NOT NEED actually boosted benchmarks bigtime!

(Simply because services are programs, & they consume MORE THAN RAM, they also consume hWnds, many forms of I/O to disk/memory etc.-et al, & CPU cycles (boosting work for the kernel mode memmgt subsystem's one YOU "hit on" in fact)).

Lessen the workload on the OS? All else has a MORE than "potential gain"...

See, I've been into & "tuning" NT-based OS since they came out, around 1992... & I can say just 1 thing "IT WORKS"... for better performance, & yes, even security!

* It ALL "boils/distills down" to 1 concept, a solid one -> "DOING MORE WITH LESS" = Good Engineering!

Period...

---

"As the article says, that involves things like optimizing old code to not trigger page faults all the time, or to suspend threads or otherwise idle background services that aren't being used. (A thread waking up, and going immediately back to sleep because it has nothing to do will still ptentially cause a page to be re-loaded from disk.)" -by tgd (2822) on Saturday October 08, @10:19AM (#37647620)

I totally agree here, & have been aware of it forever, per the above... heck, on these Windows NT-based OS since nearly "day #1" of them releasing. E.G.:

To "immunize" a Windows system vs. attack (and yes, to save memory/cpu time/other forms of I-O etc. also for speed/performance/efficiency, et al), I effectively use the principles in "layered security" possibles!

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.p

There's actually a registry key you can change which flips back into the old non-Metro way of doing things - which is the default UI in all the leaked versions of 8 so far. http://www.neowin.net/news/windows-8-how-to-re-enable-the-classic-start-menu I'd say it's safe to assume that there will be an option to revert to that in the final product. This is a developer preview and as such it's no wonder that MS wants everyone to get used to the Metro interface.

http://www.neowin.net/news/windows-8-app-store-approval-policy-outlined

seems to have a faster approval process.

But apple and ms should have a adult area with little in the Content Compliance area.

Given that there are two more days of BUILD, you'll probably see more of this.

I predict the next story will be about the windows app store policies.

Because NEITHER Microsoft, Apple, or Linux (or others) ships their Operating Systems as SECURED AS THEY CAN BE, period!

Proof? Ok:

How come there is something called:

---

1.) The "CIS Tool" for Windows (& other OS' too)

2.) The Microsoft Baseline Security Advisor

3.) SeLinux

4.) Apple has a security guide also that pretty much follows the SAME DAMNED GENERAL GUIDELINES as what I do for Windows users here then:

http://www.apple.com/support/security/guides/

---

???

(Ask yourselves that... if these OS' are "So Secure" then...)

---

To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:

---

That gets testimonials like this after applying it:

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does ac

From/By "Yours Truly" -> http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC experience much easier.

To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC experience much easier. Sandboxing was great. Getti

Especially this part:

"This kind of skiddie hacktivism is what spineless yobs do when they're too scared to go out and try to make a difference in the real world. It's just another breed of armchair combat, and a pretty sorry one as well. If you want to make a difference then do something out in the real world. Most people can actually relate to that." - by DurendalMac (736637) on Monday August 01, @12:14AM (#36943634)

They really SHOULD be doing more "good" than they have (only decent thing these LulzSec &/or Anon folks did was warn the NHS about their admin passwords being exposed, but, they did NOT abuse them vs. NHS - I have to give them that much)... & MOST of the "attacks" they have done?

Not that tough (especially DoS/DDoS & even SQLInjection's easy enough to find to take advantage of)...

HOWEVER: They HAVE pointed out where the problems are that need fixing!

(That, in fact, is the ONLY "good thing" I have to say about any hacker/cracker or even malware maker - though they may NOT "like it", it's truth (I'd say the same thing to Satan - that God allows his existence to "test us", & he's God's "tool" too, like it or not)).

I just try to find "Good" in "the Bad" & avoid the UGLY is all...

Anyhow/anyways:

Perhaps this IS their "area of expertise" & that's where every one of us SHOULD be trying our best to help make the world in whatever way, shape, OR form, better!

(In whatever that is one's GOOD/BEST at - Be it engineering, computing, lawmaking, you-name-it... this is where you stand the biggest chance of doing so is why because you're good @ it!)

Yes - Imo @ least? THIS is how CHANGE, good change, starts & radiates imo (a "pay-it-forward" type of thing, hopefully compounding & expanding, via "geometric progression")).

Hence why I don't FULLY agree with your next statement though:

"Do it through a computer and far less people will give a shit. Those who think they do are deluding themselves into believing that they're actually doing something great from the basement. It's lazy self-justification." - by DurendalMac (736637) on Monday August 01, @12:14AM (#36943634)

You CAN make a difference there too.

For instance, my brother is a U.S. Military Officer... he tells me the "Virginia Farm Boys" & "FEEBS" absolutely HATE geeks (sometimes, with good reason, ala Anonymous &/or LulzSec)...

AND, he's been "hit" many years ago (1996-1997) by computer hackers @ home, & he told me:

"They ought to be hung by their balls!"

I agreed, to a large extent in fact... Especially the kind that REALLY cause problems (stealing vital information, or monies, from others OR institutions).

So, back in 1997 (after he got "hit")?

I was already doing it on IRC anyhow, but I discovered "the web" & forums, & put this out:

To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MO

The "FULL GAMUT" of what I use for BOTH added online security AND SPEED (& have done since 1997 or so, in the form of guides for Windows users (but the principles apply to other OS' too, & so does the CIS multiplatform security test it uses to help "guide a user" & make it "fun-to-do" as well, like a benchmark almost (albeit for security, not speed only))) is below:

To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the first link above...

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Grea

OR, as I call it, "layered security". I, & others I know that do the guides I have written since 1997 online (& before that) for Windows do well using it (I haven't had a "malware-in-general" infestation since 1996 in fact because of it):

"You get used to the concept that everything is fallible and you need defense in depth. Virus scanners help provide that defense in depth. They scan incoming things for known threats (by the way good ones are updated more than once a day). It is not your only line of defense, but one of them." - by Sycraft-fu (314770) on Tuesday July 26, @02:24PM (#36886646)

Correct, & they all "compliment one another" + tend to make up for each others' "shortcomings"... because "layered-security/defense-in-depth" IS really the best thing we have going... IF you take the time to implement it.

