On Apr 9, 2005 10:47 AM, Jody <kjv-av1611@...
> Hi alice ttlg, Jason...
> Thanks for all the info "guys." Good stuff. I do wonder though if
> one of the main reasons that Windows users have all the spam and
> viruses is mostly not due to MS security, but instead, because of
> the overwhelming amount of Windows users compared to Linux. Also,
It's both really. Because MS ships Window such that every user has
administrative access to the system, then it's easy for viruses to
hide their tracks. If you're not an admin user, then programs you run
(including viruses) can't hide themselves as easily and anything that
is done is contained to your user. That's how Linux works and Windows
*should* work. But that has a drawback of always having to flip to the
admin user to do something admin-related.
If Linux were as popular as Windows, we'd see more attack *attempts*.
I say attempts because most of the big open source packages are
written a lot better than Windows. Most of Microsoft's flaws I've seen
involve some buffer overflow. That is the programmer's fault for not
knowing better and using a double-edged sword when he should be using
a paring knife :)
> a big factor would be that beginner and novice computer users are
> "all" on Windows, and there are zillions of them. They give their
> eMail address out everywhere, reply to all spam, open any
> attachments they get, etc.
The spam issue is regardless of whatever OS you run. If you have an
email address, it WILL get spam at some point. There's a lot of
avenues of how an email address gets leaked to spammers - some are
because of naive users, others are due to naive sysadmins.
> I also think that Bill Gates is still 75% right that computer
> users want features, not security. I certainly understand the
> cost of ISPs, etc. having to deal with all the spam/viruses, but
Sure, users want features, but some say if you run Windows, then you
should not be connected to the Internet because Windows spreads abuse.
I'm not that devout on the issue, but I do believe that a lot of the
malware problem is due to Microsoft AND the naive user (the naive user
being one who refuses to abandon IE and OE for software that doesn't
have tons of flaws or a user who says "The attachment came from Aunt
Ruth and it said it was a funny cartoon so I openedc it" or the user
who says he doesn't care if he has a virus spewing spam to other
people). Keep in mind that naive isn't meant as an insult here - it's
just someone who may not understand the full ramifications of their
actions (or non-actions).
There is no excuse to have your cake and eat it too - AKA run Windows
and be safe. But one first must realize if they have a virus, they can
be affecting other people in other countries even. Same thing with
spyware, worms and everything else. I can't even count the number of
attacks on my Linux webserver that are meant for IIS but my server
gets them anyway.
> at the same time, I want to be able to do my own configuration of
> protection - I despise having it forced on me. That is, I get so
> aggregated with security features that I cannot turn off that
> cause me tons of extra clicks, unnecessarily. Granted, more
> recently we can go into Admin tools | Services and block a lot of
> it, so at least it is a little better.
Don't wholesale block it. Find out why it's needed and find a method
of being secure that you're happy with. Most of that can be mitigated
with safe computing, NEVER using IE and having a hardware router.
> Up until maybe 2-3 years ago I never used anti-virus protection
> and for the 10-12 years prior I only hooked one worm (while
> fishing in Cyberspace ;) maybe 8 years ago - the fireworks one. A
> list member asked me how I liked the fireworks when I did not
> even mention them. LOL I just simply did not open attachments\
Back in those days, it wasn't a problem since only your address book
got gotten. But now it's every email address found on your computer
which means any webpage you've read or any list message you've
received. Not to mention, viruses forge email addresses so it can be
impossible to find out who has the virus.
It can harm other people besides virus victims. Recently someone on
another list I was on had a virus and it got sent to 3 or 4 list
members who all had hosting thru the same server. That virus forged my
address as the from on the virus emails so that server bounced about
10 copies of that virus back to me even tho I had no part in it and my
computer wasn't even infected. I wrote the server admin and told her
that bouncing viruses to innocent third parties wasn't the proper
course of action and it stopped. But if that virus hadn't run on that
list member's PC, then I would not have had to spend my time educating
some stranger with a misconfigured server.
> unless it was from a well know person and we knew beforehand that
> it was going to be sent or they specifically identified and
> mentioned a number of things to me. My point is, I think the
> majoring of worms and viruses are caught by inexperienced users
> opening all the attachments they get, probably don't use virus
> protectors (up until more recently), and reply to all their spam
> messages/use their eMail address in forms, etc on the 'net.
AND running insecure software like IE and OE. One can get a virus by
simply visiting a webpage in IE. That's a bit risky IMO. Same thing
with OE. You can get something just by *opening an email* in OE.
> >Literally, based on stats from Symantec and confirmed from discussion
> >I've had with AOL abuse staff and other ISPs abuse/admin staff, there
> >are anywhere from 40 to 80 million infected PCs worldwide directly
> >under the control of spammers. And I can certify that half of those
> >infected PCs have attempted to send spam to my little ole server.
Folks, it's not a scare tactic. Any of the recent viruses will turn
the computer into a zombie for other people's uses. Imagine getting a
call from the FBI because your computer was part of an attack on a
govt server. It can happen.
HTH, YMMV, HANW :)
EL-M Computer Help List - Computer help for listowners and list moderators
On June 1, 2001, Steve Ballmer, CEO of Microsoft, told the Chicago
Sun-Times: "Linux is cancer." Unsurprisingly that's incorrect; LINUX
was released on August 25th 1991 and is therefore a Virgo.