Don't Just Plug Random Crap Into Your Computer

from the just-don't dept

There's been a lot of talk about how iPods and other portable devices pose a security risk to companies, as employees may store important company documents of them. Now there's fear that such devices could upload malware and infect corporate systems. A team of security specialists recently demonstrated exactly how such an attack might work. First they collected a bunch of cheap USB drives, the type a company might give out for free as a promotion. After loading malware onto them, they simply scattered a bunch of them around the parking lot of a bank at 6:00 AM, when nobody was watching. As the employees got to work, they found the drives just sitting there, and one by one plugged them into their computers as they day went on. What's funny is that the employees knew there was going to be a security test happening, and yet they still didn't find it suspicious that several USB drives just happened to be in the parking lot when they got to work. It's unfortunate, but it seems that the typical office employee just doesn't understand or care about security. Recall the studies suggesting how easy it is to get employees to give up their passwords in exchange for a cheap gift. While that lesson may seem obvious, just wait for the fearmongering about USB drives, totally missing the point.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Bob, 8 Jun 2006 @ 8:06pm

    If they would take an hours pay every time someone did something they shouldnt do at work people would be less likely to do things like this.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Jun 2006 @ 9:08pm

      Re:

      taking money will only make people mad. Give people bonuses for having a month or a quatrer without a security issue.

      reply to this | link to this | view in chronology ]

      • identicon
        Wizard Prang, 9 Jun 2006 @ 6:57am

        Externalities

        I disagree. Before our networks were locked down, some of my colleagues could not resist the temptation to install every cutesy thing that they saw... (Dolphins! Webshots! Free Spongebob Screensaver!) and could not understand why their machines were not working properly. The techs that repaired their machines told them again and again not to install that crap, but since they could not enforce the rules, the crap was soon back, often within a week. The Techs changed tactics and started imaging their machines... and then when the users broke them it was a simple matter to restore... and all their recent documents (which they were SUPPOSED to store on the network), were gone. There was much weeping and wailing and gnashing of teeth, but the crapware installations soon stopped. If they crap up their machines then they should have to bear part of the cost in some way. At one place I used to work, if you left your machine logged in someone would send a message to everyong in the office saying that you were buying the drinks on Friday at lunchtime. Everyone got caught... once. Then you learned to lock your screen Whether it is security of policy, people start caring about this sort of thing when it costs them.

        reply to this | link to this | view in chronology ]

      • identicon
        Wizard Prang, 9 Jun 2006 @ 6:59am

        Externalities (Reformatted)

        I disagree.

        Before our networks were locked down, some of my colleagues could not resist the temptation to install every cutesy thing that they saw... (Dolphins! Webshots! Free Spongebob Screensaver!) and could not understand why their machines were not working properly.

        The techs that repaired their machines told them again and again not to install that crap, but since they could not enforce the rules, the crap was soon back, often within a week.

        The Techs changed tactics and started imaging their machines... and then when the users broke them it was a simple matter to restore... and all their recent documents (which they were SUPPOSED to store on the network), were gone. There was much weeping and wailing and gnashing of teeth, but the crapware installations soon stopped.

        If they bugger up their machines then they should have to bear part of the cost in some way. At one place I used to work, if you left your machine logged in someone would send a message to everyong in the office saying that you were buying the drinks on Friday at lunchtime. Everyone got caught... once. Then you learned to lock your screen.

        Whether it is security or policy, people start caring about this sort of thing when it costs them.

        reply to this | link to this | view in chronology ]

  • identicon
    Eric, 8 Jun 2006 @ 8:06pm

    USB?

    Wow, First post! There will always be things to worry about in the computer world. End of story!

    reply to this | link to this | view in chronology ]

  • identicon
    Eric, 8 Jun 2006 @ 8:06pm

    Damn!

    BOB!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jun 2006 @ 8:25pm

    http://it.slashdot.org/article.pl?sid=06/06/08/2151222&from=rss
    Slashdot had the exact same story a lot earlier.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jun 2006 @ 8:25pm

    Slashdot article
    Slashdot had the exact same story a lot earlier.

    reply to this | link to this | view in chronology ]

  • identicon
    ForkInEyeBoy, 8 Jun 2006 @ 8:55pm

    also, don't just stick random things in your eye.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jun 2006 @ 9:01pm

    And watch for things that might kill you

    reply to this | link to this | view in chronology ]

  • identicon
    Christopher, 8 Jun 2006 @ 9:02pm

    Funny Videos Are A Much Greater Security Risk

    Have you noticed that it is the office workers who have the largest collections of 'funny videos'?

