So my question is: Is firewall and anti-virus really not that effective and if so how do bots get around firewall and anti-virus?
No they're not. Trojans are becoming much more adept at avoiding antivirus (mainly because most antivirus is essentially a glorified "grep for this sequence of bytes", which doesn't work very well with polymorphic infectors) and much better at remaining hidden once installed.
A few years ago it was fairly obvious because an infected computer had all the speed and grace of a slug break-dancing in black treacle and most AV vendors' websites magically stopped working (though actually your browser was being screwed around with) - today that doesn't happen so much.
Short of the major AV vendors drastically upping their game in very short order (difficult - heuristics scanning is the obvious thing to look at but it's tantamount to the halting problem), I can't really see this situation improving much.
We've been hoping for competent users (and trying to educate people into competence) for decades. Hasn't happened yet - probably because the usual result of your computer getting a virus which wasn't automatically blocked is you have a legitimate excuse to do no work until such time as someone can clean up the mess.
I do not think you're alone there. While the economy was doing well and there was little in the way of big scandal, Labour could depend on its core faithful to vote for them.
Events of the last year in particular have shown that they're just as corrupt, just as able to bugger up the economy leaving thousands jobless and just as useless at fixing state-run institutions as the Tories.
I strongly feel that the only wasted vote is one that isn't used - voting for either Tory or Labour "because one of them is going to get in anyway" is absurd because it's easy to wind up with a large enough proportion of the electorate doing that for it to become self-fulfilling.
Isn't this the reason for Apple to have rolled out GrandCentral in Snow Leopard? If so, it seems it's not THAT hard to do - at least not that hard for a non-Windows OS.
Windows has been playing catchup with OS X for years, it's just there are so many fanbois on both sides that it can be very hard to get an objective viewpoint.
Good point, but OTOH the current government has been in power for 13 years now and have spent much of that time worshipping at the Altar of the Computer. The Computer System can Do No Wrong.
Is there a problem that the government should deal with? A Computer System will fix it.
Is the current system working just fine? A Computer System will make it even better.
Is the current system broken because the existing computer system never really did what was intended? A new, different computer system will fix that.
Seriously - it's like the mad rush for computerisation a lot of private companies went through 20 or 30 years ago. And lots of private companies then found that a computer does precisely what it's told - but many organisations aren't able to express their requirements anything like precisely enough to get what it is they really need.
Re:A false choice, of course...
on
Health Care Reform
·
· Score: 4, Insightful
Diabetes (along with many serious conditions) is buggery expensive to treat. In the real world, many sufferer's options are realistically:
Live in a country which provides at least basic healthcare without you having to sacrifice your first born (or at least regulates insurance companies such that they can't say "Oh, you've got something expensive? Sucks to be you, then.").
Be rich.
Die.
Most civilised countries decided that the final option on that list wasn't a particularly desirable one some years ago.
Most of us (with any sense) figured that out years ago. The problem is that most business problems that are solved with software (eg. groupware, accounting, payroll or anything specific to a particular industry) really don't lend themselves to being developed using the bazaar model - frankly, the only way you'll get anyone excited about writing such software is by paying them. The distribution producers (RedHat, Ubuntu et al) are busy just putting together a moderately cohesive OS from all the software that's out there.
...I wish 3rd party software would integrate into the windows update system, it would save a lot of bother (and pop-us, nag screens and update checking tasks loaded at startup).
This, a million times over. Windows Update needs an API for software to register itself with and load signing certificates so uploads can be secure and all dealt with through one interface.
You are assuming you'll notice if you get infected with malware. I've got news: there's a lot of malware around today which doesn't hog resources and stick out like a sore thumb. Zeus is one such, I'm sure there are others.
When I posted that I thought something similar was the case, but apparently there was one password per employee but this person used another password from someone else at the same branch.