On Windows NT-based systems of "more modern varieties" (ala 2000/XP/Server 2003/VISTA/7/Server 2008), that takes about 1-2 hours of your time, albeit gaining you YEARS of uptime into the distance as your "ROI" for effort expended...

This takes time, but it's well worth doing if you value a stable long-term setup of a computers.

This means:

---

1.) OS & app patching conscientiously

2.) Updating antispyware/antivirus

3.) ONLY using java/javascript ONLY WHERE IT'S ABSOLUTELY NEEDED ONLINE (think ecommerce sites), as well as the same for frames/iframes/plugins to browsers

4.) Email in TEXT ONLY

5.) Securing rights to filesystems ACL/MAC-wise

6.) Securing group & local system security policies (which are NOT setup as strong as possible by default mind you in shipping OEM init. default setups by the makers of them)

7.) Disabling unneeded potentially "dangerous" services that establish "listeners" on the internet (thus, possible "handles" to grab for illegal ingress)

8.) The use of custom HOSTS files (for both speed & security, more on that below)

9.) Using filtering DNSBL utilizing DNS servers to compliment them (more on that below with examples of DNS servers that do that)

10.) Firewall rules tables (both in routers &/or software firewalls in combination), if not also the "poor man's firewall" of IP filtering @ both the TCP/UDP portions of the IP stack.

... and more...

All of those measure work on a very, Very, VERY SIMPLE PRINCIPLE TOO:

"You can't get burned if you don't go into the malware-in-general kitchen", or better yet "If you don't get in bed with the devil, you can't F**** & get impregnated by he" either...

That, along with educating users is the most important part!

(This last one, it is the most important part imo, so they understand as best they can in laymen's terms when possible, on HOW/WHY/WHEN/WHERE malware-in-general works on them to steal their information or money, or to enslave their systems for nefarious purposes, etc./et al!).

---

To "immunize" a Windows system thus, I effectively use the principles in "layered security" possibles!

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online:

http://w

To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC experience much easier. Sandboxing was great. Getting my host file updated, set

All I do is follow the guidelines I set down here, to the letter (& not just myself, or my friends or family either... but others that have applied this guide in the link next below (some of their testimonials are quoted below in fact or they use the same type of techniques in part I illustrated)):

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

And, a decade++ before it, here:

http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml

(In part of its "original prototype" I started working on while adminning "the official Windows help channel" on DALNET IRC in #Windows, circa 1994-2000)

Which NeoWin picked up on & rated pretty highly circa 2001, here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

---

That guide?

It's ALL ABOUT the best thing we have currently going: "Layered Security" & User Education really (the latter IS the "main problem" along with the botnet/malware-in-general makers imo!).

* And, yes - it works... proofs thereof (small sampling, I can produce many others upon request):

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

---

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC experience much easier. Sandboxing was great. Getting my host file updated, setting services to system service, rather than system local. (except AVG updater, needed system local)" - THRONKA, user of my guide @ XTremePcCentral

AND

I do understand what a self-signed cert is. I've played around with them a little bit in testing, but it has been a while. I primarily use a "real" cert with a commonly trusted CA. Let me rephrase:

Browsers pop up an alert if the site's certificate isn't signed by a trusted CA (e.g. I visit your website which uses your self-signed certificate, but I haven't imported your personal CA root certificate. I obviously don't trust your certificate.) screenshot: http://www.unitone.name/images/firefox_3_ssl_certificate_warning.png

My questions were basically:

  - Do you get a similar "untrusted certificate" warning when running self-signed Windows applications? (given, of course, that you haven't imported and trusted that cert) Is this similar to -- or the same as -- the "unknown publisher" warning: http://www.neowin.net/images/uploaded/215509_uac-unknown-publisher-prompt.png ?

  - Assuming that users ARE prompted with a warning similar to the above, won't they typically just click through the dialogs and install/run the app?

Therefore, all that I'm saying is that users are typically stupid, and even if they get a security warning, they won't look at the certificate and certificate path.

U FAIL #1: - I've been cutting OFF services I don't need since oh, 1994-1995 on Windows-NT based OS, for starters... & you say I haven't apparently (pure comedy GOLD):

"'ll tell you: Having programs or services running that are not necessary, have no function, and are not used. Every one is a potential security hole waiting to happen." - by cbiltcliffe (186293) on Thursday July 14, @06:43AM (#36760610) Homepage

So much for THAT statement from you, & the funniest part is, I can prove it with the ORIGINAL older model of my security guide too, @ Neowin (where it was picked up on in 2000-2001 no less) -> http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND I even noted why I do it, verbatim, here in another copy of the more current guide (same as the ones you saw):

http://www.pcreview.co.uk/forums/secure-windows-2000-xp-server-2003-and-even-vista-make-fun-do-t3511888p3.html

"services cutoffs for speed + security in DETAIL" - by APK

On that very page link url above... lol!

Fact is - Originally, I cut off services I don't need for SPEED though (to not consume RAM, CPU time, &/or other forms of I-O needlessly, but also later for security on the grounds you stated too (double BONUS)).

In fact?

Go over to the TechPowerUp forums also - while doing speed tests & benchmarks there, ScienceMark & WinTune tests?

Well - I showed their forums members how to get another 20%++ out of their scores BY CUTTING OFF SERVICES in our benchmark tests using ScienceMark &/or WinTune... in turn, they showed me how to FULLY OverClock AMD systems (I already knew how to do Intel ones).

---

U FAIL #2: - Why do you *THINK* I put "remote registry" running as a LocalService for? It can still function that way, but not as a SECURITY RISK anymore (I cut it off totally in fact, set disabled actually, but if it were to be activated again by some interloper malware, it'd be SAFE(r) because it was set as "LocalService" logon entity - "get it"?):

"Anyway, in this section, you say you've personally tested all these services, and know they run fine under the different account. One you list for running under LocalService is the Remote Registry service. I can guarantee you that this service does not run properly under LocalService. Sure, it will run, but its entire functionality is nullified, because the whole point of the service is to provide remote access to the registry in domain/remote admin situations, and the LocalService account has no network privileges" - by cbiltcliffe (186293) on Thursday July 14, @06:43AM (#36760610) Homepage

Hence, my point above, lol... SO, that all "said & aside": WHAT WAS YOUR "so-called POINT"?

