Slashdot Mirror
Is Obsolescence Good Computer Security?
caesar-auf-nihil asks: "I was recently considering a switch from dial-up to something faster (either cable or DSL) but my friend recommended against it since he said I was more secure staying with Dial-Up. His argument was that my connection's slowness and 'not always on' connection gave me better security since I was less of a target for many security threats. Now, I have never gotten infected, nor do I believe my machine is infested with spyware and/or controlling programs as it runs fine, but I wonder if the obsolescence argument is really good or not. Does Dial-Up really protect you or is this a false sense of security and I should just go ahead and pick a faster service and make sure my firewall is a good one and my virus definitions are always up to date?"
It sounds like your friend is advocating a type of security through obscurity to me. Being on dial-up won't protect you. You should be using a firewall and have up to date virus definitions regardless of your type of connection to the internet.
Not connecting to the Internet at all is even safer than dial up, and not even having a computer practically guarantees that you won't get spyware and malware. And what good is that? Your friend's advice is ludicrous. Use proper security. Don't cruise the net as root, or the admin user on a windows box. If you have to use Windows as your OS get a real firewall product, hardware even better than software, don't run unnecessary services, don't use IE unless its for the MS site itself. Don't use Outlook. Keep your system patched. Avoid sites like the free game and pr0n sites that are forever infesting computers. Get a useful book on security. Keep proper backups so that you can recover if all else fails, then relax and enjoy the experience. The time you'll save will pay for most of your outlays.
I have nothing to hide. So, why are you spying on me?
Its only true in the way that you will be mugged less if you walk naked down one back alley every night instead of twenty. Go ahead and get the faster connection, and get a hardware device (nat box at least, a real firewall would be better though) between you and your uplink line, and you'll be better off than you were before. You can't do that (using common hardware) with your modem in the first place.
No, is the simple answer.
You could get hit by a worm just as easily - they attack by IP address and are indescriminate about where they attack - they don't care how fast your connection is.
As for spyware and the rest, if you're using a slower net then probability is that you'll browse less and be subjected to less risk, but in general the argument used is complete and utter rubbish - there's no additional security to be gained by dialup.
Jolyon
Please read my Canon EOS tech blog at http://www.everyothershot.com
Why go for slightly better security when you can go all the way?!
Forget dial-up. Hand floppies to your friends with instructions on what web pages you'd like to browse. They will return the floppies to you with the pages. You will be extremely secure from viruses... much better than dial-up. Think of it like Netflix for the web.
- For the complete works of Shakespeare: cat
Not quite sure how this question made its way to slashdot, since it seems sort of self-explanatory, but I suppose we can elaborate.
In short, I suppose you would be more secure on dial-up. Less data moving around, less access to situations which may be a threat, less up-time, etc.
That being said, most of the world is already using an always-on connection, and the vast majority of them manage just fine. It's not a daunting task to configure a setup that will secure your home computer to a suitable degree. Just your ordinary broadband router should include a firewall that should be sufficient, and the Windows firewall is also likely sufficient.
If you aren't an expert on setting up your network, then just find one of your more tech-savvy friends (not the one that told you to stay on dialup!) and have them check your router/firewall configuration. There are also websites you can visit (Symantec?) that will perform a check on various ports for basic vulnerabilities.
Big ones, small ones, some as big as yer 'ead!
Give 'em a twist, a flick o' the wrist...
That your friend is on the same cable node, and he wants all of the pr0n bandwidth for himself...
Buy a router, your computer will have the SAME security it would have through dialup....
you'll still have to deal with viruses and backdoors from emails, malware, etc,
In my opinion, the only thing that you are doing is protecting others. Your computer will probably not become a spam zombie, because transmitting outgoing data would be painfully slow (ie: spamming one address every 5 minutes). While you may be somewhat immune from other viruses, the trade-off of higher speeds is worth it.