    Hopefully you also thought about the capacity for many video formats to contain executable code or link to certain webpages.
    Most videos are distributed as either MPEG variations (safe, I think) or Windows Media Video. Windows Media Video used to contain the capacity to run executable code (much like the Windows Metafile Exploit debacle recently) and still retain the capacity to link to pages, which most likely will open in internet explorer.

    Linking to about: pages with html tags will dynamically create a web page based on the tags you specify... and local pages are not filtered, and can easily access the hard disk through massive holes in the so called 'sandbox' which microsoft tacks on to most of its products once the hype has died down and the crashing/virus infections have begun.

    Therefore video distribution could pose a massive threat to computer networks. With video, a user wouldn't notice the extra MB or so containing a virus/trojan/codec exploit.

    Not a foolproof idea... just something to think about! ;-)

    reply to this | link to this | view in chronology ]

  • identicon
    valhella jones, 8 Jun 2006 @ 9:51pm

    there will always be security threats yes, but a breach of common sense will bring down a system faster than any virus. In fact thats the best way to plant one.........

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jun 2006 @ 9:55pm

    Thats why you always have to use protection. I wrap a condom around unknown usb devices.

    reply to this | link to this | view in chronology ]

  • identicon
    HardCoreRaw, 8 Jun 2006 @ 10:17pm

    Unsafe USB practices...

    Well considering most online users can't stand the feel of the Internet through a condom, I will stick with virus scanners and self administrated treatments... condom free :p

    reply to this | link to this | view in chronology ]

  • identicon
    FullOFMyself, 8 Jun 2006 @ 10:29pm

    Insertion

    Also, don't stick random things in your anus. Unless you really want to compromise the security of your rectum.

    reply to this | link to this | view in chronology ]

  • identicon
    FullOFMyself, 8 Jun 2006 @ 10:32pm

    Lifetime supply of windy farts

    And you think that your boyfriend would be turned on my an anus that resembles a gopher hole or cave or other hollow abyss that smells like poo.

    reply to this | link to this | view in chronology ]

  • identicon
    FullOFMyself, 8 Jun 2006 @ 10:32pm

    Lifetime supply of windy farts

    And you think that your boyfriend would be turned on my an anus that resembles a gopher hole or cave or other hollow abyss that smells like poo.

    reply to this | link to this | view in chronology ]

  • identicon
    Security Expert, 8 Jun 2006 @ 11:52pm

    Secure Hole

    Personally I'd much rather think about bangin some intern (with condom) than worry about security. Those numb nuts in IT are working hard to make sure you get a good laugh once in a while. Cheers! : P

    reply to this | link to this | view in chronology ]

  • identicon
    ElectricMayhem, 9 Jun 2006 @ 2:45am

    Security

    Reading this lot and then referring back to other threads on the same subject just demonstrates to me how little you guys out there think of your work etc. Who's to blame....probably the bosses who treat you all like animals, pay you badly and abuse you.....so they only have themselves to blame but will they turn the mirror on themselves....doubt it....they'll just blame you lot and bring in silly rules to try and bring you all to heel and in the process just piss you off even more......nice circle guys.....resign and work for yourself....I do and it's great.....!! anyhow....I'm off for a couple of hours to sit in the park and sunbathe whilst i dream up my next money making stratagy...it's a tough life but hey.....xxxx

    reply to this | link to this | view in chronology ]

  • identicon
    Muff, 9 Jun 2006 @ 5:27am

    No surprise here

    I'm never surprised at all the Idiots in this world...No-one seems to have a grasp on just how important Computer Securtiy really is... :-
    I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses....As I've said over and over...Alway, always, always...Scan EVERYTHING BEFORE installing it on your computer, or even opening up a file...

    reply to this | link to this | view in chronology ]

  • identicon
    Muff, 9 Jun 2006 @ 5:27am

    No surprise here

    I'm never surprised at all the Idiots in this world...No-one seems to have a grasp on just how important Computer Securtiy really is... :-
    I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses....As I've said over and over...Alway, always, always...Scan EVERYTHING BEFORE installing it on your computer, or even opening up a file...

    reply to this | link to this | view in chronology ]

    • identicon
      Chris G, 9 Jun 2006 @ 5:31am

      Re: No surprise here

      >>>>>I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses...