---

"Of course not. You're not worth the effort, as you're an ineffectual, intellectually deficient waste of skin." - by cbiltcliffe (186293) on Thursday July 14, @06:43AM (#36760610) Homepage

LMAO - post the wrong link & tell another LIE here? Of course... that's just what you do!

---

"I have done some work for Seimens and BMW, though, both of which I'm sure you've heard of." - by cbiltcliffe (186293) on Thursday July 14, @06:43AM (#36760610) Homepage

Let's see, here is a list of mine (both fulltime & contract in LARGE companies, some are Fortune 100-500 over time):

Lockheed Martin (coding)
AXA MONY (forensics & security work)
NEC (coding)
NCR (coding)
CableVision (network technician @ NOC)
BellSouth (during Olympics 1996 contract to setup RAS gateways)
IKON (tech)
Goulds Pumps (coding)
BurgerKing
McDonalds
Boston Market

Teun: That's "arguments" they'd use (or a pedophile FREAK would also)... but, on that note:

See subject-line, & this -> http://nortondns.com/ It's got a very easy to navigate page, and on it, it has good detailed explanations that aren't "too technical for the avg. joe" either!

* ENJOY!

---

"I can see you are a Norton troll." - by Teun (17872) on Sunday July 10, @03:06AM (#36709544) Homepage

No, per my subject-line? I just tell it how it is, & the truth!

In fact, I wrote the MOST viewed security guide & most highly rated ones there are, since 1998 online:

Fact is, unlike most of you trolls around here TRY to imply?

I "preach" layered security, & have since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I

http://en.wikipedia.org/wiki/Fuzz_testing

"Fuzzing" won't protect you for long." - by Anonymous Coward on Friday July 08, @06:52PM (#36700664)

It is a method for finding "bugs" in applications ... NOT a protection method!

And, you said this? LMAO:

"as you seem to be doing a pretty good job of making yourself look stupid." - by Anonymous Coward on Friday July 08, @06:52PM (#36700664)

Who's stupid now? LOL, not I! See above on "fuzzing" you fool!

---

"Your focus on "security by obscurity" highlights that you may also be guilty of it." - by Anonymous Coward on Friday July 08, @06:52PM (#36700664)

LMAO - no, definitely NOT on that account per THAT accusation from yourself (along with your numerous troll-like attacks on my writing etc. while you post as TRULY AC):

I "preach" layered security, & have since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, mov

IF you have the hosts-domain name for the C&C servers this botnet uses!

(And, I do have all of them for TDSS, Zeus, SpyEye, CoreFlood, & MANY others, & ones for this one also that are known from past models of it mind you)

In fact, as of RIGHT NOW (slow day today on updates, but it's a holiday weekend too)?

My HOSTS file protects me vs. 1,466,975++ known bad sites/servers/adbanners/hosts-domains... as of this writing & checking its temp file before OVERWRITE COMMIT to my actual HOSTS file (not in std. location either, I point it to another location in fact, to fool most malware that don't do the correct check for it beyond std. default location (QHosts being an example virus that did that in fact in the past)).

Then, yes - HOSTS can help see this from a /. member here in fact as a testimonial thereof to that effect above & beyond my own:

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

HOSTS, work, & help... especially in combination with:

---

A.) DNSBL protection I get from Norton DNS which filters vs. malware and updates around every 1/2 hr. or so, & that I can attest to with proof if needed

B.) Firewall rules tables (software or hardware type, vs. IP Addressed threats that do NOT use hosts-domain names)

---

* It's ALL about "layered security" & I've been practicing it, & remained infestation free, since 1996 or so in fact... because of this:

I "preach" layered security, & have since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 300,000 - 500,000++ views online, last I checked (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ [pcpitstop.com] (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

Norton DNS or my HOSTS file would block it, but I wouldn't worry about that (say if my nephew or brother who uses my system @ times infest it by accident)?

Well - Typical virus/spyware/trojans/malware-in-general, I'd knock it off using Process Explorer IF I had to!

(That's my "never fail tool" that can be used vs. malware-in-general that possibly std. tools like antivirus/antispyware doesn't kill - that IS because their signatures/mugshots of known offenders sometimes doesn't HAVE new stuff in it (&, that's usually only a matter of time too with submissions from millions all over the globe & what-not)).

Process Explorer (for std. "Ring3/RPL 3/UserMode" malware that is) is EXCELLENT for killing unknown ones (& you can always spot them, even IF they hide beneath another exe they hook (via libs) or services (libs or exes)).

You tell it to "freeze" the culprit, which it sends HLT commands to, & then? You destroy it on disk... simple!

---

Many times here in the past, I have said most security is "reactive" in nature before here, antivirus/antispyware too - but the rest of it, comes from the user being diligent patching OS & apps, PLUS, being smart about surfing!

Case in point?

E.G.-> Another PROACTIVE measure that cuts of a vector of infestation @ the root?

Disabling javascript's "all the time" - only use it, where you absolutely NEED it!

Say for ecommerce or reputable sites only!

(Opera allows for this excellently, as it has a BY SITE PREFERENCES setup, & globally I surf w/ out script active by default, plugsins too (e.g.-> Adobe Flash going thru hell all the time is why with bugs)) another PROACTIVE way to avoid trouble too!

E.G.-> Since 2004, I can show you a slew of reports on adbanners ALONE that infected folks by the 1,000's if not millions via malicious scripting, & bogusly scripted sites (which Norton DNS' DNSBL & HOSTS files block & my hosts file? Updated EVERY 15 minutes, automatically for me as I stated, via a Python system I built/co-built/rebuilt))

The rest of what I do "PROACTIVELY"? Is in my p.s. below... it works!

Would you like tesimonials to that effect? Ok:

I "preach" layered security, & have since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 300,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ [pcpitstop.com] (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

And, per my last post to you? Like TestedDonut, whose testimonial I put up in my last post?? I don't get malware, ever, in the 1st place...

NOW/Additionally: IF you see my init. post & the guide in it - you have to get one first... I don't per that guide is why!

I.E.-> I mean, heck - Cutting off what I called "the harbinger of DOOM" there (javascript) & being judicious in its usage alone cuts off a good 90% of the probability of getting one online in the first place!

(Plus, other things like doing text only email, not HTML scriptable types, helps as well)...

