Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Let's get real...

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Talk About It
View previous topic :: View next topic  
Author Message
micaman
Junior Member


Joined: 28 May 2007
Last Visit: 18 Aug 2007
Posts: 27
Location: Florida, USA

PostPosted: Wed Jul 25, 2007 12:54 am    Post subject: Let's get real... Reply with quote

Lately, I have been seeing things in a strange light. I have had some deep thoughts on this Microsoft-Malware attacks that are never-ending. I am seeing evidence that techies are attacking Windows users as if they are attacking Mr. Gates himself.

What if the world took this same attitude towards other aspects of our lives?

Like, your gas station handing out bad gas to all autos that were not a GM product? Or, if the highways tossed out nails to all yellow cars? Or, your Doctor handing you bad medicine so you would hate the maker?

These may seem a bit crazy, but really, how is it different then where we are today? Non-Microsoft users hate Mr Gates, so they spread Malware only to say to the user...your a sucker for using that product.

The only slimy-sucker is the one who passes the Malware on!

When your machine gets attacked, the one to blame is the website or software writer that gave it to you...not your product. Pay attention to where it came from and report them.

And the next time someone tells you something bad about Microsoft or its products, ask them about their experience with today's company and products, not Windows 95.

Malware sucks, but the users online that permit this stuff to be spread sucks even more! They are the real target for your pain. And, in case you were not aware, Windows can be just as secure as ANY OS on the market today. Yes, for very little effort or money, you can Lockdown your machine, it is a fact.

It is time to awaken your senses.

Shocked
Back to top
View user's profile Send private message
olliver
Expert Developer


Joined: 27 Jan 2006
Last Visit: 02 Dec 2010
Posts: 1157
Location: yes

PostPosted: Thu Jul 26, 2007 4:14 pm    Post subject: Reply with quote

micaman wrote:
Lately, I have been seeing things in a strange light. I have had some deep thoughts on this Microsoft-Malware attacks that are never-ending. I am seeing evidence that techies are attacking Windows users as if they are attacking Mr. Gates himself.

What attacks? What evidence? What kind of people do you throw into the "techie" container?

Quote:
What if the world took this same attitude towards other aspects of our lives?

Like, your gas station handing out bad gas to all autos that were not a GM product? Or, if the highways tossed out nails to all yellow cars? Or, your Doctor handing you bad medicine so you would hate the maker?

These may seem a bit crazy, but really, how is it different then where we are today?

You are distracting from the subject and draw conclusions from "facts" not present in your argumentation. Therefore nobody else but you can follow your "argumentation" and any discussion becomes a rather futile task.

Quote:
Non-Microsoft users hate Mr Gates, so they spread Malware only to say to the user...your a sucker for using that product.

This assertion is obviously based on a silly prejudice, therefore the conclusion is void, too. To accuse non-microsoft users of spreading malware without evidence is even defamation. Interestingly you yourself are practicing what you accuse those "non-Microsoft users" of.

Quote:
The only slimy-sucker is the one who passes the Malware on!

When your machine gets attacked, the one to blame is the website or software writer that gave it to you...not your product. Pay attention to where it came from and report them.

If a product is defective and people don't apply fixes necessary to address the issues then they are very well part of the problem too. likewise, a company that doesn't provide working fixes in a timely manner contributes to the problem too.

Quote:
And the next time someone tells you something bad about Microsoft or its products, ask them about their experience with today's company and products, not Windows 95.

And pulling the "appeal to authority" game is going to defeat a valid argument how?

Quote:
Malware sucks, but the users online that permit this stuff to be spread sucks even more! They are the real target for your pain.

For the first time I agree.

Quote:
And, in case you were not aware, Windows can be just as secure as ANY OS on the market today. Yes, for very little effort or money, you can Lockdown your machine, it is a fact.

