Skip to comments.Run Fast, Run Naked - An alternative approach to internet security
Posted on 07/02/2005 11:27:16 AM PDT by BJungNan
Run Fast, Run Naked
Alternative Approach to Internet Security
Sometimes the best way to win the game is not to play it at all. What has all the net security programs, spy ware blockers, pop up blockers, firewalls and the like gotten you? In many cases, slower net browsing, a whole lot of configuration headaches and time to maintain all those programs.
Running naked may be the answer for you.
Running naked on the internet means running completely open with no spy ware protection programs, no pop-up blockers, no anti-virus software. Just a simple open connection.
Before you go into shock at someone suggesting dropping all internet security measures, read on. Running Naked really means running two computers: One for fun and another with all the normal net security.
What's To Steal?
If you had nothing of value in your car, your car was a low cost clunker that no one would want, would you leave your doors locked? Of course not. No one is going to try and get in it. With a computer on the internet it is essentially the same. If you don't have anything anyone could want, what is the point of locking it up?
Put in terms of the internet, if you don't do online banking, if you don't buy or sell on the internet, if all you do is browse the net for news, entertainment and an alternative to television, what's to protect?
Most people do more on their one computer than just browse the net. Internet banking and bill paying is very convenient, as if buying (and selling) on the internet. It is these other activities that are good reason, very good reason for every security measure you can afford or master.
But everything else you do outside of banking and bill paying and involving money on the internet decreases your security. The longer you are on line, the more you and your computer are exposed. So, for the important stuff, limit your time on the net.
Get A Second Computer - A Clunker
What exactly do you need to browse the internet. The newest latest and greatest computer with tons of megs and clock speed. Nope. You can browse the internet on a P-II, 400 Megahertz computer and a simple graphics card as quickly as you can with any other computer. Go one step further and run completely naked and you net browsing will fly. With a dial-up connection you will zing. Add a cable modem connection or DSL and you will get every bit of streaming video you could ever want to see on the so-called slow, outdated used computer.
Pick one up at Salvation Army, Good Will or other thrift store used for about $50.00. Monitors at these stores are anywhere from $2.00 to $20.00 for a good resolution.
This will be the internet computer you use to read the news, post to online forums, do research and whatever else you do to entertain yourself on the internet.
Now, you can not run this computer forever without some security measures. But this one is simple. You simply format your hard drive once on month (or more often if you like) and wipe away anything anyone may have dumped on your system. Start fresh, new, clean and Fast!
Your Other Computer - The fancy one you bought
This is your second computer. It rarely goes on line, never stays online and only goes online as long as needed to complete your banking, bill paying, buying, selling or other data sensitive activities. And, when you are done with this activities, you unplug the modem or phone cable - the best firewall in the world is a unplugged cable!
For this computer, use all the normal internet security. We have a basic site set up here with our recommendations for your net security.
That's it. That's our solution. Two computers. One for browsing that is completely open, unlocked, unblocked and naked. Another that only goes online for short periods of time and follows all the recommendations for safe internet use.
So now, Get Naked and Run Fast!
Better yet - reimage.
Why is re-imaging better?
And won't this whole deal work only with dynamic IP assignment? (Sorry if dumb questions...not a computer professional here...)
my computer is online all the time, yet I don't have these problems......
then again, I try to hack at the pop ups and attempt to block them or change their IP addresses too :)
reimaging allows you to not lose your information (documents, things you want to save, etc.), whereas reformating wipes EVERYTHING off of the hard drive and start with a clean slate...
Not a good idea. If you run naked you will soon be swamped with pop ups and data miners and trojans whether you have anyhting of value or not. All that crap is enough to slow you to a crawl. Besides, I enjoy cleaning house and shoveling all the crap out periodically.
An interesting idea.
You don't have to re-format/re-install anything. The image contains a copy of software/your preferred settings, etc. IOW - a computer setup just the way you want it - instead of going thru all the trouble of reformatting/reinstalling.
Of course - you'll have to reformat/install/setup the machine initially to create the image. But after that, it only takes 15-30 minutes to reimage and bang - it's setup just the way you like it. As far as my personal documents, etc - those reside on my server, which I back up to DVD once a week...
But that's the point, isn't it? If you just re-image, you're not cleaning up all the tracks created while running naked, and directory structures, file locations and CLSIDs and all will not be changed, perhaps?