* I do MUCH more too, for the concept of "layered security" (best thing we have going currently in fact, & I've done guides like that since 1997 for securing Windows - here's what NEOWIN thought of that one:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

Great rating, when they got ahold of it in 2001 (older less comprehensive than today's is since 2007)

* In fact? I suggest you read it the newer one in my guide link I put into my 1st post - here it is again for your reference (you sound like you know a "trick-or-two" though, but you MAY pickup something too, never overlook THAT much):

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

From your DNS thing though? Though you have a point?? Well... sounds like you NEED to read that!

APK

P.S.=> HOWEVER, in fairness? That's been the most challenging point I've heard here vs. my ideas on "layered security" - VERY good!

You did make a good point though, I will give you that (& sorry for calling you troll - I thought you were the other post here (DEFINITELY a "troll"))

... apk

That'll clear the bootsector (good job, I've been using RC's commands to 'knockout' rootkits for years too per -> )You need to use RC's:

LISTSVC - shows all drivers names & states
DISABLE - stops services AND drivers

commands to finish it off, & this SHOULD do it!

(That's because it uses a driver - issues listsvc & it will show all driver names. Then use DISABLE to stop said BAD MBR bootsector protecting driver from loading, period!)

Proof thererof on WHY those 2 commands should work, hopefully & that this thing uses a protective driver:

---

http://blogs.technet.com/b/mmpc/archive/2011/06/22/don-t-write-it-read-it-instead.aspx

PERTINENT QUOTE/EXCERPT:

"now it introduces a driver component to prevent the malicious MBR and other malicious data stored as disk sectors from being changed. The driver component protects the data in an unusual way â" by hooking the DriverStartIo routine in a hard disk port driver (for example, atapi.sys)"

---

(Doing a listsvc /? or disable /? shows their paramter switches for their commandlines)

* ... & there you are!

APK

P.S.=> I've been using Recovery Console's (RC) commands for ages, since early Windows 2000 days for PC Security, & I list using it like mad for removal of even rootkits here:

http://www.proprofs.com/forums/index.php?showtopic=14264 & especially vs. rootkits as shown in that malware removal guide I wrote back in 2008 (first I wrote was 2001 for NeoWin & NTCompatible here http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text ).

RC/Recovery Console's great - it works & especially vs. rootkits

(& is pretty much as easy to use as DOS was. Very similar!)

So, you're correct on RC's FIXMBR being able to "blowout" a bootsector virus, but this one's trickier because of the driver being resident protecting the "BAD MBR"!

However - this SHOULD work to make SURE it's "blown out" & completely by not only cleaning the bootsector, but also disabling this bogus driver from loading too, if needed (sounds like it is needed - I only skimmed the articles, too late here for me to stay up reading more...)

So, since I must call it an evening? Well... if you guys find out anything else, like it's been modified even more to stop those commands of LISTSVC/DISABLE from running? Let me know... thanks, I'll catch it in the a.m. with coffee!

... apk

Yea, FYI from http://www.neowin.net/forum/topic/862816-opera-ceo-steps-down-immediately-replaced/ :

After delivering strong results over over several quarters, Opera slumped to a surprise loss in the third quarter of 2009.

NOW: IF I were a "malware maker/hacker-cracker"? I'd have to be the STUPIDEST one there is, because I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 400,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) 2.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

APK

P.S.=> That's Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

No, obviously.

(So much for your attempts @ "discrediting me" with "std. troll disinformation protocol", because it falls apart in the light of FACTS... easily! Just "too, Too, TOO EASILY" in fact!)

... apk

Came along for the ride, & guess what gents: It's about to get WORSE!

Case-in-point/e.g. is "MASS MESH ATTACKS":

http://www.esecurityplanet.com/trends/article.php/3935941/New-Injection-Attack-30000-Websites.htm

* Very nasty...

APK

P.S.=> Now - SQLInjection's fairly easy to stop (via Stored Procedures usage, BIND variables usage, & removal of business logic out of front ends in general (if not blocking out redirects as I do to over 1, 444, 444++ known bad sites/servers/domains-hosts as I do via a HOSTS file, or a firewall (or even a TPL for IE, Opera's URLFILTER.INI or FireFox's methods etc.))...

This type though? Quite a bit worse

So - I sort of hate to say "I told you so", but... it furthers the case for my stating to people to LIMIT THEIR USE OF JAVASCRIPT, or be judicious in its usage @ least, as I have said for YEARS here:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

nd a decade before it here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text [neowin.net]

Man - yes, I know: You NEED javascript for some sites (think e-commerce) but... the second I saw scriptable documents in say, Word & Excel docs + their macros being taken advantage of in VB-Script/VBA? I knew that scripting web HTML documents was going to be the same!

So, do take a read of the 1st URL I posted on Mass Mesh attack & its mechanics, be enlightened folks, & prepare yourselves!

... apk

They're nasty SOB's too:

http://www.esecurityplanet.com/trends/article.php/3935941/New-Injection-Attack-30000-Websites.htm

"Now we just need to hope that they don't breed better attackers that are all resistant." - by DanTheStone (1212500) on Thursday June 16, @01:32PM (#36465516)

Break out the "Zithromax" then... looks like we'll need it!

APK

P.S.=> Now - SQLInjection's fairly easy to stop (via Stored Procedures usage, BIND variables usage, & removal of business logic out of front ends in general (if not blocking out redirects as I do to over 1, 444, 345++ known bad sites/servers/domains-hosts as I do via a HOSTS file, or a firewall (or even a TPL for IE, Opera's URLFILTER.INI or FireFox's methods etc.))...

This type though? Quite a bit worse

So - Hate to say "I told you so", but... it furthers the case for my stating to people to LIMIT THEIR USE OF JAVASCRIPT as I have said for YEARS here:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

nd a decade before it here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

Man - yes, I know: You NEED javascript for some sites (think e-commerce) but... the second I saw scriptable documents in say, Word & Excel docs + their macros being taken advantage of in VB-Script/VBA? I knew that scripting web HTML documents was going to be the same!

So, do take a read, be enlightened folks!

... apk

Legislations being proposed, & rather "suddenly" lately, in regards to "stopping online crime and hacker/crackers" etc.!

Addtionally, the typical way to "sway the masses/polarize them"?

Trumpet it from the rooftops in ALL media, yes, including online too & THEN CREATE AN "INCIDENT" or series of them (PRS - Problem/Reaction/Solution)...

Same as happened w/ 911 for instance (& I am pretty much sure that was all a setup, don't know about you though).

