Slashdot Mirror
Microsoft VP Suggests 'Net Tax To Clean Computers
Ian Lamont writes "Microsoft's Vice President for Trustworthy Computing, Scott Charney, speaking at the RSA conference in San Francisco, has floated an interesting proposal to deal with infected computers: Approach the problem of dealing with malware infections like the healthcare industry, and consider using 'general taxation' to pay for inspection and quarantine. Using taxes to deal with online criminal activity is not a new idea, as demonstrated by last year's Louisiana House vote to levy a monthly surcharge on Internet access to deal with online baddies."
Or they could take their brilliant little plan and shove it. Then I will have to take care of my own security. I know it sounds impossible for a simpleton like myself to accomplish, but I'm sure I'll manage somehow.
A fully-patched Windows installation is mostly unhackable... it's the nuts who won't let Windows Update run that are the problem.
Paying for someone else's fuck up. A lot of that going around these days.
Just pointing out the parent said *unhackable,* not "uninfectable," or "invulnerable to social engineering," etc. And there's a solid point there, since the latest version of an OS is often difficult to compromise without user complicity, even if it's unknowing complicity.
Compare that to a Windows machine connected to the Internet without some sort of protection--it can become infected without the user doing anything at all.
These problems do in fact happen. They use third party issues like the Flash bug patched only a month and a half ago ( http://apple.slashdot.org/story/10/01/20/217257/Apple-Patches-Massive-Holes-In-OS-X?art_pos=6 ) where all you had to do was surf onto the infected site. This is an issue since all Mac's are pre-installed with Flash, and the patch had been available for weeks on the official Flash site before Apple bothered to include it into an 'official' patch. The typical end user doesn't want to have to look for fixes beyond the update program. And as long as things like this happen, they will have issues and problems of their own.
Attention... all grammer nazi"s! Is they're anything; wrong with: my post,
I've been virus free for decades now, following these basic rules, and without running A/V save a monthly offline Clam scan to make sure I haven't caught a case of the stupids when I wasn't looking.
I'd rather see ISPs voluntarily cracking down on spam-generating machines than be forced to pay a tax in an attempt to make up for my neighbor*'s ignorance.
*For extremely large values of "neighbor".
See I read your rant, and the one above it as "I used Norton's once so all virus scanners are bad".
I've been using Avast for the last few years. Free for home use and a damn good product.
A) Sure it updates almost every day - but it has almost no impact on my network (and I'm from Oz where "Broadband" means a bit faster than dial up).
B) Its impact when scanning is not noticable. It scans the file you modify or try to open.
C) WTF? What defaults? The "I can download and run viruses by default" defaults?
D) Avast 99% of the time is a pair of icons in your system tray. If the look and feel of your virus scanner is one of you concerns then your worried about the wrong thing...
E) Avast doesn't constantly use CPU time. A decent virus scanner of any kind would us OS Hooks to identify when it needs to look at files/processes. It won't need to be doing anything unless you are and then it only needs a quick look at the file/process to see if it recognises it.
F) Avasts free license expires every 12 months. It takes around a minute to renew. Big deal.
G) *sigh* Seriously. There are millions of gamers around the world that have virus scanners installed. There's also quite a number of game developers with virus scanners installed. When was the last time that you read that your virus scanner should be disabled before playing game ? Sure the downloads of updates can cause a few moments of lag - but big deal.
H) I'm sorry but WTF? Sure Sony's rootkit can be considered a threat. But REAL threats are actually more things like Confiker, Trojans etc. Viruses etc. that (a) might destroy your PC, (b) be used as part of a botnet, (c) steal your personal data etc.
You're worried about how you virus scanner looks, and a slight interruption to your gaming, but not about the impact of having a virus. The fact that that virus may wipe your machine, cause your machine to be responsible for attacking other machines, or cause masses of SPAM e-mail to be sent out doesn't concern you? I take it then that your ISP doesn't care that you might be responsible for infecting other machines, sending SPAM etc.
Take your tinfoil hat off and go out and get some sunshine.
dnuof eruc rof aixelsid
Actually I would recommend Comodo AV over MSS, and here is why. I have seen several PCs come across my desks in the past few months with users complaining that "something was wrong but I don't know what" and come to find that after several hours, some after specific actions, some for no reason at all, MSS would go "runaway" and consume nearly all the CPU and thrash the hell out of the drive, even though no scan was scheduled or new files added.
Now don't ask me why it did that, fuck if I know, I'm not an expert on security scanning engines, just a humble PC repairman. I gave up finally on MSS when I myself experienced a "runaway" on my own PC. I had done the same thing I had done a thousand times before-loaded some files into IMGBurn for backup, when MSS went runaway and started sucking up nearly 90% of all 4 cores and thrashing the hell out of my hard drive. Since I had a service call to do I figured "well I'm sure it will be finished doing whatever by the time I get back" but when I got back nearly 3 hours later MSS was still thrashing away. I tried excluding the folder IMGBurn was to burn files from, no luck. The only way I got it to stop was to uninstall it. That's when I decided to go Comodo for my Windows 7 like I had for my XP machines and stop recommending MSS.
