Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Are you continually being exploited?
Goto page 1, 2, 3  Next
 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion
View previous topic :: View next topic  
Author Message
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Tue Jul 18, 2006 9:37 am    Post subject: Are you continually being exploited? Reply with quote

At one time, I actually thought that I needed malware scanners. Many of you know that I even worked application support for a couple of the trusted major players. I sure am glad that I finally realized that we(our home LAN & my clients) don't need to waste resources including money and man hours on the bogus and obsolete malware scanners anymore.

I think it is sad that so many still periodically rip the guts out of their sys while usually using multiple scanners and without even a clue to what items they are removing. Then these same folks wonder why their sys and applications fail to function properly after they have been ripped apart by various scanners.

I'll give the anti-malware industry credit tho; they have very successfully programed folks into thinking that they are needed regardless of common sense. The industry continues to suck money from users with annual subscriptions to lease(not sell) their wares. Of course they aren't going to innovate to techniques and processes that really protect...that would decrease their revenue...a revenue & market share now sought after by every scam artist out there. Some vendors have even been caught playing on both sides of the street.

I maintain over 600 appliances across multiple SOHOs and for a long time now we have had no conventional scanners on board of any kind. We have absolutely no need for them. We've NEVER had an unwanted ware of any kind. You can't even manually load an unknown component without prior admin approval. For several years, our filtering/firewalling has protected us from every single highjacking exploit even before it went into the wild and regardless of what vendor patches were in place.

We don't want our sys to be bogged down with massive bloatware that uses half the available resources including tech support. We prefer our file protections & redundant process filtering as well as our host based content filtering that use a negligible amount of resources by comparison. We don't want to maintain/update multiple signature DBs that are ALWAYS going to be behind the infection instead of preventing it. If we were to get a newer malware on board somehow, none of the conventional scanners are likely to even detect it much less remove it properly anyway. We don't want to spend the human resources required for clean up after an infection that could have just as easily been avoided. What we do want is 'control' and that is what we strive for. IMO all resident signature based scanners are just dinosaurs.

So, I really feel sorry for those folks who are still being exploited by both the malware propagators and the anti-malware industry simultaneously.
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
Oldfrog
Site Admin


Joined: 08 Aug 2004
Last Visit: 09 Feb 2013
Posts: 1161
Location: Hewitt, TX

PostPosted: Tue Jul 18, 2006 12:10 pm    Post subject: Reply with quote

Quote:
I think it is sad that so many still periodically rip the guts out of their sys while usually using multiple scanners and without even a clue to what items they are removing.

Yes, I cringe everytime that I hear "run application x and remove everything that it finds".

At the same time I try not to be supercilious to those folks who do not have the computer or system knowledge to properly administer and control their own unit. For a lot of folks the resident protection options in an AS/AT product is as close as they can get to system control. I would rather guide them on how to use that than see them use nothing, and in the process encourage them to come back and ask before blindly deleting anything after a scan.
Back to top
View user's profile Send private message Visit poster's website
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Tue Jul 18, 2006 2:14 pm    Post subject: Reply with quote

Quote:
I would rather guide them on how to use that than see them use nothing


I would rather teach them to protect themselves instead of perpetuating the garbage sponsored by the anti-malware industry as a whole. We aren't born with knowledge. Folks have to LEARN how to do everything they do before they can do it properly. If this industry were to teach and develop REAL techniques for protection, we wouldn't be having this discussion. But that isn't as profitable and the proof is that here we are and folks are still being hearded in mass into false security for profit.

I'm certainly not blaming the user for the probs of the web. The users are being scamed by the entire industry. However, no one on the planet can go without knowing that the web can be dangerous. TV, radio, newspapers and all medias have told the stories. Therefore, what kind of user goes online without at least trying to learn how to do it properly. I do take issue with morons who are to stupid to even try learning.

Instead, what I'm talking about is the users who would learn but are being taught the wrong things by this entire community. And all of us in this community, at one point or another, are guilty of perpetuating this large scam. While some do so unwittingly, many are very much in the know and very much in the money.
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 19 Nov 2017
Posts: 10420
Location: at the beach

PostPosted: Tue Jul 18, 2006 5:02 pm    Post subject: Reply with quote

Quote:
I would rather teach them to protect themselves instead of perpetuating the garbage sponsored by the anti-malware industry as a whole. We aren't born with knowledge. Folks have to LEARN how to do everything they do before they can do it properly. If this industry were to teach and develop REAL techniques for protection, we wouldn't be having this discussion. But that isn't as profitable and the proof is that here we are and folks are still being hearded in mass into false security for profit.


Mikey, I don't disagree with teaching -- I think it's of utmost importance. But you know *darn* well a lot of people don't care enough to take the time to learn. They just want to go online and do their thing. People like that will always have a need for anti-whatever apps.

I had a series of more than a dozen private messages here with a user who had their ID stolen by a keylogger -- got infected through file sharing. I did everything but stand on my head to try to make them understand that if they continued their risky online behavior, the same thing could and would likely happen again. They continued to insist they would use file sharing.

That same user didn't have Service Pack 2 and it took 2 months and dozens of posts to them them to upgrade to SP2.

What do you suggest people like that do? We can lead a horse to water, but we can't.... you know the saying.

If we tell them not use anti-malware apps, then we have to hold their hands and clean their machines using HijackThis, etc.

Your logic sounds good on one level, but it's not practical in many levels.

It's like medical professionals telling people not to smoke and drink to stop lung cancer and prevent cirrhosis of the liver. It sounds good and a certain number of people will listen and learn, but a lot will *never* change their habits. So people will continue to die of lung cancer and of liver disease, just like people will continue to get infected and need anti-malware apps.

So, would you recommend people not seek medical treatment for diseases resulting from their vices, like smoking and drinking? That's what you'd be doing by telling people not to use anti-malware apps. Let's be real here.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
Oldfrog
Site Admin


Joined: 08 Aug 2004
Last Visit: 09 Feb 2013
Posts: 1161
Location: Hewitt, TX

PostPosted: Tue Jul 18, 2006 6:13 pm    Post subject: Reply with quote

My ex-wife is a perfect example of this. She is a very talented, very intelligent woman who teaches history and English. She doesn't care about all this stuff that we live and breathe. She wants to do her online research for lesson plans and get her email. She runs an ME system that does everything that she wants. I managed to get some security in place knowing that I would have to be on call whenever there was an alert. There has only been one in two years.
Back to top
View user's profile Send private message Visit poster's website
hornet777
Warrior Guru


Joined: 28 Oct 2005
Last Visit: 20 Oct 2009
Posts: 458

PostPosted: Tue Jul 18, 2006 7:27 pm    Post subject: Reply with quote

Well, no one could accuse Mikey of cringing in a corner, or being a wall-flower at the anti-spyware party; in fact it takes courage to speak truth as one sees it, especially when it goes against the grain of the establishment.

It is however incomplete, and Suzi takes up the slack, and yet there is even more to this complex issue: to single out any group or individual for blame is akin to preaching to the choir, beside being essentially nihilistic in outlook (as all jusgments must be, especially moral ones).