In fact, We had a discussion here:

http://yro.slashdot.org/comments.pl?sid=2231322&cid=36416026

About that VERY THING/CONCEPT, just a couple days ago here in fact... & yes, there are others that think as you do... and those that CLEARLY, don't!

Me? Well... Not sure.

APK

P.S.=> I only know I do my part to stop these "hacker/cracker" &/or "malware maker" types, & have since 1997 online http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text... AND, more recently, e.g., here:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

... apk

I don't agree with what they do (as I don't do their "tactics" myself but I could easily (so could anyone with the right tools & know how because doing a DDoS or DoS as I noted earlier here? Cake. Same with finding sites vulnerable to SQL Injection (hell, even GOOGLE can find THAT for you, & rather easily, with the RIGHT type of query)).

However: They DO POINT OUT WHAT NEEDS FIXING! Just like malware makers do...

That's about ALL they do that is "good" (that's my way of being an "optimist" here is all - I don't like malware makers or hacker/crackers anymore than anyone else does, especially their victims - in fact, if you look below? I've spent a great deal of time helping others protect themselves from guys like them both).

In my earlier posts here, however?

I do point out a time when "LulzSec" actually HELPED the NHS by pointing out their admin passwords were exposed here:

http://uk.ibtimes.com/articles/160624/20110610/lulzsec-lulz-security-nhs-health-service-cyber-attack-weak-hack-hackers-hacked-sony-nintendo-network.htm

AND, believe-it-or-not? LulzSec warned them, & how to fix it + where (rather than they taking advantage of it for "nefarious purposes")...

So, it seems they're not "all bad"! Fact is, from their point-of-view?? I don't believe they think they ARE "doing wrong". They believe in what they're doing is all.

Do I think they believe in what they're doing?

Yes, & perhaps especially in this case... but, it's still a BAD MOVE for them! They'll get traced & caught, & it's only a matter of time - & the kind of people they're messing with now in governments of nations? DUMB & DANGEROUS!

(Man... trust me on that much, I've seen it before, decades ago, with others like them)

APK

P.S.=> Now, personally? I've read extensively read about hacker/cracker types, and put out things to help "average joe" out there as best I could since 1997 (which Neowin picked up on in 2001 & rated highly http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text , & currently this version of that guide too:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE which wherever it was posted (almost) on 15/20 forums its on, was made either a:

---

1.) Sticky/Pinned thread
2.) Essential Guide
3.) Most Viewed
4.) 5/5 star rated
5.) & even got me PAID (quite unexpectedly, @ the topmost results in that query no less - "The Lord works in MYSTERIOUS ways" is all I can say about that)

---

Eventually though? These guys @ BOTH "LulzSec" and "Anonymous" (assuming they're not just puppets for some other organization that is) are making a BIG MISTAKE imo, because the worst thing a "criminal" can do??

UNDERESTIMATE THE POWER & KNOW-HOW OF THE LAW... they're already being tracked & caught for Pete's sake as is... apk

Otherwise? I know that governments (especially governments) FEAR dissent (because the BIGGEST FEAR OF THOSE IN POWER? LOSING THEIR POWER, of course)... I am just curious on these guys' "motivations" is all!

Like I showed in my posting though - you can see the "LulzSec" people doing something actually sort of "good" (in warning the NHS about exposed admin pwds)... but this "anonymous" faction? Who knows!

It's why I asked it (and you can almost BANK ON IT, they have people around here... this is rated by many places as "the #1 tech site online", E.G.-> http://www.topsite.com/best/tech )

APK

P.S.=> Trust me, I have read on this & everything like it I can find since 1995 or so, the ONLY time I was ever "hacked" & that was on IRC - where I learned about security really on the #Windows95 channel there, the "official help channel for Windows users" endorsed by K. Mardem Bey the creator of MIRC in those days - inspired me to TRY to help on the security front in fact (see below).

I've read extensively read about hacker/cracker types, and put out things to help "average joe" out there as best I could since 1997 (which Neowin picked up on in 2001 & rated highly http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text , & currently this version of that guide too:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE which wherever it was posted (almost) on 15/20 forums its on, was made either a:

---

1.) Sticky/Pinned thread
2.) Essential Guide
3.) Most Viewed
4.) & even got me PAID (quite unexpectedly, @ the topmost results in that query no less - "The Lord works in MYSTERIOUS ways" is all I can say about that)

---

In a way, I can see doing some of this stuff... but, eventually? These guys are making a BIG MISTAKE, because the worst thing a "criminal" can do?? UNDERESTIMATE THE POWER & KNOW-HOW OF THE LAW... apk

"When fossil fuels are exhausted, there may be a mass die-off event within the human species, due to the massive reduction in possible food production and transportation. "

Baloney. Who is feeding this to you? Why? Who profits from your fear?

We have centuries of coal (but it is polluting). Thorium can power our civilization for thousands of years. We have an effectively infinite supply of solar energy. People are working on zero-emissions manufacturing. We can grind up rock to make fertilizer. And so on.

References off the top of my head:
http://www.treehugger.com/files/2009/09/surface-area-required-to-power-the-whole-world-with-solar-power-wind.php
http://nanosolar.com/nanosolar-technology-overview
http://www.neowin.net/forum/topic/993314-thorium-reactor-talk-at-ted/
http://www.nist.gov/el/msid/dpg/slim.cfm
http://www.remineralize.org/

We may even have cold fusion thanks to one of the many people you perhaps wish was never born as he took up to many resources?
http://en.wikipedia.org/wiki/Energy_Catalyzer

Who has infested your mind to what end with so much negativism so that you are less likely to have kids? Who is making money off of that? Are there much uglier imperatives at work in the people who tell you this? Example:
"The Greening of Hate"
http://peakoildebunked.blogspot.com/2005/09/106-greening-of-hate.html

Did the world end when we went through "Peak Whale Oil" a century or so ago? You're still here, right?

Now, we may still blow ourselves up fighting over mis-perceived scarcity. But that is a different problem.

Resources do not exist before the human imagination looks at the universe and turns things into resources. Otherwise, say, we would not have aluminum, produced because some imaginative people figured out how. We would not have solar panels without people figuring out how to make them. And so on.

Here is a quick comparison of the beliefs of say, William R. Catton (who wrote "Overshoot") and Julian L. Simon (who wrote "The Ultimate Resource").

