Slashdot Mirror
Is Obsolescence Good Computer Security?
caesar-auf-nihil asks: "I was recently considering a switch from dial-up to something faster (either cable or DSL) but my friend recommended against it since he said I was more secure staying with Dial-Up. His argument was that my connection's slowness and 'not always on' connection gave me better security since I was less of a target for many security threats. Now, I have never gotten infected, nor do I believe my machine is infested with spyware and/or controlling programs as it runs fine, but I wonder if the obsolescence argument is really good or not. Does Dial-Up really protect you or is this a false sense of security and I should just go ahead and pick a faster service and make sure my firewall is a good one and my virus definitions are always up to date?"
It sounds like your friend is advocating a type of security through obscurity to me. Being on dial-up won't protect you. You should be using a firewall and have up to date virus definitions regardless of your type of connection to the internet.
Not connecting to the Internet at all is even safer than dial up, and not even having a computer practically guarantees that you won't get spyware and malware. And what good is that? Your friend's advice is ludicrous. Use proper security. Don't cruise the net as root, or the admin user on a windows box. If you have to use Windows as your OS get a real firewall product, hardware even better than software, don't run unnecessary services, don't use IE unless its for the MS site itself. Don't use Outlook. Keep your system patched. Avoid sites like the free game and pr0n sites that are forever infesting computers. Get a useful book on security. Keep proper backups so that you can recover if all else fails, then relax and enjoy the experience. The time you'll save will pay for most of your outlays.
I have nothing to hide. So, why are you spying on me?
Its only true in the way that you will be mugged less if you walk naked down one back alley every night instead of twenty. Go ahead and get the faster connection, and get a hardware device (nat box at least, a real firewall would be better though) between you and your uplink line, and you'll be better off than you were before. You can't do that (using common hardware) with your modem in the first place.
Why would you be less secure with broadband? I mean, you typically get an external IP with dial up, and if you havent been infected yet, why would become infected if you get a broadband connection with NAT? You seem to have your client security sorted out, I'd say go for it.
Dvorak on Doomtech
Go with broadband.
You have a stupid friend.
*Satan Laughs As You Eternally Rot*
why not ditch your computer entirely, you can communicate via telegraph and morse code. Or better yet, do everyone a favor, and cease all communication altogether, and leave us the hell alone with this nonsense. My god, what the hell has happened to /.?
Being on the internet by itself is not a security hazard. Doing something stupid or using an insecure operating system/browser (cue IE/Windows jokes here) is insecure.
I use my router on my broadband connection as a firewall - works great. Even in Windows I have no problems.
No, is the simple answer.
You could get hit by a worm just as easily - they attack by IP address and are indescriminate about where they attack - they don't care how fast your connection is.
As for spyware and the rest, if you're using a slower net then probability is that you'll browse less and be subjected to less risk, but in general the argument used is complete and utter rubbish - there's no additional security to be gained by dialup.
Jolyon
Please read my Canon EOS tech blog at http://www.everyothershot.com
Why go for slightly better security when you can go all the way?!
Forget dial-up. Hand floppies to your friends with instructions on what web pages you'd like to browse. They will return the floppies to you with the pages. You will be extremely secure from viruses... much better than dial-up. Think of it like Netflix for the web.
- For the complete works of Shakespeare: cat
You'll get the same viruses, slower. Viruses are not large files.
you should make sure you have a good firewall and your virus defs. are up to date simply as a Matter Of Course. That, or buy a Mac/install Linux. ( in which case you should still have a good firewall)
filter: +3. Hey, look! all the trolls went away!
Let me get this straight; you read Slashdot, but are still on dial-up? That's unpossible.
See post subject
No
Yes and yes
Yes
Also, make sure you are behind a router using NAT so that your computer won't be directly accessable from the outside world.
Not quite sure how this question made its way to slashdot, since it seems sort of self-explanatory, but I suppose we can elaborate.
In short, I suppose you would be more secure on dial-up. Less data moving around, less access to situations which may be a threat, less up-time, etc.
That being said, most of the world is already using an always-on connection, and the vast majority of them manage just fine. It's not a daunting task to configure a setup that will secure your home computer to a suitable degree. Just your ordinary broadband router should include a firewall that should be sufficient, and the Windows firewall is also likely sufficient.
If you aren't an expert on setting up your network, then just find one of your more tech-savvy friends (not the one that told you to stay on dialup!) and have them check your router/firewall configuration. There are also websites you can visit (Symantec?) that will perform a check on various ports for basic vulnerabilities.
Big ones, small ones, some as big as yer 'ead!
Give 'em a twist, a flick o' the wrist...
That your friend is on the same cable node, and he wants all of the pr0n bandwidth for himself...
Buy a router, your computer will have the SAME security it would have through dialup....
you'll still have to deal with viruses and backdoors from emails, malware, etc,
In my opinion, the only thing that you are doing is protecting others. Your computer will probably not become a spam zombie, because transmitting outgoing data would be painfully slow (ie: spamming one address every 5 minutes). While you may be somewhat immune from other viruses, the trade-off of higher speeds is worth it.
That's equivalent to saying if you never leave your house you won't get mugged. Sure, its probably true, but if you take the proper cautions, you will probably avoid getting mugged, and, more importantly, you don't let fear control your life.
DYWYPI?
Do you know for a fact that you don't have spyware? I have seen many dialup connected computer with spyware and they didn't even know it. Broadband is better. Everyone can be secure if they just follow a few simple rules to surfing the web.
1) Don't download things unless you know what they do.
2) Get rid of IE
3) have a good virus scanner/spyware scanner
Staying on dialup is like saying that a bike is more reliable and therefore better than a car. Cars might break down every once in a while but if you need to get somewhere they're much better than bikes.
Its much more secure if you personally just dialup and squark and squeek at the handset processing all of the information yourself, you can't do this with DSL because its a digitial line so you can't hear what it is saying properly. Personally this form of internet communication, while a little slow (around 2 baud) has never resulted in any security problems.
In summary
Your friend is a muppet, probably Fozzy, potentially Gonzo.
An Eye for an Eye will make the whole world blind - Gandhi
Just ask my neighbor who uses dial-up. I had to spend hours cleaning all the spyware and virus's on their computer system. If you are connected in any way you need to take the same precautions.
With most DSL connections, your computer will be behind NAT, which adds security from worms such as MS Blaster. Same with cable, if you use a router.
Let's take the question seriously for a moment, for fun.
:)
Is there an argument for this? No.
You can simply unplug your net cable at night. So why be stuck with an expensive slow connection?
I think this ask slashdot question was a trolling experiment.
Broadband + OS X = Problem Solved. Oh NO, someone will mod my post DOWN and it will hurt my KARMA! Oh dear! Now I'll need to sleep with a nightlight.
Music - www.richardmac.com
I don't think so. You'd better slip a giant condom over your whole computer one way or the other. Sticking it in (to the wall) is going to put you at risk of infection either way. Only complete abstinance will work 100% of the time. Jusk ask ol' bushy.
but you'll still get attacked. I helped my brother set up a new system a year or so ago. We installed AV and ZoneAlarm on his system BEFORE I let him dial out to his ISP. In the first 5 minutes he had been probed nearly 20-30 times (it was a year ago). Automated attacks really don't care what your connection is and they can be very patient.
The only advantage that dialup will give you when it comes to security is that you'll probably notice the speed dip as you receiving the malware/worm. As for all the advice about using 'a good firewall' and 'up to date virus scanner' - I wouldn't put too much faith in either of those. imho those things tend to provide a false sense of security and may even help promote risky net activities.
Awareness, vigilence, and knowing that installing activex controls for a serial number seem more important to me.
I've had my computer get infected while downloading security updates over dial-up after a fresh installation of XP. I should have downloaded all the updates, or SP2 at the very least, from work and brought them home to install them.
One problem with dial-up is that you probably won't have a hardware firewall/router between your computer and the internet. Many folks with broadband access have some type of a router with a firewall/NAT built-in. Not everyone does, but some do, especially people with wireless setups, although that introduces its own security troubles.
The point is, if you think about security (which means you have to be aware of all the types of security threats to begin with, not just focusing on one or two that your friend told you about), you'll be able to take proactive steps to make your computer(s) more or less secure. Otherwise, you're leaving yourself open to becoming a zombie just as much as the other millions of computer users out there.
Everyones covered the no aspect, but there is one thing I miss about dialup: I could see if my connection was being accessed, and if my RX or TX light went solid and I wasn't using my connection, I could just flip a switch and stop whatever was happening.
Really though, broadband is worth far more than that minor feature, even if now all I have is a useless 'data' light thats constantly lit or blinking.
Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
I agree with everyone else here. That may be technically true, but it's stupid. All you need is a firewall and a little common sense and you are practically invulnerable to most of the attacks out there.
Get broadband. Get a firewall. Enjoy.
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
I fully agree with all the above advice and my 2p's (uk) worth is that at times you can be safer on broadband instead of dial-up. For example if you have a cable modem (dont know how it works on adsl so keeping quiet)then you have NO risk of some dodgy dialler software getting in and changing your dial-up number to a premium rate number because it's not connected to the phone line at all !!!
Enjoy the speed and "almost" always on. broadband
All those viruses and exploits use OS-specific techniques. So if you want real security through obscurity, get it by browsing the web using an OS no virus-writer has ever heard of, let alone would be tempted to spend time writing a virus for. I might have a copy of BeOS 4.5 around still if you'd like to use it... ;^)
I don't care if it's 90,000 hectares. That lake was not my doing.
Anybody else think the article writer is simply trolling? What kind of question is that to ask here?
There are 11 types of people. Those who understand binary, those who don't and those who are sick of this lame joke.
upgrade to faster connection, switch to kubuntu (free AND secure), or anything else equally secure.
;)
If you need (unsecure) windows for anything, use vmware player (free), or wine (free), or if you need to play games with 3D acceleration then cedega (nonfree).
Remember about http://www.openoffice.org/ for office work, http://www.gimp.org/ for drawing, http://www.k3b.org/ for burning DVDs... and the list goes on and on.
ps: I've got some karma to burn, so here I'm whoring
#
#\ @ ? Colonize Mars
#
After all these years of AOL and MSN dial-up users infecting and spamming all over the web, and ppl are even wondering about this? I think that is plain scarey the lack of logic and history that we seem to have.
I prefer the "u" in honour as it seems to be missing these days.
He just doesn't want you to enjoy the plentiful porn, music, and movies available with broadband. Tell him to fuck off and stay out of your future "pirating". BTW, is he employed by the RIAA/MPAA? Only a RIAA/MPAA stooge would recommend staying away from broadband.
I currently own a large army tank. I want to buy a fast car to race. I mention this to a friend, and he says, "why would you want to get a fast car to race? Don't you know fast race cars are dangerous? You'd be much better off sticking with your tank, it's slow, but it's safe!"
While this *might* be true, it does nothing to solve my desire to drive a fast race car.
I would assume the reason you'd go with broadband is because you want a FASTER connection. It can be argued that it's less safe, but it's undeniably faster, which is your goal.
Statistically, you might be more open to an attack directed at your computer since the connection is "always on," but this is rare and easy to stop, in fact all the security measures you would want to take with broadband should already be in place because you face similar, if not the same risks with dial-up.
sig.
Ok, I'm sick of seeing crappy advice confusing newcomers and normies. Here are some stupid tips to avoid taking seriously. I'll start it with this one.
1 - dumb. Use dial-up instead of Cable or DSL because being connected to the internet all the time is a security risk.
1 - smart. Go get Cable or DSL, your life will improve (barring bad service). If you want to nullify the increased threat from being constantly online, buy a router that does NAT for you. Now you aren't always connected, your router is, and it's providing statefull firewalling for you.
2 - dumb. Never run anything you want secure on Windows. Use Linux, or even better OpenBSD.
2 - smart. OpenBSD rocks on security, but if you have no bloody idea how to use it you'll do something dumb that will compromise security or, more likely, uptime. Use the OS you know how to configure, and learn how to configure is securely and properly. You can research new OSs from your now-secure platform.
Please, kind readers, add to this list.
