The dad and mom don't have the time nor inclination to maintain separate user accounts. They made her promise not to install any of that stuff and she agreed, and now that she knows the real world results of installing that software, I think she has learned her lesson.
I offered to set up separate accounts for them, but they opted out. I got a great dinner out of the deal, so I'm hoping it happens again... soon. I always look on the bright side of things;-)
You are absolutely correct. UAC is enabled, as I received no fewer than 30 requests to authorize the system to perform tasks while I was removing said trojans.
The problem is that both Kaspersky and Windows Defender didn't prevent (or defend the computer from) the trojans from being installed. Even with admin privileges, any trojan or virus should have hit a brick wall when trying to do *anything* to the installed AV program's installation or runtime... and either Kaspersky or Windows Defender should have been able to completely remove the trojan or virus when it was initially installed.
As it turned out, I had to download a special program from Kaspersky's website in order to clean up the computer. At least they read their forums, where hundreds of other unfortunate Windows users were posting their terrible experiences.
You are correct. I am a Mac user, and I do worry about viruses and trojans being on my computer. I worry that I'll receive them in an email attachment and unknowingly pass them along to my less fortunate Windows using friends. I worry that I will get one in my installation of Windows in VMWare.
I've been thinking about running an a/v program to prevent this from happening... I like those people; I don't want them to suffer unnecessarily.
I will not fear trojans and viruses until they start appearing en masse on the Mac platform. Until then, I will sleep more soundly than my Windows using friends, that is for sure.
Yep, exactly. Had Kaspersky actually protected the PC, I would not have had to do anything.
As for the girl, she was told twice not to run that program, yet she did it anyways. She promised not to do it again.
The weakest link will always be the human seated at the computer... Anna Kournikova anyone? You'd think with that bit of information, the AV programs would be geared towards eliminating the PEBKAC error altogether... but apparently it is more difficult than one would expect.
I just had to repair a friend's Vista PC which had 3 Trojan programs running that had taken control of her internet even though Kaspersky antivirus was installed. The Trojan had worked its way onto her computer via a P2P program that her daughter was using to get music, and that stopped Kaspersky from being able to update its definitions, which it was set to do every day. I couldn't even go out to Microsoft's Windows Update site to get Windows updates, and Windows Defender (which was also installed and running) was disabled by one of the Trojan programs. It took me over an hour to clean it all up and get her machine running properly again.
Not even 2 antivirus programs could stop this from happening on the latest Windows PC.
This is what is stopping me from being even the slightest bit excited about Windows 7.
I apologize if this post feels like I'm talking down to you or whatever... I'm not. I just want to make sure that I am being clear in what I said earlier.
OS X has been doing *authentication* since its first release, which is welcome. If I try to install software to a secure area of my hard drive (like/Applications), I *want* to be prompted for an admin account's credentials, even if I my current login is the admin. That is great.
What I really REALLY don't want is for the computer to say "[x] program has attempted to do [y], allow or deny?" That is *authorization*.
To me, this just indicates that [x] program isn't secure and probably shouldn't even be on your hard drive in the first place, since it is doing something that may compromise your computer's security.
The forgiving say "This is how Microsoft empowers the user to be better informed"
I'm not so forgiving.. I say this is how Microsoft shifts the responsibility of securing their programs to the user.
I am worried that Apple is assuming too much about the security of the Mac OS X operating system. I am a long time user (since first beta) and it has been an incredible ride, but I'd really like for Apple to "step up" and take this bull by the horns and let the world know that they are very serious about security and eliminating *any* means of intrusion, either automated or user driven... and not just rely on the FOSS community to remedy the security problems in the software that they have incorporated into the OS.
Just as long as they don't implement some Vista like "Allow or Deny?" crap... God that would drive me *nuts*!
Rule #1 of Software Development in the 21st century:
Don't put any business logic into sprocs.
Why?
It's very simple really, and very logical.
1) Only CRUD operations should be in sprocs. These sprocs are designed to allow someone to create/read/update/delete data in the tables in the database without giving the user access to or knowledge of the underlying table structure. Use application roles (approles) to allow access to the tables. This keeps people from loading up your tables with Excel and walking all over your data. Also, this prevents SQL injection attacks, as your sprocs will choke all over them and nothing will get trampled. Any time that you put SQL statements in a form, you are opening yourself up to SQL injection attacks, unless you have specifically guarding against them, which requires even MORE work. Not giving your users knowledge of the underlying table structure makes it easy for you to change that structure, should you (or the DBA) need to.