Catton:
* People are the problem
* People consume resources
* People take up space leading to overcrowding
* There is a fixed amount of material resources on the Earth

Thus he predicts (with some glee?) a big die-off.

Simon:
* People are the solution
* People produce resources
* People create spaces worth being in
* The human imagination creates new resources

Now, there is truth to what both of these authors say. But ultimately, you can decide for yourself which path leaning more to one or the other is more likely to produce a future more worth living in, given the truth about solar power, thorium power, grinding up rock, and so on.

Our electricity and natural gas consumption might even go down if we switched to electric cars, by the way:
http://www.evnut.com/gasoline_oil.htm
"To extract one gallon of gasoline (or equivalent distillate): 9.66 kWh (maybe not all in the form of electricity*)
To refine that gallon: 2.73 kWh additional energy (maybe not all in the form of electricity*)
Total: 12.39 kWh per gallon.
*Roughly one-third of the energy content of a gallon of gasoline produced from California wells is input from natural gas. Less than 2/3's is net energy (probably a lot less!).
So I can get 24 miles in my ICE on a gallon of gasoline, or I can get 41 miles (at 30

Choice is better. Every style of product always sells better when there is choice. Doesn't matter if it's smartphones, computers, clothes or even food like hamburgers.

I don't think Dave Thomas would agree

He saw that one of the problems with KFC, and all fast food restaurants of the day, was that they had much too complicated menu’s. He then worked with Colonel Sanders to drastically simplify the menus, focusing on a few signature meals. This small change particularly helped turn around the KFC franchise; and, though it was a minor thing, helped revolutionize fast food restaurant menus all over the world. Even to this day, the staple of most fast food restaurants is their overly simplistic menus, focusing on a handful of signature meals.

In terms of overall experience at ALL levels (Operating System security, programming & analysis, degrees & more? Boy, you're a NOOB compared to me... show me 1/10th of what I've done to YOUR credit, & before I did them especially then... ok? You can't and YOU KNOW IT!).

I've been at these things since 1982 little boy, and at ALL LEVELS noted above... how about you?

"Now go read a few security manuals, get a few years experience in OSes and security, then you can set your sights on one day being able to speak to me at the same intellectual level. Hell, I may even reach down and help pull you up those last few steps of your very tiring climb." - by pandrijeczko (588093) on Tuesday May 31, @03:52PM (#36300818)

You're a "BIG TALKER" & that's about it! I've done the "security consultant" bit for both camps (NIX & Windows) & know EXACTLY what I'm talking about!

In fact, so much so, that the guide I've written up for Windows security is the:

You MAY wish to refer to the link below that shows a security guide I did for Windows (from 1997-current) as it is:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 300,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) 2.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008...

IMPORTANT:

So - Have YOU done better, troll? We want something we can SEE, not just your "alleged status" as a "security consultant", ok??

No, obviously.

(So much for your attempts @ "discrediting me" with "std. troll disinformation protocol", because it falls apart in the light of FACTS... easily! Just "too, Too, TOO EASILY" in fact!)...

However, since we're on the subject of security, Linux vs. Windows? Ok... how about I "up the ante" & show nearly ALL of what MS makes for business & development, vs. the Linux kernel ALONE then?

Here we go:

Linux kernel 2.6x, vs. NOT just the OS either in Windows 7, but rather nearly the ENTIRE GAMUT of what comes from Microsoft has LESS KNOWN SECURITY ISSUES UNPATCHED than does the LINUX KERNEL!

(That's FACT! See below... & "eat your arrogant words" boy, now flavored with "the bitter taste of YOUR defeat", lol!)

Linux 2.6x kernel too ONLY mind you, NOT THE REST OF WHAT COMES IN THE DISTRO like Window managers, GUI shells, apps etc. which HUGELY COMPOUNDS it even more, and worse still, for Linux:

To wit/e.g.:

---

Vulnerability Report: Microsoft SQL Server 2008: (05/31/2011)

http://secunia.com/advisories/product/21744/

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft Internet Information Services (IIS) 7.x: (05/31/2011)

http://secunia.com/advisories/product/17543/

Unpatched 0% (0 of 6 Secunia advisories)

Vulnerability Report: Microsoft Exchange Server 2010:

Is that "in practice", "in theory" or "in the wild now"?

What do you mean now? http://www.neowin.net/news/macbook-hacked-in-seconds-again

What do you mean "What do you mean now?" - As confirmed by your link: not out in the wild period. You can't win pwn2own with something out in the wild.

Is that "in practice", "in theory" or "in the wild now"?

What do you mean now? http://www.neowin.net/news/macbook-hacked-in-seconds-again

I've never met a windows fanboy defending their faith in person (have met plenty of Mac fanboys at work though!). Most Windows users are normal people just doing stuff with their computers.

http://www.istartedsomething.com/

http://www.neowin.net/

http://www.winsupersite.com/

http://www.zunescene.com/

http://www.zuneluv.com/

I could go on and even mention the rabid Xbox 360 fanboys that ignore the flaws and after market costs of their console of choice while attacking anyone who buys a PS3 for any purpose.

http://www.neowin.net/news/microsoft-intel-executive-was-wrong-about-windows-8 Long story short, this statement from intel is incorrect. But guess what: intel is a chip manufacturer that sells x86 cpu's and has sold its arm devision a few years back, how much more biased do you want a source of information. In reality it will most likely be an ugly vm running your old non recompilable software slowly.

"Wait until he starts on another kick, then reply to him as an AC. It's the new meme". - by tomhudson (43916) on Sunday May 09 2010, @08:29PM (#32150544) Homepage Journal

QUOTED VERBATIM FROM -> http://slashdot.org/comments.pl?sid=1646272&cid=32150544

AND... IF I am a "malware maker" as you say? I'd have to be the DAMN DUMBEST ON THE PLANET!

Why? This:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 300,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) 2.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

No, obviously.

(So much for your attempts @ "discrediting me" with "std. troll disinformation protocol", because it falls apart in the light of FACTS... easily! Just "too, Too, TOO EASILY" in fact!)

APK

P.S.=> So much for that, tomhudson... lol! Because YOU, by way of comparison, to myself? ARE A BOTNET MAKER!