No, you're not safer on dialup just because it's slow. Your friend's logic is marred. Now one could argue, if I was a bad guy and wanted to hack you, (because I wanted your resources), I might swear a bit if I was successful and found out you were on dialup. There goes one resource I wanted (bandwidth) and lack of others (static IP, always on connection) is detrimental. But most (or at least many) threats nowawdays are automatic. And they don't care what type of connection you are on.
I work for an ISP (won't say which one) but the majority of our abuse complaints are from home dialup users. Granted there's thousands of them, and probably thousands more than any other type of connection, so the stats speak for themselves.
But in a nutshell, no... you're not more secure because you have a dialup. You're not more secure if you have a small-name ISP (or large name for that matter), or if you live out in the middle of nowhere, or if you use a different OS or if you don't use english as your primary language.
Security is a state of mind. There's not one contributing factor that trumps the "majority" of security threats.
FLR
In my moderately limited experience ridding computers of spyware, adware, viruses, etc, I have had to work on 1 machine hooked to a broadband internet connection, and 5 without. So, really, you should get broadband, it's MORE safe!
Seriously, if my data proves anything, it's that it's not the connection, but the connector. If you haven't gotten viruses on dialup, you'll likely not get them on broadband.
Pulp Audio Weekly - Geek News and Reviews
No offense, but your friend is stupid. Hackers don't check to see how long you are on when they try and get into your system, the only security that Dialup provides is that hackers can't hack into your system when you are not connected. A good hardware firewall and a software firewall, along with good security practices will MORE than makeup for the security of dialup (mostly a false security). Plus, you get blazing internet transfer speedsa and much lower latency than dialup.
I would argue that your friend might be right, sometimes. It seems to me that sticking with old hardware, connections, etc. can work if a) the tool works for you, and b) the tool didn't become obsolete due to some inherent security flaw.
IMHO the argument should really be phrased as: If you don't need it, don't open yourself to security holes. If you run a PC don't run servers (or an OS that runs them without your consent) unless you need to. If you don't need always-on connections then don't get it. I find that many people, and companies, open themselves up to security holes because they buy new "upgrades" when they don't need them.
For that matter there is another benefit that you didn't mention: power. If you don't keep your connection, and pc up all the time that saves a lot of power. Unless your PC is actually doing something (running servers, crunching numbers) then you should just turn it off. You'll probably pay a lot less each month for it, and Mother Earth will love you more. I personally unplug my TV and Radio when I'm not using them as they still use a lot of power in "sleep mode". When I started doing that my power bill nearly halved.
Do they think driving their car dramatically slower than the average driver is safer? Do they think that driving less will prevent them from being hit when pulling out of the driveway? Do they know enough to open the garage door when the car is running so they won't die of CO poisoning?
I think your friend considers ignorance to be a security shield. Unfortunately it's not.
I'll create an amusing sig when I have something meaningful to post.
The baddies on the net are not aware of your connection speed; malware does not discriminate nor does it 'prefer' faster connections. Besides, only a few bad K need to break in and you're finished.
So considering the above, no, being on a slower connection effectively profides no extra protection. So continue your good security habits, get broadband, and buy router.
Nope. Back in the good old Win98 days, I picked up a worm over dialup. Reducing your connectivity to improve security is like trying to avoid traffic accidents by driving only one day a week. Plus, the false sense of security might just make you *more* vulnerable. Besides, you can generate a similar effect by just unplugging your network cable when you're not online.
On the other hand, using obsolete *hardware* would probably help with security; I think it would be harder to hack a computer that isn't binary compatible with anything made in the past ten years. Of course, then you have a whole different set of problems....
For one thing, you'll likely have a "first line" of defence in a NAT router if you go broadband.
Pre SP2, I ran kerio firewall. The few times I had to connect to dialup (traveling for work, no hotel broadband) I got hundreds of "pokes" each hour for various exploits. I was suprised as, being used to being behind NAT, I hadn't even SEEN the "incoming bad connection" popup box for kerio before!
You do have a risk that none of us on broadband have: Dial-up Hijacking. Malware on your computer changes your dial-up settings in Windows, and you end up dialing to a pay number in another country, and VERY expensive. Many people don't notice it, until you get your phone bill. You don't hear about dialers as much now, but they're still out there. Am I just showing my age? http://www.internetbasedmoms.com/articles2/modem-h ijacking.htm
A wise friend of mine once said that in his experience, his quality of life was directly correlated with the speed of his internet connection. When he was on dialup, life was very, very bad.
Powered by Web3.5 RC 2
News for computer illiterate grandmothers.
Bzzz. Sorry he/she fails.
The type of problem that having a not always on connection would help with is a remote attack.
A Broadband connection with a hardware router/firewall is much more secure against this type of attack. You are basically hoping that you win a Russian Roulette if you are hoping not to catch a worm by using dial up.
With a few of the more recent worms I have known more people with dial up to catch them then broadband users due to the fact that the broadband users had a hardware firewall (I don't set much stock in software firewalls, especially on Windows systems).
Get a broadband connection, and get a router/firewall box from any reputable manufacturer, and keep your system up to date. That is the best prevention, plus you get all the advantages of a broadband connection (always on, speed, etc)
Shawn's Tech Articles
Some of the worst malware cleanup jobs I've had were machines that connected via dialup. As others have already pointed out, if you have a broadband connection via a router, you at least have an incoming firewall. I'd never put a Windows machine on a dialup connection without a software firewall. Viruses, trojans, worms and adware will get you via stupidity whether you have a firewall or not.
"Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain
This is a stupid idea. If you're running Windows, you should be using XPSP2 with the firewall turned on and all critical updates installed; if you're running something else, make sure you know exactly which services are open to the outside world, and keep on top of the security updates however that's normally done for your OS/distro.
If you're on DSL or cable, you may also want to use a router that does NAT.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Tell your friend to buy a Sherman Tank and drive it to work so he'll be less affected by traffic accidents. It goes slower, is harder to dent so has great security. All other things aside, this is the ultimate way to get to work.
But you can't stop with just dialup. You have to use MSDOS 2.0, and get yourself a good ansi term program to connect to a dialup that gives you telnet, ftp, nn, lynx, pine, etc. Use a 300 baud modem for maximum attack-throttling also.
Security has nothing to do with the fact that your connection is slow and not always on. Even the simplest of firewalls can make sure that someone cannot hack your PC even if you have an always-on connection.
- 8022_4-10491730.html?tag=lst-0-1
The way PC gets hacked/infected today has completely changed. There are two main reasons you get hacked....
First, you visit a website that is malicious and it tries to exploit a vulnerability in your web browser.
Second, you download some free software that has spyware bundled in.
So, dial-up does not give you any additional security. In fact, once you get infected, it will become almost impossible for you to connect to the internet because the precious little bandwidth you have will be sucked by spyware/adware.
If you want security while web surfing....try this.
http://www.download.com/SpyWall-Anti-Spyware/3000
Spyware / Adware / Malware stuff is pretty easy to deal with. Check out some of this stuff: it's free, clean and won't trash your computer.
Spybot Search and Destroy.
AdAware
MS Anti-Spyware
Keeping your OS up to date definitely will help out, and being smart about what you download from who and where. Most people infect themselves, and don't know it because of all of the shady software downloads out there. A good hardware or software firewall solution is easy enough to come by for cheap or free depending on how much time and effort you want to put into it. It's up to you as a user to protect yourself so study up.
Now, who's going to be the first to crack the "But Windows is malware" joke?
hi mom!
And it's not like you keep the computer on 24/7. And you won't be tricked by those old-school dial-up porn frauds. Pesky bastards.
She: Hey, are you a traitor? Me: No, I'm atheist.
It's hard to download security patches on a slow connection. So you'll be less secure with dial-up.
In most cases (here in norway atleast) you usually get a broadband router, which actually makes a firewall for incoming connections. Don't know about other countries though, but atleast in those cases a dsl line would be MORE secure than a dialup/isdn connection... (Yes there are routers for modem/isdn too, but those are less common)
i had to deal with many malware cleanups
dialup and cable
why is cable always on? never switch off computers? electricity? energy? aaahh, i get it -> iraq
You should use the most modern operating systems and applications, designed with security in mind, with the simplest methods of receiving, downloading, and installing updates. Good systems and software are built that way; you get what you pay for.
Get a cable modem and put a router on the inner link set up to do NAT (they come that way out of the box usually, with a 192.* or 10.* network on the inner side).
Anyone sniffing will get nowhere, and you can get out to the internet without any hassle.
I've always had this setup and never once had any of the problems my neighbors get.
Some of the worst security I have seen is with computers that only have dial-up.
Why? It take the users much much much too much time to download the security patches the need. Grabbing something like XP SP 2 is going to take goodness knows how many hours.
So they don't bother. So they get compromised.
Sure it does. My word processor has never had a virus:
Never!
I'll chime in here along with everyone else. Dialup is definetly not safer. I've diagnosed and removed malware off numerous friends and family computers, and two of the worst I've seen were using dialup. One of them was a pentium 4 2ghz and it just CRAWLED like a pentium or something. It would take forever to boot, and once it did you couldn't even access the start menu. It would pop up but you couldn't choose anything off it, and if you clicked on the desktop, the start menu would still be on the screen after trying to close it. It was totally unusable, and I had to wipe the box and reinstall.
SecureThe.Net - Practical Resources for Securing Systems
No being "always on" isn't security it's just reducing your chances of being hit. Not to mention lots of malware comes by mail or when you visit a questionable website.
Your friend's advise is nonsense.
If your system is secure, you won't get anything bad, no matter how long you are online. If your system is insecure, you'll sooner or later get it, and the only thing you do by not being "always on" is pushing it towards later.
Assorted stuff I do sometimes: Lemuria.org
In the same way that walking everywhere is safer than driving. Sure, you might bump into someone, or maybe get mugged on your way but the chances of you dying are a lot less...
;-)
Considering much of the issues surrounding personal computers and security stem from "where" people go on the Internet, such as phishing sites, questionable links promising to improve your browsing experience or give you something for free, etc... I don't think it matters whether you are in high-speed or not. Okay, you could argue that people scan the Internet for open ports on always-on home networks, but how do you think those ports got opened? It is usually from something that made it's way onto your machine either by way of major security flaw, or more likely something you allowed to get there by one of the above mentioned means.
I have seen the result of PCs that were hijacked for illicit purposes, such as password grabbing. My worksplace was targetted by those machines, and used to access accounts that didn't belong to the people who's machines were sending the traffic. And when we traced back to the source machines in many cases the IP address that had attacked us was from dialup ISPs. I would say more than 25%, but I am speaking of a handful of incidents and that wouldn't be a very reliable statistic. It was still a fair number.
So in my opinion, it doesn't matter. Don't limit yourself to snail-surfing because someone you know has a bad feeling about high speed. If you really want to be secure, simply disconnect altogether, and bury the thing about 6-feet in the ground. That, or don't click on the dancing monkey who promises you a prize...
"You are not a beautiful and unique snowflake."...Tyler Durden
That's like saying that if you don't drive a car, you won't have as many accidents as you would if you just ride a horse-drawn wagon and stay off of any road where cars might be. It's true that you're much less likely to be hurt that way, but you miss out on the benefits that make having a car (or some form of faster transportation) worthwhile. In the same way, you might not be "always on" to be attacked through your broadband connection, but you lose all of the benefits that come with having a high-speed connection. So unless you do nothing except text e-mail, the benefits of broadband should outweigh the risks, especially if you're smart enough to take simple precautions. Just nothing except my Mac's built-in firewall, I've never had any issues, and I've been on broadband for years.
David
No-one's gonna be able to hack into my old Amstrad, ha-ha-ha! Stick that in your pipe and smoke it, you OpenBSD pretenders!
Low Bandwidth Denial of Service attacks do exist. They've been mentioned on slashdot before. That link mentions a new type of attack. I'm not sure of its effectiveness now.
I'm not quite sure why I'm even bothering to respond, but I hate this posting and can't resist. It's like that stupid AOL commercial which says the same thing... "You're actually MORE at risk using Broadband".
:)
Why?
Positives for Dialup:
- If anything, is the fact that you don't typically stay online 24x7. And when you aren't online you're not going to be attacked. At least not remotely. (You can simulate on this Broadband by disabling your NIC when you're done.)