You are only telling half the truth to the audience. While the first part is confirmed by Google:

How to secure Windows2000 / XP:
http://www.markusjansson.net/exp.html

Windows XP security checklist:
http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

Windows XP: Your definitive Lock Down Guide:
http://www.windowsecurity.com/articles/Windows_XP_Your_Definitive_Lockdown_Guide.html

your appeal implies that a technical solution can work around knowledge and responsible behaviour. By the time users do click on malware sent by strangers that happens to be not recognised by one's anti virus your technical implementation will go down the drains. in particular if running Windows as unpriviliged user means an inacceptable inconvenience for a user (from their perspective, not necessarily mine) and will make them grant administrator rights to their user account.

Olliver
_________________
Petcord netlabel :: Synflict post-digital arts :: Leftob audio cast
Each click on any of the links above will save the life of a cute kitty somewhere in the universe.
Back to top
View user's profile Send private message
micaman
Junior Member


Joined: 28 May 2007
Last Visit: 18 Aug 2007
Posts: 27
Location: Florida, USA

PostPosted: Thu Jul 26, 2007 8:39 pm    Post subject: Reply with quote

[quote="a notepet"]
Quote:

What kind of people do you throw into the "techie" container?


The average computer user who spends consistent time using the internet and other current technologies. These users offer valid data to dissect.

Quote:
You are distracting from the subject and draw conclusions from "facts" not present in your argumentation. Therefore nobody else but you can follow your "argumentation" and any discussion becomes a rather futile task.


If you reread my analogy, you may find my point. And then again you may not.

Quote:
To accuse non-microsoft users of spreading malware without evidence is even defamation. Interestingly you yourself are practicing what you accuse those "non-Microsoft users" of.


I am collecting the data. Until I finish this task, if you look over articles, blogs and forums where "average people" (not experts) ask questions about Windows, compared to Mac (or others) OS, they are verbally attacked, talked down to and called names. They are told all sorts of things with no sources cited.

Quote:
likewise, a company that doesn't provide working fixes in a timely manner contributes to the problem too.


All major software companies have *about* the same track record. Here are some facts from Symantec:

In the second half of 2006, all the operating system vendors that were studied had longer average patch development times than in the first half of the year.

Sun Solaris had an average patch development time of 122 days in the second half of 2006, the highest of any operating system.

Symantec documented 54 vulnerabilities in Microsoft Internet Explorer, 40 in the Mozilla browsers, and four each in Apple Safari and Opera.

In the second half of 2006, Microsoft Internet Explorer had a window of exposure of 10 days based on a sample set of 15 patched vulnerabilities.

During the second half of 2006, Safari had a window of exposure of 62 days, an increase over the five-day window in the first half of 2006.

Symantec documented 168 vulnerabilities in Oracle database implementations, more than any other database.

During the second half of 2006, five vulnerabilities were documented in IBM DB2 databases.

Symantec documented five vulnerabilities in MySQL during the second half of 2006.

PostgreSQL was affected by three vulnerabilities in the second half of 2006.

Oracle has traditionally presented the most high-profile target to attackers due to its large market share.

Microsoft SQL Server was the final database that was assessed for this discussion. It was not affected by any vulnerabilities during any of the reporting periods.

Source: http://eval.symantec.com/mktginfo/enterprise/white_papers/ent-whitepaper_internet_security_threat_report_xi_03_2007.en-us.pdf

Quote:
And pulling the "appeal to authority" game is going to defeat a valid argument how?


If someone has not explored & used Microsoft products recently, they do not know Microsoft Products today, and therefore have a different take on things.

Quote:
You are only telling half the truth to the audience. While the first part is confirmed by Google:

How to secure Windows2000 / XP:
http://www.markusjansson.net/exp.html

Windows XP security checklist:
http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

Windows XP: Your definitive Lock Down Guide:
http://www.windowsecurity.com/articles/Windows_XP_Your_Definitive_Lockdown_Guide.html


While your sources are valuable, credible and well respected, they are not the only possible solutions to malware protection and general security defenses. I, too, have secured hundreds of Windows based machines with outstanding success. Hands on experience can add something of value.

Quote:
your appeal implies that a technical solution can work around knowledge and responsible behaviour. By the time users do click on malware sent by strangers that happens to be not recognised by one's anti virus your technical implementation will go down the drains. in particular if running Windows as unpriviliged user means an inacceptable inconvenience for a user (from their perspective, not necessarily mine) and will make them grant administrator rights to their user account. Olliver


My appeal does the complete opposite!

