Home |
Search |
Today's Posts |
#30
|
|||
|
|||
In article ,
Roger Halstead wrote: On thing about this thread: Posting on a group to get users to check for viruses is unlikely to accomplish much, although I do have to say this one at least generated a lot of discussion. Some of it has been down right educational. OTOH, *most* computer users would never pass the definition for computer literate, let alone computer savvy, unless the definitions were made extremely lenient. *Most* computer users do not know, or care how the thing works as long as it does what they ask. You can point out the dangers inherent in their way of doing things, but it has worked so far and they seem to have that feeling of, "It only happens to the other guy". Yes, MS operating systems are full of holes although many of the holes were put there intentionally to enable the end user to do something. The OS comes with most of the defaults turned on that put the system in its most vulnerable state. Lets say we could convince MS to turn off all those defaults. They would be inundated with calls wanting to know why HTML didn't work, why their macros didn't automatically execute, why animation didn't work in their e-mail...and so on...That average user would just get the defaults turned back on. Plus they'd be angry at MS for making them have to figure out what was wrong. LINUX and UNIX are computer people's OSs. Sure we can even make them look like Windows, but that average end user wants all the functionality they've been having and in the same manner. IF MS went away tomorrow and produced no more OSs and was replaced by fully end user friendly UNIX and LINUX we would still be plagued with our current problems for a decade or more due to the old systems out there. The end user wants a box they can turn on and it does what they want. Never mind that the way they do things can create difficulties for hundreds of thousands of other users. _As_long_as_that_ mind_set_continues there will be a tremendous market for the type of OS put out by MS. As long as that market continues the rest of us will be plagued by the problems they create. Maybe our systems will not become infected, but as shown by the recent flood of mail and bogus bounced e-mails it can sure be an inconvenience and in many instances cause a complete Denial Of Service (DOS) to many end users, let alone ISPs. Some of us have the ability to change our posting address as often as we wish. We can even use "tagged" addresses when registering software and hardware. We can do that and still keep private addresses for friends. However once some one with your address had their computer infected, it's time to change. True spam (UBE), rather than just cross posting is at unbelievable numbers. Many ISPs are dealing with millions of messages per day. Some of the larger ones are in millions per hour. It too can cause a DOS once past a critical point. Tidbit: AOL, as of a few months ago, was _throwing_away_ (i.e., before it even got to the user mailbox) in excess of TWO AND A HALF BILLION(!!!) messages *per*day*. I've always used a valid return address when posting although I do change them. This last batch of viruses has me almost ready to quite using valid addresses, but not quite. I don't want to give up the flexibility of putting myself out of reach to where I post. I would offer this suggestion for those who get so excited about receiving the results of the viruses...get a couple of accounts with the free e-mail services. Use those addresses as returns when posting. Most of the current bots are quite capable of figuring out nospam, remove whatever, and symbols. I followed one of the adds about sending millions of e-mails per day, or even per hour. That site told exactly how to set up the bots and how to filter the addresses. It told what addresses to never use and how to filter out the real address out of most "munged" addresses. They also run permutations of munged addresses to try and find a valid one. They could care less if they have to send 50 e-mails if one of them *might* turn out to be real. If they only get a return of 0.01% that is still a 100 returns for every million e-mails. If they send a million an hour that is 2400 returns per day. That can make a lot of people rich. Once an account gets trashed, change it. 10 or 20 spam and maybe 10 or 20 of the bogus e-mails are not worth getting excited about. Remember those on here who have been receiving over a 1000 a day...That is long since the point of changing addresses. So, although we can blame MS for putting out a crappy OS, and justifiably so, they are meeting a demand from the unknowing and uncaring end user. I seriously doubt if that is going to change any time soon. Nor would changing to UNIX or LINUX change anything for most on the news group who are being inundated with bogus e-mail due to some one else's problems. THAT *stuff* needs to be filtered out at the ISP level, yet you don't want any false positives.... Changing to a more bulletproof OS can make you more immune to infection, but it does nothing to prevent the bogus e-mails. Better filtering at the user end can help if you have the band width, but probably not for the poor user with a 28K modem and dial up service receiving more than a 1000 messages a day As a parting shot: One of the Telcos removed access to their system for every user with an infected computer. They will not be let back on until they can show their systems are clean. (it was quite a few thousand users too). Now if every ISP would do that as soon as a virus was detected coming from that IP and share the information with all other ISPs, There's no need to 'share' the information with anybody else. Just disable their access, "temporarily", and don't let 'em back on until they 'prove' that the problem has been fixed. "I think" it would do far more in a few days than any amount of education we could give those users. *ABSOLUTELY* YES!!! Monitoring for viruses at the source and terminating the user (or just suspending their account) as soon as a sent message is detected would keep the effect of viruses contained and the effect to a minimum. There's the rub. That "monitoring". First, you have to 'detect' the problem. *WHATEVER* approach you take to that monitoring/detection, it takes resources, and costs money. There are some relatively simple approaches, but they involve 'adding inconvenience' to the 'non misbehaving' customer; the 'good-guy transparent' ones require a significant amount of technical sophistication on the part of the provider, *and* a non-trivial amount of high-priced equipment. The ISP business is rife with cut-throat competition, and, literally, $1 or $2 per customer per month can make the difference between being in the black, and bankruptcy. |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
Wizard Radio in Seven Corners, VA, to receive WHFS in Annapolis-followup | Antenna | |||
What Exactly is a Radio Wave? | Antenna | |||
How to connect external antenna to GE Super Radio III | Antenna | |||
Review: Amateur Radio Companion 3rd Edition | Antenna | |||
Vintage radio books for sale | Boatanchors |