Hacker Alert

[Torhal]

Originally Posted by Sepioth ohhh wait a minute .. I'm a guy too

And you think this matters...why?

[Bruners]

Originally Posted by us2006027321 Actually, locking your door would be preventative maintenance, so to that end, all of my tips would be locking the door. AV software and the like would be like keeping an alarm on the door and a loaded weapon of some kind next to your pillow. Those are both far more effective after you haven't locked your door, no? Not following my tips makes the alarm and weapon so much more necessary, where as having the appropriate locks on the door make the weapon and the alarm entirely unnecessary. See what I did there? Thanks for handing me all the tools for an adequate analogy. ...is one of the many things I find on the computers of people who should have been paying better attention to their computers, expected software to do it for them, and still managed to mess it all up. Again, I'm not knocking software. I'm just saying that paying attention to things yourself and remembering that software won't do everything for you really is the more efficient way to go. I don't think the two have to be mutually exclusive, but if they must, pay attention to your stuff and get rid of the software.

Using security software is the same as stores having guards/tags to spot/get possible thieves, you want to let everyone into your store but some of them might not be there to help you in any way. Even if you really monitored all your visitors to the store and only let in those who you really trusted, there would still be a slight chance they could steal something. This is not saying you should have two guards with a loaded gun pointed at the customer and only one at a time in the store.

The same guards doesn't always pick up all the thieves, but if they do it's still for the better for your store.

[Petrah]

Originally Posted by Bruners This is not saying you should have two guards with a loaded gun pointed at the customer and only one at a time in the store.

That's sounds perfectly acceptable to me.

[us2006027321]

Originally Posted by Bruners Using security software is the same as stores having guards/tags to spot/get possible thieves, you want to let everyone into your store but some of them might not be there to help you in any way. Even if you really monitored all your visitors to the store and only let in those who you really trusted, there would still be a slight chance they could steal something. This is not saying you should have two guards with a loaded gun pointed at the customer and only one at a time in the store. The same guards doesn't always pick up all the thieves, but if they do it's still for the better for your store.

You've actually made a really good point in your analogy. Unfortunately, I don't feel the need to treat my compy like it's a store. I don't let everyone and everything into my computer, because I don't need to. If I were a corporation of some kind with myriad employees and customers accessing my databases on a consistent basis, I'd be all for watchdog software. Unfortunately, I'm not, I don't have the need to allow everything in, and I don't.

When I'm the only person using my computer, and I'm exercising intelligent usage habits, my need for that sort of thing is exponentially reduced.

[us2006027321]

Originally Posted by Sepioth CAN I HAVE YOUR BABIES

You may not. You are not a suitable genetic candidate since you insulted my ego. /pout

I'm kidding.

...about the pouting thing and the hurt ego bit... You still can't have my babies. You were spot on about the fact that you're a guy... Last I heard, two guys having a baby together wasn't reproductively sound...

[Seer]

Here's a nice link, tho a bit technical, outlining why Mac users may need to get a bit more "worried" about the future;

Dino-Dai-Zovi-Mac-OS-Xploitation

This same guy will give a presentation for a rootkit for OSX

Just a small heads up.


Anyway, not running a AV sounds to risky to me, you don't get malware (I use malware in this case to refer to virusses, adware, trojans, rootkits) from only visiting naughty websites or unknown mail senders..

Perfectly legit websites can be hacked and host a virus, or legit sites can link to a site (adverts for instance) that contain malware. It happens, not often but it does happen.*

You can get an IM message that can contain malware. Your best friend that sends you a mail may have an infected PC.. Or someone who has your best friends email address might be infected and send out mails in his name unknowingly.

You can download "free to play" games that may have malware (Not meaning pirated games here). Hell, you can buy a Music CD from Sony and have that install a nice rootkit.. (Anyone remember that ?)


The biggest reason why WinXP is so vulnerable is because most end users run as administrators as that's is how MS let them set it up, therefore programs, like IE, run with full admin rights and because of it's design has full access to the system (great idea on paper in days long gone, less in the modern age). Linux and similar OSes usually don't and are therefore still less end user friendly (I'm talking about Joe Average) but far more secure.

If you set up XP with a Admin account and a normal user account, configure the router correctly (not opening every port there is for instance) and use the PC with the normal user account and use the admin account to install software you're much safer. Offcourse you still have those that don't read when Windows pops up (usually confusing) message boxes requiring user action but at least know you know that something is trying to do something you don't want.