      You don't know what you're talking about. Simply connecting to the Internet will not infect you with "spyware and viruses".

      reply to this | link to this | view in chronology ]

      • identicon
        Ochito, 9 Jun 2006 @ 7:39am

        Re: Re: No surprise here

        No, YOU don't know what you're talking about. Stick a Windows machine, any pre XP SP2 flavor directly on the Internet (not behind a NAT router), with the OS freshly installed, and leave it for an hour or two, then come back and run your mouth off. If your computer is even able to do that, I mean.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 9 Jun 2006 @ 12:02pm

          Re: Re: Re: No surprise here

          Keep telling yourself that you can so easily be infected by installing an OS and plugging in a CAT5 cable. Let's see what type of job that gets you. You might make it in, but you won't be there long with that level of expertise.

          reply to this | link to this | view in chronology ]

      • identicon
        Simple Minded, 9 Jun 2006 @ 9:33am

        Re: Re: No surprise here

        Chris- if you really want to test your theory take your PC uninstall all anti-spyware / anti-virus software then plug it up to the internet and let it run idle for a day... I recommend you have a good backup of your data though. Re: No surprise here by Chris G on Jun 9th, 2006 @ 5:31am >>>>>I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses... You don't know what you're talking about. Simply connecting to the Internet will not infect you with "spyware and viruses".

        reply to this | link to this | view in chronology ]

        • identicon
          Some Guy, 9 Jun 2006 @ 3:41pm

          Re: Re: Re: No surprise here

          I can't believe than some people here are so ignorant that they don't even understand the scope of their actions when connecting an unprotected pre-SP2 Windows XP computer directly to the Internet un-NAT'd or firewalled.
          Why do you even bother installing patches if you can't get malware installed by not doing anything? How moronic!
          I have absolutely no patience for people who claim to understand network security and don't.

          Please refer to one example:
          http://www.microsoft.com/technet/security/bulletin/ms03-043.mspx

          Do you know what buffer overrun means? Probably not, but hopefully you know how to Google it.
          Do you know what allows remote code execution means?

          Wow... you really need to get out of the IT field if you in fact are in it.

          reply to this | link to this | view in chronology ]

  • identicon
    Muff, 9 Jun 2006 @ 5:28am

    No surprise here

    I'm never surprised at all the Idiots in this world...No-one seems to have a grasp on just how important Computer Securtiy really is... :-
    I've even seen people connect to the Internet BEFORE having any Security set in place on their computers...Needless to say within minute they were infected by Spyware & Viruses....As I've said over and over...Alway, always, always...Scan EVERYTHING BEFORE installing it on your computer, or even opening up a file...

    reply to this | link to this | view in chronology ]

  • identicon
    non-IT, 9 Jun 2006 @ 5:34am

    Look in the mirror

    A certian computer company who shall remain nameless [It has a 2 letter name :) ] was infected with a worm/virus after a head IT-Engineer brought his personal laptop in an logged onto the network.

    To make it even funnier: Two employees brought in a copy of the ant-virus for IT to use. (after looking over it for validity, though these were trusted techs) IT informed them they were going to us their disk (IT's) and not the Techs disk. An hour later one of the techs saw IT using the disk he brought in, exept IT had used a marker and re-labled it as an "IT anti-virus disk" or something similar.

    reply to this | link to this | view in chronology ]

  • identicon
    Zeviel, 9 Jun 2006 @ 5:35am

    Security Issues

    its not the technology that's dangerous but the technology's user that kills things. as the article says there will be a mass fear of usb drives or some other tech item instead of teaching the users how to use the items effectively.

    reply to this | link to this | view in chronology ]

  • identicon
    flatloop, 9 Jun 2006 @ 5:50am

    This isn't about computer security...