- Malicious payloads take longer to download.
Negatives for Dialup:
- Your machine is directly connected to the ISPs network. Inbound connections must be controlled through a host-based firewall.
- There's no DSL or cable modem NATing traffic and/or acting as a network firewall. I can't speak for all broadband providers, but Bellsouth DSL modems don't allow any inbound TCP/UDP connections by default.
- If your machine is compromised, due to the fact there's no NATing/firewall device in front of your machine, the attacker doesn't need to rely on a reverse shell, they can connect as they like.
In the end, there's nothing inherently more secure about dialup.
First of all, this argument is wrong, as so many other Slashdotters have pointed out. Second, unless you're doing something mission-critical, I'd rather have a broadband connection with spyware than a dial-up connection without.
Le français vous intéresse?
Why is an article like this on slashdot anyway? Everyone knows that slashdot users are immune to spyware, adware, popup ads, spam, worms, hoaxes and virus.
~= scwizard =~
If it`s that bad that you Windows-Users don`t switch to a broadband-connection for security reasons, I definitely recommend using another Operating System, like others already proposed.
I mean, come on, that can`t be the way to go, now can it??
this sig is useless
Those damn AOL commercials that say broadband makes you more succeptible are perpertuating this myth.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
Does Dial-Up really protect you or is this a false sense of security and I should just go ahead and pick a faster service and make sure my firewall is a good one and my virus definitions are always up to date?
Holy run-on sentence batman!
seriously, editors??
I got nothin'
Why did this get rated down? This really is a stupid, stupid question.
Isn't all computer security in essence a security through obscurity ?
Sure.. you can have a 256-bit key encrypted thingamabob - but the obscurity lays in the fact that you should be the only person with the key. If somebody else, in whatever way, gets at the key, they can get in just like you did.
It's just a -better- form of security than, say, putting a file on a server, not indexing it, and leaving it with a random name. Yes, if somebody were to try all possible filenames on your server, they'll hit it eventually (if they don't drain your monthly bandwidth first), and that may be easier than getting hold of your 256-bit key. But that just makes it a -lesser- form of security.. not a particularly different kind when talking about 'security through obscurity'.
Personally I'd say go with the faster connection and strong firewall as suggested earlier... except that instead of virus definitions I'd say go with Linux. But that's just me :-)
Creative misinterpretation is your friend.
With dial-up you won't get the updates in time before they attach you! Get broadband. Play it safe.
First off, as long as your connected to the Internet, you're a possible target, no matter the speed. You could try using DSL High Speed which will disconnect you when your connection is not being used and it will change your ip address as well, however, you should use a hardware/software firewall no matter what the connection.
I used to work tech support for Comcast. This very same argument was first told to me by my supervisor. It was intended to be used when a customer would call up and complain about viruses or spyware, and say that they never had the problem with AOL, so it must be Comcast's fault. Of course, there's little reasoning with a person who is right positive that Comcast is deliberately installing malware on their computer. So I have used this very same argument on a couple of completely clueless people. Just gave them a total bullshit story about how the malware couldn't attack them as fast on a dialup connection, and such things.
I must admit that it does make a certain amount of sense. The same person who downloads free smilies wholesale on cable will probably be a little more hesitant when on dialup. But honestly, it's just ludicrous to blame security problems on a fast connection. There is absolutely ZERO substitute for proper security precautions.
Just use a calculator. You won't get any viruses this way. On a more serious note, this isn't a good idea. Dial-up is very slow, and it simply isn't worth it to stay on it for security. And whether broadband is less secure is arguable. It makes it much more convenient to download security updates. If you don't want to be always on, disconnect the computer from the internet. Then again, I use a Mac, so I don't really have the best comprehension of PC security problems in general.
Stupidity is like nuclear power, it can be used for good or evil. And you don't want to get any on you.
This isn't a very nerdy headline, dear slashdot.
You knew when you posted it the answer would be a glaring "No, slower doesn't mean more secure."
Then again, a lot of folks around here get modded up while trying to argue how it is a god-given right they have untethered smtp access to and from anywhere regarding their workstation at the office.
It's really a question of values. If security is the #1 absolute value and everything else is secondary, then stay off networks. This works for Windows NT, even. (Well, if you disconnect the floppy drive ;-)
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Horse and Carriage resurgence has caused a dramatic decrease in automobile accidents.
This is sound advice, yes you increase your value to hackers by purchasing a high speed connection (valueable to them for the same reasons as to you) do some homework on computer security and you will be fine.
Let me take a stab in the dark.
Your friend watches TV, and watches commercials that planted this inane idea in his head, which he then repeated to you.
You should also drive a $500 Pinto with plastic sheeting duct-taped over the broken windows, 4 mismatched rims and a hatchback that only stays closed with a bungee cord.
It's less likely to be stolen.
After all, who cares if you're freezing in the winter because the heater doesn't work, and boiling in the summer because you can't roll down your window? You get used to it.
I also recommend not showering but once every 9 months, and wearing the same clothes unwashed for that amount of time. It's good security to look and smell like the homeless, no one ever mugs them.
This philosophy extends to just about every area of life where you need security... use it! It's very clever.
That way you can keep a high speed connection and not have to worry about it.
Yes you are less of a target if you're not connected all the time - but why not just unplug the computer when you're not using it? same difference - or get a good firewall - having lower bandwidth doesn't stop intrusions at all, it just means that more of the bandwidth you want to use is being tied up by them - higher bandwith means there's all the more for you (I guess what I want is a firewall that I control at the ISP end of the wire)
Yes i agree with your friend. I still use my chisel and stone tablet for all my important work.
My main internet machine is running OS/2 anf for e-mail I run Post Road Mailer. I doubt many people write OS/2 virii, and it is more difficult to write and a Windows virus. Post Road mailer is more secure because it does not automatically render html or run attachments.
My OS/2 box laughs at your virus!
Fight Spammers!
I am a dial-up user now. Due to technical problems, I can't have broadband now where I live. I don't run Windows but let me tell you something. In my Linux box, I decided some months ago to add a couple of firewall rules to log any traffic that was going to be "dropped". You'd be surprised to find out how many connections I receive every day directed to NetBIOS ports and services, MS-SQL and more. You'll receive those worm attacks as soon as you're online, believe me. You won't be safer. You'll need a proper firewall and you'll be infected by malicious websites like everyone else. And, as many other people pointed out, having a dial-up connection may prevent you from patching your computer properly due to the inconvenience all those downloads are. If that was your only reason not to have broadband, don't hesitate and get it.
http://www.downsizedc.org/read_the_laws.shtml
I have had cable internet for a couple of years now. And I can assure you that my internet connection is not "on" when my computer is off. I turn off my PC when it's not in use to protect it from maliciousness and to save electricity.
Now, someone could hack my router because I do leave that on all the time but I'm far less concerned about that than I am my PC.
Another option if you feel the need to leave your PC on is to unplug the cat5e cable.
Just because the connection is "always on" does not mean there's always a connection to your PC.
You are as unsecure as we 24/7 Online Junkies are !
..) not default.
Because if you use a traffic monitor on your incomming traffic even
not in a worm epidemia you will recognize many requests even per minute to the infamous hole for example "ms.blaster" used to infect systems,
so the argument of your friend is weak, everything longer than 3-20 Minutes,
increases the risk of an infection of an unprotected system, even the 3 minutes
do not say that you can´t got infected.
Here is an experiment I ran on 22.11.05 @ 22:00 (GMT+1), I installed a fresh and unpatched win2k on one of my old machines, and brought it direct online with no firewall between,
I have done this 3 times with win2k (hd-image-restoration)
and 3 times with win-xp(release),
the time it took to infect the systems was from 3 up to 20 minutes,
that´s why it doesn´t really matter how long you are online,
if there is a hole and a worm spreading it´s the
best option to have a firewall installed and running, because
most attacks will be stopped on it instantly, in the case the fw
was configured in the right way, "DO NOT ACCEPT ANYTHING, Reduce the programs which are allowed to send data to the net", exceptions are optional (Teamspeak, VOIP,
1.) install a firewall
2.) install anti-spyware & anti-vir software
3.) run these things frequently
even if your system runs fine, this is no sign of an absence of spyware or backdoor-programs, there is spyware in so many programs,
to protect your system is the best way, because anytime it´s a huge
workload to remove the unwanted programms or even to be secure to reinstall
& configure the complete OS,
what you also can do if you have Win2k or WinXP set a password for your
user account and for the administrator,
because I´m one of the persons which was/is called when the system messes up,
what I find then is mostly a complete absence of security, even commercial computer sellers leave out things like the Admin password, and this is not
a random finding, I find these things frequently.
You can be safer by using avast it has great virus detection and has a IDS. It's also free.
Now I use linux but my parent's computer has avast and it's blocked several people and caught and removed every virus.
All Your Base Are Belong To Us!!! chown -r us
I would say dialup is less secure on average. Most cable/DSL setups end up using a router doing NAT, so inbound connections never make it to the computer (although NAT is not a magic bullet to make you secure either). Dialup almost always uses a modem directly attached, so the computer is directly connected to the Internet.
I handle the abuse mailbox at the ISP I work for, and we get a lot more complaints about dialup customers infected with worm/viruses than we do about DSL customers.
Obsolescence is great for security. My DOS 2 systems and my VIC20 never get infected. Of course, there are some downsides to staying with this technology ....
I'm an American. I love this country and the freedoms that we used to have.
Why do people rob banks and not homeless people? Because there is money in the bank, but the homeless person is likely broke.
A dial up connections obviously can't put out the same load that a broad band connection can. So it would stand to reason that a zombie net creater would be less interested in the computer. But most zombie net creater's are trying to get a huge number of PCs over a wide region, so while your PC isn't is sweet as a Win 98 box on a 5 meg DSL line, it is still another zombie. and it would likely be harder for the creators to make a filter to ignore your machine.
Same for spy/adware. Your machine isn't the best, but it is another machine.
so this is not obscurity he was preaching, it was desirablility he was preaching, albeit incorrectly.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
This makes me an anti-luddite bastard.
If you're really serious about security you'll choose a more secure OS.
Forgive me for the rudeness of the comparison, but would you have sex only every two months to be statistically less exposed to STD or wearing a condon and having sex at least 5 times a week? I would go for the second option.
So say we all
Do what I do, run Windows 3.11 for Workgroups. No one would suspect a thing!
Because I have low karma, I need pills.
I've heard this argument before (no really). On the face of it, it has something going for it - OK, now why is it wrong?
;-)
Well if the PC isn't connected, it can't download updates to Windows (patches) and its Anti-Virus/Firewall/Anti-Spam etc. So when it is connected it will probably be a poor position security wise. From a practical perspective has anyone tryed to keep a PC "all patched up" over dial-up? Takes forever to download the patches, it isn't actually practical. So no, getting proper security utilities in place (and setting them up correctly) then connecting via ADSL (or similar) will probably improve the security. One tip though - don't get your friend to set it up.
I stay safe with a TI 99/4a! Safety features: 1. No known virus 2. Speech synthesizer that rocks (really when you compare everything else in the computer world is 3-7 orders of magnitude better than 1980, why does speech still suck?) 3. OS is on ROM Disadvantages: Pron looks bad in ascii or 320x200 4 color screen. Seriously, older tech may be safer from todays issues, but it's a trade off. Running mac/linux and a firewall I've never been affected either, but I enjoy the luxury of "broadband" at "cheap" prices from "comcast"
I just checked the submitters profile
You're not a troll, sorry.
But the question wasn't exactly a tough one.
Real reply: Get broadband and consider moving to linux if you're concerned about spyware. Ubuntu is pretty good.
Not only are they less likely to worry about security updates, but are you going to sit there and kill your bandwidth for days trying to download some major upgrade. For me I have DSL with 3Mbps downstream, so when new patches come out I can download them without skipping a beat.
Besides, the dialup doesn't really make you more secure. It's slower, so the amount of harm you can do to others by some worm is lower, but I can assure you, you can still get infected. I bought a new laptop while I was on a trip somewhere (long story), and while I was on the trip I used the dial-up modem on it for a couple days. During that short period of time it picked up a virus.