That's equivalent to saying if you never leave your house you won't get mugged. Sure, its probably true, but if you take the proper cautions, you will probably avoid getting mugged, and, more importantly, you don't let fear control your life.
DYWYPI?
Do you know for a fact that you don't have spyware? I have seen many dialup connected computer with spyware and they didn't even know it. Broadband is better. Everyone can be secure if they just follow a few simple rules to surfing the web.
1) Don't download things unless you know what they do.
2) Get rid of IE
3) have a good virus scanner/spyware scanner
Staying on dialup is like saying that a bike is more reliable and therefore better than a car. Cars might break down every once in a while but if you need to get somewhere they're much better than bikes.
Its much more secure if you personally just dialup and squark and squeek at the handset processing all of the information yourself, you can't do this with DSL because its a digitial line so you can't hear what it is saying properly. Personally this form of internet communication, while a little slow (around 2 baud) has never resulted in any security problems.
In summary
Your friend is a muppet, probably Fozzy, potentially Gonzo.
An Eye for an Eye will make the whole world blind - Gandhi
Just ask my neighbor who uses dial-up. I had to spend hours cleaning all the spyware and virus's on their computer system. If you are connected in any way you need to take the same precautions.
Let's take the question seriously for a moment, for fun.
:)
Is there an argument for this? No.
You can simply unplug your net cable at night. So why be stuck with an expensive slow connection?
I think this ask slashdot question was a trolling experiment.
Broadband + OS X = Problem Solved. Oh NO, someone will mod my post DOWN and it will hurt my KARMA! Oh dear! Now I'll need to sleep with a nightlight.
Music - www.richardmac.com
I don't think so. You'd better slip a giant condom over your whole computer one way or the other. Sticking it in (to the wall) is going to put you at risk of infection either way. Only complete abstinance will work 100% of the time. Jusk ask ol' bushy.
I've had my computer get infected while downloading security updates over dial-up after a fresh installation of XP. I should have downloaded all the updates, or SP2 at the very least, from work and brought them home to install them.
One problem with dial-up is that you probably won't have a hardware firewall/router between your computer and the internet. Many folks with broadband access have some type of a router with a firewall/NAT built-in. Not everyone does, but some do, especially people with wireless setups, although that introduces its own security troubles.
The point is, if you think about security (which means you have to be aware of all the types of security threats to begin with, not just focusing on one or two that your friend told you about), you'll be able to take proactive steps to make your computer(s) more or less secure. Otherwise, you're leaving yourself open to becoming a zombie just as much as the other millions of computer users out there.
I agree with everyone else here. That may be technically true, but it's stupid. All you need is a firewall and a little common sense and you are practically invulnerable to most of the attacks out there.
Get broadband. Get a firewall. Enjoy.
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
I fully agree with all the above advice and my 2p's (uk) worth is that at times you can be safer on broadband instead of dial-up. For example if you have a cable modem (dont know how it works on adsl so keeping quiet)then you have NO risk of some dodgy dialler software getting in and changing your dial-up number to a premium rate number because it's not connected to the phone line at all !!!
Enjoy the speed and "almost" always on. broadband
upgrade to faster connection, switch to kubuntu (free AND secure), or anything else equally secure.
;)
If you need (unsecure) windows for anything, use vmware player (free), or wine (free), or if you need to play games with 3D acceleration then cedega (nonfree).
Remember about http://www.openoffice.org/ for office work, http://www.gimp.org/ for drawing, http://www.k3b.org/ for burning DVDs... and the list goes on and on.
ps: I've got some karma to burn, so here I'm whoring
#
#\ @ ? Colonize Mars
#
Ok, I'm sick of seeing crappy advice confusing newcomers and normies. Here are some stupid tips to avoid taking seriously. I'll start it with this one.
1 - dumb. Use dial-up instead of Cable or DSL because being connected to the internet all the time is a security risk.