Lets climb down off the ladder so to speak and just ask what "learning" is, since it is seemingly the central issue, which I parenthetically agree wholeheartedly with. The root comes from the Greek mathesis (transliterated, for there are no Greek fonts) which means outwardly 'learning' at least by definition. However, definition is only a starting point on the road toward meaning. What does "learning" mean?

Mikey says none of us start off with 'knowledge' whatever that does or can mean, as though it was someting that is somehow forcibly imparted from without. But how is knowledge related to learning? If we take a closer look at the word mathesis, and try to understand what was originally meant, what is revealed is nothing at all like the modern notion, for the original meaning emerged out of a completely different standard of truth -- one that had to do with immediate presence, rather than mediated "proof".

The originary meaning of what we call "learning" today meant simply taking cognizance of and accepting what we already have. It is the teacher's job then to let the student discover this for themself, but also and more importantly, for the teacher to never lose sight of the fact that they themselves are students (even more so).

So, now how does it stand with knowledge, whatever it is or even can mean? Seems pretty superfluous, huh. Perhaps this is a hint about how technology is affecting human beings: for as atomised bits of "knowledge" without any connection or relation become what is called "science," "technology," or "corpus of knowledge" the less humans know and yet the more they somehow think they know, and yet, the essential questions that could lead to genuine knowledge, are NEVER ASKED, and without regard to human folly, truth still essentially resides in the question. It is this deception that hides itself from itself that really concerns me.

It seems to me that what Mikey has pointed out is essentially a power relation, with the goal of accumulation for its own sake, but worded as it was, how can his presentation be interpreted any differently? Great points, Mikey, but the approach misses the mark (nothing personal).

What is needed above all is genuine thinking. Its not just computers, the Net, and malware: the tent is collapsing on this circus and we are fiddling about.

Welcome back, oldfrog; you've been missed <hug>.
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 19 Nov 2017
Posts: 10420
Location: at the beach

PostPosted: Tue Jul 18, 2006 8:06 pm    Post subject: Reply with quote

Quote:
The originary meaning of what we call "learning" today meant simply taking cognizance of and accepting what we already have. It is the teacher's job then to let the student discover this for themself, but also and more importantly, for the teacher to never lose sight of the fact that they themselves are students (even more so).


Interesting statement and well said, Hornet777. I've often realized the more I know, the more I realize how much more I don't know and still need to learn.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
NetWidow
Insane Emoticon Fanatic


Joined: 27 Feb 2004
Last Visit: 18 Apr 2012
Posts: 209
Location: Empty Space

PostPosted: Wed Jul 19, 2006 6:33 am    Post subject: Reply with quote

The majority of people who come here for help would probably prefer being taught prevention, but the community seems to be stuck with the idea that everyone wants the quick fix, so many of them never even know there is a way to prevent infections to start with. If we teach prevention first more people will learn it.
_________________
Recognition without accomplishment is meaningless.(NW)
The simplicity of a solution is directly proportionate to its elusiveness. (Maddoktor)
NW's Thoughts
Back to top
View user's profile Send private message
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Wed Jul 19, 2006 6:35 am    Post subject: Reply with quote

Quote:
But you know *darn* well a lot of people don't care enough to take the time to learn.


'Give a man a fish or teach him how to fish?'

For many years now I've been watching folks in this community use the excuse that users as a whole are too lazy, dont care, or don't have enough intelligence to learn and then not even try to teach them how to protect themselves. Personally, I'm really sick of the scam and this bogus propaganda.

Will all folks be willing to learn? Probably not. Most users have been taught all the wrong ways when they could have just as easily learned how to use the tools and techniques that really work. We've known better for many years now. It really isn't rocket science. Granted, there are many who are lost causes, but they will always be loosers and there isn't anything we can do for those who refuse to do for themselves.

I just don't believe that the majority of folks are morons. This community doesn't even try to teach REAL security and the only reason I've been able to see over the years is because it is less profitable.

Yes, some low level techniques like blocklist content filters are suggested but only a handfull of folks try to teach the real thing. Thus the majority of users are led down the path to 'continual exploitation' by both the propagators and the so called pri/sec community.

Devs can just as easily produce tools that work as the ones they dev now. As an insider, I know first hand how corrupt this bogus industry is.

BTW I spent several hours setting up and then teaching one of my client's mother and noob how to use the tools I set up for her(PG was the core). That was a week ago and she only called me once for info. Yesterday, I went by to check on her and found I had no reason to do so. If an elderly noob can learn the basics of this stuff practically overnight, anyone can. Most are just waiting for the industry they wrongfully trust to lead them to the best course of action. Since many new tools have now been deved that do work, I think that a change is finally more and more inevitable.

Even one of the well established anti-malware devs(DCS) has now denounced the bogus and obsolete methods that have thus far been predominant(scam) and they completely retooled their organization. More and more honest devs will surely follow suit. If they don't, I hope they get left behind. There have also been a rash of new products offered lately. It's time for this long seige to end.

I also think that the majority of folks coming here for help and guidance want to learn how to avoid infections. It would be nice to see that actually happen.

My response to this, "the users are too lazy or too stupid" is; HOGWASH
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Wed Jul 19, 2006 6:39 am    Post subject: Reply with quote

OT

Hey NW, I heard you punching keys a few minutes ago...now I know where at. Smile

I knew you'd be in agreement tho since we've spent hundreds of hours thinking about and discussing this topic.

BTW We need a fresh pot of mud.
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 19 Nov 2017
Posts: 10420
Location: at the beach

PostPosted: Wed Jul 19, 2006 8:12 am    Post subject: Reply with quote

Quote:
For many years now I've been watching folks in this community use the excuse that users as a whole are too lazy, dont care, or don't have enough intelligence to learn and then not even try to teach them how to protect themselves. Personally, I'm really sick of the scam and this bogus propaganda.


Quote:
The majority of people who come here for help would probably prefer being taught prevention, but the community seems to be stuck with the idea that everyone wants the quick fix, so many of them never even know there is a way to prevent infections to start with. If we teach prevention first more people will learn it.


Ok then, you two. If you feel this strongly about it, and that what we are doing here is wrong, why don't you do something constructive about it? Something besides criticizing and judging?

I'd be interested to hear your ideas on "how" to go about setting up this eduational program you are suggesting. I mean specifics, not generalizations.

Thinking and discussing for "hundreds of hours" is all well and good, but that doesn't get anything done, nor does it do users any good, unless you put some actiion behind your words.

Quote:
BTW We need a fresh pot of mud.


Yeah, that, too, since you seem to be so hell bent on slinging it. Wink Laughing

Edited to fix typos.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile


Last edited by suzi on Wed Jul 19, 2006 8:37 am; edited 2 times in total
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 19 Nov 2017
Posts: 10420
Location: at the beach

PostPosted: Wed Jul 19, 2006 8:21 am    Post subject: Reply with quote

Btw, Mikey and Net Widow. We have an area for tutorials, self-help and so on. Feel free to post anything you deem appropriate there to educate users on prevention. Or if you want, I could create a forum for you to put into practice what you're preaching -- to teach prevention. We could direct all users to that forum before and/or after helping them in the HJT logs forum.