So get DSL and get a firewall. Firewalls will kill the vast majority of attacks. Sure you can still get crap through e-mail and websites, but then at least you're at the controls and can avoid screwing up too much.
This sig has been temporarily disconnected or is no longer in service
"Never On" is much better than "Not Always On".
/does/ launch automatically and has no way to disable to automatic launching of (1.5), can never and will never have any vulnerabilities.
Spyware doesnt detect when you go offline and decide "I guess this isn't a target.. I'll uninstall myself.", so the only way that argument would be valid would be for incomming connections (not that it's valid, since five seconds is "long enough" to get infected)
as an unrelated note, Firefox did not launch a wmf file soon after that wmf vulnerability news became widespread. Instead, it just gave a "do you want to save this file?" dialog. Aren't I lucky that WMF isn't one of the formats that firefox defaults to launching automatically without any configuration options to disable it?
Firefox is a safe browser because wmv, which firefox
-- 'The' Lord and Master Bitman On High, Master Of All
"nor do I believe my machine is infested with spyware and/or controlling programs as it runs fine,"
SANS keeps a measurement of the 'survival time' of various platforms: http://isc.sans.org/survivalhistory.php
:)
The average life expectancy of the Windows platform is currently 88 minutes. Keep in mind that this estimate is really a count of port attacks by worms, not active systems compromised. W32.Welchia's port scan (DCOM vuln; TCP 135) would have little effect on a XP Service Pack 2 machine.
Unless the individual keeps a 24/7 dialup connection, it is unlikely that the user will be up to date against current threats. You can try to download updates before you get infected, but often times people don't get that lucky. Worm/virus port scans are seemingly random, so it's really a tossup as to whether a dialup or broadband connection would be infected first. Broadband access allows Windows to more easily patch itself, and a common router with NAT could shield you from most worm attacks. On the other hand, once you free yourself from the confines of dialup, one's surfing begins to stray elsewhere. Rest assured, that warez/pr0n site is up to date with the latest IE/Java scripting vulnurability.
First of all, the "not always on" argument only applies if you sometimes use your computer without being connected to the net. I know I never do. So, if I had dial-up, I'd still be connected 100% of the time I was using the computer. When I'm not using it I turn it off.
The chief advantage to dial-up is that when you get infected with something really bad, i.e. something that uses your net connection to attempt to propagate itself to other machines, it's immediately obvious since your connection is so damn slow. "Gee, why did webpages start taking 10 mintes to load instead of 1 minute?" With a broadband connection, the malware's activity can often go unnoticed, and since there's more bandwidth it can potentially wreak havoc on a greater number of other peoples' computers.
Go ahead and get broadband if you want. Just practice safe computing. My general rules of thumb:
1. Keep your OS and apps fully patched at all times.
2. Use a firewall at all times, preferably one that monitors outgoing traffic as well as incoming (e.g. ZoneAlarm).
3. Don't run executables or open documents unless you really trust them.
4. Don't configure your daily-use account to have root (or Administrator) access.
I have broadband, run Windows, don't use a firewall (I'm behind a router), and don't use any anti-virus software, and I've never had any problems.
One of my friend had a box running an obsolete OS (something called Windows XP I think), and it got infected by a virus only a few minutes after beeing connected to the internet.
So no, security throught obsolescence is not always working.
wtf.n0x.org
If your that worried about connecting to the internet, why not just not use the internet at all?? then your PC will be totaly secure. If you want to stay on dial up, go ahead, why not broadband and linux? osx?
....if you want security through obscurity, why not eliminate the computer and do things the old way? That's even more secure.
After I switched my father to Linux, I kept an eye on the logs.
Time from dial up connection to blaster hit: 8 seconds
Time from dial up connection to Nimda Hit: Two and a half minutes
So no, it's not safer.
Dial-Up is more risky, because a dialer can use the line to call a costly service.
Apart from that security through outdatedness might work sometimes, at least if the hacker possesses 1337 equipment, and is not living in some backwards country.
I'm still trying to figure out what people mean by 'social skills' here.
For most home users there is no reason to be "always on". You can leave your DSL/cable modem always on, but why not just set the automatic sleep mode of your computer to have it effectively off the internet when you're not using it? The result is similar to disconnecting your dial-up when not in use - your computer will be asleep when not in use, and won't be responding to internet traffic.
Sorry, that should read "...but you can still have broadband".
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
I think those AOL commercials have really been sinking in.
"Did you know that with a high speed connection, you're more vulnerable to attacks? Get AOL Broadband to keep yourself safe! Just $15 on top of your DSL fee per month."
For more information, click here.
...I still program my computer each morning using two-hundred punch-through cards.
This way, I know that any virus that has to infect my machine first has to come through my hands !
BTW. still looking for a good pigeon for my network-traffic, if you have any on sale please mail.
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
I am running Windows 98 and using a really slow (26K on good days) connection. Recently, I had inadvertently bound the M$ client to tcp/ip. Soon, there were three users attached to my computer (and I was disconnected from the LAN).
So, even if you're running old and slow, they will still try to get you.
(And I need to find an open source program that looks for spyware - I am already running AVG and receiving daily updates.)
"and if you buy your dial-up service through me, then I can get you a sweet deal."
Wow, what a crock of crap that advice was. True, the slowness might prevent someone from grabbing your data IF your computer was fully open to the internet, but if you left on your connection all night, then they can still get it. Overall, the dial-up argument is absolutely terrible. Just install the right software (anti-virus, firewall, anti-spyware) and practice good habits (don't run suspicious attachments, even from friends, or install questionable software, and patch often).
My GF's system got infected by Blaster through Earthlink's dialup service.
So dialup is NOT safe.
Test your net with Netalyzr
slashdot has been coming pretty close to being struck off my bookmarks over the last 6 or so months...dupes, dupes and dupes. articles from the bbc, the register and all the rumor sites.
and now this.
i'm gone. you should, too. i'm going to write a book. slashdot for dummies. the author of this post gets a free copy.
and I think the reward part is what we are all in for right? I know i'd have to take some massive tranquillizers if I switched to dial-up. Not to mention I wouldn't be able to play online games as well (of course).
True, and there's the additional risk of porn dialers. There are few web sites that can suck your money because you look at them but there are many long distance scams where Windoze viruses are used to call home and run up charges.
A dial up connection is useful to the kinds of people who do DDoS and other net nasties. Ten times faster does not really matter to people who control 100,000 machines.
Friends don't help friends install M$ junk.
Dialup is in essence more secure because of speed you can visit websites, and the lack of not being connected 24/7 which isn't a problem with broadband if you have your firewall on. But comparitively the crap you can get into on dialup is worse. For example you can get a virus or spyware dialer on your machine. One of these over the christmas holidays racked up $600 dollars for my mama and papi who no matter how hard you lock there system down still get into trouble. At least for broadband they shut down your connection for a month if something happens. That alone would get me thousands of miles away from ever buying dialup again.(but when you can never really switch back after :) ) Oh yeah and your alternatives to getting around the dialup charges in canada are that you pay the phone company to password your long distance. They did the first time this happened offered a blocking solution. But it didn't include the long distance.
(The one I'm getting pretty tired of is "ad hominem", which many people seem to think is Latin for "You hurt my feelings!")
Briefly put, Security Through Obscurity is the assumption that your security holes will not be found because they're in a place few people will think to look. That strategy was never a good one, but it used to be more effective than it is now. Back in the 50s, when few computers were online the effectiveness of STO was merely unacceptable. Nowadays, the effectiveness of STO is pretty much non-existant — as long as the computer is online.
Now a computer using dialup is less hackable than one using DSL, because it's not always available, and because it's harder to probe when it is. The difference has nothing to do with "obscurity" — there's just less bandwidth for a hacker to play with.
Of course, a dialup connection when no security measures is still pretty fucking dangerous. But you're wrong to claim that there's no difference at all.
It doesn't matter if you have full 10GB OC-192 or a mere 9600 dial-up, if your OS has holes (Windows 95 and up, plus NT 3.5x and up looks like swiss cheese), THEY WILL BE EXPLOITED. Now, if your OS doesn't really have holes (you surf with DOS), they can't hack you. Same with Windows for Workgroups 3.1(1), of course this is a bit different.
:P). Beyond just client applications, there are no real vunerabilities (that I know of, please not that) that can bring down a WfW box, even on broadband (Save a good ol' fashion DDoS attack)
Let me explain what I am getting at:
In DOS, you will typically be using a packet driver TSR on software interrupt 0x60. This is nothing more than a raw interface to your NIC. If you are sitting at your command prompt, you are virtually imprevious to any attack (except a buffer overflow in your packet driver, which gets even rarer with the routing abilities of your ISP and home router being unable to handle any such packets). The TCP/IP stack of your programs are in the programs themselves. Each time you call 'wget', it inits a new TCP/IP stack. When it closes, it takes the stack with it. This also goes for DHCP. My point here, DOS on a broadband connection is Fort Knox. You ain't gonna get in, no matter how hard you try.
WfW is a bit different. First of all, you will want to block the standard NetBEUI/NetBIOS-over-TCP/IP ports. This can be as simple as as port forwarding them to the router's LAN IP (my router occupies 192.168.0.1, so I forward them there, which effectively ghosts that port). WfW 3.11 has very few known service applications, the only thing that I can think of that can be a hijack into your system is your web browser, FTP client, or maybe that Distributed.net client you have chugging away on your 486 (or that Athlon 64 +4200, depnding on where you got it installed
I shall get a 10 baud modem. It takes an average of 2 months to dowload a virus at 10 baud. Thus, in the very worse case I can only get infected 6 times a year. Beat that worse case scenario, you speedheads!
Table-ized A.I.
Buy a Linksys router with that DSL/Cable connection and move on with your life.
ROFL @ the OP.. I mean.. How stupid is the guy?
/. crowd is even taking this guy seriously.. Maybe I'd get on the front page if I asked something as ridiculous as "Would it be more secure if I didn't own my own PC and instead just used public terminals?" or "Should I downgrade my computer to slower components because they'll be more secure?"'
"Is my computer more secure if it's 37 years old and only spits out ticker tape?" of course, dumbass
I mean.. security is all about layers. If you wanna put a layer of celophane between your computer and the network cord, it is technically more secure. Is it worth doing, FUCK NO. Is it worth sticking with dial-up just to be more secure, FUCK NO.
If you're not a dumbass, you can use the latest and greatest technology without having evil demons taking over your computer. Oh wait.. maybe the OP should just stick with dial-up. And, he should unplug his computer when he's not using it - because that's even more secure than it being plugged in.
And, while the guy is jumping through hoops for security purposes, he should unplug the CPU fan, unhook the heat sink, wipe off the thermal grease, and lock the CPU in a safety deposit box between each use of the computer.
Security doesn't need to be unreasonable.. but it seems that dumbass and 'unreasonable' go hand-in-hand. I don't think the perfectly-reasonable solutions that the rest of us use would satisfy the OP.
It pisses me off that the
--- We need more Ron Paul!
Case in point.
Quite a lonnggg time ago, in my more reckless youth, I was doing some work at a very large datacentre. This place had extremely rigourous procedures for both physical and virtual security, so much so that actually getting through change control, the talking doors, armed guards, and all that was a major headache if you wanted to test something in production. On UNIX it was less of a problem, they allowed very limited shell access to these systems via telnet from internal IP addresses so that their scripters could change things without as much hassle. But if you wanted to do something on the Windows boxes or upload a binary, no way. No ftp in or out. They had a strict approval procedure for specially marked CDs to be allowed into the datacentre. Nothing else was allowed.
I was a days travel from an exciting urban centre, and I wanted to get away for a fun bit of R&R. But I wouldn't have enough time unless I finished a very very non-essential project before Thursday. By the time I'd be able to get this stuff through change control onto the production Windows systems, I'd miss my train. It was frustrating that I had to go through this stuff for an extremely minor change to a very minor project, but I wanted to test it thoroughly regardless. By late Thursday I knew I was in trouble. I had just completed the work, but I knew I'd be spending half the day in the datacentre trying to get my files onto the production system.
Enter Z-Modem.