Proof? Ok & again, I'll let tomhudson speak for himself:

"As I've pointed out elsewhere, it is a trivial exercise to design a C&C that can bypass the whole HOSTS thing" - by tomhudson (43916) on Friday April 01, @11:30AM (#35688796) Homepage Journal

FROM http://slashdot.org/comments.pl?sid=2051634&cid=35688796

and

"Do like I did - work for the Russians for a few years" - by tomhudson (43916) on Monday June 28 2010, @11:09AM (#32716798) Homepage Journal

FROM http://tech.slashdot.org/comments.pl?sid=1699526&cid=32716798

Doing what though? Building botnets?? Evidently so!

I have ALSO asked to see work you've done, & you show nothing, no proof. I have showed you mine with letters from users this & last month still using wares I wrote nearly 20 yrs. ago that still do the job better than competitors (CCleaner).

Well - I also blew that away on your "design of your botnet" & showed HOW TOO EASY IT IS TO STOP TOO, which you RAN FROM, here:

---

"SEE TOM RUN:

http://slashdot.org/comments.pl?sid=2084000&cid=35823050

---

Which you ran from... lol!

I rest my case!

... apk

http://www.neowin.net/news/windows-7-finally-overtakes-windows-xps-marketshare-in-the-us Stats can prove anything. Bottom line -- Win7 is healthy, thriving, well-received, and rock solid. Get your head out of the sand my friend. It's just an OS. No need to get so worked up over it. Use what you like -- Linux and OS-X (or whatever) are perfectly good choices and in any case, to each their own. If other people can respect your choice, why can't you respect other people's choices? Why the need to prove that a perfectly good OS is a flop?

...Do you really think Microsoft Research will pull out such a stunt?...

Yes, as they already have. http://www.neowin.net/news/microsoft-vulnerability-research-discovers-two-chrome-flaws
Breaking news....a long time ago our competitors had this security flaw, that they ummm....fixed a long time ago.

"Now, why is that? What are you so afraid of my debunking your hosts file for?" - by tomhudson (43916) on Saturday April 16, @07:17PM (#35843768) Homepage

QUESTION #1: What EXACTLY, have you debunked?

First of all, I think that YOU *think* that all I say is "a hosts file is enough for perfect security"??

QUESTION #2: SHOW ME A QUOTE OF MYSELF EVER SAYING I EVER SAID THAT MUCH, VERBATIM...

(I'll be waiting, lol, for that "12th of never"...)

---

No, instead I "preach" layered security, & have since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 300,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) 2.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

---

"Is it because anyone using it is open to certain attacks" - by tomhudson (43916) on Saturday April 16, @07:17PM (#35843768) Homepage

Ahem: Again, layered security put THAT away as I showed you, AND YOU RAN FROM (lmao) here:

http://slashdot.org/comments.pl?sid=2084000&cid=35823050

Because I STILL don't see you turning aside the SPECIFIC POINTS I MADE THERE on how to stop your "botnet", which they do on my points on how EASY it is to stop and why in detail, of which you said you designed...

APK

P.S.=>

"As I've pointed out elsewhere, it is a trivial exercise to design a C&C that can bypass the whole HOSTS thing" - by tomhudson (43916) on Friday April 01, @11:30AM (#35688796) Homepage Journal

FROM http://slashdot.org/comments.pl?sid=2051634&cid=35688796

and

"Do like I did - work for the Russians for a few years" - by tomhudson (43916) on Monday June 28 2010, @11:09AM (#32716798) Homepage Journal

FROM http://tech.slashdot.org/comments.pl?sid=1699526&cid=32716798

Doing what though? Building botnets??

Evidently so!

Fact is - I have asked to see work you've done, & you show nothing, no proof. I have showed you mine with letters from users this & last month still using wares I wrote nearly 20 yrs. ago that still do the job better than competitors (CCleaner)...

Plus, & if you've eaten @ Boston Market, McDonalds, or Burger King in your LIFE? You've used my wares, albeit indirectly, for the bump bar system for their kitchens... apk

Linus Torvalds is switching back to KDE. (j\k)

"I also personally consider it a public service to point people to solutions [superantispyware.com] that actually [comodo.com] work [malwarebytes.org] instead of relying on magical woobies and anecdotes" - by hairyfeet (841228) on Friday April 01, @02:27PM (#35689938)

The effectiveness of those solutions is FAR from perfect & everyone knows it... but, in case they do NOT? See here:

---

MULTIPLE EVIDENCES OF ANTIVIRUS &/or ANTISPYWARE PROGRAM FAILURES + SHORTCOMINGS:

http://www.theregister.co.uk/2007/12/04/win_2000_virus_tests/

http://www.securityfocus.com/infocus/1839

http://it.slashdot.org/it/08/11/07/1545238.shtml

---

From COMPLETELY VALID & RESPECTED SOURCES no less, as is per my usual!

APK

P.S.=> No, single solutions (even HOSTS, which I have NEVER ONCE said is "the end all/be all" of security - just a great layered added part vs. known malicious sites &/or servers (botnet C&C ones etc.) for security, and SPEED (blockout adbanners & hardcode your favs for reliability vs. DNS poisoning, DNSBL, & DNS request logs etc.) too + more - it's VERY "versatile", free, & you can get them from reputable sources like this one -> http://www.mvps.org/winhelp2002/hosts.htm

As to my "know how" & experience in security for a PC (as well as in the real world where I was the manager for a couple years in THAT VERY CAPACITY)? Ok:

I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 300,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) 2.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

No, obviously.

(So much for your attempts @ "discrediting me" with "std. troll disinformation protocol", because it falls apart in the light of FACTS... easily! Just "too, Too, TOO EASILY" in fact!)... apk

"oh yeah STATIC, just like your HOPES file, but really you are just kinda pathetic." - by hairyfeet (841228) on Friday April 01, @02:27PM (#35689938)

Let's have "Pwuffesuh HaiwyPheet" of the PRESTIGIOUS "ITT Tech" tell you ALL his lesson on "static vs. dynamic" address based ad banners (lol, put your mental seatbelts on folks - it's a wild-ride that will have you laughing your asses off):

http://it.slashdot.org/comments.pl?sid=2061048&cid=35681060

LMAO!

---

I also don't put my "entire faith" in HOSTS files, so you can cut the lies already - though I *do* consider them to be a VALUABLE part of an arsenal of the MOST effective thing you can do for online security:

"LAYERED" security!

So - How can I speak of THAT & as an authority?