    It's about stupid people. People who don't bother to know or find out what the consequences of their actions are. There are no security measures for stupid people, EOE won't allow us to not hire them. If you don't believe it's stupid people, look at the degenerate responses above concerning anal sex.

    reply to this | link to this | view in chronology ]

  • identicon
    Bill Krues, 9 Jun 2006 @ 5:53am

    Here is the solution

    The solution:
    http://www.sonarware.com

    Software that will restrict these devices for all people, except people you want to have access.

    reply to this | link to this | view in chronology ]

  • identicon
    Junyo, 9 Jun 2006 @ 6:46am

    Wasn't there a Techdirt article about cameraphone bans last week that pretty much said that companies shouldn't worry because this sort of thing was inevitable? Now we're told that companies can't rely on their employees to have the common sense of a kumquat, yet any bans or restrictions fall into the category of "fearmongering". So my suggestion is a policy of total freedom, let employees do whatever they want, run their (and your) livelihoods into the ground with blantant stupidity or malice, but with the caveat that any such error in judgement will result in a smack in the face with the flat of a shovel. You can't eliminate stupidity, but you can make it painful.

    reply to this | link to this | view in chronology ]

  • identicon
    Zeroth404, 9 Jun 2006 @ 7:19am

    Run a secure Operating System, and don't run as root/admin, and backup your work. This should be policy. This "test event" would never have been an issue.

    reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 7:56am

    Re: no surprise here

    You still don't know what you are talkin about I'm a repair tech and just putting a pre xp machine on the net will not allow the machine to be infected. As long as it is not an HP or Compaq os, they come with their own spyware.

    reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 8:14am

    Re: no surprise here

    Well, I'm sorry eb but I have left at the very least a dozen pre xp computers online before for hours and never had a problem. The sites you mention I'm sure, only tell you that to further their own products.

    reply to this | link to this | view in chronology ]

    • identicon
      dnorle, 9 Jun 2006 @ 9:44am

      Re: Re: no surprise here

      I believe the original comment was referring to XP machines, pre SP2. Pre XP machines run fewer services out of the box and are not targetted by hackers because there are fewer connected to the Internet. That doesn't mean they're completly safe, but there is no debating the risk connecting an unpatched XP system to the Internet without some sort of firewall, these systems can and will be infected if left on the Internet long enough.

      reply to this | link to this | view in chronology ]

    • identicon
      DMD, 9 Jun 2006 @ 10:01am

      Re: Re: no surprise here

      Sorry to say, but phoenix is right. I have been a network engineer for many years and ochi-whatevers comments are just NOT true. His comments are based out of fear bred from a simple lack of knowledge. The "internet" does not infect your machine, stupidity does. I have thousands of machines that will attest to that and I guarantee you won't find virii or malware on any of them. Try to be at least aware of the facts before displaying your ignorance.

      reply to this | link to this | view in chronology ]

      • identicon
        Edward B., 9 Jun 2006 @ 11:39am

        Re: Re: Re: no surprise here

        Network engineer, eh? Thousands of machines, eh? So you'd probably NEVER let a freshly reinstalled XP (no SP or SP1) get connected to the internet without a firewall or AV -- probably not even a way to do so on your network without reconfiguring. However, the point that the OPs were making is that many consumers do precisely that. They have a system problem, restore back to the original system disk, and end up with a vulnerable computer connecting to the internet with no protection at all. No firewall and AV + unpatched XP = quick virus infection by one of the varieties that actively scan. If the consumer surfs the internet while waiting for all those security patches to install, here comes the spyware/malware. Add that there are varieties of virii now that "cooperate" with spyware/adware by each reinstalling the other if it's removed, and you have a nasty combo that a regular consumer is not able to handle. Of course YOU've never seen this problem because you know better, but even though you haven't seen the problem doesn't mean it doesn't exist.

        Oh, and BTW? If you have users on those thousands of machines, I wouldn't guarantee that there is NO malware on ANY of them -- just my experience in call centers... ;-)

        reply to this | link to this | view in chronology ]

    • identicon
      ebrke, 9 Jun 2006 @ 12:03pm

      Re: Re: no surprise here

      Try reading the reports at the links, why don't you.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 9 Jun 2006 @ 12:26pm

        Re: Re: Re: no surprise here

        You are kidding me right? Do you actually believe everything that you read? These articles offer no real evidence or facts to support their accusations and theories.

        "While most break-in tries fail, an unprotected PC can get hijacked within minutes of accessing the Internet."

