Les <hlhowell@xxxxxxxxxxx> wrote: wrote:
But I want to use the darn thing, not babysit it. That is why I left
Windows. ...
The only way anyone can safely ignore a computer attached to the
internet is to boot it from a live CD, only use the hard drive as swap
and shut it down when you're done. Any system left on and connected is
a potential target. Some are easier to hack than others but all are
potentially vulnerable. On the other hand, I run a Linux box that's
connected to the internet and running 24 hours a day that acts as my
mail server, web server for my really lame web site, firewall for the
rest of my home network and provides file and print services. To the
best of my knowledge, I've never been hacked but I still spend a minute
or two every day looking at logwatch and the output from chkrootkit. We
use our computers to manage a lot of our finances so we have a lot to
lose if we were to get hacked. I don't consider a couple of minutes a
day to be too much of a burden if I want to be (relatively) safe.
As to the car analogy, do you NEVER speed, never tailgate, always
signal lane changes or turns?....
Always? No. Often enough to stay out of trouble? Apparently. I mainly
worry about the idiots yakking away on cell phones and not paying enough
attention to their driving. I've almost gotten creamed a couple of
times and probably would have if I hadn't been watching out. One item
you left out of your list of question is I try to remember to check both
ways before entering an intersection after the traffic light changes in
my favor. The right of way isn't a right that's worth dying for.
So, I'd say the car analogy really fits computers. Like with cars, you
don't have to do everything perfectly all the time but any lapse is
*potentially* an accident waiting to happen. Do it often enough and
eventually the accident will happen. Like with safe driving, the idea
is to develop a bunch of safe computing habits like checking what
logwatch reports, running chkrootkit from cron, if you can, port scan
your network from outside (e.g., visit the local library with a laptop)
from time to time, etc.
Finally, like with cars, if all you want to do is the computing
equivalent of hop in, turn the key and make a run to the grocery store,
about all you need to do is scan the gages and idiot lights and do the
scheduled maintenance. On the other hand, if you want to drive like
you're James Bond escaping from Specter, you'd better do a little bit
more. All I'd like to see normal users do is the equivalent of scan the
idiot lights and do the scheduled maintenance. That's all. Conversely,
if you want to go beyond just checking e-mail and surfing the 'net, it
is your responsibility to make sure that whatever services you open up
don't become an invitation to hackers. It's in your best interest as
well as helping others not have to deal with your security lapses.
Cheers,
Dave
--
Politics, n. Strife of interests masquerading as a contest of principles.
-- Ambrose Bierce
