Need Recommendation

[edgewalker]

Who is "they"? My favorite OS is the Win ME on my wife's old Hp
Pavilion. It hasn't missed a beat in years. Instead of any realtime
"protection" underfoot, I gave her some safe hex training and she
has had no malware problems in spite of her intensive use of the web
and email (using wideband service) for her genealogy research. It can
be done!

I was aware of your being an exception. Duane, David, and others have
stated both the fact that they are not NT based Windows and the near
eol for support being reason enough to stop using them. I agree NT is a
better base, but if you know what you're doing Win9x is just fine to use
today.

 

[Ed]

The reason viral malware writers aim for that window is because your
200 users (and yourself - and to be honest millions of others) are leaving
it wide open.

I'll also issue them with foil hats to protect them from alien rays,
you never know when we might be invaded. I mean, just because it
hasn't happened, doesn't mean it will not.

Paranoia level reaching critical.

 

[James Egan]

The idea is to prevent malware from running on the system, not to just
prevent 'some' malware from running on the system. Let others be the
early warning system (miners canary).

I don't agree. I know that *nothing* can prevent *all* malware from
running on my machines. *Some* is as good as it gets and it's a
cocktail of measures which are required to keep the risk down. The
question is, where do you draw the line between minimising the risk
and also minimising the adverse effect this has on the rest of your
computer related activities? Or, if you prefer, what's paranoid and
what isn't?

For me, quarantining attachments until av definitions catch up is
serious overkill and out of the question. Hopefully my av will catch
most malware but I can never rely on it to catch new stuff so that's
why it's important to back up etc.

So should I do a second backup in case the first one goes pear shaped?
Possibly a good move. What about a third in case both the first two
somehow got corrupted? Maybe, but it's starting to seem a bit like
overkill. That decision will depend on the value assigned to the data
and the probability of losing it set against the time and effort taken
to make the extra backup. If it's just a matter of pressing a button
and waiting a few seconds then why not?

Apply the same reasoning to the quarantining of all attachments. The
seriously impaired user function in complying with such a requirement
far outweighs the miniscule added benefit it gives. Another case of
the tail wagging the dog.


Jim.

 

[David W. Hodgins]

For me, quarantining attachments until av definitions catch up is
serious overkill and out of the question. Hopefully my av will catch

Depends on what the computer is being used for. On a production server,
no software should be executed, without thorough testing on a development
system, where possible malware can do no harm to the production system.

On a home computer, it depends on whether or not you have financial
info, such as online banking in use. If you do, then it's worth your
while to ensure you don't execute any new software that hasn't been
thouroughly scanned, several days after release.

If all you're using the computer for is email/web access/media center,
then all you have to worry about is your reputation with those in
your address book.

As with most anything to do with computers, the real answer is "it depends".

Regards, Dave Hodgins

 

[James Egan]

On a home computer, it depends on whether or not you have financial
info, such as online banking in use. If you do, then it's worth your
while to ensure you don't execute any new software that hasn't been
thouroughly scanned, several days after release.

I'll bet you use online banking but don't wait two days to open your
(what you consider to be safe) attachments, David. Just a guess.


Jim.

 

[Duane Arnold]

Well having done it, yes. It runs perfectly fine on 64meg for email
and browsing and it's odd why you find this so unbelivable. But then
these days people don't believe that you can run a fully functional O/S
and word processor in a few hundred k.




You appear to care enough to keep going on about it.

WTF, are posting just to be posting now?

LOL

Duane

 

[David W. Hodgins]

I'll bet you use online banking but don't wait two days to open your
(what you consider to be safe) attachments, David. Just a guess.

I primarily use linux. The only software I install, has been digitally
signed by the developers (distribution released updates). Viruses and
trojans targeting linux are few and far between, and pretty much require
the user to provide the superuser (root) password, in order to install.

In some cases, I have installed software from companies other then
the distributor (i.e. Mandriva), but in those cases, I'm compiling
the programs myself, and at least skim through the source code, as
well as only run those programs while my online banking filsystem,
is not accessible. Those programs have always been around for a while,
before I get around to compiling and installing them, and being open
source, have had peer review.

I use a separate userid for my online banking, and keep all files for
that id in an encrypted filesystem, which is only accessible while I'm
logged on to that id. My regular home directory is also on an encrypted
file system (AES2048), with a passphrase that wouldn't be susceptible
to a standard dictionary attack.

I use this level of encryption, not because I'm worried about a hacker
getting access to my system, but primarily in case of theft of the
computer itself.

I also pay close attention to what processes are running, and regularly
boot from a livecd, to run root key detectors, just to be on the
safe side.

When I do boot into windows, usually to examine malware, I physically
disconnect the hd with my linux system on it. I'm not aware of any
windows software that will read, let alone write reiserfs file system
(never mind the encyrption), but don't want to risk having M$ itself,
mess with my mbr, or otherwise damage the partitions I use for linux.

The only time I'm likely to be at risk of a zeroday malware attack,
would be when I'm running a beta version of a new release. Again,
that is only done when the sensitive data is inaccessible.

As with any security implementation, the above doesn't guarantee
safety, but I've done what I consider to be prudent, given the likely
risks.

When I was running windows, I often disassembled attachements, and
examined the results. Usually this was being done to figure out
what known malware was doing, so I could help other people clean
their systems.

Although I haven't been very active in the virus newsgroups for a
while, I've been involved in analysing viruses and trojans, since
the days of fido, relaynet, nanet, etc.

The only time one of my systems became infected, was when I didn't
think to scan a brand new hard drive, before making it master.
Turned out it came with the ripper stealth boot sector virus
preinstalled. I found it after a program I'd written, failed it's
own crc32 selfcheck.

Regards, Dave Hodgins

 

[James Egan]

I use a separate userid for my online banking, and keep all files for
that id in an encrypted filesystem, which is only accessible while I'm
logged on to that id. My regular home directory is also on an encrypted
file system (AES2048), with a passphrase that wouldn't be susceptible
to a standard dictionary attack.

I was right then

 

[Ed]

WTF, are posting just to be posting now?

LOL

Duane

What like this?

Ed.