        Unfortunately, what you did not notice is that this sentence was purposely written to confuse. It should have said, while most break-in tries fail, an unprotected PC can get hijacked within minutes of accessign the Internet, after the user opens a web browser, an email, installs software, opens a file whether over a network share, on another partition or disk (or in other ways).

        "Simply connecting to the Internet — and doing nothing else — exposes your PC to non-stop, automated break-in attempts by intruders looking to take control of your machine surreptitiously."

        Well OBVIOUSLY. No one that I have noticed has disputed this fact and it is indeed a fact. Do these attempts render any results or infect a cleanly installed machine where no software has been installed, no webpage has been accessed, or no email attachment has been opened? No. Nor do these websites ever come out and say so, they leave their sentences completely open to mean just about anything.

        Do any of you know anything about TCP/IP? You should learn. TCP/IP is the equivelant to a shipwrecked sailor, armed with a machine gun loaded with unlimited flares firing in every possible direction as quick as possible advertising his prescence in all directions, 24 hours a day, 7 days a week. Does every single thing you see in a firewall log consitute as an ATTACK? NO. It does NOT.

        reply to this | link to this | view in chronology ]

  • identicon
    Intergalactic Hussy, 9 Jun 2006 @ 9:40am

    Good thing I got my own.

    reply to this | link to this | view in chronology ]

  • identicon
    mobius, 9 Jun 2006 @ 9:56am

    Just use Macs. problem solved.

    reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 10:05am

    Re: no surprise here

    Thank you DMD it's about time someone else with a brain got into this.

    reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 10:13am

    Re: no surprise here

    LOL, Sorry I just get so frustrated with peoples ignorance of computers and how they act and work.

    reply to this | link to this | view in chronology ]

  • identicon
    screenshot, 9 Jun 2006 @ 10:31am

    I've seen a freshly installed XP (original version) get infected by a worm while attempting to use Microsoft Update to load the current security fixes required to block that worm. Happened within 5 minutes. Had to aquire a disk with a newer XP to get a system that stayed clean.
    Now that a few years have passed, that worm is no longer as common so I could avoid infection now. No telling when some other exploit will do the same thing with the current generation of PCs.
    The hubris of phoenix and DMD will one day bite them.

    reply to this | link to this | view in chronology ]

    • identicon
      Henry Troup, 9 Jun 2006 @ 11:41am

      Hazards of just connecting

      ...infected by a worm while attempting to use Microsoft Update to load the current security fixes required to block that worm

      Me too.

      The logs of my firewalls reflect constant port scanning. XP SP2 is somewhat hardened, a very good improvement over all previous Windows versions. But far too many services are still enabled by default, and far too little information is available on most of them. When (not if, when) the next exploit shows up in a default service, there will be another flurry.

      SQL Slammer is still out there! One infected machine is all it takes. One old app package that installs an unpatched MSDE could leave you vulnerable.

      reply to this | link to this | view in chronology ]

  • identicon
    Zeroth404, 9 Jun 2006 @ 10:33am

    Here are the FACTS:

    A.) You never want to be without a firewall, no matter what OS you're running.

    B.) An unpatched Windows system, no matter what version, will not last as long as a Linux/Solaris/BSD/etc machine when hooked up to the internet.

    reply to this | link to this | view in chronology ]

  • identicon
    monkey, 9 Jun 2006 @ 10:59am

    xp viri

    some malware that installs if you have typical pre service pack xp on an internet connection without security.
    mydoom
    sasser
    blaster/lovesan
    funlove
    gaobot.


    could be a long list if I had the time. Too many of my clients run asr and think they're done. gotta go fix em

    reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 11:00am

    Re: the facts

    The real fact is this most people don't know how to run linux or any of those for that matter, and yes you should always have a firewall. However patching or updating windows no matter how tempting usually ends up creating other problems, and I'm speaking from 10 years experience.

    reply to this | link to this | view in chronology ]

  • identicon
    Dork, 9 Jun 2006 @ 11:01am

    Stupid employees

    Well I have a simple solution for these wreckless employees.

    For example: If all employees are required to follow a protocol to fill out their work hours, they should be required to practice safe computing.

    Why are time cards accurate and closely observed? Because their paycheck is determined by such attention.