Edit to add: You might want to bring up your suggestions to the forums that train Hijackthis helpers, too, like Malware Removal University, the Boot Camp, etc. The HJT helpers are in a good position to infuence and teach prevention since they are interacting directly with the infected users.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 296
Location: Darkest UK

PostPosted: Wed Jul 19, 2006 8:48 am    Post subject: Reply with quote

suzi wrote:
Quote:
I could create a forum for you to put into practice what you're preaching -- to teach prevention. We could direct all users to that forum before and/or after helping them in the HJT logs forum.


That would be great for those of us who DO want to learn more - the more people know this stuff the more the 'knowledge' will be spread by them. We 'ordinary' users need to have access to sound info and if mikey and NetWidow are willing to set the ball rolling I'm sure it would be greatly appreciated. Over time this could make a great impact!

A little help is worth a lot of pity. Wink
_________________
Inperfect.
Back to top
View user's profile Send private message
Proactive Services
Security Expert


Joined: 06 Feb 2006
Last Visit: 24 Jun 2009
Posts: 166
Location: Hampshire, UK

PostPosted: Wed Jul 19, 2006 9:02 am    Post subject: Reply with quote

mikey wrote:
Quote:
But you know *darn* well a lot of people don't care enough to take the time to learn.


'Give a man a fish or teach him how to fish?'

For many years now I've been watching folks in this community use the excuse that users as a whole are too lazy, dont care, or don't have enough intelligence to learn and then not even try to teach them how to protect themselves. Personally, I'm really sick of the scam and this bogus propaganda.

Will all folks be willing to learn? Probably not. Most users have been taught all the wrong ways when they could have just as easily learned how to use the tools and techniques that really work. We've known better for many years now. It really isn't rocket science. Granted, there are many who are lost causes, but they will always be loosers and there isn't anything we can do for those who refuse to do for themselves.


Maybe because you have worked in a corporate environment where administrative restrictions prevent malware from infecting a computer you may not realise how many non-corporate users there are out there.

Some of these want to learn, and do learn, how to look after themselves. I have a home customer just over the road who always had up-to-date AV and kept Windows XP up-to-date and practised very safe Internet use and was generally "smart" with her computer. It didn't stop a zero-day exploit from infecting her before her AV was updated. XP Home just doesn't let you run as a restricted user with enough functionality to be useful.

I have a few other "home" customers (or have had conversations about) that are not technically competent enough to protect themselves adequately without some sort of proactive malware protection. The fact they're happy to learn (and I am a good teacher so you can't shake that stick at me) doesn't mean they can learn everything.

I also know a lot of people who, despite being infected (one even having their credit card number and web site logins stolen), still won't practise safe browsing, email use etc. They just won't learn. These are not "very few" either. You don't seem to realise how enticing "world_cup_pics.jpg.exe" is to so many people, the same type of people who still think a) that updating Windows will break it or b) nothing at all about updating Windows.

Heck I've seen several computer users where the AV subscription ran out 6 months ago and reminded the user *every single day* that it was out-dated. They kept on accepting the prompt and not getting round to renewing it. Then bam, infections here we come.
If an average person cannot realise that their AV being 6 months out of date is a bad thing for them then it's unlikely they can be taught to look after themselves to the extent other people can.

I'm sorry, but it's not an excuse. User education can be extremely difficult or even a waste of time for too many cases. I know because I've tried to teach enough without success and I have used different ways to teach as I know everyone learns differently. I also care about every darn one of them because it's in my nature.

IMO spyware and adware should now be considered an anti-virus product's job, from setting ActiveX killbits, IE restricted zones, Mozilla blacklisted extensions and an Internet traffic-based filter. A lot of vendors should take a long look at Eset's product for some of this. Anti-malware scanners and/or protectors are not scams (at least those which we would both agree are not rouge) and will continue to be that until the malware stops. And we all know when that will happen :-)
_________________
Adam Piggott, Proprietor, Proactive Services (Computing)

Professional, friendly computer support in Hampshire, UK.
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 19 Nov 2017
Posts: 10420
Location: at the beach

PostPosted: Wed Jul 19, 2006 9:03 am    Post subject: Reply with quote

There is actually quite a lot of information on prevention here already, but it's scattered around and not consolidated into one place. This post has some good info -- see the section on prevention: :: PREVENTION IS BETTER THAN A CURE ::

http://spywarewarrior.com/viewtopic.php?t=10027

Some good info here on using firewalls:

http://spywarewarrior.com/viewtopic.php?t=14155
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Wed Jul 19, 2006 10:08 am    Post subject: Reply with quote

i have not been infected in years.

i do use
spywareblaster
spybot with imunize and its hosts file
iespyads
and counterspy.
nod32, norton 2002 before that
have peer guardian
regwatcher
process guard
zap
so educateing in how to use some programs to prevent getting infected will go a long ways to keep them clean. and updateing them.

but i do not think any one program will cover all.
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Wed Jul 19, 2006 10:50 am    Post subject: Reply with quote

Hey Suzi, I'm sorry that you took so much offense. However, my comments have all been made addressing the entire community and industry...not you or SW in particular.

Quote:

Ok then, you two. If you feel this strongly about it, and that what we are doing here is wrong, why don't you do something constructive about it? Something besides criticizing and judging?

I'd be interested to hear your ideas on "how" to go about setting up this eduational program you are suggesting. I mean specifics, not generalizations.

Thinking and discussing for "hundreds of hours" is all well and good, but that doesn't get anything done, nor does it do users any good, unless you put some actiion behind your words.


I and a few others have been preaching this stuff since 01...ever since I found out that there were alternatives. Those few of us who have been preaching alternative technologies have had to make a voice among an immense and wealthy industry. Since you are already aware of this, I find those comments a bit puzzling. My most recent related thread can be found just a few threads below this one; http://www.spywarewarrior.com/viewtopic.php?t=21772&sid=ddda2f322bc8bb670719fe64f648d88a

Quote:
Edit to add: You might want to bring up your suggestions to the forums that train Hijackthis helpers, too, like Malware Removal University, the Boot Camp, etc. The HJT helpers are in a good position to infuence and teach prevention since they are interacting directly with the infected users.


If they don't know, it's because they aren't listening or are too wrapped up in the 'status quo' for it to sink in. You mentioned MRU & SI. I assure you that both Nick & Mike know and understand the concepts of process & content filtering...just as do all those who are leaders in the community. Nick & Mike both use the same lame excuses that you made in this thread. The devs all know too...in spite of the feigned ignorance displayed by a dev just above. If they don't have the knowledge and ability, then I certainly wouldn't want to use a product deved by them. The concepts are NOT in any way new. They just aren't as profitable.

Quote:
Maybe because you have worked in a corporate environment where administrative restrictions prevent malware from infecting a computer you may not realise how many non-corporate users there are out there.


I guess you missed the fact that this topic is about the average HOME user.


Quote:
I have a few other "home" customers (or have had conversations about) that are not technically competent enough to protect themselves adequately without some sort of proactive malware protection. The fact they're happy to learn (and I am a good teacher so you can't shake that stick at me) doesn't mean they can learn everything.

I also know a lot of people who, despite being infected (one even having their credit card number and web site logins stolen), still won't practise safe browsing, email use etc. They just won't learn. These are not "very few" either. You don't seem to realise how enticing "world_cup_pics.jpg.exe" is to so many people, the same type of people who still think a) that updating Windows will break it or b) nothing at all about updating Windows.