2) The second that you place a business rule into a sproc, the users will want the rule changed. This means that you now have to go back to the sproc to update it. Why is this bad? Because sprocs are almost always under the control of the DBA. This sometimes isn't that bad, but most of the time there is a layer of politics involved between DBAs and Software Developers. What usually happens is that the dev will make the change to the business logic in the middle (or even worse, GUI) tier, thereby doing twice as much work. This happens way more often than you think it does.
3) Adding Database servers to a cluster isn't cheap. If you have a lot of users, and you have had to cluster your servers to accommodate more users, you'll have to add more database servers as you add more users. This is expensive, especially if you are using SQL Server or Oracle. Adding more middle-tier servers is much cheaper, being that you only need the underlying OS. Not to mention that there is a diminishing point of returns when adding database servers.
I hope that this makes sense to you, and helps you build arguments in the future for NOT allowing devs to put business logic into the sprocs!
The patent office's business is selling patents, and business is gooooooood.
It'll be a cold day in the hot place when the patent office actually spends time researching whether or not a patent is valid. They'll leave that up to the courts to decide.
IBM wants to make it harder for smaller companies to patent business processes (or anything at all?) so that they don't get in the way of big companies patenting everything under the sun....
Alot of people purchased $1,000-2,500 macs and can't run the latest OS
Don't believe this phooey.
My PowerMac G4 (Codename: "Yikes!") from 1999 (it is 7 years young this month!) is happily running Panther, and will run Tiger as soon as I put a DVD drive in it (this weekend). I paid $1500 for it and I think it was the best decision that I ever made -- it was my declaration to the world that MS operating systems were not welcome in my home... I had more important things to do than reinstall the OS every time some piece of malware (I think Nimbda/Code Red got my PC around that time and was the last straw) trashed my computer.
It was the best (computer based) decision that I ever made.
This isn't something that Americans (of which I am -- for better or worse -- one of) know anything about -- we have no idea what "privacy" means. Especially in this day and age when police can "think they heard someone scream" and break down your door, or "think they smelled soemthing funny" and search your car.
"Privacy" is something that "used to be important" in America, you know "way back in the 50s".
I was raised by older parents who taught me the importance of privacy, and in the post 9/11 "everyone is a terrorist until they're not" world of today, privacy is just not something that Americans want to be bothered with anymore -- until it's their door that is being broken down, that is!
...what exactly they were actually hearing that was more important than the CIA director telling the National Security Advisor that Bin Laden was going to attack Americans.
This is exactly what they wanted to hear. They simply translated it into:
That they were going to be able to scare Americans into giving up their civil liberties.
That they were going to be able to grab power from the other branches of the government in the name of "fighting terrorism".
That they were going to be able to go to Iraq and exact revenge on Saddam.
What part of that isn't great for the president (the executive) and terrible for everyone else? It's not like Bush cares about an approval rating... he's not going to have to worry about "elections" in 2008 or that "goddamned piece of paper" anyways... I'm sure he's warming up his shredder now (the one with the "Enron" badge on the side) for when he's able to push the constitution right through. Especially since the republicans now have all 3 branches of the government under their belt (thanks to hijacked elections) and the rest of the world under their feet...
This is Microsoft saying that they are good for the "people", but not good for "business". Any employer with even a bit of business sense will see this for what it is -- Microsoft's new product will make them pay more money for more people to do what their current employee base is already doing. This is the creation of redundant jobs.
This is a losing proposition for Microsoft among businesses that can say "no" to Vista and are not afraid of jumping ship to other, more cost effective computing solutions.
It's funny that you say that point #3 was retarded, without even taking 3 seconds to think past the "obscurity is not security" tag line. I submit that in this case, that saying does NOT apply.