I am not a big fan of more legislation to cure whatever ails our society, but I would favor the death penalty for pop-up ad makers and spyware purveyors, and I would hold ISP's financially liable after the first report of a spammer on its system.
I suppose I am naive about all this, and that the out of the country spammers could never be held accountable.
I have two computers, one for the 'net and the other for my development and other stuff. They are NOT networked, but they each have a ZIP disk drive, so if I download something I want to keep, I transfer it that way, or by burning a CD if it's really big file.
But the truth is, I haven't had any problem with spyware whatsoever since I installed Mozilla Firefox. Even so, I still use ZoneAlarm, Symantec Systemworks, and Ad-Aware.
no necessarily, but it does remove any installed programs, i.e. spyware and all of that stuff....
if your virus definitions and security software is better than it was, it stands a better chance of blocking such intrusions...
but I wouldnt run around "naked" on the internet. That is what the hackers are waiting for....
I guess no one has heard of MSNTV2. It's a very simple, user friendly, internet reciever similar to webtv. I'm using it to post this message. www.msntv2.com
Re-imaging in this case means restarting from square one. You do a clean install, put on all the programs that you want, and (before ever connecting to the internet) saving an image.
Then you browse around for a while, attracting all sort of bugs and such. But every so often you copy your previously-saved image of your clean start back onto your machine, in effect wiping everything that's been done since.
That being said, I have free anti-virus, free anti-spyware, and free anti-popup installed. They're all set to update and scan automatically. I almost never see a popup (about 1 or 2 month gets through--really), haven't had a virus for over a year (and the one that I had a year ago was caught and cleared automatically--caused no damage) and spyware is cleared daily if it gets through.
I have DSL and my computer is connected 24/7/365 and has been online for close to three years straight. $0.00 down, $0.00 per month.
Or, just get a Macintosh and use OS X with Firefox.
In theory a good idea. In practice, totally unworkable. What about downloading, online gaming, e-mail, etc. and trying to maintain preferences, cookies, etc. Who except a masochist would want to perpetually be in a state of reformatting, restoring, reinstalling, reconfiguring, reupdating, etc.? Unless this guy browes in a completely generic, image-free, courier text-based, non-interactive, vanilla environment, I don't see how this could work.
I just tried that. Unfortunately, I found out I can't run faster than the police anymore. I should be back in 7 to 10 days.
WOW! How do you get a free DSL connection!?
To a certain degree, this is what I do, but running without any protection seems like a pointless endeavor. Why shouldn't a user take advantage of computer security? Trojans, spyware and viruses will rapidly degrade any unprotected system.
I'm running this Linux box behind a hardware firewall and have no problems with streaming audio and video. The Windows box with more important stuff also has a software firewall (primarily to control outgoing data), anti-virus and encryption for sensitive data, but it isn't slow. Most of the slowdown people encounter is related to Windows inefficiencies. Strip down unneeded startup programs and services and even Windows will get faster. Shut off all those "helper apps" that are installed with printer drivers, quicktime, Media Player, itunes and the like. Take a look at all the running processes in Task Manager and you will understand why Windows slows down so much over time.
Reinstalling Windows every so often will certainly speed up the computer, but if you are going to do that regularly, set up the hard drive with two partitions -- one for the system and one for the data. That way, when you reinstall windows on your C: drive, all your data is safe on the D: drive on the second partition.
If you reinstall windows, make sure you have the downloaded version of Service Pack 2 to install before you connect your computer to the net or you may have less than 5 minutes before your system is compromised.
Not unworkable- but it will need some geek savvy to set it up.
You set up the naked Internet machine once. Tweak all the configurations, patch it current, install all of the software you want on it. Then, before you 'go live' with it, you use Ghost to make a copy of the contents of the hard drive. Make the copy in the drive of the other machine on the LAN. Get a boot disk or two made that connect you to the other machine, and have the Ghost client on them.
When you need to reimage the machine, you pop the boot disk in the floppy drive, it mounts the NIC and maps a path across the network to where the Ghost drive image is stored.
You have it reimage the naked net unit- and it is totally redone just as it was before in about twenty to thirty minutes- with all of your configurations intact. Just reboot the naked unit, and you're off again with a fresh machine.
Personally, I prefer to lumber around heavily armored, but that's just me.
This is a case of a little knowledge (and a ready pen) being a very dangerous thing.
