Thread: CERT says to stop using IE, but will the shit heads listen?
View Single Post
  #6   Report Post  
Old June 29th 04, 03:38 PM
Mike Coslo
 
Posts: n/a
Default
Jim Hampton wrote:
Chris,

You are the one who is displaying ignorance. There are constant holes and
security problems with not only many browsers, but operating systems as
well. Apple is probably the only one with little or no viruses being
written to attack it as it has a small presence. Unix (Linux) has holes.
As far as browsers, Netscape, Opera, you name it, have security flaws. The
reason O.E. is mentioned so much as it has a large following and is,
therefore, an ideal target for worm/virus writers.

The so called integration that IE and Outlook have with the operating
system makes for more security flaws than other systems. All the bad
guys have to have is access to the machine - Internet Explorer - then
access to the OS - that integration, through either a door put in there
purposely or inadvertently, and there you have it. It isn't a good
system security wise. And we should demand more. The typical PC user
apparently doesn't have very high expectations.


Other systems have the occasional flaw, just not so darn many of them.


BUT!


The real disservice that computer geeks have foisted on the world is
the idea of "one platform, one OS".

The PC world is going to treat us to the computer equivalent of the
Irish Potato Famine one of these days. We are inbred, we are
monoculture. We all have the same vulnerabilities.

What we need is machines that are enough different that what takes one
out does not take all the others out. We also need operators that are
not so far into the woods that they can't see the trees.



*Everyone* needs good antivirus software (updated *daily*) on their system
as well as a good firewall (also updated).

I need that on my PC's. My Mac doesn't.


Everyone also needs a good
anti-spyware running on their system - and it is also a good idea to have
one that runs in background and blocks incoming spyware off the internet as
you browse.

I need that on my PC's for sure.


I'm seeing quite a bit of blocking from Yahoo Groups (attempted
incoming spyware).

Oh yes. It is amazing the source of some of the spyware.


Last, but most to the point of your post, everyone should be checking daily
(whether automatically or manually) for updates to their operating system
and browser. These are constantly brought out and if you bother to check
(why don't I think you are well informed?), you will find patches coming out
almost constantly for many different browsers and operating systems.

Here is another problem though. These updates not only protect your
computer by patching security holes, they sometimes protect your
computer by causing it to cease operating. (a computer that doesn't work
catches no virii) On my PC, I will usually wait a few days in order to
hear what problems the "updates" are causing.


If you don't do this, you will eventually get bit regardless of what
operating system you use.

I get bit regardless. My Norton's finds a virus here and there despite
my running a proxy server, 2 firewalls, and updating the virus def's all
the time.

I use both PC's and Macs extensively, so I feel I can comment
knowledgeably. Using a PC is getting to be operations under siege. What
the PC users consider to be normal operations is not what normal
operations should be. Meanwhile, I just use my Mac and do the work I
need to do without all the fuss and muss. (p.s. - you should see all the
cool ham radio software that is out for OSX!)

And my final note is that you have done just what the original poster
noted in his post. (albeit his more crudely) That is to blame it on the
user. That doesn't flush. Don't blame the victim. We can't expect all
users to be IT professionals or even highly competent.

If the manufacturers produce software that has gaping security flaws,
it is their fault, not mine.

- Mike KB3EIA -

Reply With QuoteReply With Quote