Heck I've seen several computer users where the AV subscription ran out 6 months ago and reminded the user *every single day* that it was out-dated. They kept on accepting the prompt and not getting round to renewing it. Then bam, infections here we come.
If an average person cannot realise that their AV being 6 months out of date is a bad thing for them then it's unlikely they can be taught to look after themselves to the extent other people can.

I'm sorry, but it's not an excuse. User education can be extremely difficult or even a waste of time for too many cases. I know because I've tried to teach enough without success and I have used different ways to teach as I know everyone learns differently. I also care about every darn one of them because it's in my nature.


Again;

Quote:
If an elderly noob can learn the basics of this stuff practically overnight, anyone can.


Just like the rest of the industry, I'm sure you will undoubtedly continue talking bogus propaganda that just doesn't wash but does suit your agenda.

Quote:
Anti-malware scanners and/or protectors are not scams (at least those which we would both agree are not rouge) and will continue to be that until the malware stops. And we all know when that will happen Smile


Again, IMO ALL malware scanners are obsolete. Even those folks who don't know any better would be much better advised to come to a site like this one and get one on one manual removal assistance from those who are trained in removal procedures than to use any of the conventional scanners that more often do more damage to the sys than what the nasties did.

Quote:
Btw, Mikey and Net Widow. We have an area for tutorials, self-help and so on. Feel free to post anything you deem appropriate there to educate users on prevention. Or if you want, I could create a forum for you to put into practice what you're preaching -- to teach prevention. We could direct all users to that forum before and/or after helping them in the HJT logs forum.


I think that is a superb idea...I'm glad I thought of it. Wink Now if we can just convince the rest of the community to do likewise instead trying to sell bogus BrandX.

BTW You mentioned tutorials. I'm not sure you would call it a 'tutorial' as much as a 'product review' but I am...as time allows...trying to work on this piece; http://www.voiceofthepublic.com/firewalling/firewalling.html
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
Osage
Warrior


Joined: 19 Aug 2005
Last Visit: 07 Sep 2011
Posts: 227

PostPosted: Wed Jul 19, 2006 12:07 pm    Post subject: Reply with quote

To Mikey,

I have tried to follow this thread as best I can---and I believe that you, as a very competent system administrator, can lock things down well enough to be safe without need of any scanners.---because the thesis seems to be that nothing gets through past you---the ever vigilant system administrator.

I also see you come from somewhat a corporate lan time background.
Where the hardware and computers systems are likely to be vastly different than what a typical consumer who just purchases a windows bases PC---so my somewhat question is your protection system practical on say a typical windows XP home system. Or does it require something like win XP pro at minimum? But if you answer is that your system is practical for all---I very much wonder why you limit the blame to the anti-malware industry who tend to vend what you say are obsolete products---when the real villian is the OS itself---and that is largely microsoft judging by market share---who could have been more effective than you in closing the gaping security hole you seem to be closing and calling it prevention.

But I am following this thread with interest and look forward to seeing your tutorial when its finished. But as somewhat of a forum junkie, I can only warn that education may not always be the answer with some users---they need software protection that protects them from their own stupidity. I do agree that some sort of protection before infection is always better than removing the infection after it happens.---and also begs the question of what will happen in future when the common operating system becomes Vista.
Back to top
View user's profile Send private message
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Wed Jul 19, 2006 1:31 pm    Post subject: Reply with quote

Hey Osage,

Deja vu.

Again;

Quote:
Quote:
Maybe because you have worked in a corporate environment where administrative restrictions prevent malware from infecting a computer you may not realise how many non-corporate users there are out there.


I guess you missed the fact that this topic is about the average HOME user.


and

Quote:
If an elderly noob can learn the basics of this stuff practically overnight, anyone can.


Quote:
because the thesis seems to be that nothing gets through past you---the ever vigilant system administrator.


All of us HOME USERS are sys administrators even if it's just a 'stand alone'. And yes, I have a home too. Smile

How hard is it to click 'allow' or 'deny' when something never before seen tries to initiate? Either YOU loaded it or you didn't. And how hard is it to google up the info for any process you might still be unsure of?

You guys really need to come up with some new material. Saying the same things over and over wont change the facts.
=====

BTW I expected a debate or even a fight here. Like I said, I've been preaching this stuff for a long time. Most folks don't take to changes in their habits easily...especially habits that have been pounded into them ever since they first went online. And the industry has always made excuses and flawed arguments in attempts to maintain the status quo....it's in their interest to do so.

BTW2 Even tho I don't need them and think that no one else does either, I see no reasons other than the resource use and the crippling effects of faulty removals why users can't include scanners as a lower level layer in their defenses. I believe that most will eventually give up the crutch after they realize that they are in control and NOT the scam and rip-off artists.
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 296
Location: Darkest UK

PostPosted: Wed Jul 19, 2006 1:59 pm    Post subject: Reply with quote

mikey wrote:
Quote:
How hard is it to click 'allow' or 'deny' when something never before seen tries to initiate? Either YOU loaded it or you didn't. And how hard is it to google up the info for any process you might still be unsure of?


Is that really all there is to it mikey? Really? LOL thats all I've been doing since installing ProcessGuard. No wonder my scanners never find anything any more! Dancing

Seriously if this is all it takes for home users to be secure then it should be shouted from the rooftops. With Marshall stacks.
_________________
Inperfect.
Back to top
View user's profile Send private message
Oldfrog
Site Admin


Joined: 08 Aug 2004
Last Visit: 09 Feb 2013
Posts: 1161
Location: Hewitt, TX

PostPosted: Wed Jul 19, 2006 2:14 pm    Post subject: Reply with quote

Quote:
I expected a debate or even a fight here. Like I said, I've been preaching this stuff for a long time.

From the sound of things maybe wanted would have been a better word to use than expected.

You aren't going to get one from me, because I don't have a dog in this fight. I don't make a dime from the "the industry" and nobody pounded anything into my head. All I do is recommend the protection that I think is most appropriate for the level of the individual user and their interest in and capacity to learn what they need to learn to use that level.

Quote:
How hard is it to click 'allow' or 'deny' when something never before seen tries to initiate? Either YOU loaded it or you didn't. And how hard is it to google up the info for any process you might still be unsure of?

Simple, pimple, until the searches become geometric and every search spawns 3 more. At that point people that just want their systems to work for them instead of the other way around will just give up.

I will go you one better, Mikey, not only are scanners obsolete, but outbound firewalling is really pretty useless. After all, if something gets in and executes you are already owned. So, why do it? (Yes, I do it, and it saved my system once, but that was an isolated event so we won't worry about that one)
Back to top
View user's profile Send private message Visit poster's website
Osage
Warrior


Joined: 19 Aug 2005
Last Visit: 07 Sep 2011
Posts: 227

PostPosted: Wed Jul 19, 2006 4:05 pm    Post subject: Reply with quote

In terms of this how hard is it to google it thing---I had exactly that happen to me last night with process guard---and process guard popped up asking if I wanted to install something I did not solicit or immediately recognize.

So I tried to google the named exe---but basically---until I clicked the process guard yes or no diaglog box---google would not come up.