My telnet client had builtin Zmodem support, and just on a lark I tried the command on the production UNIX system. Blam! I was able to upload my files there. In their wisdom, even though they had removed every possible other thing on these systems (heavily hacked UNIX systems), they had forgotten zmodem! Next problem - although the envelope around the environment explicitly disallowed FTP, it was totally OK among the production boxes. So from the UNIX machine, I was able to FTP it over to my target Windows box. Fun fun. Friday morning, I was able to circumvent change control, zmodem my files to UNIX, FTP them to Windows, and take off for the train station early.
Bad bad bad. Both for them, and for me (for being so reckless). But the point is clear... they'd forgotten about the low tech - the basics, and missed a covert channel into their system. Smartie pants will always try to circumvent procedure for their own ends, and exploit the low tech to get there. Sometimes, low-tech is the vulnerability.
The only time I ever got rooted, I was using dialup on a machine that I hadn't bothered to set up a packet filter (a.k.a. firewall) on because I had that same false sense of security that comes from being on a slow, temporary connection on a DHCP lease.
A rootkit was installed and the machine had to have an OS reinstall.
STOP . AMERICA . NOW
Why?
Most DSL connections place you behind a NAT router these days. Also, most viruses/worms are generally not "targeted" as such, but just try for as many infections as possible, regardless of connection type.
Sure, your dialup is less "lucrative" than DSL/cable to "own", but it's still more lucrative than the alternative of not owning it.
smash.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
Gimme your kidney! What kidney?
I fix many machines a week. I can say that if you have all the service packs installed on your machine with antivirus and some type of anti spyware you have little to worry about. If you browse around looking at porn or click on every get something for free link you see. You will almost certainly get something. Most people in my area still have dial up as it is their only option and they still get their machines so infected that they will hardly boot up. It may take longer for it to get infected on dialup but the spyware is automated and doesn't care how fast you connection is.
In a word, no.
My girlfriend believed this to be a reasonable method (she had just changed residences) then her Dell ground to a halt after a week. After a weekend spent backing everything up and cleaning it out - I gave her one of my old powerbooks and hooked her up with DSL, she's been much happier since.
It may take longer with dial up - hell, everything takes longer - but it won't be more secure. just slower.
"Everyone is entitled to their own opinion, but not their own facts." ~The Honorable Daniel Patrick Moynihan
No more Virii and craps!!!
Ain't nobody goin' to infect my machine (Warp).
I'm going to say pretty much the same thing I just said in the thread about the anniversary of computer viruses.
The most important component in guarding against viruses and spyware/adware is the device that is between the chair and the keyboard. Your choice of hardware platform, OS, and connection type is largely irrelevant. If you do stupid things, someone is going to own your ass even if you're on a Mac using dial-up. And if you use common sense and take precautions, its possible to be virus/spyware/adware free on a Windows box hooked to a cable modem.
I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.
I've never had a problem. Also:
run Spybot, AdAware, and use AVG anti-virus.
Insanity: doing the same thing over and over again and expecting different results. Albert Einstein
You could either switch to linux, or hibernate/shut down the computer whenever you're going to be gone for a while. The slow connection won't help much, if at all, since I think most viruses are relatively small.
What happened to that good old technique I like to call "turning your computer off when not in use" (TM)? It surprising has some side benefits, like lowering your energy bill!!!
To do list for Windows
Someone mentioned an advantage of dialup over broadband is that you're not exposed to hacking when you have the modem hung up. You can easily do the same with broadband, set your DSL for manual connection. I use ipcop with DSL, when I decide to use the internet I just go to the ipcop page and click the connect button. That way the connection is severed when I'm not actually using it, reconnecting over dsl only takes a few seconds. Mark
hahah I feel like i'm taking crazy pills
DOS with no network card is absolutely more secure than any GUI OS there is. Chop out the floppy drive and any removable media drive and you'll absolutely never ever get infected.
now, you'll not be too entertained, either, but that's the tradeoff.
- real hackers don't have sigs -
this is the best they can do on a sunday morning? I'm never reading slashdot again - pure troll bait
Even better, use the Kerio Personal Firewall (windows xp), it's free, and there is a button to completely disable the net to that machine. I use it and turn the net off at night before I crash because I prefer to keep my machine running at all times.
Horns are really just a broken halo.
Its true that if you aren't connected to the internet, you aren't vulnerable to attack from it. So you could just turn off your broadband while you aren't using it if it was that big of a deal to you. But you can still get exploited and viruses and trojans from email or visiting websites whenever you are connected. So you need to keep updated with a firewall (or router) to be protected anyway.
Slowness doesn't matter much, viruses or trojans dont care what connection you are on. And dialup could still be used to send out spam email if you are hit by a trojan. Email doesn't require much bandwidth.
The other thing some might bring up is that with dialup your IP changes every time you connect. But you can get broadband (like dyanmic IP DSL) that does the same thing. That will only protect you from those who are targeting you specifically, like moving to a new house every month or week. Most attacks just randomly scan through ranges of IP addresses to see if you are vulnerable, kinda like I would guess most robbers just randomly choose a rich looking house.
So no, dialup is not significantly safer in today's enviroment.
While you cant throw the *brand* linksys at your dialup line, there are many routers that support dialup ( such as USR ), or you can just build out out of a old and cheap used pc .. ( ipcop, freesco )
Used a old 486 for several years as a 'dialup NAT firewall' for 2 PCs.. Sure it was slow sharing a 56k analog line, but its all we had available at the time in the area. ( even now i use a PC based firewall on broadband, as all the 'home routers' suck under heavy load. )
---- Booth was a patriot ----
I also never leave my bedroom, let alone my house. Do you know how many accidents occur in the kitchen and bathroom? I'll sure never get run over by a car, as my room is in the basement.
It's also important to avoid all direct human contact. All of my input/output needs are serviced via a dumbwaiter.
Oh sure, it may not be fun being safe, but at least I'm safe...
Signed:
- just your average Slashdot user
Your friend is an idiot. Connection bandwidth and persistence has nothing to do with security. It only takes a few minutes for someone to attack your computer, and if you're unprotected it doesn't matter whether your connection is dial-up or always on or what speed it runs at.
-- "In order to have power, I must be taken seriously." -Mojo Jojo
Or taking them too seriously.
You know, the one where the guy stands up there and tells everyone that high speed internet is bad because of viruses, spyware, (the list goes on), and then tells everyone to switch to AOL before viruses attack your computer and eat your babies.
For starters there are a number of flavors of DSL. PPPOE is a favorite here in the states because it comes with the same "benefits" to for your service provider (dynamic ip assignment is a big money saver) that good-old-fashioned dial-up accounts offer. Some companies in their every loving cheapness will treat your DSL account almost exactly like your existing dial-up accounts. You'll log on to your broadband account and log off.
:)
But realistically your friend is just talking trash. Are there increased threats associated with "always on" internet connections? Sure. But the solutions are generally pretty simple and they should already be being applied to your dial-up based account anyway. A) firewall B) virus scan C) adware blocker D) patch.
If you follow all those basic rules you should be fine. The studies that are likely to have got your friend so excited about generally apply to worms and unpatched systems with unnecessary (and improperly or unconfigured) services enabled.
A little common sense really goes a long way. Broadband isn't intrinsically dangerous. Leaving your computer connected night and day without doing a thing to protect yourself is plain stupid.
As an aside, if your so paranoid (I'm not trying to insult you, some people just are and I think thats fine) that you prefer the extra security of not being connected there is nowhere in your TOS that says you can't disable your connection/unplug it when ever you want.
Effectively the only difference is you'll be able to view pages/read email at reasonable speeds like the rest of us, sans the amazingly annoying modem connection noise.
Oh, and welcome to the 21 century!
Quack, quack.
If you happen to contract one of that nasty malware that silently dials one of those expensive phone services, you'll wish you would have ditched it.
So you're the fucker who turned the net off last night.
What's the point of keeping it running if you're sleeping and it has no connectivity? Why not just suspend the machine?
TO BUY A NEW CAR WOULD MAKE YOU SEXUALLY ATTRACTIVE.
For even more security, you could also unplug your computer, evacuate it, encase it in several layers of plastic and concrete, and dump it somewhere off the continental shelf.
Unfortunately, that's not feasible, since it would have an adverse effect on the environment of the ocean floor.
http://outcampaign.org/
All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
To keep the salt air at bay. I live on Kauai and my machines are in a screened office.
Horns are really just a broken halo.
That "attacks" started long before we had broadband DSL/Cable accounts. Trojans, viruses, worms, unpatched systems, cross-site scripting, irc monkeys, you name it.
Its not like you log onto your shiney new broadband account and there are all these new dangers. They were there all along. They've been there since before most of us even used the internet.
Who here remembers Whack-a-Mole? The Ping of Death? Teardrops?
The good old days when using a 2400 baud modem you could end irc flame-war with a good-old-fashioned Smurf attack.
Quack, quack.
The short answer is "no". The long answer is "nooooooo".
I don't think using dial-up would help you stay any safer. If you like the ability to connect and disconnect from the net at will, and think that will make you safer, try using the power switch on your power strip. However... if you were running an Amiga, or perhaps Windows 3.11 with the DOS TCPIP Stack, you probably wouldn't have to had to worry much when the sql slammer hit. You would probably still be WMF vulerable though on Windows 3.11. Obsolence is why the computer industry keeps making money. If Bill Gates & Crew had just kept doing bug fixes to the basic 'windows' core, the thing would be inpenetrable by now, and Microshaft wouldn't have $50 billion in LIQUID assets.
This is what I remember from my CISSP (http://www.isc2.org/ book:
:D
Annual Rate of Occurence x Single Loss Expectancy = Annual Loss Expectancy
Obviously dial-up will have a smaller ARO because you won't be permantly online and can't be "attacked" when you are offline (not counting old-school boot-floppy viruses). I guess having less bandwith would have some minor effect on ARO as well.
So yes, dial-up reduces the change of certain attacks. Altough email viruses are obviously not effected by it. It just takes longer before you have the virus downloaded
The glass is half-full. With poison. And there are cracks in the glass. The dirty, dirty glass.
Hi Cliff,
I ran this past my good friend Billy G. and he said (I quote): "That's the stupidest thing I've ever heard."
What kind of idiot thinks connection type has anything to do with infectability? A virus doesn't give a crap if it's traveling over fiber, dsl, cable, or phone lines. With broadband you can get 10 or 15 spyware programs and viruses and not see much of a dent in your overall speed. With dialup, just one or two infections will bring you down completely. If anything you'll be more likely to get infected since dialers can't affect broadband, only dialup. A nice $2,000 phone bill should be enough to convince anyone that dialup is not safer.
Maybe he thinks using dialup will protect him from cookies too.
Cheaper if you have all the hardware needed to build a dedicated routing box lying around. Also, a non PC router is almost guaranteed to use less energy. Electricity isn't free where most people live.
LOL, what a n00b. I can't believe slashdot would take this question and put it on the front page. Give me a break.
If Joe Idiot is too puss to get a high-speed connection, then he can go to hell. Who gives a shit. It's not like he can contribute to the internet in any way. Unless maybe he writes kernel modules? But I bet he doesn't. So screw him.
in some aspects, yes, is does lessen the chance of getting a virus or some spyware.. a large percentage of users nowadays don't even have a modem, or if they do, its not hooked up to a phone line.. one thing that really screws up people that still use dialup, are Porn Dialers.. i think the good doesn't outweigh the bad, and visa versa.. everyone is vunerable regardless..
*plays the Apogee theme song music*
Obsolescence used to be good protection, but no longer is.
The advice is obsolete. As all advice will inevitably become at some point in the future.
I would recommend taking only advice that is guaranteed to remain obsolete, indefinitely,
because otherwise currently out of date recommendations may come back into favor.
The above is no longer what I recommend, consider it obsolete.
I am not able to guarantee how current the above is, or will eventually become.
Out.
It's more difficult to get a hardware NAT router/firewall for your connection.
You're less likely to download the large security updates because of time it takes.
'Always on' isn't a requirement. You can turn off the router or modem just like you can disconnect on dialup. I know people who do this.
Most exploits are quite small, and won't take long at all to install on your machine, even on dialup.