Certificates might have helped there (it's usually much harder to copy out the private key once it's installed in Windows unless you know what you're doing, and the general public's understanding of certificates is probably not very strong) but at the end of the day, if someone REALLY wants to get in they will. Though I would question why the company operating this system allows anybody to connect from anywhere on the Internet - VPNs and/or simple IP address filtering would prevent a lot of these issues.
...is the perfect example (and with car analogy indeed) of why DRM and remote product (de)activation is doomed to failure.
Actually, this is a perfect example of why remote product deactivation is a great idea (it reduces the risk involved in selling a car on credit to people who are lousy credit risks), there are just some glitches that need ironing out. If it had been authenticated with a certificate which could be revoked as soon as the employee left (even better - build the certificate revoking process into the "remove employee from computer system" process) it'd be much less of an issue.
If you want an example of why remote product (de)activation is a lousy idea - and one with a car analogy - there was one on/. a couple of years back about a gated multi-storey car park where the developers of the car-park remotely locked the car park (locking all the cars in) when the owner refused to pay a monthly fee.
My sister is like that... Willing to remove all risk from her life and put control in the hands of other people for the safety of her kids.
You'd be amazed how many people are. "For the chillllldruuuun!!!" is one of those arguments that you just can't win because you either get painted as someone who'd understand if they had kids or someone who's sympathetic towards kiddie fiddlers, at which point any chance of a sensible discussion just goes out the window.
If you're actually programming on "bare metal", you're not really using DOS, are you? After all, DOS is an operating system -- a layer between your code and the hardware.
Not much of one by modern standards. You've got a filesystem, a command shell, character-based graphics and not a great deal else. There's a reason why Windows '9x hung around as long as it did - the sheer number of DOS applications that attempted to talk directly to hardware.
Yes, if he's in an accident the higher amount of ER/hospital time he may require harms no one. After all, the man hours available in ERs and hospitals are infinite and virtually free of cost. (Well, to him anyways. The taxpayers pay.)
Not harming anyone else isn't the same as not having consequences for anyone else.
If you're involved in a motorcycle accident and you're not wearing a helmet, the amount of time you require in hospital is virtually none.
The amount of time you require in a mortuary, however....
No non-profit organizations in the United States have to pay taxes.
How in the whole of thundering f*ck is a church a non profit organisation? The profits just go to some central fund to be spent how they want (more churches, repairs on existing churches, hush money to parents of small boys...) rather than back out to shareholders
Possible Motivation for An Organised Attempt to Hack Google:
Gain access to Google's user data. Not good - that data is far and away the biggest thing Google sell.
Gain insight into Google's technology. Even worse - their technology is what keeps their users coming back, and prevents the user data above from becoming stale.
Willy waving. Embarrassing for Google, particularly if it leads to either of the above being compromised.
Sooner or later, the cost of dealing with this kind of espionage will outweigh the benefit of doing business in China. Looks like Google reckon that time has already come.
Start making phones and motherboards in the US again. Would you pay $10 more for a Google Motherboard built in Iowa or Idaho over an Asus built in China if it was the same quality?
The mass migration of manufacturing to China would suggest that - as far as the market as a whole is concerned - the answer to that question is "no".
I think this is only posturing on Google's part. While China isn't a huge profit machine right now for them, access to 1.3B Internet users will be a big deal down the road.
How many of those people have decent Internet access (as opposed to live as subsistence farmers in the middle of nowhere)?
How free is the market in China? Without at least a moderately free market, there is precious little point in advertising.
These are serious questions - my knowledge of China is approximately zero.
I don't have that unless I get a license and deal with a whole lot of legislation.
choose where to live,
I can live anywhere I please in the EU. What makes you think I can't?
express religious and political opinions without being jailed,
I can do this. What makes you think I can't?
choose our own doctors,
I can do this. What makes you think I can't?
choose whether to buy health insurance,
I can, if I so choose, buy private health insurance. Though for some idiot reason, many private insurance policies don't cover diagnostic procedures and finding out what's wrong with you is half the battle on the NHS. There's no legislative reason for the private insurers to refuse to cover diagnostic procedures, they're just wankers like that.
and choose where to go to college-- this week anyway. Next week? Who knows.