1 - smart. Go get Cable or DSL, your life will improve (barring bad service). If you want to nullify the increased threat from being constantly online, buy a router that does NAT for you. Now you aren't always connected, your router is, and it's providing statefull firewalling for you.
2 - dumb. Never run anything you want secure on Windows. Use Linux, or even better OpenBSD.
2 - smart. OpenBSD rocks on security, but if you have no bloody idea how to use it you'll do something dumb that will compromise security or, more likely, uptime. Use the OS you know how to configure, and learn how to configure is securely and properly. You can research new OSs from your now-secure platform.
Please, kind readers, add to this list.
You do have a risk that none of us on broadband have: Dial-up Hijacking. Malware on your computer changes your dial-up settings in Windows, and you end up dialing to a pay number in another country, and VERY expensive. Many people don't notice it, until you get your phone bill. You don't hear about dialers as much now, but they're still out there. Am I just showing my age? http://www.internetbasedmoms.com/articles2/modem-h ijacking.htm
Tell your friend to buy a Sherman Tank and drive it to work so he'll be less affected by traffic accidents. It goes slower, is harder to dent so has great security. All other things aside, this is the ultimate way to get to work.
But you can't stop with just dialup. You have to use MSDOS 2.0, and get yourself a good ansi term program to connect to a dialup that gives you telnet, ftp, nn, lynx, pine, etc. Use a 300 baud modem for maximum attack-throttling also.
That's like saying that if you don't drive a car, you won't have as many accidents as you would if you just ride a horse-drawn wagon and stay off of any road where cars might be. It's true that you're much less likely to be hurt that way, but you miss out on the benefits that make having a car (or some form of faster transportation) worthwhile. In the same way, you might not be "always on" to be attacked through your broadband connection, but you lose all of the benefits that come with having a high-speed connection. So unless you do nothing except text e-mail, the benefits of broadband should outweigh the risks, especially if you're smart enough to take simple precautions. Just nothing except my Mac's built-in firewall, I've never had any issues, and I've been on broadband for years.
David
No-one's gonna be able to hack into my old Amstrad, ha-ha-ha! Stick that in your pipe and smoke it, you OpenBSD pretenders!
Low Bandwidth Denial of Service attacks do exist. They've been mentioned on slashdot before. That link mentions a new type of attack. I'm not sure of its effectiveness now.
Just use a calculator. You won't get any viruses this way. On a more serious note, this isn't a good idea. Dial-up is very slow, and it simply isn't worth it to stay on it for security. And whether broadband is less secure is arguable. It makes it much more convenient to download security updates. If you don't want to be always on, disconnect the computer from the internet. Then again, I use a Mac, so I don't really have the best comprehension of PC security problems in general.
Stupidity is like nuclear power, it can be used for good or evil. And you don't want to get any on you.
This is sound advice, yes you increase your value to hackers by purchasing a high speed connection (valueable to them for the same reasons as to you) do some homework on computer security and you will be fine.
That way you can keep a high speed connection and not have to worry about it.
Yes i agree with your friend. I still use my chisel and stone tablet for all my important work.
Why do people rob banks and not homeless people? Because there is money in the bank, but the homeless person is likely broke.
A dial up connections obviously can't put out the same load that a broad band connection can. So it would stand to reason that a zombie net creater would be less interested in the computer. But most zombie net creater's are trying to get a huge number of PCs over a wide region, so while your PC isn't is sweet as a Win 98 box on a 5 meg DSL line, it is still another zombie. and it would likely be harder for the creators to make a filter to ignore your machine.
Same for spy/adware. Your machine isn't the best, but it is another machine.
so this is not obscurity he was preaching, it was desirablility he was preaching, albeit incorrectly.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
I've heard this argument before (no really). On the face of it, it has something going for it - OK, now why is it wrong?