I've had 3 machines on cable behind a $25 belkin NAT firewall/router for over 5 years. I run zone alarm on the machines while I'm web surfing. I use mozilla because they seem to be more responsive to security issues than microsoft. I'm pretty lazy about patching, and I still haven't gotten any viruses, worms or trojans.
Sure, dial up might, technically be a little more secure for those reasons, but at what cost? The upsides of a 24/7 high speed connection far outway any percieved decrese in security. Saying sticking with dial up is a good idea for security is like saying that the best defense against burglary is homelessness.
Hope your friend is not your dial-up vendor too. If malware connections attempt to connect to your machine, your dial-up might be saturated with the crap being downloaded, while personal info is being uploaded. Dial-up does not make you secure simply because on the network level, its just machines with IPs out there, regardless of connection. I havent heard of a virus that depends on layer 1 or 2 vulnerabilities.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
stop being poor and get broadband... seriously, you friend is an idiot, there is no downside to broadband as when you are online there are the same risks.
-Tyler Brock
What's this "Dial Up" thing you keep talking about. I can't say I have ever heard of it.
Historically, the claim of consensus has been the first refuge of scoundrels.
Well, an "always on" connection does have a higher risk factor. However, you can get similar benefits just by unplugging your ethernet cable. It generally plugs into the back of your PC, and the other end plugs into either a telephone jack on the wall, or into an intermediary box such as a router, a switch, or whatever. When you are not doing internet related stuff, remove one end of the cable or the other from the jack it plugs into. Terribly low tech, but .. it works. :)
The always-on thing is one of the bigger risks: worms, script kiddies, etc. have 24 hours a day to reach you, rather than the few hours you spend online. However, a good firewall would eliminate this problem anyway.
I'm either on a cable modem (home) or a T3 (school), and have never understood why people have such a problem with security. I usually leave boxes on 24/7, and I've never had a problem with worms, etc. It just takes basic common sense, and if you read Slashdot, you probably have what it takes to keep this crap at bay.
Not to sound spoiled, but I cannot imagine ever going back to dialup. Big downloads are faster, webpages load faster, my "wait" to get online is only limited by how quickly my web browser starts, and people can call me while I'm online. Get a firewall and get broadband, and you'll never look back.
________________________________________________
suwain_2
I used to have dialup. With the firewall installed I was getting probed all the time. In fact, during one of the major outbreaks my sessions slowed to a crawl due to the probes hitting my machine. No one is safe...
As others have stated, dial-up will not make you more secure. That's one of the most ridiculous arguments I've ever heard. If anything, I would venture to say you are less secure. From what I've seen, people on slow dial-up connections are less likely to download critical security updates for their machines, making them more vulnerable than broadband users.
Need Free Juniper/NetScreen Support? JuniperForum
That is one of the messages of AOL.
Faster service = more danger. I don't believe it. Spyware and virii are really really small programs, worms hit you when your online either way. Being disconnected for longer peroids of time only means that they can't call home as frequently.
on the next episode of "ask slashdot" : My friend once told me that if I use windows 3.1 for workstations it will be harder for my parents to figure out which "dirty" websites I am looking at. Is this true?? am I L337?
ôó
Dear slashdot, I have been riding a camel all my life, but want to get a car, but my friend says that a car can explode, and I could die in my car. So, should i get a car or not?
People who have no sig are cool
Gotta say - I regsitered for slashdot like YEARS ago, and it was always great. It was really hot news by geeks for geeks. It had earned the title 'News for Nerds, Stuff that Matters'.
.. and watch them grapple with their own question and hopefully come up with a sensible answer. At least observe the methods in their own reasoning and guide that with debate where you can. Its all about the process not the conclusion. Teach a man to fish and all that good stuff.
Slashdot was enjoyable because it was DIFFERENT to all the other so called 'computer related sites' out there that are designed to cater to a different audience. Im not being a snob - Im just saying that slashdot is no longer any different to any other 'computer related site' when an article like this one makes it on to the front page.
I am not having a go at the guy that asked this question either - I get hit with a lot of questions like this in real life by real people who dont have the time or inclination to figure out the obvious for themselves. Its not about a lack of knowledge, its about the way their thought processes and reasoning work to be able to come up with questions like this in the first place.
When you get one of these questions in real life, you can do one of two things :
1) Smile and ask them 'what do you think the answer is ?'
2) If there are enough indications in the original question that all is not well in Denmark anyway (ie - Red Light signals like 'my virus definitions are up to date' ), well, you have to recognise that you have unwittingly walked into another BAD situation, and you need to back out of it gracefully before getting too involved. You dont want to get too involed in this particular person's computer issues - I just tell them 'Sorry mate, but I really dont know that much about computers - maybe your friend is right ? He seems to know a great deal !'
In other news, you can significantly decrease your chances of getting mugged by never leaving the house. And you can reduce the risk of pregnancy and venereal disease by never having sex.
Can we absolutely rule out the electrical connection as a potential data pathway into a computer? A super secret method, perhaps? I don't think it can be ruled out.
I have broadband at home, but I have to mantain my parents dial-up computer and is very annoying to update their windows software and to update the antivirus software. It is harder to keep it updated, you have to connect and don't do anything while downloading upgrades. A computer with broadband can update smoothly.
Damia
Wow, I havent used dial-up since 1997.
Your friend probably has been seeing those AOL commercials and bought into their propaganda that broadband puts you at bigger risk (so get AOL because only they can protect you!). In fact, I wouldn't be suprised if he has AOL.
Now run the test on Windows 95 over dial-up. You will typically have just port 139 open. Then run it on NT 4.0. Now you have port 135 and possibly another port open in addition to port 139. Continue the test on newer versions of Windows. Watch as more and more ports are open by default....
So what am I getting at? With each new version of Windows, you are actually MORE vulnerable to attack than in previous versions. Most of it boils down to how your network is set up. Since dial-up does not require any network card, you tend to be safer on dial-up by a long shot. Not that it's immune to attack, but your avenues of getting hit are drastically reduced.
Anyway, the main reason I stay on dial-up so far is not because of its "better" security, but because of its price. As DSL and cable prices lower, you can bet that more and more people will get hit with attacks, mainly because they never needed to patch their networks in the past.
I remember when "auto-dialers" were all the rage. . . made internet porno so much more of a hassel, I'd always have to uninstall like 5 of them before I went to bed :(
If you drive a car, instead of walking, the chance of getting into a major road accident increases, and you'll never get carjacked when walking.
Basically, his advice is simply to stay behind, because these new-fangled new technologies require you to actually increase your realm of understanding to use properly. If you are on a high-speed line, you actually have to care a little bit more about security, oh my! By by that same token, if you just stuck with a manual typewriter, you could avoid the threat of viruses altogether.
What difference does it make whether you're in bed or sitting at the computer? Are you usually detecting access to open ports (in OR out) while you're surfing, etc? No. If you think that by "turn[ing] the net off at night" you are safer...
Bittorrent.
"Hello 911? I just tried to toast some bread, and the toaster grew an arm and stabbed me in the face!"
somebody help me out here what are "floppies"? do u wear them, or what?
Are you suggesting that the moderators might go trolling to stir things up on a slow Saturday night?
/I say good day!
You are plainly taking things too far, sir.
All that needs to be said. Unix troll from the 70's afraid of anything new, easier and less convaluted.
I ride my donkey to work every morning. When I tied her up outside the office I don't have to work about someone stealing my blaupunkt radio or siphoning gas.
When you wanted to connect to such a system, your system would dial in and authenticate, and then would be disconnected. Then the system to which you wanted to connect would call you back on a pre-coded telephone number, and you would authenticate again.
That meant that even if someone had sniffed your password, unless they could be reached on your telephone number, it did them little good.
steve
Oh, you're not stuck, you're just unable to let go of the onion rings.
You can always turn it off, you know. Not to mention turning your computer off when you are not using it - the ultimate in security.
No, you're not more secure over dialup, no way in hell.
My first experience with Windows being exploited over dialup was when a system of mine was on a dialup connection (@Home didn't have service to my home at that point) and I got hit by one of the Windows NT 4.0 RPC DoS attacks (I don't remember exactly which vulnerability though).
Anyway, at the time I went to the MS site and downloaded the hotfix. I had actually noticed it earlier, but I had not applied it at that point because of MS's stupid boilerplate language from that era:
"The patch for this vulnerability is fully supported. However, it has not been fully regression tested and should only be applied to systems determined to be at risk of attack. A fully regression-tested version of the patch will be available as part of the next Windows NT service pack.
Microsoft recommends that customers evaluate the degree of risk that this vulnerability poses to their systems, based on physical accessibility, network and Internet connectivity, and other factors, and determine whether the appropriate course of action is to apply the patch or wait for the next service pack."
I didn't determine my system to be at risk of attack because it was dialup and I was just at home, and I was not angering anyone on IRC or anything like that. I was wrong -- I got hit, and I was lucky that it was just a DoS and not a vulnerability that would allow code execution.
Several years later, I set up another box with Windows XP Service Pack 1 (SP2 had not been released yet). Unfortunately, I mistakenly assumed that Windows XP automatically enabled the firewall -- at that point in time, it didn't. By the time I found this out, the box in question was 400 miles away, being used by someone else, so I forgot about the issue until they called me complaining about the MSBlaster infection they got over dialup.
(And sometime between the two incidents, the NT 4.0 box was hit by spyware that got detected by Lavasoft Ad-Aware. And that was also over the dialup connection.)
So, no, dialup doesn't make you any safer. You can still be hit by worms or whatnot. (And since the original question mentions anti-virus as well -- you need to keep that updated regardless, too. Since 1998 I've only seen 1 case of a real live Word macro virus in the wild, and it came in on a floppy disk rather than over the 'Net -- even total disconnection wouldn't have helped!)
...considering tests have shown that newly connected computers are probed within a matter of minutes if not seconds. And of course your connection speed has no influence on whether or not that latest IE exploit hits you.
The only disadvantage broadband can have is some older games don't like NAT and will only properly work over dial-up. (And even this can be overcome with tools like Hamachi.)
no text
This space available.
I just put my windows box to sleep. since I rarely use windows and the box is kind of noisey (4 harddrives and two cpus). I hit the button and it comes back up where I left it. XP is a lot better about waking up than previous version of windows were (boy I hate windows).
“Common sense is not so common.” — Voltaire
My computer needs to be on all the time, as it is my primary means of communication with people. If my computer is not up, there would be no way for anyone to leave me messages or read my away message to see where I'm at.
I can not understand why your "friend" would think this (and I put friend in quotes because I don't think any real friend would make such a suggestion - either he is trying to sabotage your computing experience or he is extremely stupid and thinks you are someone else). Limiting your connection in such a way does nothing to keep you safe from attacks when you are connected - an IP address is an IP address as far as a worm is concerned. All this will do is decrease the speed in which you can infect other machines while sucking up what little bandwidth you have.
And this "always on" fear is also ridiculous. Let's say you and I were to compare our online time. I've got a cable modem and you're using dialup. I'm connected right when Windows boots up - just shy of a minute after pressing the power button. You're connected about three minutes later. We both go about our internet business, blogging here and posting there, IMing mundane details about our cats, and whatever other stupid things people do online. Oh, and we also both download some reasonably sized media files. When we're done and ready to interact with the real world, we shut down and head out the door. But wait, I was done twenty minutes before you! That's right, my "always on" connection was fast, so I could shut down the computer much sooner. So, there's a big chunk of time you could be getting infected, while I'm already at the bar taking names and badmouthing you so that you're stuck trying to score with the ugly women.
And of course, what argument against this ridiculous theory would be complete without an analogy to illustrate the poor use of logic? Let's compare your dialup-suggesting friend to a man who refuses to get a telephone because he doesn't want to be bothered by telemarketers. Not clear enough? How about the person who walks everywhere because people can die in car accidents?
I could go on and on about this, but you probably don't have the bandwidth to read it all.
I really hate signatures, but go to my website.
Dialup? That's newfangled shit right there. My Ti 99/4a was more secure than any computer with dialup... except when my sister recorded her Bon Jovi songs over my Adventure tape... but then, no computer is Sisterproof!
