Anne Wilson wrote:
You speak of "limited experience" - I deal with many Windows machines,
all day long, day in and day out, in a business environment. Maybe that's
the difference. We have an enterprise grade firewall behind the router.
Each Windows box runs its own personal firewall. Each machine also runs
anti-virus and anti-spyware. That's the price you have to pay - it costs
money, and it takes time - it stinks.
And it doesn't help if you get the virus before your anti-virus vendor
has the cure.
In that case you very likely have the wrong vendor. Any respectable AV vendor
will have a sample the moment anyone reports it. You could be the unlucky
first victim, but the odds are slight, to say the least.
We used the 2 biggest vendors. And clam.
I prefer Linux but you can't tell me that Windows can't be run reliably -
it's just not my experience over many, many years. I don't think it has
anything to do with luck.
You can say that because you've been lucky. We had 2 rounds of 0-day
exploits. One took 3 days for the anti-virus vendors to come up with a
cure.
"I've often noticed that the harder I work, the luckier I get". I can't
remember who said it, but....
We diagnosed the problem ourselves, sent the samples, both vendors took
3 days to respond. It was about a week before it was included in a clam
update.
The problem is that so much of the system is opaque with undocumented
'features' that are just waiting to be exploited. It's not that the
users are clueless, it is that there is no way for them to have a clue.
How many people know the minimal set of ports needed to be open for
Active Directory and Exchange server to work and what is supposed to
happen on each, for example?
How many people need to? If they need those services their sysadmin or vendor
will have set it up for them. Ordinary users never need to know this.
Not even those people know. Who knew about the current DNS exploit?
My elder daughter is indeed clueless. She wants a tool to do the job. She
has been using a computer attached to the Internet for around 10 years, under
Win98 until last year, and now under XP. She has used Netscape/Mozilla for
browsing and mail all that time. She knows about dubious emails. She
doesn't visit dodgy sites. She has up to date AV and a firewall. She rings
me if there's something unusual and worrying. She has had neither virus nor
trojan in all that time. The only installs have been done when I have
changed her hardware.
How do you know the machine isn't compromised? The current crop of
viruses aren't obvious but let someone control it when they want. Vint
Cerf has estimated that 25% of all computers are - and I'd guess even
higher than that. Would you know if it was sending a few pieces of
spam email now and then - or making a few web site hits to run up
someone's ad counters?
--
Les Mikesell
lesmikesell@xxxxxxxxx