I did choose where to go to college. As did my brother. In both of our cases, a major part of the decision making process was "at least 100 miles away from here".
Seriously, are you trolling or do you have some vision of Europe as being a dystopia where everyone is told what to eat, what to think and how to shit from cradle to grave?
and moving freight at 350k/h is a big waste of energy. But whatever, it's freaking cool!
Freight trains generally don't run at 350k/h, mainly because they tend to be a hell of a lot heavier than passenger trains. But a train line across Europe and Asia would follow a route much shorter than any of the major shipping lanes, which would make transport quicker.
The UK legal system operates on a "loser pays" basis, so unless there's something explicitly written into the law which puts such cases in the Small Claims Court (where there is a limit to the expenses that can be claimed by either side), you can guarantee anyone threatening to sue these people will be met with a nastygram saying "If you continue in taking us to court, we will demand costs. We're up to £20,000 now, and it's rising with every letter we write."
The people who are most likely to be cowed by such a threat are exactly the people who are most likely to get such a threat in the first place - I'm thinking particularly those who can't afford a solicitor and where the parents in the household don't really understand what the kids get up to on the Internet.
I'm willing to bet it falls in the same "vein" as Tattooed Jews can't be buried in a formal Jewish cemetery. As I understand it, (again, someone feel free to jump in here and correct me) man is created in God's image, therefore is as close to perfection as you can already make it (i.e. body is temple, etc). To alter your body (tattoos, organ donations) is to desecrate it (the temple of God) is to disrespect God. So you could donate your organs, but you couldn't be buried in a Jewish cemetery, which as far as I can tell is their form of excommunication.
Where do they stand on Jews that have received radiotherapy? It's normal to put a very small tattoo (literally a tiny blue spot) on the skin where the machine will be treating so as to ensure that the same area is treated every time.
Slashdot Mirror
So my question is: Is firewall and anti-virus really not that effective and if so how do bots get around firewall and anti-virus?
No they're not. Trojans are becoming much more adept at avoiding antivirus (mainly because most antivirus is essentially a glorified "grep for this sequence of bytes", which doesn't work very well with polymorphic infectors) and much better at remaining hidden once installed.
A few years ago it was fairly obvious because an infected computer had all the speed and grace of a slug break-dancing in black treacle and most AV vendors' websites magically stopped working (though actually your browser was being screwed around with) - today that doesn't happen so much.
Short of the major AV vendors drastically upping their game in very short order (difficult - heuristics scanning is the obvious thing to look at but it's tantamount to the halting problem), I can't really see this situation improving much.
We've been hoping for competent users (and trying to educate people into competence) for decades. Hasn't happened yet - probably because the usual result of your computer getting a virus which wasn't automatically blocked is you have a legitimate excuse to do no work until such time as someone can clean up the mess.
I do not think you're alone there. While the economy was doing well and there was little in the way of big scandal, Labour could depend on its core faithful to vote for them.
Events of the last year in particular have shown that they're just as corrupt, just as able to bugger up the economy leaving thousands jobless and just as useless at fixing state-run institutions as the Tories.
I strongly feel that the only wasted vote is one that isn't used - voting for either Tory or Labour "because one of them is going to get in anyway" is absurd because it's easy to wind up with a large enough proportion of the electorate doing that for it to become self-fulfilling.
Isn't this the reason for Apple to have rolled out GrandCentral in Snow Leopard? If so, it seems it's not THAT hard to do - at least not that hard for a non-Windows OS.
Windows has been playing catchup with OS X for years, it's just there are so many fanbois on both sides that it can be very hard to get an objective viewpoint.
http://www.youtube.com/watch?v=n74mktpenx8
Of course, you may decide that I am a fanboi. In which case, perhaps you should buy a Mac and develop your own objective viewpoint?
