Re: How to prevent malware from running on your PC
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: How to prevent malware from running on your PC

From: Art <null@zilch.com>
Date: Thu Sep 22 2005 - 20:48:08 CEST



On Thu, 22 Sep 2005 18:33:49 +0100, "Jason Edwards"


<none1@invalid.invalid> wrote:



>"Art" <null@zilch.com> wrote in message


>news:3585j1d0566qa57sq8oms1fg4fklq83j2h@4ax.com...


>> On Thu, 22 Sep 2005 10:01:24 +0100, "Jason Edwards"


>> <none1@invalid.invalid> wrote:


>>


>> >So as I said previously we're stuck with the present situation.


>> >I don't have any simple answer to it.


>>


>> I've long wondered why the Dells and the Gateways, etc., haven't


>> designed and released high security desktops.


>


>I'm not sure exactly what you mean by high security desktops.



I meant to give an example by the things I mentioned. I didn't


mention patching the OS though. That's important too, of course.


Basically it just means shipping the machine with a OS and internet


apps safe to go online with. That's all. 



"High security" is admittedly a poor choice of term. "Improved


security out of the box" is actually what I have in mind.   



> I dunno what their


>> contracts with MS block them from doing.


>>


>> Back in 1999 when I first started using using Win 98 and became


>> interested in security isues. I soon made up my mind to try a long


>> term experiment. I was used to using Free Agent and Netscape


>> so I lucked out and never used OE or IE. I disabled services and


>> made sure only TCP/IP was bound to my adapter(s). I never used


>> a firewall or realtime antivirus. After awhile I got DSL service and


>> continued on the same way for years ... taking the same approach


>> with Win ME and then Win 2K Pro. I dropped Netscape in favor


>> of Mozilla, Firefox and Opera. Later on , I started using IE very


>> sparingly only for trusted sites that didn't render well otherwise.


>> I've never experienced any problems at all with spyware or malicious


>> code of any kind.


>>


>> So I wonder what stops PC vendors from offering a safe and


>> sane PC for home users who just want to get work done, d/l


>> POP3 email, and do research on the web.


>


>They already offer it. Provided the user, like yourself, has a clue.



I'm not a typical user. I'm a retired electronic engineer who


has worked for computer oriented companies since 1959. Even at


that, I had a steep learing curve since I had no networking or


Windows programming experience. Still don't.



>> As long as users


>> "keep their noses clean" and avoid the crap high risk users


>> get involved with like P2P and porn ... they should have no


>> problems.


>


>Most users are not like this. They bought the PC to grab what they can from


>P2P while P2P still exists. Security is not even something they will


>associate with a home computer.



Do you have good studies to support your claim? I really have no idea


what "most" users are interested in or what they do online. All users


I know personally just use PCs for legit purposes. They have no clue


whatsoever about how to harden their PCs. They view their PCs as a


appliance that should just work safely without any bother. I'm saying


that a machine can easily be produced for such people ... and such a


machine is unfortunatley unavailable for the mass home market.



>> What I'd like to see is a machine that's safe to put on the


>> internet in its default condition, equiped with alternate


>> internet apps, and a spare drive for use as a cloned backup.


>


>This PC would be fine for you, me and the other 50 people who read this


>group.


>No vendor will target a PC at only 52 people for economic reasons :)



I believe your estimate of the market potential is _way_ off. However,


since MS has sold the public on LANs and file/printer sharing, there


would have to be a LAN version with a firewall to suit this MS created


market. No big deal. It just means that the LAN version would be


shipped with NETBIOS activated (but no other unnecessary services).



>>It should also have the backup/restore sw (I always


>> used XXCOPY with Win 9X/ME).  And a nice convenient


>> registry backup/restore such as ERUNT that I use with


>> Win 2K. It should _not_ have any System Restore doing


>> any kind of automatic backups. That sucks :) Users must


>> take at least take complete control and responsibility


>> for backing up.


>


>Backup?? This word is not even listed in the average home user's vocabulary.



True. There should be instructions on Page 1 of the user manual, and


on the screen during a install.



Art


 


http://home.epix.net/~artnpeg


Received on Thu Sep 29 20:10:12 2005