But I was able to ask for more information on the process guard dialog box and found out this was an internet update to one of my known applications---but had I clicked no, I might then find that possibly needed update would never be allowed in.

In terms of locking things up---this was on my wife's system that needs more ram---so I don't know if this lock up was an anomoly or typical---but adding ram is proving to be another adventure in computer complexity.---and even supposed experts best answer is
just try it--it might or might not work.---maybe you can get your money back if it does not work.

So I get somewhat sceptical when anyone tells me some computer answer is super simple---never works out that way in the real world.----but I would also add that process guard is also useful---its saved me a few times.---even if it annoys the bejesus out of me when I install a known good program.
Back to top
View user's profile Send private message
herbalist
Warrior Addict


Joined: 28 Aug 2004
Last Visit: 25 Jun 2008
Posts: 726
Location: northern Michigan

PostPosted: Wed Jul 19, 2006 4:55 pm    Post subject: Reply with quote

While I'd like to believe that the majority of users are capable of learning basic security, I don't see it happening with the majority of them. I just finished setting up a winME unit for a neighbor that they found at a yard sale and replaced the win95 unit they were using. The guy tells me that he wants to learn how a computer works. Since he was new to it, I mentioned using Google or another search engine to look up specific subjects. The next question he asked was:
"What's a search engine?"
I told him Google is a search engine.
He says he can't figure out how to make Google find what he wants.
Why Me???
Some people will never learn even the basics. Don't ask how hard it is to Google something. I just saw a worst case scenario of that.
On a positive note, I finally convinced one friend to let me secure her XP unit, the one whose favorite line was:
I don't care what they do with my computer, as long as I can play my games.
It took 2 full evenings to get the trojans out of that thing and clean it up enough to get service pack 2 (and around 60 other updates) to install properly. At least there's one less zombie unit. Still need to spend another evening there and put a real firewall on it.
As for the outbound firewalling, as long as either the OS itself or installed software wants to call home, I'll install firewalls. Can't account for what someone else will do on their unit, so I will add that extra layer.
I'm still leaning towards offering an inexpensive remote administration service to those who either can't or won't learn to do secure their systems themselves. It just looks easier in the long run, especially if I have to start with showing them what a search engine is.
Rick
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger MSN Messenger
herbalist
Warrior Addict


Joined: 28 Aug 2004
Last Visit: 25 Jun 2008
Posts: 726
Location: northern Michigan

PostPosted: Wed Jul 19, 2006 5:03 pm    Post subject: Reply with quote

Quote:
Edited to fix typos.

Wish I could edit my typos. Razz
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger MSN Messenger
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 19 Nov 2017
Posts: 10420
Location: at the beach

PostPosted: Wed Jul 19, 2006 5:32 pm    Post subject: Reply with quote

Quote:
Hey Suzi, I'm sorry that you took so much offense. However, my comments have all been made addressing the entire community and industry...not you or SW in particular.


No offense taken Mikey. I wanted to see if you're willing to put your money where your mouth is, so to speak. I mean to do something positive toward educating users instead of griping that others don't do it.

Your premise that anti-whatever scanners are obsolete is flawed, in the present. If you think they aren't needed, then you go do some HijackThis logs here and help people manually remove spyware. Then you teach them now not to become infected again, and count your rate of returnees. Wink

I agree it would be great if eveyone prevented spyware and malware, but it's not realistic. Maybe you think that's an excuse, but it's reality, unless you are living in a different universe than I am. I have one question for you -- do you have any habits, vices, that you know are bad for your health? If you haven't given them up, even though you know they are bad for you, why not? What are your excuses... Don't answer the question to me, answer it to yourself.

Human nature being what it is, people don't like change, and getting people to change their habits, whether computing, or lifestyle is not easy. Again, that's not an excuse, it's reality.

I'll go you one further, too. If people practiced safe computing, they wouldn't need any protection -- no firewall, no Process Guard, no anti-virus, no anti-anything.

That's what we should REALLY be teaching, is safe computing, safe use of the Internet.

I don't get malware on my good machines -- no spyware, no viruses, no trojans, etc. I haven't in years. Why? Because I don't do risky things on the internet. And I don't use Process Guard, though I've been meaning to try it out.

Besides safe computing, safe use of the interent, better than a firewall or better than Process Guard -- virtualization. VMware has freebies now and Microsoft just made Virtual PC free. The catch is, of course, you have to have an OS for a virtual machine, but VMWare has a number of pre-configured virtual machines that anyone can download and use.

Then there are other apps like Sandboxie, ShadowUser, DeepFreeze, and so on. Probably the next best thing to VMware, or Virtual PC.

But, why not go even further than virtualization or sandboxing -- why not urge people to dump Windows completely and use a Mac or switch to Linux? Why not?? The Mac and Linux folks insist that's the way to end spyware. Smile

I suspect Oldfrog was right when he said:
Quote:
From the sound of things maybe wanted (a fight) would have been a better word to use than expected.

_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
hornet777
Warrior Guru


Joined: 28 Oct 2005
Last Visit: 20 Oct 2009
Posts: 458

PostPosted: Wed Jul 19, 2006 5:37 pm    Post subject: Reply with quote

When I first got started in this it became immediately apparent to me that effective communication between myself and my clients was imperitive if anything positive were to result. Its one thing to have all this stuff going on in one's head, and quite another to effectively communicate it to another. The thing that always amazes me is how damned complicated it is to do comprehensively, and how diffucult it is to simplify it and yet still have it reflect basic truths.

The two most common misconceptions I encounter are that 1) computers are for everyone and; 2) computers do things for you. We have Gates and Jobs to thank for the first one, while I find I am usually met with astonishment when I say that computers are the most stupid machines ever made by the hand of man: they have to be told everything they are to do, and in explicit detail. Aside from the fact that these "titans of industry" have been largely successful in foisting such insipid deceptions on a gullible public, the question remains just when can we expect the promises that were made at the beginning of the so-called "digital revolution" to be fulfilled?

Okay, I'm getting dangerously close to a rant myself, and heaven knows there's been quite enough of that. What has been lacking all along is the human element in all of this -- primarily because no one even thinks it worthy to ask the relevant questions pertaining to the sublect. The issue is how humans interact with their computers, period.

On a more practical note (and I know I get carried away), out of my initial concerns and growth obtained from frequenting these fora, together with much interaction with my people professionally, i have decided to provide workshops to educate them, that are half social and half paedogogic. Got the place lined-up, and am now talking with peeps about scheduling and all. Got it divided up into novice, intermediate, advanced and power-user groups. Price? Free.

The way we are going to address this is one user at a time, but its not gonna happen until we abandon our pulpits and stop treating people as though they either do not exist at all or as digital objects that are amenable to calculative manipulation.

What is the position of the Other in your Dasein?
Back to top
View user's profile Send private message
Oldfrog
Site Admin


Joined: 08 Aug 2004
Last Visit: 09 Feb 2013
Posts: 1161
Location: Hewitt, TX

PostPosted: Wed Jul 19, 2006 6:14 pm    Post subject: Reply with quote

Quote:
I'll go you one further, too. If people practiced safe computing, they wouldn't need any protection -- no firewall, no Process Guard, no anti-virus, no anti-anything.