Good point, but OTOH the current government has been in power for 13 years now and have spent much of that time worshipping at the Altar of the Computer. The Computer System can Do No Wrong.
Is there a problem that the government should deal with? A Computer System will fix it.
Is the current system working just fine? A Computer System will make it even better.
Is the current system broken because the existing computer system never really did what was intended? A new, different computer system will fix that.
Seriously - it's like the mad rush for computerisation a lot of private companies went through 20 or 30 years ago. And lots of private companies then found that a computer does precisely what it's told - but many organisations aren't able to express their requirements anything like precisely enough to get what it is they really need.
Diabetes (along with many serious conditions) is buggery expensive to treat. In the real world, many sufferer's options are realistically:
Most civilised countries decided that the final option on that list wasn't a particularly desirable one some years ago.
Will you guys EVER figure it out?
Most of us (with any sense) figured that out years ago. The problem is that most business problems that are solved with software (eg. groupware, accounting, payroll or anything specific to a particular industry) really don't lend themselves to being developed using the bazaar model - frankly, the only way you'll get anyone excited about writing such software is by paying them. The distribution producers (RedHat, Ubuntu et al) are busy just putting together a moderately cohesive OS from all the software that's out there.
This, a million times over. Windows Update needs an API for software to register itself with and load signing certificates so uploads can be secure and all dealt with through one interface.
You are assuming you'll notice if you get infected with malware. I've got news: there's a lot of malware around today which doesn't hog resources and stick out like a sore thumb. Zeus is one such, I'm sure there are others.
When I posted that I thought something similar was the case, but apparently there was one password per employee but this person used another password from someone else at the same branch.
Certificates might have helped there (it's usually much harder to copy out the private key once it's installed in Windows unless you know what you're doing, and the general public's understanding of certificates is probably not very strong) but at the end of the day, if someone REALLY wants to get in they will. Though I would question why the company operating this system allows anybody to connect from anywhere on the Internet - VPNs and/or simple IP address filtering would prevent a lot of these issues.
...is the perfect example (and with car analogy indeed) of why DRM and remote product (de)activation is doomed to failure.
Actually, this is a perfect example of why remote product deactivation is a great idea (it reduces the risk involved in selling a car on credit to people who are lousy credit risks), there are just some glitches that need ironing out. If it had been authenticated with a certificate which could be revoked as soon as the employee left (even better - build the certificate revoking process into the "remove employee from computer system" process) it'd be much less of an issue.
If you want an example of why remote product (de)activation is a lousy idea - and one with a car analogy - there was one on /. a couple of years back about a gated multi-storey car park where the developers of the car-park remotely locked the car park (locking all the cars in) when the owner refused to pay a monthly fee.
My sister is like that... Willing to remove all risk from her life and put control in the hands of other people for the safety of her kids.
You'd be amazed how many people are. "For the chillllldruuuun!!!" is one of those arguments that you just can't win because you either get painted as someone who'd understand if they had kids or someone who's sympathetic towards kiddie fiddlers, at which point any chance of a sensible discussion just goes out the window.
It's the modern-day equivalent to witch hunting.
If you're actually programming on "bare metal", you're not really using DOS, are you? After all, DOS is an operating system -- a layer between your code and the hardware.
Not much of one by modern standards. You've got a filesystem, a command shell, character-based graphics and not a great deal else. There's a reason why Windows '9x hung around as long as it did - the sheer number of DOS applications that attempted to talk directly to hardware.
Right.... so how's that any different from any other privately-owned business?
Yes, if he's in an accident the higher amount of ER/hospital time he may require harms no one. After all, the man hours available in ERs and hospitals are infinite and virtually free of cost. (Well, to him anyways. The taxpayers pay.)
Not harming anyone else isn't the same as not having consequences for anyone else.
If you're involved in a motorcycle accident and you're not wearing a helmet, the amount of time you require in hospital is virtually none.