My Mac is sitting here, all dressed up and nobody even shows up to take it out for a spin. Why's that? Could it be the plethora of extremely vulnerable Windows machines that it is rubbing elbows with on the Internet? Why would anyone spend 1 second trying to hack a Mac when they can just "have at it" with a Windows machine? To prove it can be done? Hardly. Windows machines are hacked for well known reasons: spam zombies, botnets, WareZ repositories, etc. Windows machines are very easy targets for that stuff, and the Mac simply isn't.
I submit that the best security for a Mac on the Internet are the Windows machines that are also on the Internet.
The first thing that I'm going to do as a "normal user" is turn on SSH and Personal Web Sharing. Then I'm going give anyone who wants access to my machine an SSH account.
This "test" was silly and unrealistic, at best.
Here's a "real" test: 1) Turn on brand new Mac Mini 2) Update to latest rev of OS 3) Try to hack it from the Internet, without knowing its IP address.
There is no way that "wide open" content will ever work... there are too many people out there with bad intentions. This is why you see so many sites with wikis closing them down these days - due to spam bots, due to malicious posters, etc.
The only thing that will ever work is to have an "owner" of a wiki who gives access on a trust basis. The owner will decide who s/he trusts, and to what level.
I'm afraid that this is the only system that will ever work for collaborative content.
I would watch the series first, though, as the characters are introduced in much more detail, and it has many very comical scenes (especially concerning Shepherd and River... I giggle just thinking about her "fixing" the bible...)
"...aaaannnd Peter... we need to talk about your TPS reports... didn't you get that memo? I'll send you another copy.... riiiiight."
People at my work passed the "Office Space" VHS tape (no kidding, heh) around the office, and you can't even say "That'd be great" in a meeting without getting snickers, even 5 years later! It's amazing how 1 movie has changed the perception of the American workplace so much.
Slashdot Mirror
One patent to rule them all, and in the darkness bind them!
Mr. Perfect World meet Mr. Real Situation.
The dad and mom don't have the time nor inclination to maintain separate user accounts. They made her promise not to install any of that stuff and she agreed, and now that she knows the real world results of installing that software, I think she has learned her lesson.
I offered to set up separate accounts for them, but they opted out. I got a great dinner out of the deal, so I'm hoping it happens again... soon. I always look on the bright side of things ;-)
You are absolutely correct. UAC is enabled, as I received no fewer than 30 requests to authorize the system to perform tasks while I was removing said trojans.
The problem is that both Kaspersky and Windows Defender didn't prevent (or defend the computer from) the trojans from being installed. Even with admin privileges, any trojan or virus should have hit a brick wall when trying to do *anything* to the installed AV program's installation or runtime... and either Kaspersky or Windows Defender should have been able to completely remove the trojan or virus when it was initially installed.
As it turned out, I had to download a special program from Kaspersky's website in order to clean up the computer. At least they read their forums, where hundreds of other unfortunate Windows users were posting their terrible experiences.
... and I hope it remains "not worthwhile" for a long time to come. I enjoy using a computing environment that I don't have to worry about.
You are correct. I am a Mac user, and I do worry about viruses and trojans being on my computer. I worry that I'll receive them in an email attachment and unknowingly pass them along to my less fortunate Windows using friends. I worry that I will get one in my installation of Windows in VMWare.
I've been thinking about running an a/v program to prevent this from happening... I like those people; I don't want them to suffer unnecessarily.
I will not fear trojans and viruses until they start appearing en masse on the Mac platform. Until then, I will sleep more soundly than my Windows using friends, that is for sure.
That may be true for Windows based PCs, but even the most novice Mac or Linux user doesn't have to worry about it at all.
Yep, exactly. Had Kaspersky actually protected the PC, I would not have had to do anything.
As for the girl, she was told twice not to run that program, yet she did it anyways. She promised not to do it again.
The weakest link will always be the human seated at the computer... Anna Kournikova anyone? You'd think with that bit of information, the AV programs would be geared towards eliminating the PEBKAC error altogether... but apparently it is more difficult than one would expect.
I just had to repair a friend's Vista PC which had 3 Trojan programs running that had taken control of her internet even though Kaspersky antivirus was installed. The Trojan had worked its way onto her computer via a P2P program that her daughter was using to get music, and that stopped Kaspersky from being able to update its definitions, which it was set to do every day. I couldn't even go out to Microsoft's Windows Update site to get Windows updates, and Windows Defender (which was also installed and running) was disabled by one of the Trojan programs. It took me over an hour to clean it all up and get her machine running properly again.