Ok - Well, I'm actually one of the main "sources"/authorities for it, for nearly 15 yrs. now online & unlike YOU? I can prove it!

To wit/E.G.:

I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 300,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) 2.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

No, obviously.

(So much for your attempts @ "discrediting me" with "std. troll disinformation protocol", because it falls apart in the light of FACTS... easily! Just "too, Too, TOO EASILY" in fact!)... apk

Oh, really? Then, I'd have to be the DUMBEST THERE IS then, because I've been showing the PLANET how to secure vs. that on Windows for 14++ years, to EXCELLENT ratings!

To wit/E.G.:

"He is a known troll and malware writer" - by hairyfeet (841228) on Thursday March 31, @05:45PM (#35683144)

So, does THIS link I showed here before, which was + 5 INFORMATIVE rated no less here:

---

COMPUTER ASSOCIATES BUSTED FOR ACCOUNTING FRAUD:

http://news.slashdot.org/comments.pl?sid=1884922&cid=34350102

---

NOT prove that much? Sure does!

In a way? Thanks - You're only allowing me to expose my false accusers publicly once again for the slime they are, & to vindicate myself of your libel... thank you!

Also - CA & others like they have done the same to Dr. Mark Russinovich of Microsoft, and Nir Sofer of NIRSOFT as well - calling THEIR wares, malware too, & they're KNOWN in this field as decent... so, I suppose I am in TRULY, "good company" on this account no less!

Again, IF I were a "malware maker/hacker-cracker"? I'd have to be the STUPIDEST one there is, because I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text

AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

Which has well over 300,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)

---

Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?

No, obviously.

(So much for your attempts @ "discrediting me" which ALWAYS FALLS APART IN THE LIGHT OF DOCUMENTED, CONCRETE & VERIFIABLE facts!)

APK

P.S.=>

"There is a reason why everyone abandoned HOSTS files" - by hairyfeet (841228) on Thursday March 31, @05:45PM (#35683144)

LOL, again: Oh, really? See here:

http://www.mvps.org/winhelp2002/hosts.htm

MANY 1,000's use them for better layered security, speed, & even ANONYMITY (vs. DNS request logs) & vs. DNSBL too!

HOW ABOUT MR. OLIVER DAY & SECURITYFOCUS.COM TOO?

E.G./to wit:

http://www.securityfocus.com/columnists/491

Dated from 2009 no less... that doesn't look like the 1990s!

(You've never even DISPROVED the 20 points I post that HELP USERS here either... lol!)

(SO - How stupid do you wish to keep appearing, hairyfeet?)

Apparently, even STUPIDER than HERE already:

http://it.slashdot.org/comments.pl?sid=2061048&cid=35681060

LMAO - It appears that you don't even KNOW the diff. between the word STATIC (IP addressed) or DYNAMIC (domain/hostname based)... and yet YOU claim to be a TECH? Please.

---

"while giving NO protection from malware" - by hairyfeet (841228) on Thursday March 31, @05:45PM (#35683144)

Again, see Mr. Day's article above, AND mvps.org (the most highly rated HOSTS file on the planet & BOTH are NOT from the 1990's OR abandoned!)

OR my highly rated & W

"You made the extravagant claims, back them up with the math" - by hairyfeet (841228) on Thursday March 31, @05:09AM (#35675892)

Here, I am GUARANTEED 100% protected now currently vs. 944,397 KNOWN BAD SITES/SERVERS (C&C & other types) that these hacker/crackers use, & because of a HOSTS file...

Can YOU say the same? No, certainly not. See below!

(Especially about the tools you "merely use" like the "trained chimp" (lol) that you are, as a mere TECHIE, "ITT Tech Boy"... lmao!)

Proof? Ok:

---

MULTIPLE EVIDENCES OF ANTIVIRUS &/or ANTISPYWARE PROGRAM FAILURES + SHORTCOMINGS:

http://www.theregister.co.uk/2007/12/04/win_2000_virus_tests/

http://www.securityfocus.com/infocus/1839

http://it.slashdot.org/it/08/11/07/1545238.shtml

---

From COMPLETELY VALID & RESPECTED SOURCES no less, as is per my usual!

APK

P.S.=> Hairyfeet: You came in here, as per your usual, libelling me & trolling me, OFF TOPIC as usual -> http://it.slashdot.org/comments.pl?sid=2061048&cid=35667932

& got yourself SHOT DOWN IN FLAMES on each "so-called point" you tried making, lol!

Why? Because unlike yourself, I am MORE than able to "run with the best"...

People like Dr. Mark Russinovich, who has also been called a "malware maker" unfairly as I have been, of which I showed the source in CA are a pack of criminals (busted for accounting fraud).

(Yes, that's right - ask him yourself! Dr. Mark Russinovich of MS, whose work I have even corrected before AND HAD TO TELL HIM how/when/where/why to do so no less, & yes, I have even gotten the best of in technical debates as well @ Windows IT Pro forums, shown in the URL above no less)...

We used to do work for the SAME company ITT Tech Boy... have you worked with the likes of he as a peer? No!

Suggestion: Get a better education than "ITT Tech" (you need it if you're going to try to "get the better of me" which to date, despite your constant trolling of myself, you have YET to do, and you never will - you aren't intelligent or educated enough to do so, period!).

Heck, on security, especially for the most attacked OS family there is, because it's MOST USED? For guides, I wrote the VERY FIRST ONE, highly rated no less, for Windows NT-based OS out there back in 1997-2001 in that edition:

PROOF:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text [neowin.net]

So, you're trolling a "source"/authority on the subject, & for more than 14++ yrs. now no less, per what others have done with my posts on that subject (see below, across 15/20 forums currently & more from the past) right here...

That's from 2001, but the original they took it from was from 1998 @ NTCompatible.com!

(more comprehensive by far, & for more current MS OS'):

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE

At over 300,000++ views strong (actually near 400,000++ because 1 site it was on 'went down' & had 75,000++ views more than 1 yr. back in fact), that's usually:

---

1.) Made an "Essential Guide"

2.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID)

3.) Is in their TOP 10-20 MOST viewed posts

4.) Is usually 5

http://www.neowin.net/news/bricked-wp7-this-is-how-to-fix-it

On a side note, I hate the term "bricked" given this is a recoverable problem, although someone did point out that "bricked" is a perfectly acceptable term to describe a non-functional device during the period of time in which there is no known fix.