Yes, and it doesn't even have to be all that safe. I mentioned my ex-wife a few posts back. A couple of years ago she called me asking if I would build her a new computer or advise her on buying one. That led to the inevitable question of "what is wrong with the old one" and the equally inevitable answer of "it is really, really, slow".

I figured that since she had owned it for four years and is basically a techophobe that it was likely riddled with adware or worse so brought it into the shop to check it out. What I found was no firewall, a copy of Norton AV that expired shortly after purchase, no AS, had never seen a Windows update, and, no malware of any form. Well, it did have a dozen or so tracking cookies but that was it.

The problem was that it was an eMachines low end system with only 32meg RAM and she had added several programs to it that involved image processing. Maxing it out to 128meg had it running great. I did get all of the Windows updates, installed a freeware AV, freeware firewall, and set up TeaTimer to run but that was about all that she was going to put up with. If she had been previously infected she might have been more receptive, but she had been happily computing away for some four years at that point without an infection so she was not exactly motivated to change her habits and learn a bunch of mumbo-jumbo that she didn't care about.

I check it regularly for her now and in the two years since she has continued to run clean. She had one firewall alert during those two years after installing a new program. That was it.
Back to top
View user's profile Send private message Visit poster's website
Nick
Site Admin


Joined: 27 Feb 2004
Last Visit: 20 Sep 2017
Posts: 3913
Location: California

PostPosted: Wed Jul 19, 2006 10:53 pm    Post subject: Reply with quote

Prompts are like Kryptonite to some people. They can't and will not tolerate having to click yes or no to make the computer work. I gave up recommended IE Spyad to most people because it will do 2 things that regular Internet users don't want to deal with. Prompts and break web pages.

If you load a web page that has an Active X control that is in IE Spyad's list, it will get denied. What happens is you get a prompt that says something like " Your security settings prohibit the use of Active X Controls on this page". Or something along those lines. You have to click OK to get rid of it. If there is more than one, you may get more than one prompt. You can't do anything else on the page until you click OK. You may remember some years ago Mikey, that Ahmad was in correspondence with Microsoft to see if there was a way to not have IE display that prompt. I think that was in the old VoP days, but it may have been on Becky. Anyways, there's no way to get rid of having that prompt, except to remove what is causing it from the restricted zone or change the settings in the restricted zone to allow Active X. That of course, defeats the purpose.

Visiting some mainstream websites like ESPN.com or FHM.com won't work right. They don't want to hear about 3rd party stuff or that it will take a bit of work to figure out what site(s) in the list are making the site not work right. They just want to see Jessica Alba do her thing or see the flash high lights of the Red Sox crushing the Yankees. So bye bye IE Spyad.

I would say that 90% of the people I have seen or heard from again after installing IE Spyad, either got rid of it themselves, or asked me how to make it stop. One solution is not too difficult. Have a second web browser like Firefox to view the sites that don't work right in IE. Somehow, that is already getting too complicated and IE Spyad gets deleted.

Then there's the blindness that happens when you get presented with alot of prompts. After awhile, people don't read it and select yes because that means things will work. At some point, they clicked no to something and the computer, web browser, or whatever stopped working the way it did. The thinking is, if you always click yes, then everything will work like it is supposed to. So when the malware does come, it will get allowed.

As a corporate admin, I'm sure you have set up password policies using Windows 2000 and XP's own local or group policies. Password strength, expiration time, can't use the same one again, etc. How many times have people complained because they have to change it every 30 days, or that they can't use johnsmith as their password?

I read a little while ago that over 1 million computers got infected by the WMF exploit from ads on Myspace. That exploit was patched 6 months ago. If the computer had the patch, they wouldn't have gotten hit. XP is almost hands off in the default settings for updates, yet 6 months wasn't enough time to get patched.

So having everyone use proactive tools is not realistic. That doesn't mean you are wrong however. You are right that using proactive tools will prevent problems, but I'll take it further and say that you don't even need that much protection. I was wandering around some sites a few months ago to try to pick up SpyFalcon. The only thing I had was NOD32 Antivirus, Kerio 2.1.5 firewall, and almost up to date Windows 2000 system. So I didn't even have the extra protection from XP Service Pack 2. I had the security settings at the default level for 2k SP4.

I had to kill NOD32 because it kept intercepting the malware files, most of which were from heuristic detection since this was a new variant at the time. After disabling NOD 32, I had to click to install the "codec" to get it. Although social engineering is what makes most people click and install it. the promise of seeing naked girls and all... But there is still one more thing to protect me, Kerio. As you know, the various SmitFraud baddies won't install right away. So about 15 minutes later, Kerio is telling me that the Win NT Logon authority is trying to contact some website. Out of instinct I denied it and nothing happened. I ended up having to reimage the system and start all over to get infected.

So ultimately, all it took was a firewall to stay spyware free in that case. Yet, hundreds of thousands of people got infected by SpyFalcon and Spyaxe, and the others.

Well, that's my take on it. What I propose to you is to find the easiest way to use something like System Safety Monitor, or some other program and make a tutorial on how to use it. Despite what I said, there are plenty of people out there who will learn something.
Back to top
View user's profile Send private message
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Thu Jul 20, 2006 6:45 am    Post subject: Reply with quote

Like I said, lame excuses. Every day I see folks say they have bought multiple anti-spyware tools to stay/get protected. That alone tells me that folks DO want help and are willing to do what is necessary. Here's a good example which only took a few seconds to find since there are MILLIONS of them; http://www.spywarewarrior.com/viewtopic.php?t=21963 But almost NO one in this community that I know of has ever preached process filtering and just barely will even mention any of the lessor content filters like IESpyAd(not what I would choose). Instead you propagate crap that does very litttle good except to cripple the users appliance. You guys also seem to think that just practicing safe surfing will do the trick. My answer to that is BS. All thru the history of malware propagation folks have gotten infected with spywares or worse on sites they thought were trustworthy. Nick just mentioned the MySpace infections and millions upon millions think it is a SAFE place. Also, I would mention again that, there is nothing we can do for the morons who refuse to do anything for themselves.

BTW Nick, I don't restrict ActiveX or any other very usefull features. It's not needed to restrict any feartures or go to any alternative OS or browsers. Alternative browsers have been proven to be just as faulty as any other ware. Now that Firefox has managed to gain some market share with all the bogus claims of baing SAFE, it is now being targeted more and more. And many of the 'extentions' are full of holes. NO ware is SAFE. All wares are exploitable...even the the process and content filters I'm taslking about who have sys level access. That's is why we use a redundancy for our clients. However, redundancy isn't really needed for home use as I have yet to see any kind of POC that came close to penetration. I use IE and I'm immune to every known and probably unknown exploit on the planet. My process and content filters let me go unpatched to the nastiest places on the net without a worry. In fact, I see many of my client users surfing porn while they are supposed to be working. As a security concern, it's irrelevant but I do inform the employer anyway...it's part of my job to monitor the activities. OT You folk who think employers need keyloggers to monitor just don't have a clue.

Quote:
No offense taken Mikey. I wanted to see if you're willing to put your money where your mouth is, so to speak. I mean to do something positive toward educating users instead of griping that others don't do it.