Thanks for the link. I was fascinated by Puppy. Knoppix is great but you can see where this is headed. I'm going to put Puppy on a pen drive... This is going to be fun!
heavily armored - I agree. I ghosted my C drive about a month ago and didn't have a pop up blocker working and I was absolutely bombarded with them. Run fast, run naked at first seems to be a decent idea but at least with my experience, I'd be ghosting every other day. Besides, most of the things I do on this computer are business related. I don't want to be switching back and forth all the time.
For keeping a distribution lightweight and with plenty of functionality, Puppy is hard to beat.
There are the popups, spyware, viruses and spam that you see, or can see easily if you run a program to look for it. These are motivated by either juvenile messing around, or the desire to sell you something (or at least to get your money under the pretense of selling you something).
That stuff is pretty easy - so long as you have cleaned it up enough that it doesn't annoy you, you're done. It's like the dirt that collects on your car. How much dirt you will tolerate, versus how much time or money you will spend cleaning depends on personal preference.
The other stuff does its best not to let you see it. It is either trying to steal data, such as with a key logger that might catch a password to your bank, or it is trying to steal your PC, to use as a bot for attacking other computers on the internet. That stuff is motivated by serious greed, or a serious desire to commit acts of terrorism against the internet. It is getting increasingly good at staying hidden.
If you have a PC that is connected to an always up DSL line, then it is a prime candidate for being hijacked as a remotely controlled bot, without your knowledge.
The latest research on this suggests you've got an average of 12 minutes on the internet with a naked PC before being hijacked. Are you really going to reimage every 12 minutes? I doubt it.
By John Leyden 1 Jul 2005 10:54
Malware authors up the ante
Malware authors have increased both the volume and sophistication of their attacks over the last six months. In the first half of 2005 anti-virus firm Sophos detected and protected against 7,944 new viruses - up 59 per cent from the first six months of 2004. The number of keylogging Trojans has tripled in the first six months of 2005 compared to the first half of 2004.
More computer viruses and worms mean an unprotected Windows PC (without either firewall or antivirus protection) stands a 50 per cent chance of infection by a worm after just 12 minutes online. Graham Cluley, senior technology consultant at Sophos, conceded that Windows PCs no longer ship in this unprotected state. Nonetheless the finding illustrates the need to apply basic defences (consumers can find free products aplenty if they choose to look).
The longstanding Zafi-D worm, which poses as a Christmas card greeting, made up more than a quarter of all viruses reported to Sophos so far this year. Runner up was the long-running NetSky-P worm with the bilingual Sober-N worm, which poses as offers for free tickets to the 2006 World Cup in Germany, in third place.
"The threats are consolidating - it's becoming more blurred as to whether something is a spam, a spyware, a phish or a virus problem. Businesses must ensure they are protected against all of these threats," Cluley added. ®
Please at least run behind a hardware firewall. You can usually find one for $20 to $30 at newegg.com by searching for "firewall", and sorting by "lowest price". Todays special:
Yup - a maroon.
Do you know of a file sharing site I can download Ghost from???
Do you have disk space? RAM? Bandwidth? CPU time? Then you have something of value on your computer, and there's people out there who will take it if you let them. Ignore the rest of this article.
This is a very bad idea.
Interesting idea. Without a pop-up blocker, however, you will have seventy windows open withen the first twenty seconds
If you use a computer for nothing but internet, redoing everything will only take about thirty minutes
Better than get a "second computer", set up a small second virtual pc using one of the VM software packages such as Microsoft's.
Thanks for the explanation. I was under the impression that your IP address, open ports, CLSIDs, etc., wouldn't change when you re-installed the image, and the machine would therefore look identical to anyone building a zombie database. If you're running nekkid, then getting the actual exploit onto your machine isn't the difficult part, right?
It is not quite that bad with pop-ups. I avoid sites that have many of them (like Drudge).
But, clicking away a pop up is a lot faster than slowing down your connection by filtering for them. In other words, do you slow down all traffic so you don't get a pop up or just click away the few that you do get.
I would rather run faster and click once in a while to get rid of the pop up window. With pop up blocker you are slowing all traffic as your connection deals with the stuff.
What are you trying to download to my system with that link? As soon as I clicked it, I got a message of a download about to happen.
It is not all that much trouble to reformat and reload. We are not talking a ton of programs to reinstall if you go with this idea. Basically you are turning your computer into a TV for the internet - that's what has you online 90% of the time.
As for email, better to use the free services for your email than to run on your own machine. I would never do that. Outlook is a virus magnet.
How many zombies and trojans stay on a machine after the hard drive has been reformated? I think you missed something there.