So I don't know if an update borked it or what, but I'd stay away from MSS for the time being. As for this "tax"? Total bullshit, as it is NOT the users fault! I repeat it is NOT the users fault, as every damned OEM kills autoupdates at the factory and the users don't realize when they buy a new machine it is crippled. All of the machines that have crossed my desk in...oh it must be at least since SP2 for XP, have been pre-activated with some lame "HP_User" style account with autoupdates turned off, and often a horribly out of date AV POS trialware that was useless before the customer even opened the box. Every customer that leaves my shop has a full working AV and autoupdates turned on and I almost never see them for virus problems, the few that do let their kids run wild or are the "must click on teh buttons!" types and there really isn't anything you can do about PEBKAC.
If the OEMs didn't cripple their machines before they even left the factory I'm sure the number of infected PCs would drop right off the charts. Why in this day and age they are allowed to get away with such intentional crippling of PCs is beyond me. To use a /. car analogy, nobody would expect their brand new car to have the locks tampered with at the factory, would they? So how come the poor user is expected to be an IT guy when sane policies from the factory would get rid of a huge amount of problems?
ACs don't waste your time replying, your posts are never seen by me.
You don't think that Macs and Linux machines are unhackable, do you? It's just that XP was so easy to hack, and had such a huge market share, that you'd be foolish to hack other systems.
Even when you do manage to find an unpatched vulnerability on a unix-like system that you can remotely exploit to run arbitrary code, you're still unable to access anything in the system outside of the security context of the software that you've exploited. So you can't access any users' personal files (unless that user was the one running the program you exploited, then you can access their stuff but nobody else's), you can't modify system files, or anything else since most people running those systems run their software under limited user accounts. When exploiting windows machines, it's pretty rare that the software you've exploited turns out to be running under a limited user account. In those situations you then need to find another vulnerability that you can exploit to escalate your privileges, and unfortunately those vulnerabilities are taken much more seriously on unix-like operating systems where they are patched as quickly as they are discovered. At least with a Windows box, if you do come into one of those rare situations where the user is security conscious, there are many more local privilege escalation vulnerabilities to choose from and they aren't patched very quickly to say the least.
So, yeah, one would be quite foolish to be targeting other systems while there are so many easy targets that, even when their owners attempt to secure them, are still trivial to compromise by comparison.
I'm not sure where the redundancy idea comes from in your post. I've seen more than a few Windows systems fucked over by just one or two registry keys doing the wrong thing. The fact that the path to said registry keys is cryptic and over 100 characters long doesn't help.
Well the redundancy comes from the fact that the registry was backed up on every successful boot allowing you to restore it when things got fucked up. I don't see why its automatically "nonsense" because you had some problems that you fail to give specifics for.
http://en.wikipedia.org/wiki/Windows_Registry#Backups_and_recovery
Also, Changing 'one or two' keys can and will fuck up Windows. Thats the point. Because it hosts critical OS settings, If you delete specific keys, say for e.g. If you disable a driver that is required for boot, you can hose your system.
But that would be the equivalent of deleting /etc/fstab , mtab or corrupting /boot/grub/grub.cfg.
But when you buy a Rolex from Cartier, you don't expect to get a cheap $5 knock off.
You also don't expect to get a Rolex from Cartier.
You would have to keep around last 3 snapshots just to be safe from a failed/bad update.
Yes you would. Sorry I left that out.
Using VMs means you can start with a bare windows install fully updated, and save a copy, or "snapshot" of that. Then you can add security layers on top and save a snapshop of that "snap that". A few at a time you can add your critical apps and make snaps until you have a lot of snapshot VMs that take a lot of space - but these days space is cheap. You can store 200 10GB Windows images on a 2TB external drive, and that's not a large external storage device today. Storing your basic images on an external drive also keeps your images safe from really clever malware that might evolve to corrupt even inactive OS VM images.
For the advanced class, you can mount a VM of OpenFiler with a reasonable disk pool, mount that iSCSI volume on your VM and install Windows onto it. Then you can take thin differential snapshots. If OpenFiler won't do what you need then HP's free Virtual SAN Appliance will, or there are other options. Me, I just reinstall the OS in a VM when I have to rebuild because it's a rare thing and dealing with that once a year or so is easier than setting up infrastructure that may change. But one day older versions of Windows will no longer install, so that bare image will have to do.
Help stamp out iliturcy.
And, despite all their efforts, every month, every week, hell, almost every day another security exploit is discovered or released that shows just how broken previous versions of their platform is:
http://www.computerworld.com/s/article/9164038/Microsoft_Don_t_press_F1_key_in_Windows_XP
Of course, the biggest problem is that most users run Windows with Admin rights but M$ is to blame for making Windows too hard to run without full admin rights.
I would have had a lot more respect for them if they'd bought out a company like Avecto or BeyondTrust, and spun that kind of functionality into a Service Pack like they did with Security Center so that running with day-to-day with admin rights wouldn't be necessary.
No, UAC / RunAs isn't the same as Privilege Manager or Privilege Guard as it doesn't sufficiently modify the security context of a logged-in user
Pain is merely failure leaving the body