It states that it requires all tech companies to act responsible and for consumers to take the time to learn how to secure their machines to prevent passing malware around...regardless of what OS you use.

I believe it is the "good guys" versus the "bad guys."
Back to top
View user's profile Send private message
olliver
Expert Developer


Joined: 27 Jan 2006
Last Visit: 02 Dec 2010
Posts: 1157
Location: yes

PostPosted: Sat Jul 28, 2007 12:13 pm    Post subject: Reply with quote

Quote:
Quote:
You are distracting from the subject and draw conclusions from "facts" not present in your argumentation. Therefore nobody else but you can follow your "argumentation" and any discussion becomes a rather futile task.


If you reread my analogy, you may find my point. And then again you may not.

Why not clearly explaining your thoughts in the first place? Without specifying what you meant any further discussion is pointless, because I'm not inside your head and don't know your personal associations that may be clear to you, but not to others. Also it would help people understand your point whose first language isn't English.

Quote:
Quote:
To accuse non-microsoft users of spreading malware without evidence is even defamation. Interestingly you yourself are practicing what you accuse those "non-Microsoft users" of.


I am collecting the data. Until I finish this task, if you look over articles, blogs and forums where "average people" (not experts) ask questions about Windows, compared to Mac (or others) OS, they are verbally attacked, talked down to and called names. They are told all sorts of things with no sources cited.

That is all regrettable but doesn't explain how "non microsoft users" are spreading malware. Again there's the problem that you are presenting an obscure claim as unchangable fact.

Quote:
Quote:
likewise, a company that doesn't provide working fixes in a timely manner contributes to the problem too.


All major software companies have *about* the same track record. Here are some facts from Symantec:

In the second half of 2006, all the operating system vendors that were studied had longer average patch development times than in the first half of the year.

Sun Solaris had an average patch development time of 122 days in the second half of 2006, the highest of any operating system.

Symantec documented 54 vulnerabilities in Microsoft Internet Explorer, 40 in the Mozilla browsers, and four each in Apple Safari and Opera.

In the second half of 2006, Microsoft Internet Explorer had a window of exposure of 10 days based on a sample set of 15 patched vulnerabilities.

During the second half of 2006, Safari had a window of exposure of 62 days, an increase over the five-day window in the first half of 2006.

Symantec documented 168 vulnerabilities in Oracle database implementations, more than any other database.

During the second half of 2006, five vulnerabilities were documented in IBM DB2 databases.

Symantec documented five vulnerabilities in MySQL during the second half of 2006.

PostgreSQL was affected by three vulnerabilities in the second half of 2006.

Oracle has traditionally presented the most high-profile target to attackers due to its large market share.

Microsoft SQL Server was the final database that was assessed for this discussion. It was not affected by any vulnerabilities during any of the reporting periods.

Source: http://eval.symantec.com/mktginfo/enterprise/white_papers/ent-whitepaper_internet_security_threat_report_xi_03_2007.en-us.pdf

You are citing from a biased source: The absolute number of vulnerabilities does not say anything about their seriousness, let alone the security of an application or operating system. This comparison only makes sense if you take the number of serious issues into account. I mention it because this study is also the source of a recent FUD claiming that Vista be the most secure os.
Here's a critical article that points out the fallacy of the study:
http://www.tuaw.com/2007/03/22/fud-windows-is-most-secure-os/
another source:
Jeff Gamet wrote:
What we don't see in these figures, however, are the number of actual exploits that take advantage of the vulnerabilities Symantec reported, or the number of worms, viruses, and trojan horses each of the monitored operating systems suffer from. And statistics can always be manipulated to favor a certain view point.

Using Symantec's own numbers, for example, the report also shows that over the six month period monitored, over 30 percent of the vulnerabilities in Windows were ranked as high priority or severe. But for the same time period, less than one percent of the vulnerabilities found in Red Hat Linux and 2.3 percent in Mac OS X were high priority.

http://www.macobserver.com/article/2007/03/23.2.shtml

So this entire paper has to be taken with a grain of salt. Unfortunately many journalists didn't apply due dilligence before writing about this study.