    All that is needed is the threat that if certain security protocols are not followed, it will be reflected in their paychecks. The costs incurred to remedy their carelessness will paid by the employee.

    Simple: they do the damage...they pay for it.

    Would an employer keep an employee who breaks the front window just because they feel the need?

    reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 11:44am

    Re: Re: no surprise here

    He's right about that. If you have users on them then I'd bet my last dollar that there is malware, spyware or viruses on them. Referring to earlier what I was saying is if you just put a freshly installed machine on the net and don't browse around it won't get infected, because the net itself can't infect you. You have to visit a site or download something that installs it.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jun 2006 @ 12:06pm

    The sheer lack of knowledge in these sorts of conversations astounds me. The *nix users always show their faces and they always claim a variant of Linux or BSD is superior, yet they will never understand in their lifetime that Linux or BSD is not anymore secure than another OS out there. There are just not billions of users attempting to be malicious towards those OSes, because you don't attack a minority. Simple and indisputable fact.

    reply to this | link to this | view in chronology ]

    • identicon
      shadowdeamon, 11 Jun 2006 @ 9:01am

      Re:

      I mostly agree except that outside of the corporate world you'll find somwhere in the 90 percentile of end users are running as an admin instead of a user. Most don't even bother to create a password for login.

      This is where the Linux desktop is superior. Of course, I could run as root, and I have seen some noobs misconfigure their systems using only a root account leaving themselves completely vulnerable. No system is idiot proof and just when we think we're getting there, they build a better idiot. :)

      BTW - I'm a Linux noob myself, just installed my system in March.

      reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 12:11pm

    Well alright looks like we have another person posting with some real knowledge.

    It's true, why attack an os group so small that you probably won't even make the local eight o clock news.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jun 2006 @ 12:33pm

    Oh and another thing to shun your little theory that these sources of yours are so grand. USAToday lists a table of data showing attacks from Sept 10 to Sept 25. XP SP1 shows 139,024 attacks and XP with ZoneAlarm shows 848.

    Wow, you mean to tell me that ZoneAlarm prevents an attempt at an attack from ever even occuring! That is amazing! So by using ZoneAlarm I get attacked less! Wait, I thought ZoneAlarm was a firewall designed to block attacks not stop them entirely.

    That is just sad. Who do they have writing these articles anyhow?

    reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 12:33pm

    You see it's like I said. The statements in those articles are almost always used to further their own software and or agenda.

    reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 12:35pm

    Well I'll tell ya this not a single computer leaves my store without zonealarm on it.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jun 2006 @ 12:45pm

    I had the Wall of Shame installed at a client site once. It was just a huge board that greeted everyone in the lobby with "The following people infected the company with a virus or malware:" and a list of names.

    It got taken down as the worst offenders were in management.

    reply to this | link to this | view in chronology ]

  • identicon
    phoenix, 9 Jun 2006 @ 12:50pm

    LOL!!!! Ouch.

    Just out of the blue, what's your favourite scanner?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jun 2006 @ 1:16pm

    Re: no surprise here

    >>> Do these attempts render any results or infect a cleanly installed machine where no software has been installed, no webpage has been accessed, or no email attachment has been opened?

    Yes, they can.

    I understand the point that you and Phoenix are trying to make, but the fact is that you are just plain wrong. While it's true most malware gets installed unwitingly by users, other attack vectors are indeed possible.

    A fresh install of XP *can* be compromised from the network, without any user even having logged in. The way this type of attack works is by exploiting bugs network services that are running on a cleanly installed system. Many worms have done exactly this, by exploiting holes in NetBIOS.

    It's the same type of attack generally used against *nix systems, and it doesn't necessarily require any stupid action on the part of the user.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jun 2006 @ 1:22pm

    To further what I have been saying, you also have to understand that attacks, attacks that lead to compromised systems, vulnerabilities and actual local user "caused" infections are entirely different occurences.

    Also, understand the difference between an operating system that is "superior" and "more secure". Linux is "more secure" because it is the minority. Users participating in malicious activity our out to gain something, whether it is money or to simply wreak havoc. The majority want to gain something. Now, would you make an attempt on 10,000 machines or 900,000,000 machines? By attacking 900,000,000 machines you would have a far better chance of gaining access.