Not even 2 antivirus programs could stop this from happening on the latest Windows PC.
This is what is stopping me from being even the slightest bit excited about Windows 7.
Proof of actually committing the crime shouldn't be an obstacle of someone getting convicted of committing the crime.
Hmmm sounds fishy to me... ;-)
Wow, PayPal has figured out #2!
1) Declare a browser as "unsafe"
2) ???^H^H^H^H^H^H
2) Block the browser from your popular site
3) Profit! --> Approach the company that makes the browser... "we'll declare it safe... for a price".
OS X has been doing this since its first release.
/Applications), I *want* to be prompted for an admin account's credentials, even if I my current login is the admin. That is great.
I apologize if this post feels like I'm talking down to you or whatever... I'm not. I just want to make sure that I am being clear in what I said earlier.
OS X has been doing *authentication* since its first release, which is welcome. If I try to install software to a secure area of my hard drive (like
What I really REALLY don't want is for the computer to say "[x] program has attempted to do [y], allow or deny?" That is *authorization*.
To me, this just indicates that [x] program isn't secure and probably shouldn't even be on your hard drive in the first place, since it is doing something that may compromise your computer's security.
The forgiving say "This is how Microsoft empowers the user to be better informed"
I'm not so forgiving.. I say this is how Microsoft shifts the responsibility of securing their programs to the user.
I am worried that Apple is assuming too much about the security of the Mac OS X operating system. I am a long time user (since first beta) and it has been an incredible ride, but I'd really like for Apple to "step up" and take this bull by the horns and let the world know that they are very serious about security and eliminating *any* means of intrusion, either automated or user driven... and not just rely on the FOSS community to remedy the security problems in the software that they have incorporated into the OS.
Just as long as they don't implement some Vista like "Allow or Deny?" crap... God that would drive me *nuts*!
My opinion? I'm glad you asked :-)
Rule #1 of Software Development in the 21st century:
Don't put any business logic into sprocs.
Why?
It's very simple really, and very logical.
1) Only CRUD operations should be in sprocs. These sprocs are designed to allow someone to create/read/update/delete data in the tables in the database without giving the user access to or knowledge of the underlying table structure. Use application roles (approles) to allow access to the tables. This keeps people from loading up your tables with Excel and walking all over your data. Also, this prevents SQL injection attacks, as your sprocs will choke all over them and nothing will get trampled. Any time that you put SQL statements in a form, you are opening yourself up to SQL injection attacks, unless you have specifically guarding against them, which requires even MORE work. Not giving your users knowledge of the underlying table structure makes it easy for you to change that structure, should you (or the DBA) need to.
2) The second that you place a business rule into a sproc, the users will want the rule changed. This means that you now have to go back to the sproc to update it. Why is this bad? Because sprocs are almost always under the control of the DBA. This sometimes isn't that bad, but most of the time there is a layer of politics involved between DBAs and Software Developers. What usually happens is that the dev will make the change to the business logic in the middle (or even worse, GUI) tier, thereby doing twice as much work. This happens way more often than you think it does.
3) Adding Database servers to a cluster isn't cheap. If you have a lot of users, and you have had to cluster your servers to accommodate more users, you'll have to add more database servers as you add more users. This is expensive, especially if you are using SQL Server or Oracle. Adding more middle-tier servers is much cheaper, being that you only need the underlying OS. Not to mention that there is a diminishing point of returns when adding database servers.
I hope that this makes sense to you, and helps you build arguments in the future for NOT allowing devs to put business logic into the sprocs!
-Steven
The patent office's business is selling patents, and business is gooooooood.
It'll be a cold day in the hot place when the patent office actually spends time researching whether or not a patent is valid. They'll leave that up to the courts to decide.
It's just good business.
IBM wants to make it harder for smaller companies to patent business processes (or anything at all?) so that they don't get in the way of big companies patenting everything under the sun....
Alot of people purchased $1,000-2,500 macs and can't run the latest OS
Don't believe this phooey.