I'm way too old and much too tired to start any new campaign. The early spyware movement was my last campaign. I am, of course, willing to help where and when I can. If you leaders in the community don't act, it will just prolong the inevitable because this BS is comming to an end regardless. I believe these obsolete scams will be just a history note at some point in the near future. Like I said, devs are already producing alternatives. There are many products now in dev. I suggest you folks wake up and start teaching your users the truth or IMO you will just be left behind.

Quote:
That's what we should REALLY be teaching, is safe computing, safe use of the Internet.


That is a very good thing and will help too. But, as noted, that is not enough by a long shot.

Quote:
But, why not go even further than virtualization or sandboxing...


Because I haven't found one yet that wasn't terribly flawed...not to mention the fact that they are usually way too complicated for the average user. I am not going to debate that comment.

[quote]I will go you one better, Mikey, not only are scanners obsolete, but outbound firewalling is really pretty useless.[quote]

I don't think that is true YET. At home, I use my end point packet filter for many things including another very effective lessor level layer in my defenses. I use Kerio 2.1.4 at home because it gives me total control of connecting process, protocol, port, and IP. Any common packet filter that does more is just bloat to me. It's also very lightweight. A bit OT; BTW that reminds me of another scam...the whole 'stealth' concept which was propagandized by Steve Gibson to sell a FW(ZoneAlarm)...what total BS! Any real admin knows/knew that as the farce it is/was. Some of us even adopted a term for it. We called it 'latent GRC syndrom'.

Well, enough OT. Who else wants to make some more lame excuses?
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Thu Jul 20, 2006 7:11 am    Post subject: Reply with quote

aBenG wrote:
mikey wrote:
Quote:
How hard is it to click 'allow' or 'deny' when something never before seen tries to initiate? Either YOU loaded it or you didn't. And how hard is it to google up the info for any process you might still be unsure of?


Is that really all there is to it mikey? Really? LOL thats all I've been doing since installing ProcessGuard. No wonder my scanners never find anything any more! Dancing

Seriously if this is all it takes for home users to be secure then it should be shouted from the rooftops. With Marshall stacks.


No, not really. As I've noted many times in many threads and articles, folks should also learn to use content filtering. In addition to it further limiting the possibility of approved applications being manipulated to some lessor degree, it also can clean up all the trash users have to see when surfing. I see absolutely NO third party ads of any kind.
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
Oldfrog
Site Admin


Joined: 08 Aug 2004
Last Visit: 09 Feb 2013
Posts: 1161
Location: Hewitt, TX

PostPosted: Thu Jul 20, 2006 7:32 am    Post subject: Reply with quote

Quote:
I see folks say they have bought multiple anti-spyware tools to stay/get protected. That alone tells me that folks DO want help and are willing to do what is necessary.

Sorry, all that really proves is that people are willing to spend money and install a bunch of apps. I see lists like this all the time, as you noted, and there is usually a good bit of overlap in their coverage showing that they really haven't taken any time or effort to see what each one does. A lot of those posts seem to me to be some sort of bragging rights thing about "I run more apps than you do so look how cool I am". Some have responded positively when I have told them they are running too much but the majority don't like the idea of a shrinking list.
Back to top
View user's profile Send private message Visit poster's website
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Thu Jul 20, 2006 7:51 am    Post subject: Reply with quote

Oldfrog wrote:
Quote:
I see folks say they have bought multiple anti-spyware tools to stay/get protected. That alone tells me that folks DO want help and are willing to do what is necessary.

Sorry, all that really proves is that people are willing to spend money and install a bunch of apps. I see lists like this all the time, as you noted, and there is usually a good bit of overlap in their coverage showing that they really haven't taken any time or effort to see what each one does. A lot of those posts seem to me to be some sort of bragging rights thing about "I run more apps than you do so look how cool I am". Some have responded positively when I have told them they are running too much but the majority don't like the idea of a shrinking list.


Hmmm, I wonder if that might be because they haven't been taught any better. Thx for helping to make my point.

Everywhere a user looks now, they see 'use BrandX and be safe'. Just plain hogwash.
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 296
Location: Darkest UK

PostPosted: Thu Jul 20, 2006 8:05 am    Post subject: Reply with quote

mikey wrote:
Quote:
As I've noted many times in many threads and articles, folks should also learn to use content filtering. In addition to it further limiting the possibility of approved applications being manipulated to some lessor degree, it also can clean up all the trash users have to see when surfing. I see absolutely NO third party ads of any kind.


Thnks for the response mikey. So between restricted site blocklists such as IESpyad and process controls like PG the average user should be well protected? (Sorry if this is obvious stuff to you but for people like me who are relative newcomers and still finding our way this sort of discussion is hugely informative).
_________________
Inperfect.
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 19 Nov 2017
Posts: 10420
Location: at the beach

PostPosted: Thu Jul 20, 2006 8:06 am    Post subject: Reply with quote

Quote:
Every day I see folks say they have bought multiple anti-spyware tools to stay/get protected.


Quote:
But almost NO one in this community that I know of has ever preached process filtering and just barely will even mention any of the lessor content filters like IESpyAd(not what I would choose). Instead you propagate crap that does very litttle good except to cripple the users appliance.


Well, you are preaching it now. Wink

There have been a lot posts about System Safety Monitor and Process Guard. I don't know where you see anyone here, forum management or staff, recommending anyone to buy multiple anti-ware tools. If you have some examples, please point them out to me.

The HJT helpers recommend people to get the free apps, like IE-SPYAD, Hosts file, SpywareBlaster, SpywareGuard, Ad-Aware, Spybot, and such after they get their machines clean. We don't have any ads for anti-spyware apps. We don't have any ads here PERIOD, unlike nearly every other anti-spyware site in this community. ^-^

I really don't know what your gripe is, Mikey. Should we advertise Process Guard? Maybe I can become an affiliate and put ads on the site. Maybe I should put up ads for firewalls on the site, too. Believe me, I get plenty of emails from companies wanting me to promote their products.

I haven't seen you post any tutorials yet on how to do process filtering, how to set up Process Guard or how to set up a firewall. I'm waiting, still, for you to do something other than gripe about what others do or don't do. Wink
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
NetWidow
Insane Emoticon Fanatic


Joined: 27 Feb 2004
Last Visit: 18 Apr 2012
Posts: 209
Location: Empty Space

PostPosted: Thu Jul 20, 2006 8:21 am    Post subject: Reply with quote

I find this very entertaining. If you really want to help people and learn a little yourselves, you would stop arguing the facts and offer to help mikey finish his pages and get them out there.

I'll admit for the most part people as a whole are lazy and will always look for the quick fix right now. If it fixes the problem today that's all that matters to most. The only way we will ever get away from that and have a chance to win this war against the bad guys is to stop giving the quick fix and start teaching the things that work.
_________________
Recognition without accomplishment is meaningless.(NW)
The simplicity of a solution is directly proportionate to its elusiveness. (Maddoktor)
NW's Thoughts
Back to top
View user's profile Send private message
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Thu Jul 20, 2006 8:52 am    Post subject: Reply with quote

Suzi, I really wish you wouldn't take this personal. Again, my comments are directed to all. I've told you before that the reason I hang my hat here is because I know of no other in this community with more integrity. I really wish you would keep that in mind.