    Make no mistake, there are no amazing super-being programmers out there, all working together on a single operating system. Reality is no motion picture. Microsoft is not an evil corporation hiring programmers with a specific tailored lack of skill in specific areas to create an OS that is inferior. Those programmers at Microsoft are human beings just as those working on open source software, Linux, BSD and other operating systems.

    I would like to know where Linux programmers are requiring super-genes that make them so much better?

    Also, those running alternative opreating systems such as Linux or BSD are typically 99.999% of the time either gurus or corporations with data that requires security. Either one of these entities almost always take large steps to secure their systems. Why would you attempt to access systems which you know is most likely going to be secured when you can attack many systems whose users almost always have no concept of security - whose concept of security is installing software from any and every source on the Internet that claims to provide a working service for free.

    If you were walking the street and someone you did not know approached you and proclaimed "Hi! I just wanted to introduce myself as a courtesy to you out of the goodness of my heart and offer my services to you free of charge. I noticed that your home has no security system! Just say "yes" and I will ente your home and guard you from any and all intruders. Again I will not charge you a dime, I will not ask you for your credit card number or any identifying information.

    You say yes, and you return home robbed of everything you own. Except, computer users never know they are robbed. They don't know their keystrokes have been logged, or data has been sent across the Internet with personal information. They don't notice the information is gone, because it isn't. It has only been copied. These actions take place invisibly. Except on the Internet millions do this everyday. Why? The simple fact is because of their lack of understanding.

    As USAToday even said, 90% of systems connected to the Internet are running the Windows operating system. Whether this percentage is 100% correct I doubt highly, but it's a good estimate. Therefore, there will be more attacks on systems running Windows just due to the fact that there Windows is operated on the majority of systems.

    For example, if you have 10 Europeans visit a foreign country and 2 are infected with a virus. If you have 15,000 Americans visit that foreign country 3000 may be infected with a virus. Same percentage of infections, but significantly more people infected (20% infection rate).

    Does this make Europeans more "immune"? Absolutely not.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 9 Jun 2006 @ 2:30pm

      Re: *nix versus windows

      I can't decide if it's amusing or sad to watch people argue about things they don't really understand.

      How does one ensure a networked host is secure? There are tons of things you could check, but perhaps the two biggest things might be:

      1) Disable all network services except those which are absolutely necessary.

      2) Audit running network services to ensure they are free of bugs and properly configured.

      The main reason *nix is considered more secure has to do with the relative difficulty of performing these tasks on windows compared to *nix.

      The focus in windows is on "ease of use" for the end user, and the end result of this focus is that important security related config data gets scattered all over the filesystem and registry. Often this data can only be read or modified with a GUI config applet, which makes automation of security audits difficult or impossible.

      Microsoft also loves to create lots of undocumented features and APIs, which the administrator has no way of knowing about. These invariably end up being used to turn on or reconfigure some network service without the administrator's knowledge or consent, potentially exposing the host. This sort of behavior would NEVER be tolerated by *nix customers, but we've grown to expect it from windows. Why? Because Microsoft claims they do these things to make the system more user friendly... again different focus.

      Lastly, the networking code itself is far more mature in *nix, since it was there from the very inception. TCP/IP wasn't supported in windows until decades later.

      Sure, any *nix system can be vulnerable, but the point here is that the *nix administrator generally has an easier task than his windows counterpart if he/she is asked to confirm with some certainty that the system has been secured.

      reply to this | link to this | view in chronology ]

  • identicon
    Roberto, 22 Sep 2006 @ 9:22am

    USB Security

    While this does pose a problem, there is a bigger question of security risks being posed by tech support. Why are these people having access to this much stuff, and why are there not being more measures taken to prevent this kind of thing? It all comes down to this statement: "Give a stupid person a shovel, and there will be crap everywhere." And why is there not addequate virus, and malicious program prevention? It is gonna take a little more scripting, but it can be done. This question is just that, an inquery, but think about it: Don't let stupid people have admin access. End of story.

    reply to this | link to this | view in chronology ]

  • identicon
    Adam Lloyd, 4 Mar 2007 @ 4:34am

    Don't Just Plug Random Crap Into Your Computer

    well it depends like I like random crap for the usb like usb Rcket lancher usb lights but if you see a random us drive you wouldn't pick it up and put it in your computer

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.