[Full-Disclosure] MS Anti Virus?
mvp at joeware.net
Fri Jun 18 18:08:08 BST 2004
Can users hook themselves up to the internet? Last time I got a cable modem
hooked up I had to have some "technician" come into my home and spend a
couple of hours trying to figure out how to hook the thing up even though I
bought my own Cable MODEM and ran my own RG6 and had everything ready, just
needed an IP address. In fact I built a special PC with bare bones
configuration so the "technician" could monkey with that and not try to
figure out my LAN.
It was a nightmare, I would keep dropping hints and he wouldn't listen and
then a while later would be like,oh yeah, I have to do this, which would be
exactly what I hinted. The guy had no clue what he was really doing as he
was a wiring guy that had picked up an extra task. Had no clue what a patch
was let alone wondering if the PC was patched even though the little balloon
was sitting there saying there were updates to install. I think if I said
firewall he would have a nightmares of running cable between a garage and a
house and properly repairing the hole he made in the garage firewall (fire
break) so that it was back up to building code...
So what I am saying is, I think the ISPs need to share some of the
responsibility of hooking people up safely, don't just plug them in. If they
already have to come into the home or at the very least you talk to them on
the phone, push firewalls and internet safety. The first time they come up
when they sign up, maybe scan them and see what is open and drop a friendly
hint, why I see that all of your ports are wide open and your PC named
EasyRider69 is fully visible to me... You might want to secure that.
Alternatively, have the ISP block all but say ports 25,80, and 110 by
default for every user and the user has to connect to a website of the ISP
and uncheck other ports they want opened up. That way it would take a
semi-educated user to actually use the service irregardless of the OS. If
that is too tough, set up a multiple VLAN configuration where by default the
user gets placed in babystep VLAN which only has a couple of basic ports and
they have to be requested to be put in the big person VLAN to get open
Again however, MS is stepping up on this. Go look at XP SP2. It is a big
step in the direction to help users protect themselves. Of course of course,
they have always done bad things so they can't possibly do anything better
now. How thoughtless of me. Of course someone like yourself is so good at
coding you know that every piece of code you have ever written has been
perfect right off and no possible issues... Oh wait, you implying that means
you probably have never coded anything more complex than a basic tool if
I agree that MS helped create the mass of inept users... However, I don't
see any OSes going out there creating knowledgeable users. In fact had MS
not done what it had done, I don't think we would be anywhere near where we
are right now for penetration of PCs in the home and lower costs associated
with that. I am just guessing but irregardless of what OS you are on now,
you most likely were running an MS OS at some point. Not many people start
on Mainframes and UNIX machines and went straight to non-MS offerings. Why?
Not much else existed in the home for some time. Probably the few
(relatively speaking) that can say they haven't ever run an MS OS are those
that started using computers in University and never left so always lived in
the UNIX world or Apple folks. If you had a PC at home and it wasn't an
Apple, the chances are good it had MS on it. This is slowly changing now
with the various *nix knockoffs such as BSD and Linux, but was the case for
a long time.
I look forward to BSD/Linux gathering steam and becoming better and better
and more and more accepted. For several reasons actually. First off, MS
always thrives when given good competition, it pushes itself to do better
and better which is good for computing in general because they have serious
cash to put into the endevour, not many computing places now have
multi-billion dollar R&D budgets to make home computing better. Second off,
the Linux world will have to clean up, right now it is a bit chaotic with
all of the various vendors duking it out over who is better and you having
to be really sure of what you have before you install things. It reminds me
of earlier MS days with Win9x and NT and having to figure out what you had
so you knew what you could install. It is a pain in the butt when consulting
for large companies when they are trying to figure it out because not only
is it a case of figure out if you want Linux or Windows, it is which flavor
of Linux do you want. Just dilutes the whole thing. Yes yes choice is good
blah blah blah. Sometimes though in the committee driven worlds of corporate
America, a multitude of choices can be a bad thing.
> You'll have to pardon me if I don't shit myself
> repeatedly in fits of white-knuckle anticipation
> of the next version.
You sound like a jilted lover here. Not someone looking for the computing
world to get better.
From: full-disclosure-admin at lists.netsys.com
[mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of rob at comcast.net
Sent: Thursday, June 17, 2004 5:42 PM
To: full-disclosure at lists.netsys.com
Subject: Re: [Full-Disclosure] MS Anti Virus?
On Thu, Jun 17, 2004 at 11:51:46AM -0400, joe wrote:
> However the worms would be blocked if people had patched their machine
> or otherwise properly administrated the machines they were responsible
> for. All of the worms that I think you are probably referring to all
> had patches well in advance of the worm that impacted it, blaster,
slammer, sasser, etc.
> Home users never should have been impacted as they should be running
> firewall software on the internet connections. The fact that they
> don't isn't MS's fault, however MS is stepping up with XP SP2 to help
> out. On top of that they should be patching when necessary.
> Thinking that there will never be code patches required isn't realistic.
Can you explain how it's realistic to expect the millions of home Windows
users out there now to know how to properly administrate their systems?
If anything that's been discussed here so far is unrealistic, that must top
the list. They're only starting to get the message that patching is
necessary. Very arguably, Microsoft helped create this culture of
technically inept users who view the computer like any other household
appliance. And now what? It plans to force-feed basic computer security
training and earthshaking updates down the throats of the same users to whom
it's been spoon-feeding computing-through-ignorance babyfood for years and
You say "the worms would be blocked if users would..." I say the worms
wouldn't exist in the first place if Microsoft had written their software
securely. It's easy for both of us to say, but which is easier to actually
*do*? Microsoft has little control over what end users do, but it has
complete control over the design, quality, and configuration of the software
it ships. With the resources and market share they have, they ought to be
leading the industry.
Instead, they are the armpit of the industry.
Folks who have been paying attention o'er the years know the same lies,
half-truths, and PR maneuvering they hear today that they heard back then.
"It'll be fixed in the next version", eh? You'll have to pardon me if I
don't shit myself repeatedly in fits of white-knuckle anticipation of the
Full-Disclosure - We believe in it.
Full-Disclosure is hosted and sponsored by Secunia.