Quote:
Quote:
And pulling the "appeal to authority" game is going to defeat a valid argument how?


If someone has not explored & used Microsoft products recently, they do not know Microsoft Products today, and therefore have a different take on things.

Ok. But nevertheless someone may be able to point out things based on credible sources, research and communication with other people. Vice versa, someone having used Microsoft products for years still can be a complete idiot when it comes to system details. So one thing doesn't necessarily imply the other.

Quote:
Quote:
You are only telling half the truth to the audience. While the first part is confirmed by Google:

How to secure Windows2000 / XP:
http://www.markusjansson.net/exp.html

Windows XP security checklist:
http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

Windows XP: Your definitive Lock Down Guide:
http://www.windowsecurity.com/articles/Windows_XP_Your_Definitive_Lockdown_Guide.html


While your sources are valuable, credible and well respected, they are not the only possible solutions to malware protection and general security defenses. I, too, have secured hundreds of Windows based machines with outstanding success. Hands on experience can add something of value.

That is all true but not relevant in this context. It wasn't my intention to give a complete oversight about how to secure a system but merely wanted to emphasize that your assumption is confirmed by other sources too.

Quote:
My appeal does the complete opposite!

It states that it requires all tech companies to act responsible and for consumers to take the time to learn how to secure their machines to prevent passing malware around...regardless of what OS you use.

Ok, thank you for clarifying the issue. The way you wrote it here I entirely agree with you.

Quote:
I believe it is the "good guys" versus the "bad guys."


Your "good" vs "bad" analogy doesn't work this way, because it implies that someone who is against malware is automatically an ethical, responsible and honourable [wo]man (to put some meat around the "good" term). While there are certainly some people who want to help others without expecting anything in return for it and have strong ethic convictions that prevents them from doing anything doubtful, there's also a lot inbetween these two poles. Like people that keep it with the most popular opinion du jour, or those that just behave unethical as long as they can get away with it (exploiting loop holes in legislation, contracts etc). Vice versa there are the bad guys that know what they do is bad and they try to do it in a way that only people "who deserve it" get infested. Or bad guys with a bad conscience that will take the first opportunity to get out of it as the opportunity arises.

Olliver
_________________
Petcord netlabel :: Synflict post-digital arts :: Leftob audio cast
Each click on any of the links above will save the life of a cute kitty somewhere in the universe.
Back to top
View user's profile Send private message
micaman
Junior Member


Joined: 28 May 2007
Last Visit: 18 Aug 2007
Posts: 27
Location: Florida, USA

PostPosted: Sat Jul 28, 2007 5:25 pm    Post subject: Reply with quote

[quote="a notepet"]
Quote:
Why not clearly explaining your thoughts in the first place?


I thought I was. Thanks for keeping me on my toes.


Quote:

http://www.macobserver.com/article/2007/03/23.2.shtml


You are citing from a biased source.

Quote:
But nevertheless someone may be able to point out things based on credible sources, research and communication with other people. Vice versa, someone having used Microsoft products for years still can be a complete idiot when it comes to system details.



And they too, can be a complete idiot.


Quote:
So one thing doesn't necessarily imply the other.



Yes, I agree.


Quote:
That is all true but not relevant in this context.


I disagree.

Quote:
It wasn't my intention to give a complete oversight about how to secure a system but merely wanted to emphasize that your assumption is confirmed by other sources too.


OK. Google does provide bad sources too, so a novice would be better off stepping into a forum, such as this for help, versus searching google for the answers.

Quote:
The way you wrote it here I entirely agree with you.


Yes, I do realize from your interactions that I need to spend more time making my thoughts clearer. Thank you for your points.

Quote:
Your "good" vs "bad" analogy doesn't work this way, because it implies that someone who is against malware is automatically an ethical, responsible and honourable [wo]man (to put some meat around the "good" term).


I disagree. I think we need to first band together against malware, and then sort it out.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Talk About It All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group