Are you retarded? No, seriously...
However, there is an answer if you can scare up a 486 or better with 32Mb of RAM, 400Mb of HD, etc.
IPCop will do modem dialouts (manually initiated and on-demand) and provide firewalling, caching, etc. for the same with any hardware and many software Modems out there. In fact, when Verizon fubared my DSL pending my FiOS install, I had to resort to that by popping in a hardware PCI modem (yeah, they DO make 'em) into the box instead of my Red NIC and plugged in my road warrior ISP. While it was dialup (with all the concomittant slowness...), it DID work well with all the setup in the house (incl. my firewalled and VPNed wireless leg...).
Basic configurations will work, esp. with an external modem and are largely no-brainer setups.
However, having said all the above, the original article poster's "friend" wasn't doing him any favors by making very misleading statements like he did. Most of the malware flatly doesn't care if you're not always on and high-speed. It'll zap you even on dialup (Remember Blaster?) and it may zap you in such a way that you can't even get on (Remember Blaster?). If your OS is insecure, it matters little what bandwidth you have- it's still insecure. Just because you're not as useful for a botnet doesn't mean you won't get trojaned or zoomed by a worm/virus all the same. The exploits and their use don't discriminate in a manner like dialup versus broadband- they attempt to zap EVERYONE .
The original poster should just get broadband of some kind- a goodly portion of the Internet has become painful to use because developers are assuming broadband like access and do all kinds of stupid things to their bandwidth and latency from off of their sites.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
You don't need a firewall. Firewalls are just more trouble than they are worth. And I know some of you may read this and your head may explode, but just listen to my reason. I have been working in the IT field for 7 years now and I have maybe seen one or two people that have been hacked or something of that sort. However I can't count the number of times when a user has come to me and said that the internet has stopped working or their email or whatever, and it is all because of the firewall. For techs a firewall is ok, but for the average user it is more of a problem than a solution. "The cure is worse than the disease" as I like to say. I never use a firewall and OMG, I have no problems. And never have. And if I did, it would be better than having to deal with firewall the whole time. And don't give me any lines about configuration. I know how to configure it. Just that everytime I add a new app: "POP" "Would you like to add this application to allow to access.... blah blah blah.
It's all hype. However I'm sure more paranoid techs will strongly disagree with me on this, and you know what, I don't care.
This is my OPINION, and I'm sticking to it.
-j
and kill your hard drives.
excessive startup and shutdown can cause premature wear and tear. HD's work best at a constant temperature to prevent platter warping and maintain evenly spaced bits. EG, hd is 40 degrees in your basement, off.. you turn it on and start writing data, the bits are closer together... the drive gets to 90 degrees, and your bits are further apart.
i dont have a cite for this, and maybe its an 'urkel' legend (geek legend) but, it makes sense to me.
Speaking as a software engineer of some 19 years in the industry, I find that your post is silly.
1) MacOS X is actually more secure than Windows. In reality, almost all OSes out there
are more secure than Windows (What else is lurking within Windows XP like the WMF design
flaw?) right now- just because it was patched recently doesn't make it any less likely to have other
nice n' nasty zero day's lurking in it's design and makeup. An OS that doesn't have security as job
one when it's designed isn't anywhere near as secure as one that has it that way. That is a fact of
life. It's roughly analogous to having a hollow cored door on your front door with no locks whatsoever
and then putting a deadbolt on the thing without replacing the door with at least a solid one or a
steel bodied one when someone breaks into your house. That is what MS has been
doing with Windows and Vista- you can bet your bottom dollar on that one.
2) Profitability doesn't factor into this. This is the same tired old "it's not as popular" argument
that keeps getting shot down time and time again. Apache's got MUCH more market share than IIS-
most of the worst and prevalent defacings and exploits regarding websites seem to come from...wait
for it...IIS. Gee. Which one's more profitable? Apache. Which one's getting attacked more?
IIS. Next time, skip that one- it was a never ran.
If this were any other place other than Slashdot, you'd probably not have gotten moderated up
as being "insightful" as what you posted was neither accurate (I can pretty much back up the
two items with more than anecdotes...) nor was it insightful.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
If you really want to be safe on the internet, why not use a Commodore 64, or a TRS-80 computer to connect? Sure, neither of these systesm probably have a TCP/IP stack in them, but heck, yer even more SAFE that way! And there's surely no viruses for either of these systems, besides, if there is, just make a backup of your boot floppy before you connect and if you get hit, just erase the disk and make a new backup! Hehe.
...your friend is full of shit. I can't believe this was even posted on the front page.
If you never ever use any mode of transportation more advanced than a horse and buggy, then your chances of dying in an airplane crash suddenly become insignificantly small.
While dialup is not inherently safer it is because of the common implimenations. AOL for example connects you through a proxy, essentially acting as a firewall (also restricting you're ability to do certain things).
Reverse connections can be made and are forwarded in much the same way NAT routing works (FTP protocol helper forwards the reverse data connection, etc...)
So while it is not necessarily any more secure for the common, idiot downloaded it, you have a firewall (that you can't turn off!).
spike up your phone and or ISP bill(s). Simply by the name "Dialer" you can assume that it would dial your modem to their site at about a billion dollars an hour, and your phone company sending a huge billing statement to you.
Anybody ever see part of that like 80s or early 90s movie before they changed the channel, I think its calleled "Ghost in the Machine" or something like that? The kid sending an IM to his friend about some pr0n program he found on the 'net, and when his mom gets home after he sends the IM, she askes him where the huge phone bill came from?
Even just looking in the bestiary of spyware you are "protected" by (as much as you can be) via Spybot or whatever you use for your Windows box, theres a helluva lot of em that are dialers, my guess mostly just incase you run into a site that has that old stone-age spyware on the host server...
English is more like an intel chip, bad design, but still chugs along and works. We all can still use the minium instruction sets badly and people still understand.
Liberty freedom are no1, not dicks in suits.
IIRC, there are some viruses/worms that specifically target dialup IPs because the computers connected to them are usually less secure. Being on dialup usually means that you don't download the latest updates. Therefore these types of viruses are able to exploit a wider variety of vulnerabilities. I'd advise going with DSL-Lite or something like it. These services are little more than dialup and usually include a firewall in the modem. All things being equal, I'd trust a PC with a hardware firewall on DSL over a modem with no hardware firewall. As long as you use best practices (installing all patches as they become available, using at least a software firewall, running anti-virus software, keeping a watch on what runs), though, you should be fine. Also remember that while you are downloading an update, you could be getting a virus. This applies to dialup as well as high speed.
did you miss 'and it has no connectivity' part?
Saying dialup is safer than broadband is like saying riding a bike is safer than driving. Yeah, it is, but it's also incredibly inconvienent. But if you'd rather ride a bike and never get anywhere, feel free!
Your friend is right. But with dial-up you can still get infected. Why don't you not get online instead? That way you will be 100% safe.
A Brief History of Computers
Its a history of computers from the point of view of the sort of people who ask questions like this one .. I honestly believe this is how _some_ people view the world.
Ok, lots of people said this is a stupid ideea, that a net connection is a net connection and so on. Fact is, I worked at an ISP for about half of last year, and what happened to me happened to most ou out new clients: soon after getting connected, we were hit by baf stuff. Really hard. Why? Several reasons, as far as I can tell. First, the dial-up ISP usually tends to do a lot of firewalling on your behalf. Second, the connection (especially local one) beeing a lot faster, hits came a lot sooner and more often. And third there is a lot of bad stuff on the local ethernet connection which cannot be firewalled in any way by the ISP (us), even if they wanted to.
Point is, I agree with what most people said: beeing on dial-up is not safe. However, getting a broadband connection is likely going to make things interesting in a very short time
I have a way of getting around this; but it is not for everyone. I simply put Fedora Core 4 on my PC, then get a broadband router (in britain, we do this with British Telecoms, they supplied me with an Alcatel SpeedTouch Router), running DHCP. I then get things like ClamAV, SELinux, and a firewall
My favourite for this work is Fedora Core 4, but as far as I can tell, ClamAV is not in the standard install
I am forever telling my friends who use windows to get Linux, because I'm sick and tired of "My computer's broken" or "Oh no, I have to shell out another £££££ to get some guy to re-format my machine again!"
*Dons asbestos pants* I still have no idea why some people refuse to even _try_ Linux for a short while!
and i havent been mugged yet.
On the issue of security on dial-up vs. security on high-speed internet access
i can't precupicate but i do know that pc newbies do tend to be hitted
more by spy/ad-ware and or viruses simply due to the fact that their net
behaviour changes
instead of using kazaa to do some carefull searches reading (meta data) tags, comments,
one song
they now click all the songs after only one fluky search
and you know why?
Because they can !
they now have either no download limit or a limit that's usually >= 10 gigs.
and even a capped high speed line is usually faster then a dial up line.
i for one get 256 kb/s up and 160 kb/s down
when they cap me after some extensivly leeching
anyway that's just my 2 cents
Dude, I practice defense-in-depth. Secure backup, patch mania, anti-virus, anti-spyware, hardware and software firewall, application level patch monitoring, and surf as a non admin. Turning off the net on my main maching via my software firewall at night is only one tiny piece of my entire security strategy.
Horns are really just a broken halo.
WTF are you talking about?
Horns are really just a broken halo.
Whilst the advice above... varies... It strikes me that this is the wrong basis for a decision. Why hold yourself hostage to the malcontents in the world?
Surely the decision should be based on what connection speed you need to acomplish what you need to do. Then take appropriate security measures based upon the connection method you want to use.
I would recommend a firewall though; even if you are on dial up you can at least have a software firewall, which is better than nothing (Windows XP comes with one by default, a fact often forgotten).
Frankly though if you have decided to ask the questions to the number of people (>1) that you have, then you probably want to do this properly. If it's a business you are asking on behalf of, get the advice of a professional - preferably someone who will be there to hold your hand and help fix things if you get infected anyway (eg by a rogue email attachment, or someone sends you an infected document on cd). If you are asking on your own behalf, you need to decide what is cost effective. And do backups. (just in case!)
Anyway - My two pennysworth.
This sounds like a question from a non-geek, asked in an uninteresting way, the answer to which is obvious, and one which really should be in the "Ask Google" bin, not the "Ask Slashdot" bin. If you were to ask this question on usenet or irc in a technical newsgroup or channel, it wouldn't even be answered at best, and at worst you would get flamed and told to go play in #ircnewbies instead.
Some days I wonder why I even read Slashdot. Half the time it's not news, and it's not for nerds.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
What you are saying is that after switching to Linux, it allowed you to monitor these attacks to a dialup connection using logs.
You are NOT saying that Linux is easier to attack.
You are NOT saying that these attacks infected the Linux system
You are NOT saying that Linux is not safer
I mean I get it, but someone who is not a Linux user may get the wrong idea from your post. Actually, switching to Linux with broadband was going to be my advice for the virii paranoid, it's not foolproof by no means, but I like them odds.
waiting for ad.doubleclick.net
The problem with expecting that because your computer is old it will not get infected by a virus is a very bad assumption. While it is true that having a dial up connection may protect you due to the fact that the some of the viruses require the downloading of a potentially large file, it does not cover the fact that there may still be vunerabilities in your system.
The flip side is that if you are a Windows user using dial up, you still have to download those large windows patch files to cover up the gaping holes left by Microsoft. This means that all that happens is that you waste even more of your time. I bet that Vista will be more of the same, and will probably result in the statement that Vista will "Require the use of a broadband connection".
There are of course some areas where the new technology causes vunerabilities, like for instance the latest reported issues with WiFi in Windows XP that leave your machine potentially open to hackers, which Microsoft will not patch until mid 2007. But then there are issues like the WMF vunerabilities, which Microsoft has decided not to issue a patch for older version of windows, even though it was present in Windows 3.1 in 1992.
Using an operating system that is properly structure to prevent vunerabilities happening is the best way to protect a computer. The fact that many older operating systems such as VMS were designed around the idea of security, means that they are very much less likely to be the target of an attack by a virus hacker.