*maybe it happens more often tho, esp if people are using an OS with an admin account and/or an not up-to-date OS (that goes for XP, Linux, OSX, any other OS out there). If you don't have a AV or firewall you don't get a warning off course so you don't know if you're infected or not, most malware doesn't advertise itselves as they install or run and/or hook up to legit processes/programs so you don't notice them. And not every "free online" scan is able to detect as many mallware as paid installed version (granted the paid AV programs won't be able to detect every threat out there as well but they usually get updated more)


My personal opinion is: better save then sorry. Having an AV hardly impacts any modern PC (I use NOD32 and never notice it's presence), the paid AV's aren't that expensive either and the firewall in the router is good as well. And as said, never run as admin on any OS that lacks all updates and have all ports open in the firewall.

[Bluspacecow]

Originally Posted by Seer Here's a nice link, tho a bit technical, outlining why Mac users may need to get a bit more "worried" about the future;

Very interesting and enlightening link there my friend.

I'm afraid my point still stands.

I know the Mac OS X is not the high paradigm of security that many Mac heads like to spout off like monkeys on crack. This is coming from a Mac head btw.

There have been a few very well documented theories of ways of exploiting the Mac OS X over the years. From the code for a Mac OS X virus to a hacking competition where Safari was comprised there has been stirrings coming of a major OS X hack incident for years.

Thing is there's been very very little interest in implementing anything major in the wider wilds of the internet and the computing public."Theoretical" is all it's been so far there's been no interest in doing it for real and I haven't seen any documented cases of that happening (other then the Quicktime Codec exploit outlined above).

My other point is - the greatest defense against any malware / hacks or exploits of any kind is the informed user!. That Quicktime Codec exploit fizzled when exposed to the Mac Community not because it wasn't a convincing trojan horse or anything. It fizzled because the average Mac OS X user took one look at it , turned around to their mailing list buddies and asked around then ignored it. (*)

And as said, never run as admin on any OS that lacks all updates and have all ports open in the firewall.

Very good advice on the admin thing. Even Mac OS X users should be doing this - don't make your main user an admin user ! If the hacker gets access to your computer without an admin user he can't do any lasting damage.

PS That presentation does say that Snow Leopard could be more secure , plugging many of the holes outlined in that document , possibly more. That's out in September

(*) = Note here that I'm not saying Mac users are more technically knowledgeable or more skillful. I said the above based on observations of what actually happened in the Mac Community following the release of that trojan I talk of above. It can apply equally to any computing community - a well informed user is one of the best defenses !

[Seer]

Originally Posted by Bluspacecow My other point is - the greatest defense against any malware / hacks or exploits of any kind is the informed user!. That Quicktime Codec exploit fizzled when exposed to the Mac Community not because it wasn't a convincing trojan horse or anything. It fizzled because the average Mac OS X user took one look at it , turned around to their mailing list buddies and asked around then ignored it. (*)

I won't deny informed people are most likely the best defence, however it doesn't work. Most users don't want to be bothered by it, don't care about it. That will become more of a problem when there are more users, the average OSX user of today is, IMHO, more technical then the average Windows user.

For my work, I deal with "end users" daily, some of these have worked with the company for years, we've been using the same software for years and still these same people still don't seem to get how to handle our software (no it's not complex), they still "forget" how to correctly close our programs, they still don't know the log in for the system they have to log on to (it hasn't changed in 12 years, they still "forget"). They don't read what is on the screen, if they report a problem its "X doesn't work" (not explaining what doesn't work), or "I get an error" (off course not saying what the error is). They don't understand the reason why error messages are given or how those make my job easier (help resolve the problem)

They don't understand that streaming impacts the network (as off course no one else does stream right..). I'm talking about a workforce of about 1000 people. When we use our intranet to inform them all goes well for week or 2, after that it goes back as if they were never told about it.

They just don't care. Hell, they want us to remove the passwords because they think it doesn't have a use and is annoying. They also want admin rights so they can install stuff, not understanding the risks.

In short, Joe Average has no interest in computers like most people don't care about cars as long as the car takes them from A to B. Only a select few are interested in the more technical and backgrounds of computers or cars.

It's like Pacifism, great in theory but as long as there's are people that use violence it won't work.

[havoxx]

Heh, just becuase someone uses a PC doesn't mean they aren't technically savvy, as far as I'm concerned, the only thing a MAC is as of today is an expensive over-glorified unix-based OS.

