On Thursday 19 April 2007, Les Mikesell wrote: > Claude Jones wrote: > > You speak of "limited experience" - I deal with many Windows machines, > > all day long, day in and day out, in a business environment. Maybe that's > > the difference. We have an enterprise grade firewall behind the router. > > Each Windows box runs its own personal firewall. Each machine also runs > > anti-virus and anti-spyware. That's the price you have to pay - it costs > > money, and it takes time - it stinks. > > And it doesn't help if you get the virus before your anti-virus vendor > has the cure. > In that case you very likely have the wrong vendor. Any respectable AV vendor will have a sample the moment anyone reports it. You could be the unlucky first victim, but the odds are slight, to say the least. > > I prefer Linux but you can't tell me that Windows can't be run reliably - > > it's just not my experience over many, many years. I don't think it has > > anything to do with luck. > > You can say that because you've been lucky. We had 2 rounds of 0-day > exploits. One took 3 days for the anti-virus vendors to come up with a > cure. > "I've often noticed that the harder I work, the luckier I get". I can't remember who said it, but.... > > The main problems I encounter again and again are with > > clueless operators who've ignored repeated instructions about dangerous > > surfing practices and clicking on attachments - those are the two most > > common causes of problems - are they caused by the operating system? - > > one can argue that it's the defective design of the system that allows > > clueless operators to damage their system and I will agree. There are > > many things that can be done cluelessly in life and will result in mayhem > > - > > Clueless like these guys? > http://news.yahoo.com/s/ap/20070419/ap_on_hi_te/hackers_state_department > Yup. "after a department employee in Asia opened a mysterious e-mail that quietly allowed hackers inside the U.S. government's network". One of the few rules necessary to stay safe, is "never open a suspicious email". > The problem is that so much of the system is opaque with undocumented > 'features' that are just waiting to be exploited. It's not that the > users are clueless, it is that there is no way for them to have a clue. > How many people know the minimal set of ports needed to be open for > Active Directory and Exchange server to work and what is supposed to > happen on each, for example? > How many people need to? If they need those services their sysadmin or vendor will have set it up for them. Ordinary users never need to know this. My elder daughter is indeed clueless. She wants a tool to do the job. She has been using a computer attached to the Internet for around 10 years, under Win98 until last year, and now under XP. She has used Netscape/Mozilla for browsing and mail all that time. She knows about dubious emails. She doesn't visit dodgy sites. She has up to date AV and a firewall. She rings me if there's something unusual and worrying. She has had neither virus nor trojan in all that time. The only installs have been done when I have changed her hardware. Anne