July 27, 2010 at 5:58 pm
My takeaway here is that there are ways around any security you think of. If you expect admins to use low-privileged accounts most of the time, but use high privileged ones sometimes, you have "some time" when you are vulnerable. However firewalls, and anti-virus utilities provide some level of defense. Not for everything, but they are updated by vendors, and do stop scams as they are identified.
Scams are getting better, and the more we use things online, the more likely we are to get caught by something really slick.
July 28, 2010 at 1:05 am
"Whoah! Where did you get the notion that NTFS protects you from the trojan in that nice-looking free tinker-tool from some obscure Russian website (just because your friends told you it is REALLY COOL!)? "
ONLY windows update can update system files in vista, even if you run as an administrator you can't change the security settings of program files and windows directories which ONLY windows can change.
"If you willingly execute a file you just downloaded not a single NTFS setting will prevent the trojan inside to do its job. Only a good and up-to-date antivirus will scan said file and tell you it contains the trojan."
Windows has gone from protecting the computer from outside to protecting the computer even from the owner. Though it can't prevent your son from installing trojans it will prevent the trojan from damaging the OS.
"Your advise will only hold in situations where the user is NEVER connected to the internet and NEVER plugs in a removable media from a "less reputable" source. I tell you, my 18yo is a far cry from such a user."
I have been connected to the internet for the past 15 years and ever since windows 2000 with NTFS came out I have not used a single antivirus and even though I have sometimes executed trojans auto sent by viruses from friend's emails they have failed to infect my systems. Though I rarely run my system as an administrator. Your son should be safe if he learns to rarely run as an administrator. Antivirus Scareware is a big industry that is not going to go away anytime soon, just because I have stopped using anti-virus software 10 years ago.
"Anyway, this is going off-topic. I was ranting about attitudes of non system administrators, who often think "it won't happen to me because I don't do dangerous things.". But sadly when you're dealing with real users, you DO need to put every security-measure in place that is possible. Which means (getting back on-topic) that software that cannot be configured to use minimum-required-permissions is a huge risk in any connected real business environment. Just plain refuse the use (and pay!) a vendor that does not have a secure attitude."
I agree.
July 28, 2010 at 1:23 am
"Only a good and up-to-date antivirus will scan said file and tell you it contains the trojan."
Another thought - Windows defender does this job. Windows defender and Windows firewall is all I need.
July 28, 2010 at 2:25 am
umailedit (7/28/2010)
"Windows has gone from protecting the computer from outside to protecting the computer even from the owner. Though it can't prevent your son from installing trojans it will prevent the trojan from damaging the OS."
Agree, but I'm not afraid of viruses damaging the OS, far more viruses nowadays are after your cpu- and bandwidth-resources to circulate spam, organise coordinated dos-attacks or try to steal any commercially interesting data.
The only effects the user may or may not notice is a slightly slower performance and higher internet-usage than before.
umailedit (7/28/2010)
"Another thought - Windows defender does this job. Windows defender and Windows firewall is all I need."
Defender does a very rudimentary job, but Microsoft also suggest strongly (in Windows 7 even with notification messages in the system-tray of the taskbar) to replace it with a mature anti-virus software. Windows firewall is indeed good enough for workstations (but certainly not for corporate networks). Microsoft is just not in the business of identifying new threats as soon as they are detected.
BTW: in my 25 years of computer use I cannot remember ever having an active virus detected on my account, so yes, like you I am aware which software to trust or not to trust. But I still feel a lot safer with as variety of security-measures monitoring my actions to trap that one occasion where I might slip. But you and I are apparently knowledgeable enough to avoid a successful attack, we should not rely on all users in our environments (home and business) to have the same attitudes (or knowledge/experience to successfully implement the attitude). I have seen countless examples of gullible users where the security measures in place (the combination of firewalls, account-security, anti-virus, anti-spam, etc) have actively prevented running malicious software their actions would otherwise have caused to run.
July 28, 2010 at 8:54 am
I've been hit twice over the years. Once about a decade ago with something that one of my kids clicked on and get my desktop infected.
Recently I was running for a couple months on Win 7, a new install, putting off the AV purchase. I got hit by the Internet Security 2010 virus, and I actually thought that I had installed an AV program and forgotten.
I actually "renewed" my subscription and about 5 minutes later something looked funny, so I canceled my CC and went and bought a real program from Amazon.
July 29, 2010 at 12:06 am
"far more viruses nowadays are after your cpu- and bandwidth-resources to circulate spam, organise coordinated dos-attacks or try to steal any commercially interesting data."
I am very sensitive to bandwidth usage as I have a 3GB limit per month so I keep a close eye on it.
"(in Windows 7 even with notification messages in the system-tray of the taskbar) to replace it with a mature anti-virus software."
It occurs even with vista, it keeps constantly reminding me even though I have told it not to. Its one of my irritations with vista.
"we should not rely on all users in our environments (home and business) to have the same attitudes"
I agree. There is no limit to the stupid things that users will do.
"I have seen countless examples of gullible users where the security measures in place (the combination of firewalls, account-security, anti-virus, anti-spam, etc) have actively prevented running malicious software their actions would otherwise have caused to run."
I have seen users infect their computers despite having all sorts of anti-virus software etc. Its amazing how they manage to do it. They will blindly click away any warning dialogs of the firewall or anti-virus software.
"Recently I was running for a couple months on Win 7, a new install, putting off the AV purchase. I got hit by the Internet Security 2010 virus, and I actually thought that I had installed an AV program and forgotten."
Actually I run regedt32 and protect my registry too and turn on additional security settings for all other drives like d: e: etc. Registry and other drives are still not as protected as other areas of the system. So maybe its good for users to have anti-virus software but I dont seem to need it. Besides I have removed infections on my friends computers using taskmgr and other utilities, that is where the OS remaining intact comes in handy. If the OS becomes bad you cant do much except reformat and reinstall.
Viewing 6 posts - 16 through 20 (of 20 total)
You must be logged in to reply to this topic. Login to reply