Posted on 12/08/2008 8:16:52 PM PST by TigerLikesRooster
Internet security is broken, and no one knows how to fix it
By John Markoff
Sunday, December 7, 2008
SAN FRANCISCO: Internet security is broken, and nobody seems to know quite how to fix it. Despite the efforts of the computer security industry and a half-decade struggle by Microsoft to improve the security of its Windows operating system software, malicious software is spreading faster than ever.
The so-called malware surreptitiously takes over a PC and then uses that computer to spread the software to other machines exponentially. Computer scientists and security researchers acknowledge that they cannot get ahead of the onslaught.
As more business, commerce and social life has moved onto the Web, gangs of elusive criminals thrive on an underground economy of credit-card thefts, bank fraud and other scams that rob computer users of an estimated $100 billion a year, according to a conservative estimate by the Organization for Security and Cooperation in Europe. A single Russian company that sells fake antivirus software, which actually takes over a computer, pays its distributors as much as $5 million a year.
With vast resources from stolen credit card and other financial information, the cyberattackers are handily winning a technology arms race. "Right now the bad guys are improving more quickly than the good guys," said Pat Lincoln, director of SRI International's Computer Science Laboratory.
A well-financed computer underground has built a major advantage by working in countries that have global Internet connections but ineffectual law enforcement agencies that have little appetite for prosecuting offenders who are bringing in significant amounts of foreign currency.
That was driven home late last month when RSA Fraud Action Research Lab, a security consulting group, reported that it had discovered a cache of a half-million credit-card numbers and bank-account log-ins, ...
(Excerpt) Read more at iht.com ...
I think these things evolve faster because some state security agencies encourage and profit from it. This is the state-sponsored problem.
Thsi will all go away at the ascension of The One (piss be upon him), for all good things shall come forth from His hands.
-PJ
“A single Russian company that sells fake antivirus software, which actually takes over a computer, pays its distributors as much as $5 million a year.”
Hope this ain’t Kaspersky. LOL
It’s kinda funny, since switching to 64bit Vista I haven’t had one issue, then again I don’t download odd things and am careful, most computer users aren’t and don’t try to educate themselves on how to prevent infection.
Microsoft actually has quite a few new security features that it put into Vista that are seldom mentioned that have made it far more secure.
None the less, most of the security issues can be prevented by the user, problem is that as long as there are people that don’t properly protect themselves, there will always be virii
Is that so? Have you checked out their security bulletins lately? I decided to abandon Windows entirely last year, not because it’s a bad product, but it’s not secure enough, plus eats up a lot of memory which can go to other apps instead. I chose Ubuntu, a distro of Linux, being easiest to master, but Apple would be a sfer bet for the technically challenged.
I have checked them, and most have been addressed.
I’m quite familiar with Linux also, I dual boot with OpenSuse since I like having more control.
And I hate to tell you, there’s no such thing as a completely secure OS, even OS X is vulnerable to attack.
There are virii written in java that are platform independent, so running linux isn’t a garuantee against attack.
If you think it is, then you’re in even worse shape than some Windows users.
BUMP!
Didn’t claim there’s virus free OS. But the overabundance of those written for Windows OS’s is unquestionable. Besides, there is no real flexibility with the kernel in Windows, although I admit, technical knowledge is necessary to protect oneself.
P.S: Since have moved to Slackware
this article, originally published in the NY Times last week, is disappointing. I do not understand how a virus can be installed in a computer that is simply hooked up to the internet. The article does nothing to explain how this occurs
If you could write a program to attack Linux, or more probably one of the common programs (eg. FireFox, Evolution, Konqueror, Open Office...) it wouldn't spread that far or that fast - just not enough machines. Most Linux users are still geeks, and they probably know almost as much about their systems as the malware writers. (in contrast to many windows users who can barely find the start menu) Linux problems would be (relatively) quickly discovered, squashed, and a patch issued.
It’s not unknown how to stop it.
It is no longer script kiddies and small bots. It’s high level organized crime and it is centralized in the controllers for the bots. The controllers have been found and disconnected. They move, but can be found again - and the operators can be rolled up.
Government and law enforcement can stop a great deal of this. If they’d get a clue and give a damn.
It would help a great deal to fix Windows or stop using it, but even without this a great deal more can be done.
Simple... he starts pinging your ports. Certain ports have certain functions.
Do you have file sharing turn off? Danged sure better have.
Do you have Preview turned on in whatever MS email program your using?
If so, you basically open ALL emails by default.
Look, while it’s true that Linux’s popularity is at a slow rise, it is possible to attack a Linux box. Some self-described black haters on many online groups use Linux boxes for their attacks. Where Linux has the upper hand is it’s separation of user and administrator, something that is missing in Windows. I’m not too familiar with Mac OS, but having been based on UNIX surely it has the capabilities of separating users and administrator priviledges.
Also, regardless of what critics of Linux say, I don’t believe viruses will be a major factor in the Linux world simply because of it’s open nature - people naturally prefer cooperation rather than attacks among each other. It’s completely non-commercial in nature, thus seen as more democratic and not “evil” as is the image of MS. I know, it may be a stretch, but whatever.
The main problem with Windows and its vulnerabilities is it’s resistance to change. Some black hatters attack Windows systems for fun or to test their skills, others to make a statement, and worse of all to steal user information and ID. MS does a poor job of isolating the kernel or major systems from outside attack. It’s just poor design in terms of security.
Ultimately, Linux is the best choice when it comes to inofrmation defense, especially in this age of interconnectivity. In the end it is up to the user and not the vendor of the OS to see to their digital safety. Using simple techniques such as clearing their cache, history, and never storing online passwords, separating accounts, closing ports, running virus scanns, utilizing firewalls, and generally not clicking on links that say “Want a bigger penis? Click here” and not answering unsolicitied emails. The list of things one can do to protect oneself is large. Reiterating my point: Linux is the safest for those who are not technically challenged, but ultimately you get what you pay for.
ping
There's nothing wrong with Internet security, except possibly the authentication and identification of mail servers.
The problem is in the devices connected to the 'Net. And the most problematic devices are those running Microsoft software.
LMAO! You got me! Your post is almost 3 years old and you still got me!
While backing up my hard drive getting ready for a clean install (too much junk, it’s time), I was looking for what was new in the world of computer security. :)
I am still laughing!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.