;-)
Well if the PC isn't connected, it can't download updates to Windows (patches) and its Anti-Virus/Firewall/Anti-Spam etc. So when it is connected it will probably be a poor position security wise. From a practical perspective has anyone tryed to keep a PC "all patched up" over dial-up? Takes forever to download the patches, it isn't actually practical. So no, getting proper security utilities in place (and setting them up correctly) then connecting via ADSL (or similar) will probably improve the security. One tip though - don't get your friend to set it up.
Not only are they less likely to worry about security updates, but are you going to sit there and kill your bandwidth for days trying to download some major upgrade. For me I have DSL with 3Mbps downstream, so when new patches come out I can download them without skipping a beat.
Besides, the dialup doesn't really make you more secure. It's slower, so the amount of harm you can do to others by some worm is lower, but I can assure you, you can still get infected. I bought a new laptop while I was on a trip somewhere (long story), and while I was on the trip I used the dial-up modem on it for a couple days. During that short period of time it picked up a virus.
So get DSL and get a firewall. Firewalls will kill the vast majority of attacks. Sure you can still get crap through e-mail and websites, but then at least you're at the controls and can avoid screwing up too much.
This sig has been temporarily disconnected or is no longer in service
After I switched my father to Linux, I kept an eye on the logs.
Time from dial up connection to blaster hit: 8 seconds
Time from dial up connection to Nimda Hit: Two and a half minutes
So no, it's not safer.
I think those AOL commercials have really been sinking in.
"Did you know that with a high speed connection, you're more vulnerable to attacks? Get AOL Broadband to keep yourself safe! Just $15 on top of your DSL fee per month."
For more information, click here.
Dialup is in essence more secure because of speed you can visit websites, and the lack of not being connected 24/7 which isn't a problem with broadband if you have your firewall on. But comparitively the crap you can get into on dialup is worse. For example you can get a virus or spyware dialer on your machine. One of these over the christmas holidays racked up $600 dollars for my mama and papi who no matter how hard you lock there system down still get into trouble. At least for broadband they shut down your connection for a month if something happens. That alone would get me thousands of miles away from ever buying dialup again.(but when you can never really switch back after :) ) Oh yeah and your alternatives to getting around the dialup charges in canada are that you pay the phone company to password your long distance. They did the first time this happened offered a blocking solution. But it didn't include the long distance.
(The one I'm getting pretty tired of is "ad hominem", which many people seem to think is Latin for "You hurt my feelings!")
Briefly put, Security Through Obscurity is the assumption that your security holes will not be found because they're in a place few people will think to look. That strategy was never a good one, but it used to be more effective than it is now. Back in the 50s, when few computers were online the effectiveness of STO was merely unacceptable. Nowadays, the effectiveness of STO is pretty much non-existant — as long as the computer is online.
Now a computer using dialup is less hackable than one using DSL, because it's not always available, and because it's harder to probe when it is. The difference has nothing to do with "obscurity" — there's just less bandwidth for a hacker to play with.
Of course, a dialup connection when no security measures is still pretty fucking dangerous. But you're wrong to claim that there's no difference at all.
You could either switch to linux, or hibernate/shut down the computer whenever you're going to be gone for a while. The slow connection won't help much, if at all, since I think most viruses are relatively small.
What happened to that good old technique I like to call "turning your computer off when not in use" (TM)? It surprising has some side benefits, like lowering your energy bill!!!
To do list for Windows
Even better, use the Kerio Personal Firewall (windows xp), it's free, and there is a button to completely disable the net to that machine. I use it and turn the net off at night before I crash because I prefer to keep my machine running at all times.
Horns are really just a broken halo.
If you happen to contract one of that nasty malware that silently dials one of those expensive phone services, you'll wish you would have ditched it.
So you're the fucker who turned the net off last night.
All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
What kind of idiot thinks connection type has anything to do with infectability? A virus doesn't give a crap if it's traveling over fiber, dsl, cable, or phone lines. With broadband you can get 10 or 15 spyware programs and viruses and not see much of a dent in your overall speed. With dialup, just one or two infections will bring you down completely. If anything you'll be more likely to get infected since dialers can't affect broadband, only dialup. A nice $2,000 phone bill should be enough to convince anyone that dialup is not safer.
