On Wed, 07 Feb 2007 05:35:09 +0000, B.Nice wrote:

> On Tue, 06 Feb 2007 14:46:01 -0600, arachnid <none@goawayspammers.com>
> wrote:
>
>>The proof that it makes sense is that it works.
>
> Do you have any proof of that apart from peoples own experiences?

Are you denying that personal (Windows) firewalls block unauthorized
communications?

>>Just look at the firewall logs on the typical home system and you're
>>likely to see a lot of blocked malware traffic.
>
> In such a case the user of such a system is acting so irresponsible that
> no security software will make much difference anyway.

The skill it takes to properly secure a system is over the heads of most
consumers. No matter how much you lecture them, they can't *help* acting
in a manner that would be irresponsible of more-skilled users. The
solution isn't to tell them to get computer science degrees, but to build
technology around their actual skill level and the way they *want* to use
their computers. For an excellent example of how this can be done, see the
security system implemented by the OLPC project:

http://www.wired.com/news/technology...?tw=wn_index_9

>>Just because some malware
>>can get around a personal firewall is no reason to let the rest through.
>
> There is no reason to let anything through.

If you don't have a firewall that blocks unauthorized outgoing traffic,
then *everything* outgoing gets through.

>>> You still avoid explaining what is so brilliant about allowing malware
>>> to run and believing in being able to control it.

Are you so absolutely sure of never installing anything bad, that you run
Windows without any A/V program, intrusion detector, spyware scanner - or
firewall?

>>Windows malware (or what users might consider malware) often rides in on
>>the driver CD's that accompany hardware or is quietly installed along
>>with commercial programs.
>
> I think you'll have to back up that claim somehow.

If you are truly that uninformed then you shouldn't be dispensing security
advice to home users.

>A Sony rootkit does not justify the use of "often".

I wasn't even thinking of Sony, but that's a good example of how a careful
user can still get infected by a formerly trustworthy vendor. Another
one from the news yesterday is the discovery that Skype is covertly
scanning the entire BIOS and going well out of their way to hide that
activity (sounds like an attempt to secretly establish a hardware-based
unique ID or possibly obtain the motherboard serial that is often in the
BIOS now). ISP connection kits are known for quietly including a back door
ostensibly to allow tech support to fix networking problems - though how
they can network in through a broken network to fix it is beyond me...

Even Microsoft isn't innocent - remember WMP getting caught quietly
shipping off users' listening habits? How do you feel about all those
software vendors having the ability, via their automatic updaters, to
install arbitrary code on your system? Are you positive that all those
registration verifiers aren't also doing a little extra communicating on
the side?

Surely software from the store can be trusted? Well... go buy yourself
some of those $9.99 CD's off the bargain rack and see how many little
"extras" they give you. Discount games are another good source of
commercially-installed malware (no, it's not illegal - read the fine
print in the EULA you agreed to). And if you buy an expensive
new name-brand PC, I do hope the first thing you do is to wipe the
HD and reinstall Windows yourself.

By the way, Sony isn't the only media company ever to infect a computer
from an audio CD, they're only the first to use a rootkit to protect
and hide their software. There were earlier cases in Europe, of commercial
media discs infecting systems with software that monitored peoples'
listening or download habits, interfered with media viewers, disabled p2p
software, or prevented *any* media - with or without DRM - being burned to
optical discs. These were mostly small trials of various concepts. It
appears the plan was to experiment in Europe and then put the winning
concept to use in the US. The backlash against Sony may have put an end to
that... but we don't know for sure.

>>> And another question: What exactly has made outbound connection
>>> something very special compared to all the other stuff that malware
>>> could fool around with and completely mess up? How come you will allow
>>> all that to happen without what you call your "permission"?
>>
>>Other stuff can be restored from backup. Deleting the Russian Mafia's
>>stolen copy of your bank records isn't so easy.
>
> No sane person would store such sensitive data unscrambled.

I'd think an "expert" such as yourself would be aware that the same
malware that captures personal data typically includes keyloggers for
capturing passwords. I'd also expect you to know that home users
are notorious for weak passwords that can be cracked in under an hour on
the average PC.