My PowerMac G4 (Codename: "Yikes!") from 1999 (it is 7 years young this month!) is happily running Panther, and will run Tiger as soon as I put a DVD drive in it (this weekend). I paid $1500 for it and I think it was the best decision that I ever made -- it was my declaration to the world that MS operating systems were not welcome in my home... I had more important things to do than reinstall the OS every time some piece of malware (I think Nimbda/Code Red got my PC around that time and was the last straw) trashed my computer.
It was the best (computer based) decision that I ever made.
...something other than an invasion of privacy.
This isn't something that Americans (of which I am -- for better or worse -- one of) know anything about -- we have no idea what "privacy" means. Especially in this day and age when police can "think they heard someone scream" and break down your door, or "think they smelled soemthing funny" and search your car.
"Privacy" is something that "used to be important" in America, you know "way back in the 50s".
I was raised by older parents who taught me the importance of privacy, and in the post 9/11 "everyone is a terrorist until they're not" world of today, privacy is just not something that Americans want to be bothered with anymore -- until it's their door that is being broken down, that is!
This is exactly what they wanted to hear. They simply translated it into:
What part of that isn't great for the president (the executive) and terrible for everyone else? It's not like Bush cares about an approval rating... he's not going to have to worry about "elections" in 2008 or that "goddamned piece of paper" anyways... I'm sure he's warming up his shredder now (the one with the "Enron" badge on the side) for when he's able to push the constitution right through. Especially since the republicans now have all 3 branches of the government under their belt (thanks to hijacked elections) and the rest of the world under their feet...
This is Microsoft saying that they are good for the "people", but not good for "business". Any employer with even a bit of business sense will see this for what it is -- Microsoft's new product will make them pay more money for more people to do what their current employee base is already doing. This is the creation of redundant jobs.
This is a losing proposition for Microsoft among businesses that can say "no" to Vista and are not afraid of jumping ship to other, more cost effective computing solutions.
Is this the tipping point?
It's funny that you say that point #3 was retarded, without even taking 3 seconds to think past the "obscurity is not security" tag line. I submit that in this case, that saying does NOT apply.
My Mac is sitting here, all dressed up and nobody even shows up to take it out for a spin. Why's that? Could it be the plethora of extremely vulnerable Windows machines that it is rubbing elbows with on the Internet? Why would anyone spend 1 second trying to hack a Mac when they can just "have at it" with a Windows machine? To prove it can be done? Hardly. Windows machines are hacked for well known reasons: spam zombies, botnets, WareZ repositories, etc. Windows machines are very easy targets for that stuff, and the Mac simply isn't.
I submit that the best security for a Mac on the Internet are the Windows machines that are also on the Internet.
The first thing that I'm going to do as a "normal user" is turn on SSH and Personal Web Sharing. Then I'm going give anyone who wants access to my machine an SSH account.
This "test" was silly and unrealistic, at best.
Here's a "real" test:
1) Turn on brand new Mac Mini
2) Update to latest rev of OS
3) Try to hack it from the Internet, without knowing its IP address.
Good frackin' luck!
There is no way that "wide open" content will ever work... there are too many people out there with bad intentions. This is why you see so many sites with wikis closing them down these days - due to spam bots, due to malicious posters, etc.
The only thing that will ever work is to have an "owner" of a wiki who gives access on a trust basis. The owner will decide who s/he trusts, and to what level.
I'm afraid that this is the only system that will ever work for collaborative content.
Why wait? Amazon is your friend!
You can order the FireFly Series on DVD...
or the Serenity Movie (Widescreen, of course!)...
And yes, Amazon ships to Japan!
I would watch the series first, though, as the characters are introduced in much more detail, and it has many very comical scenes (especially concerning Shepherd and River... I giggle just thinking about her "fixing" the bible...)
Salud!
I've never seen Firefly and I probably wouldn't be that interested in it...
Which, translated from Reaver-speak means "You'd be hooked by the 3rd episode".
"...aaaannnd Peter... we need to talk about your TPS reports... didn't you get that memo? I'll send you another copy.... riiiiight."
People at my work passed the "Office Space" VHS tape (no kidding, heh) around the office, and you can't even say "That'd be great" in a meeting without getting snickers, even 5 years later! It's amazing how 1 movie has changed the perception of the American workplace so much.