The other avantage that other operating systems are much more obscure and cannot run Windows code. Hence what you are seeing is evolution in progress, with the operating systems starting to take on the form of DNA. A serious flaw could be identified tommorrow, which could be used infect every Windows computer in the world. Linux and Mac users would then laugh their head off.
We should stop being like cloned sheep; either Microsoft provide secure product that isn't based on code written in the past, which allows us to turn off the bits that we don't need; or we should use something else.
The most trojan/spyware/malware laden system I've ever seen was on dialup. I counted 22 different forms of attack on this one system, and it had the first rootkit that I'd ever seen on a Windoze machine. Another dial-up system had the Sex dialer, and that cost this family 2 major things. Trust and over $1000.00 US bucks! He couldn't convince her that he never would spend that kind of money on pr0n. These two systems had the same ISP (cough-Earthlink-cough) which shall remain nameless. I've had broadband since 1998, and the only attack I've seen was when I deliberately set up a "honey pot" with a minimally patched 2000 server to catch Code Red.
Being on dial-up is probably just as vad or worse for security given that anyone can just use a wardialer and then bruteforce your username/pass if they really wanted to...
I had, as an experiment, a linux box on the net for well over three years running a very old version of linux. sshd, httpd and others all also were rather old and most likely riddled with holes of various kinds. It was never compromised.
I would see attacks on it occasionaly, but nobody ever cracked the box. It seemed that for the most part the attacks were script kiddie style and were focused on more modern versions and exploits.
So, while in this specific case keeping things old worked -- I'm sure that it was still quite a hackable box and if it were a serious server that I wasn't using in this way I wouldn't have kept it out in the open.
If people were meant to go around nude, they would be born that way!
This comes as a surprise? I was fortunate enough to have one of the early pioneers (http://www.cs.umd.edu/~ben/) in the field as a professor and discovered just how far off ones paternalistic "I know what's best for the user" attitude could be. I've been trying to put the science back into "computer science" ever since.
I wonder how many CS students or IT professionals have actually taken a serious course in human factors. In over twenty years in this biz I've only run across one other colleague who has (he had the same professor too).
Of course, with salesmen (who tell the customer/user) running the major corporations I guess this sorry state of affairs should be expected.
I once worked in a military installation that had no cable/dsl and that was not a priority. Old unused hardware was plenty, so we downloaded BBIAgent, installed on a diskless (floppy) P100/32 and attached an external modem @ COM2. Worked flawlessly for a while, until the base commander decided to get of his @ss and ordered (finally!) cable. External modem was replaced by another NIC, some configuration changes, and the floppy router was again running.
Dear aunt, let's set so double the killer delete select all
I cry like a baby the day my brother delete this game to save again Popeye on the tape :(
-Woof woof woof!
4) Never connect a Windows box directly to the internet. If your scanners are just slightly out of date you get slammed with a worm smart enough to kill off your virus scanner (apart from the fact that virus scanners can negatively affect your system all by themselves). The best protection against worms is a port forwarding-capable NAT router placed between you and the 'net. That way you can choose which ports to expose to the outside world and worms have a hard time reaching you.
USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)
In the BBS days, we really did that sort of thing. Users for whom any regional BBS was a long distance call would make requests at special interest group meetings that those in local calling areas download files, articles, and discussions to floppies to hand over at the next meeting.
I did helpdesk for a bit, around the time Microshaft released the XP Service Pack 2, a lot of dialup users were shitty for a while bitching about slow access and a mysterious 300MB or so extra usage on their bill. And then complain about not connecting because of a damn XP Firewall thingy is now installed on their system without them knowing...
Dial-Up, DSL, Cable or even screaming copper are all equally safe if you stick a nice quiet Linux router/firewall box right in front of it. I've been running mine for years and haven't had a single problem no matter what kind of line I had coming in. Just a plain old Pentium-1 with the bare essentials, a simple iptables script with a few tweaks for selective port forwarding and a basic traffic shaper. At first I was even running a cookie-cutter firewall on a floppy disk! Works like a charm.
-Billco, Fnarg.com
Obsoloscence does not provide you any security.
In fact, if you come online only sometimes and you got infected at one of those times, it is possible that you might not even realise it (because of outdated software).
Also, you could potentially become a worm carrier who unleashes a worm on the Internet once in a while. Be upto date, be socially responsible!
When I set up my father's GF computer with Windows 2000 (no integrated firewall), I was not able to stay connected long enough on dialup to download a firewall software, it would reboot before that (because it got infected). I had to download it on another computer and install it using my USB key (after cleaning out the virus).
unless you are a bank, or work for one, and are required to use a dial up connection and a goofy RSA secureID authenticator, i'd tell your "friend" (if you can call him that) to pull his head out of his ass and realize that security thru obscurity is a joke, and order your high speed connection. the dialup argument for security is even starting to crumble for banks and other institutions that traditionally need a higher level of security... VPNs, securid authenticators, non-trivial passwords, access policies, etc are what's really needed in those arenas.
;-)
as far as your "friend" is concerned, perhaps he'll tell you that you should use floppies to transfer files ala sneakernet, because of it's security value...
be a real friend and tell mr. obscurity-security to wake up, and that his advise is off the mark. the DOD considers the only real secure computer is one that is not hooked up to a network and one that doesn't communicate with other computers...
by the way, i'm just playing about your "friend"... no offense, just an easy taget
three can keep a secret, if two are dead - benjamin franklin
Same as disconnecting from dialup when you are done surfing
another idea?
Get yourself a hub or switch with *gasp* an on/off button on the front
What kind of morons do we have on slashdot now?
Good Grief
Even if I had no chance of infection on dialup and a 100% chance on my DSL the speed would still be worth it.
1985 just called; they want their dial-up access back.
So, make your "Always on connection" one that isn't. When you aren't using your broadband connection, turn it off. Plain and simple. This is better than any firewall can provide you and it will give you that wonderful false sense of security while you are away from your computer. Look, if you really want to protect yourself, make sure you have at least a basic firewall and at least up-to-date virus protection. I personally use AVG (http://www.grisoft.com/ antivirus because there is a free version for personal use. As far as a firewall goes, Zonealarm from zonelabs works out pretty good. And it doesn't hurt to scan for spyware every now and then. For the really paranoid, install a content filter like censornet and block all the advertising sites you come across. (We have done this at the organization I work for and it has reduced spyware and virus incidents considerably)
Because our DSL-Router (Windows XP pro with Kerio Winroute 5) had a serious error I was forced to go online by 56k-ISDN Dial-Up with my own Windows XP pro Computer. ;)
My system wasn't Up-To-Date (maybe 2 or 3 weeks without Windows Update) and I had no Firewall installed. About 2 Minutes after I dialed up my Computer shut itself down (I turned on Windows XP Firewall and downloaded a Firewall I really trusted).
As you can see: The up/downstream is not very important
It's more important to have a nice Firewall (I use Kerio Personal Firewall which is Free, but the AdBlocker and some other additional stuff will be disabled after 30 days of testing, but the Firewall still works and can be configured...) and good Antivirus (like AntiVir PE Classic which is free for personal use, too).
And since you're online with DSL you can turn auto-update for both programs on.
And of course Windowsupdate, if you want to (I only use Service Packs because I trust FireFox 1.5 and my sense for dangerous stuff)
OK, with Dial-Up you may be more secure because you're not always-on, but thats somewhat foolish. Because if you don't go online at all you're quite safe, too.
Run your browser with reduced privileges. I run IE in a seriously crippled guest environment while the remainder of my activity is done from my admin account. Create a guest account first, and while in your admin account, create a new IE shortcut and change the program details to read:
/u:[your_guest_account_username] /SaveCred "C:\Program Files\Internet Explorer\iexplore.exe"
%SystemRoot%\SYSTEM32\runas.exe
The first time you run the app, you'll notice a DOS box appear and ask you for your guest account password. Enter that once and you won't have to enter it ever again. When you do this, spyware is prevented from being written to your system directories. Any spyware that does enter your machine is confined to your guest enviornment.
Works damn well.
- IP
When will interface designers learn that it's faster if you don't have to take your hands off the keyboard every three seconds?
Actually, there are a large number of studies that say the opposite is generally true, even for expert users who know the keystroke commands from memory (indeed, one could argue that the letter and symbol keys on a keyboard are all examples of this). The time 'saved' by keeping your hands on the home row is more than wasted by the time that it takes to recall a key-combination. It doesn't seem that way because you are actively thinking about the command, so your time sense is focused on the activity, whereas the time spent mousing around is more or less 'blank time', since the hand-eye coordination needed to match the pointer to the pointed item is more or less 'handled in hardware' once the decision of which command to use is made.
Naturally, there are several cases where keyboard commands are faster than menus, however. One is when there is a very common operation which has a permanently assigned action key, with no key-combos. Another is in the case of an expert user entering a complex, multi-operation command line, versus having to gesture the same actions; however, a case such as that is generally complex enough that the real optimal solution is to create a script of the command, even for a single use instance (some systems, such as Oberon, facilitate this by allowing you to invoke any arbitrary selected text as a script - indeed, in Oberon a menu item is nothing more than a section of text that is pinned to a given location and 'pre-selected' so that it activates on a single click). Third, multi-level menus require the user to select and target successive items, which is the same cause of slow-down in keystroke commands. Fourth, there are many cases of poorly considered 'graphical' tools that require multiple passes to home in on the target (Raskin's example of a 'visual thermometer' that requires you to adjust the height of the 'mercury' column versus simply entering the degrees into a textbox, comes to mind). Finally, 'adaptive' menus are invariably worse than keystrokes, because the changes disrupt the pattern of actions. In each of these last three cases, the reason the mouse is slower is because the layout of the UI stymies the ability of the user to habituate to them, making it a matter of design rather than a flaw with pointing devices themselves.
Ironically enough, given all the 'quick bars' around in certain systems, the worst response time in most cases is for using icons. The problem is that you have to associate the icon with not only the image it represents, but also the action it causes, and the connection between them is not always as obvious to a user as it was to the developers. The difficulty increases rapidly with the number if icons on the screen, especially if there are two or more similar icon images that need to be differentiated. Many design theorists today argue that icons should only be used sparingly, and only to represent specific physical devices (i.e., a disk drive).
What we really need are more designers who understand usability analysis, and actually use it to determine how much effort a given design takes to use.
Usability in Website and Software Design
AskTog Interaction Design Section
The Raskin Center for User Interface Design
Human-Computer Interface Institute at CMU
Human-Computer Interaction Resources on the Net
Bibliography of Human-Computer Interface Studies
Usability Tips and Tricks
Overiview of GOMS Analysis
Us
But what does turning it off DO?
"I can't crash in an airplane if I don't fly" ???
All the steps you take are fine. I take them, too. But I leave the computer on continuously, (with monitor set to go into power-saving mode or turned off), because I figure if it's vulnerable when I'm NOT looking at it, it's just as vulnerable when I AM looking.
In my case, my HIPS system would alert me if something was going down. If I'm asleep, I will not be able to react. (I don't have a pager set up). So if I'm not in front of my machine, I turn "off" the net via my software firewall (Kerio).
Horns are really just a broken halo.
After my wife's Windows 2000 system caught a virus of some kind, I was able to make the case to her for DSL as a security measure. With dial-up, she hadn't updated her machine with security updates (nor had I), because the download times were too onerous. Now they're updated regularly, and the router's firewalling helps keep the barbarians at bay.
"Who controls the past controls the future. Who controls the present controls the past." -- George Orwell
Run a good software firewall as well as a good hardware firewall (Sonicwall comes to mind, NOT the 'firewall' built into broadband routers, which is nothing more than NAT). Your buddy's advice is like saying that the way to prevent auto accidents is to travel cross-country using a horse and buggy...
'He who has to break a thing to find out what it is, has left the path of wisdom.' -- Gandalf to Saruman
This cracks me up, you're all worrying whether windows will be safe from attack on a dialup, today. My linux box got root-kitted over a dialup line over five years ago. I was shocked. I was working out of the house all day. The machine was dialing in to collect mail every few hours. Things started working funny and then I find all these brand new files lying around in /etc. Wipe it clean, figure out what my vendor should have done for me.
is 26.4Kbps, you insensitive clod!
13. Any legal action is absolutly excluded. (Pi World Ranking List rules)