Quote:
Should we advertise Process Guard?


As for brand advertising; I have no clue where those comments even come from. I personally don't sponsor or even really recommend any particular brand. I personally use and hold commercial lisence to AbtrusionProtector but I'm certainly not affiliated to any.

Quote:
I don't know where you see anyone here, forum management or staff, recommending anyone to buy multiple anti-ware tools.


Please don't put words in my mouth. The only thing I said was that users were doing so in an false attempt to protect themselves. They do so because they know no better and no one is teaching them how to maintain real security. All they seee is the same thing everywhere they look; 'buy BrandX and be safe'.
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 08 Oct 2015
Posts: 1073
Location: CenTex

PostPosted: Thu Jul 20, 2006 10:51 am    Post subject: Reply with quote

Well, I think I've said all I need to. You folks can think about it and either make more lame excuses or you can act. It really makes me no diff. As I said, I have no more campaigns in me now.

If someone actually has anything I think worthy of response, then I'll post in this thread again but I doubt that will happen.

As noted, it really isn't going to matter in the long run as I believe change is inevitable regardless. One other consideration; If I had a pri/sec site, I think I'd want to be one of the first to get on board with the truth. I guess that might interfere with sponsors tho...oh well.

===========

aBenG, I really wish that all users had the same zeal to learn even tho even one user makes it worth the effort. I'll see ya in the other threads and I am planning to finish my firewalling pages. Smile
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
fcukdat
Warrior Addict


Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.

PostPosted: Thu Jul 20, 2006 10:55 am    Post subject: Reply with quote

WTG Mikey doing what Mikey does best Big Thumb Up


Suzi wrote:
Should we advertise Process Guard?


Advertise as is to sale or promote as to educate ?

This applies to PG but can be syndicated for any freeware process firewalling software.

No need to sale the paid version since the free version offers more effectual protection then all Anti whatevers can do collectively once someone learns how to divine a files integrety for themselves.

Then everthing is simplified to yes(good to execute) or no(bad code execution blocked).

If code cannot execute then it cannot install and infect Exclamation

Game over for malware in their portion of the computer security spectrum Shocked

Aferall the enduser is taking full responsibility for what is running on their 'puters as opposed to relying on other software databases(or lack of)to make that call.

The crux being just because someone has state of the art AV,AT,AS softwares running in realtime for protection and they allow code to execute without any alarm bells going off from the defenders does not automatically mean that its is good code and not malware.It simply means that it is not in their databases Shocked

Your right to point out that there will be a proportion of users unwilling to learn and doomed to repeat their malware experiences but for those who want to learn then maybe this is where as Mikey is saying we as a community need to be directing them and not into throwing money @ Vendors for softwares that are not totally effectual at protecting the customers investment.

I will go further than Mikey and just state IMO that if this is ment to be a "Security" forum with "security experts" then lets promote total effective computer security and stop lining the pockets of the Vendors whether legitimate or rogue.

Again and this just my opinion and not aimed at the staff/owners of this website but i feel a lot of the information resources at SWW are outdated and now serve ltd value to the enduser.Malware has moved on in 2 yrs and evolved and so have softwares.So information gained&published in 2004,2005 is not really pertinent to summer 2006 and in some cases can be misleading to say the least.

If somone is serious about securing their Pc it will cost them $ 0 in purchases but a little time in learning safe computing habits and maximum 3/4 security related free softwares installed on their 'puters Shocked

Osage wrote:
even if it annoys the bejesus out of me when I install a known good program.


When installing new software then if you divine the softwares integrity before installation all you have to do is disconnect from the web & network if present and then put PG in learning mode for the install & initial run of the software..Let PG auto configure rules and then once setup put PG back into protection mode .Sorted Wink

Very Happy Also good to see NW,OF and H back posting their wisdoms again,you've all been missed Crying or Very sad
_________________
Malware hunter....Got Bot ?

MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 19 Nov 2017
Posts: 10420
Location: at the beach

PostPosted: Thu Jul 20, 2006 12:49 pm    Post subject: Reply with quote

Quote:
One other consideration; If I had a pri/sec site, I think I'd want to be one of the first to get on board with the truth. I guess that might interfere with sponsors tho...oh well.


There you go again with innuendos -- there are no sponsors. Aside from the occaisional donations we get, I pay all the costs of running this site out of my own pocket. If you have some beef with me, then spit it out instead of making snarky remarks. Wink

Quote:
I will go further than Mikey and just state IMO that if this is ment to be a "Security" forum with "security experts" then lets promote total effective computer security and stop lining the pockets of the Vendors whether legitimate or rogue.


Where are *we* lining the pockets of vendors? Please do be specific. Again, we sell no products and the products recommended by forum staff are free products. And who is *we* anyway?

Quote:
Again and this just my opinion and not aimed at the staff/owners of this website but i feel a lot of the information resources at SWW are outdated and now serve ltd value to the enduser.Malware has moved on in 2 yrs and evolved and so have softwares.So information gained&published in 2004,2005 is not really pertinent to summer 2006 and in some cases can be misleading to say the least
.

Yes, I agree that some of the information is outdated, no doubt about that. But I do think it still has value and it will stay up for the time being.

This is an open community -- *anyone* is welcome to create and post tutorials for Process Guard or any other app you think appropriate.

Mikey, Fcukdat, feel free to step out and become leaders in teaching what you think is important. Post in the tutorials and self-help forums, etc. as you see fit. Nothing is stopping you from doing that. Smile
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
fcukdat
Warrior Addict


Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.

PostPosted: Thu Jul 20, 2006 1:28 pm    Post subject: Reply with quote

Hi Suzi Smile

Quote:
Mikey, Fcukdat, feel free to step out and become leaders in teaching what you think is important. Post in the tutorials and self-help forums, etc. as you see fit. Nothing is stopping you from doing that.


Suzi that is a genorous offer that i will take up on this but ultimetly you miss the whole point of this topic.
A lot of the current tutorials are teaching ineffectual or ltd security protocol.Hence the topic for a major shift towards effective solutions.


Suzi I think what Mikey is saying and i am thinking is that your position @ Sunbelt causes a potential conflict of interests* with reguards to the crux of this topic.

*I acknowledge that niether yourself or Eric try to promote CS either openly or steathfully at this or any other forum but just remembering back awhile at BBR both you& Eric started publicly declaring company positions within your signatures.

Quote:
Yes, I agree that some of the information is outdated, no doubt about that. But I do think it still has value and it will stay up for the time being.


Pity...If the deadwood got pruned then the important stuff would be more readily available and not lossed in the ineffectual.

Quote:
Where are *we* lining the pockets of vendors? Please do be specific. Again, we sell no products and the products recommended by forum staff are free products. And who is *we* anyway?


Again the crux of this topic.the current teachings are limlted and inevitably lead people into defintion based defenders which leads onto brand x,y,z of which they are predominetly pay for softwares.

So maybe the teachings don't promote *paid solutions but they are starting the ball rolling.
_________________
Malware hunter....Got Bot ?

MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion All times are GMT - 8 Hours
Goto page 1, 2, 3  Next
Page 1 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group