Maybe he thinks using dialup will protect him from cookies too.
It's more difficult to get a hardware NAT router/firewall for your connection.
You're less likely to download the large security updates because of time it takes.
'Always on' isn't a requirement. You can turn off the router or modem just like you can disconnect on dialup. I know people who do this.
Most exploits are quite small, and won't take long at all to install on your machine, even on dialup.
I've had 3 machines on cable behind a $25 belkin NAT firewall/router for over 5 years. I run zone alarm on the machines while I'm web surfing. I use mozilla because they seem to be more responsive to security issues than microsoft. I'm pretty lazy about patching, and I still haven't gotten any viruses, worms or trojans.
Hope your friend is not your dial-up vendor too. If malware connections attempt to connect to your machine, your dial-up might be saturated with the crap being downloaded, while personal info is being uploaded. Dial-up does not make you secure simply because on the network level, its just machines with IPs out there, regardless of connection. I havent heard of a virus that depends on layer 1 or 2 vulnerabilities.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
If you drive a car, instead of walking, the chance of getting into a major road accident increases, and you'll never get carjacked when walking.
Basically, his advice is simply to stay behind, because these new-fangled new technologies require you to actually increase your realm of understanding to use properly. If you are on a high-speed line, you actually have to care a little bit more about security, oh my! By by that same token, if you just stuck with a manual typewriter, you could avoid the threat of viruses altogether.
However, there is an answer if you can scare up a 486 or better with 32Mb of RAM, 400Mb of HD, etc.
IPCop will do modem dialouts (manually initiated and on-demand) and provide firewalling, caching, etc. for the same with any hardware and many software Modems out there. In fact, when Verizon fubared my DSL pending my FiOS install, I had to resort to that by popping in a hardware PCI modem (yeah, they DO make 'em) into the box instead of my Red NIC and plugged in my road warrior ISP. While it was dialup (with all the concomittant slowness...), it DID work well with all the setup in the house (incl. my firewalled and VPNed wireless leg...).
Basic configurations will work, esp. with an external modem and are largely no-brainer setups.
However, having said all the above, the original article poster's "friend" wasn't doing him any favors by making very misleading statements like he did. Most of the malware flatly doesn't care if you're not always on and high-speed. It'll zap you even on dialup (Remember Blaster?) and it may zap you in such a way that you can't even get on (Remember Blaster?). If your OS is insecure, it matters little what bandwidth you have- it's still insecure. Just because you're not as useful for a botnet doesn't mean you won't get trojaned or zoomed by a worm/virus all the same. The exploits and their use don't discriminate in a manner like dialup versus broadband- they attempt to zap EVERYONE .
The original poster should just get broadband of some kind- a goodly portion of the Internet has become painful to use because developers are assuming broadband like access and do all kinds of stupid things to their bandwidth and latency from off of their sites.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
English is more like an intel chip, bad design, but still chugs along and works. We all can still use the minium instruction sets badly and people still understand.
Liberty freedom are no1, not dicks in suits.
Ok, lots of people said this is a stupid ideea, that a net connection is a net connection and so on. Fact is, I worked at an ISP for about half of last year, and what happened to me happened to most ou out new clients: soon after getting connected, we were hit by baf stuff. Really hard. Why? Several reasons, as far as I can tell. First, the dial-up ISP usually tends to do a lot of firewalling on your behalf. Second, the connection (especially local one) beeing a lot faster, hits came a lot sooner and more often. And third there is a lot of bad stuff on the local ethernet connection which cannot be firewalled in any way by the ISP (us), even if they wanted to.
Point is, I agree with what most people said: beeing on dial-up is not safe. However, getting a broadband connection is likely going to make things interesting in a very short time