Joe Average User Is In Trouble

The Register ^ | 10/27/03 | Scott Granneman

[Salo]

A great article about computer security.

[Salo]

Paging Dr. Penguin.

[Salo]

Tech list ping.

[agitator]

[an amused spectator]

I'm working on a PC protection CD that I can distribute to my friends & family.

AVG anti-virus freeware (www.grisoft.com)

Zonealarm freeware - firewall

Of course, the many toys at Gibson Research (www.grc.com)

[Cboldt]

Good article. I was "forced" into learning more about firewalls and security shortly after I started to use Linux. RH 7.2, IIRC. Was on a dilup, and some script kiddies found my IP address and were able to crash my system. About 2 weeks later I discovered the logs. My reaction was "Holy Cow!!!!, I better learn about this."

Anyway, my simple point being that security issues are not limited to MS. Now I sit behind a SOHO firewall (cable router). I'm impressed by the small footprint it shows the outside world. I think the "education" solution won't work. The concepts are tough enough, and implementation is even more difficult. Instead, I would suggest that widepread use of hardware firewalls will effectively reduce the rate of system compromize. I have to concede that dialup users have the chore of being more software savy.

[MarkL]

Our answer to every problem can't be "Run Linux!" or our other favorite operating system (unless the individual we're talking to is interested in such a solution, then by all means, go for it).

Run CPM-80!!!

Mark

[an amused spectator]

I think a good starting point for many ordinary users is Gibson Research (www.grc.com). Most of the language is actually coherent.

[FreedomPoster]

1) Regular operating system updates.

2) Regular antivirus updates, weekly full system scans plus normal checking.

3) Hardware router so PC isn't directly connected to the Internet.

4) Personal firewall program to detect any Trojan Horse programs that might sneak in.

5) Spyware removers run bi-weekly. I use 2, Ad-Aware and Spybot Search and Destroy.

[general_re]

I agree - a good article. The best OS security scheme in the world is useless if people don't use it or don't understand it. There's something of a paradigm shift going on in the Windows world, wherein people are gradually moving from a totally insecure single-user operating system to a fundamentally more secure regime, but that's meaningless if people don't understand why it needs to be done, and don't get the education they need in order to implement it properly. Someone who doesn't do these things is not going to be protected by changing operating systems - a person who understands why system security is important, and takes responsibility for learning about it, is going to be reasonably safe regardless of operating system. Conversely, a person who does not understand why sometimes convenience must take a back seat to security, and does not make the effort to protect themselves, is not going to be safe, no matter what OS they use.

No OS in the world can really protect users from themselves in the long run - some can make it more difficult to shoot yourself in the foot, but eventually, a careless person will always get burned, no matter what. You could replace every single Windows desktop in the world with Linux tomorrow, and you'd still be faced with the problem of educating people about how and why they should protect themselves. Basic operating system security has to become a fundamental part of learning how to use a personal computer, in just the same way that knowing how to use a turn signal is a fundamental part of learning to drive a car.

[FreedomPoster]

LOL! Yes, and where can I download a TCP stack for that? heh

[Kenny Bunk]

There is a problem with routers for the low-tech user that you are ignoring, or hopefully doesn't exist with your ISP.

My ISP, Time Warner, apparently hates their customers to have routers. They want to sell more addresses. So they ping the routers all day and night long, and typically, service will be interrupted every once in a while. The fix is certainly no biggie ... Turn-off, Turn-on, or re-boot. But even this simple step is too much for many "users." To be frank, sometimes it gets a little sticky, requiring two or three goes.

So instead, they get frustrated hook up directly to their cable modem again and forget about it. Or maybe use Zone Alarm, if they can figure it out. When I am on the road, my spouse will typically try to re-engineer the router comnnection by going straight to the modem. Her computer, as a result is absolutely loaded with crap, requiring ferocious cleaning and maintenance.

[Cboldt]

I agree, Gibson Research does a very good job. But I'll wager that we both know computer users who would be perplexed even by a coherent explanation. Naturally, they'd nod in agreement and express understanding -- but ask them a few questions and you'll see that they don't really "get it." Most users need cookie cutter instructions at least the first time around, and sometimes in perpetuity ;-)

[blam]

Hey, why did you post my picture?

[Lee'sGhost]

OK, what's THE best anti-virus software? I was using McAfee but it was not very user friendly and have been told it's not as good as Norton -- but would love to what my Freeper IT friends think.

Thanks in advance.

[Cboldt]

My ISP (Adelphia) pings the cable modem regularly, to maintain the lease on the IP addy. They don't care how many machines use the bandwidth. I don't know how they'd learn the IP address of the router on my local network, and the router has been instructed to discard PING (ICMP) packets.

I used to have to reboot the hardware router about once a week, but lately it's been solid (after a program update). I'm running a Netgear MR314, router plus wireless.

[FreedomPoster]

Which are better, Ford or Chevy pickups?

I think using either, with regular updates, is 1000000% better than nothing.

Actually, the infrastructure IT guys at a company I'm doing some work at, like Trend Micro the best. They are competent people that I respect. I use Norton/Symantec, as you can get it at a good price as part of Norton Systemworks. I like the WinDoctor registry groomer that comes with that package, as well as the disk optimizer.

[Lee'sGhost]

WinDoctor registry groomer?

[E Rocc]

The gradient of computer knowledge is tremendous. Perhaps 90% of the people I know look at me like I'm an expert, but our IT guys know stuff I have no clue about.

Sometimes I think they prefer the fully ignorant users, and not just for job-security reasons. Those of us who know what we're doing sometimes know enough to be dangerous. >:)

-Eric

[E Rocc]

-Eric