I've dealt with people you are talking about, and I will agree most end users are dumb as a post when it comes to PC's. That's not to say people with a mac know more.

Anyway, as it stands to the OP, that is a pretty good addon, and it's a nice helper one to boot.

Let's face facts here, there is no anti-virus, no malware/spyware scanner that will save your PC if you yourself are stupid about your browsing habits. Ad's are the biggest issue today, with so many of them being everywhere people can't refuse to click them.

[Seer]

Originally Posted by havoxx Heh, just becuase someone uses a PC doesn't mean they aren't technically savvy, as far as I'm concerned, the only thing a MAC is as of today is an expensive over-glorified unix-based OS. I've dealt with people you are talking about, and I will agree most end users are dumb as a post when it comes to PC's. That's not to say people with a mac know more.

That's not what I meant. I mean that people who buy a mac at the moment are more technically minded then Joe Average who goes shopping for a PC. People who buy a Mac are either already Mac users (or say old Amiga/Atari/etc users who despise(d) anything Wintel) and/or have had enough of Windows for whatever reason.

Joe Average who goes shopping is most likely going to buy a PC because that's what is still sold the most, he's not looking for something else, he just want a PC and be done with it, doesn't care about what OS it runs as long as he can play his fave game and use his apps, and that is most likely still a Windows Machine in his case. Joe Average doesn't know about Apple, doesn't care about Microsoft.

But, the more people use OSX the more Joe Average will get in contact with it and the higher the chance he may opt to buy a Mac. People buy what they know, or things friends have.

And I don't think many Mac lovers will agree with saying it's a Unix based OS, AFAIK, Unix is a Macro Kernel, OSX is based on the Mach Kernel and that is a Micro kernel .

[Petrah]

Originally Posted by havoxx Ad's are the biggest issue today, with so many of them being everywhere people can't refuse to click them.

One of the best forms of defense against them, along with a secondary or third form of defense, is a good host file. Preventing ad's from from being viewed in the first place is half the battle. I've found that using a host file is 10 times better than a browser addon.

Blocking Unwanted Parasites With A Host File. If you want more control over your host file, then you can use Hostman.

[Marthisdil]

Originally Posted by Bluspacecow If the hacker gets access to your computer without an admin user he can't do any lasting damage.

You sir, would be incorrect. A hacker/exploiter doesn't necessarily need admin access to do damage to your computer (or steal data, or even get in as an admin).

You seem to have a clue about things - please don't spread incorrect statements like this.

[Marthisdil]

Originally Posted by Seer That's not what I meant. I mean that people who buy a mac at the moment are more technically minded then Joe Average who goes shopping for a PC. People who buy a Mac are either already Mac users (or say old Amiga/Atari/etc users who despise(d) anything Wintel) and/or have had enough of Windows for whatever reason.

This isn't necessarily true either. They may buy an Apple because they have an iPod and like the quality and don't mind paying more. or they may buy an Apple because they have money to waste. or the like the white case.

Sure, some geeks buy Apples. here at my work, I'll be getting a 17" Macbook pro at some point and installing Windows 7 on it just to piss off the Apple fanbois.

But also, a lot of people who buy Apple computers also aren't aware of the additional costs involved. Apple/Best Buy/whomever will GLADLY sell you overpriced memory to upgrade your system. Or overpriced peripherals that have the little apple logo on them, etc. Or how about the price differences for software...

In the end, people get what they get, and computers do whatever they need as they see fit. Computers are only as secure as their users, and that's about the extent of it.

[Seerah]

When I was doing my student teaching (almost 6 years ago), the teacher I was placed with had a MacBook. The school district gave one to all of the teachers.

My mom recently went back to finish school and get her college degree. The VA gave her a MacBook as part of their benefits for schooling. She is by no means computer savvy.

[Bluspacecow]

Originally Posted by Marthisdil You sir, would be incorrect. A hacker/exploiter doesn't necessarily need admin access to do damage to your computer (or steal data, or even get in as an admin). You seem to have a clue about things - please don't spread incorrect statements like this.

I think either I didn't put enough context or you might of taken it out of context.

On OS X the only know exploit in the wild requires admin access.

So I wasn't saying not having your main user an admin user would head off all known exploits. Just that it stops the exploits that depend on having admin access to do anything that has lasting damage (installing a keylogger at the hardwear / kernel / hardware abstraction layer level *)

* = not sure what they call it on the windows side. its the level that translates your keyboard commands into the computer at the Physical layer

<-------- I needs it !