The amount of time you require in a mortuary, however....
No non-profit organizations in the United States have to pay taxes.
How in the whole of thundering f*ck is a church a non profit organisation? The profits just go to some central fund to be spent how they want (more churches, repairs on existing churches, hush money to parents of small boys...) rather than back out to shareholders
Look at this another way:
Possible Motivation for An Organised Attempt to Hack Google:
Sooner or later, the cost of dealing with this kind of espionage will outweigh the benefit of doing business in China. Looks like Google reckon that time has already come.
Start making phones and motherboards in the US again. Would you pay $10 more for a Google Motherboard built in Iowa or Idaho over an Asus built in China if it was the same quality?
The mass migration of manufacturing to China would suggest that - as far as the market as a whole is concerned - the answer to that question is "no".
Next question?
I think this is only posturing on Google's part. While China isn't a huge profit machine right now for them, access to 1.3B Internet users will be a big deal down the road.
How many of those people have decent Internet access (as opposed to live as subsistence farmers in the middle of nowhere)?
How free is the market in China? Without at least a moderately free market, there is precious little point in advertising.
These are serious questions - my knowledge of China is approximately zero.
Yes. We still have the freedom to own a firearm,
I don't have that unless I get a license and deal with a whole lot of legislation.
choose where to live,
I can live anywhere I please in the EU. What makes you think I can't?
express religious and political opinions without being jailed,
I can do this. What makes you think I can't?
choose our own doctors,
I can do this. What makes you think I can't?
choose whether to buy health insurance,
I can, if I so choose, buy private health insurance. Though for some idiot reason, many private insurance policies don't cover diagnostic procedures and finding out what's wrong with you is half the battle on the NHS. There's no legislative reason for the private insurers to refuse to cover diagnostic procedures, they're just wankers like that.
and choose where to go to college-- this week anyway. Next week? Who knows.
I did choose where to go to college. As did my brother. In both of our cases, a major part of the decision making process was "at least 100 miles away from here".
Seriously, are you trolling or do you have some vision of Europe as being a dystopia where everyone is told what to eat, what to think and how to shit from cradle to grave?
The bankers call "float" a scam, are all bankers scam artists?
I think events of the last couple of years make the answer to that fairly obvious.
and moving freight at 350k/h is a big waste of energy. But whatever, it's freaking cool!
Freight trains generally don't run at 350k/h, mainly because they tend to be a hell of a lot heavier than passenger trains. But a train line across Europe and Asia would follow a route much shorter than any of the major shipping lanes, which would make transport quicker.
The UK legal system operates on a "loser pays" basis, so unless there's something explicitly written into the law which puts such cases in the Small Claims Court (where there is a limit to the expenses that can be claimed by either side), you can guarantee anyone threatening to sue these people will be met with a nastygram saying "If you continue in taking us to court, we will demand costs. We're up to £20,000 now, and it's rising with every letter we write."
The people who are most likely to be cowed by such a threat are exactly the people who are most likely to get such a threat in the first place - I'm thinking particularly those who can't afford a solicitor and where the parents in the household don't really understand what the kids get up to on the Internet.
And every password you add makes things a little harder, and sooner or later people decide to make things easier - usually with post-it notes.
I'm willing to bet it falls in the same "vein" as Tattooed Jews can't be buried in a formal Jewish cemetery. As I understand it, (again, someone feel free to jump in here and correct me) man is created in God's image, therefore is as close to perfection as you can already make it (i.e. body is temple, etc). To alter your body (tattoos, organ donations) is to desecrate it (the temple of God) is to disrespect God. So you could donate your organs, but you couldn't be buried in a Jewish cemetery, which as far as I can tell is their form of excommunication.
Where do they stand on Jews that have received radiotherapy? It's normal to put a very small tattoo (literally a tiny blue spot) on the skin where the machine will be treating so as to ensure that the same area is treated every time.