Unrelated Pepper-Spray Question

[JMK]

The best way to work with malware and sypware detection and removal is work with some expert live help, and it's free. This is the method I've used for years:

http://forums.whatthetech.com/you_Infected_t106388.html

At work we purchase very large amount of problem wildlife related products every year, including cases of bear spray. We also use a lot of small animal traps, bangers, 6mm launchers, and 12 guage rubber bullets, scare shells, beanbags, and electric fencing, etc. All of it comes from this Alberta Supplier, and if I recall correctly, their prices are significantly below retail:

[fexlboi]

Why not just get an and you don't need to care about spy-mal-whatever-ware neither about what account you use

[electrik_jester]

More on the "run as"

Basically What we are talking about is access control. The usergroup Administrators by Default have "Full Control" This gives users of this group most access to configuration changes on a particular system, This includes security settting, delete, install privs, reg settings, control panel objects, device drivers, DLLs you name it really. This role is also called root and superuser on some systems (u/linix).

Basicly what you want to be doing is running with least privilege or the minimum access that your require for doing what you need to do at any given time. For doing things like Surfing the net, working on a word processor, mining nasty, user level privs will suffice. For installing a new piece of software you need admin privs. now the if you are currently logged into your machine with a user account, you dont really want to log off to log on as admin just to install to log off to log back on as a user so...

Run As. This is the windows equivalent of the nix command sudo. As a user I download a piece of software I want to install from a trusted source. very good, Really I should save it to a location, Ideally not a "temp" file but something named by me that I know. Then I press "shift" and right click on my DL'd executable and from my shortcut menu there should be an entry from run as on anything XP or later( might even be win2k but its been a while" I enter my admin account and password. I am excalating the privs of the installer process to superuser. once the process finishes or is closed. I can open the installed app as a normal user ( in Most situations Admin tools are another matter)

The reasons I am saving to disk are I dont want IE or whatever browser to execute the process. To many exploits, Saving the package also gives my AV a chance to snif it while the write happens. The reason for using a directory I named myself is that I want to avoid established temp dirs. Temp internet files can have otherpluging and files floating around. cookies, shockwave, flash and java script etc. I want to change the relative path for the DL d executable. Some AV will allow IE or other browsers to execute from the temp but not allow other applications to access the temps. depends on you AV and your config What kind of "plug ins" you are running in your browser etc. Don t run your browser as an admin, bad idea.

Some apps you can DL dont need install(admin) rights to run, same with Malware. However jumping through security hoops is part of your defense in depth.

Keep your systems and their applications up to date.

AV should be your last line of defense. keep you stuff up to date. Avoid key generators (crack software) a serial.txt is a much safer way to smoke your crack should you choose to do so.

We wont talk about the other nightmares under the sofabed.

Rebuild your system every couple of years.It will run faster
After doing this a couple of times you get into comic conventions at nerd price as a lvl 3/1 fighter/mage halfing. Light sabres sound cool, phasers leave no mess

Good luck

[mararmeisto]

And just so you know that us Mac-heads aren't impervious to losing their data, I just received an email (in my spam folder) from "PayPal" telling me that my account had been temporarily suspended for security reasons. All I had to do was follow the link to reset it to active. Problem was, the email was sent from "support-at-paipal.ca" (I've spelt the @ symbol so no-one clicks it). Also, there was no company logos/watermarks, no company disclaimer (usually companies tell you not to follow the link, but instead to login and then follow prompts from the actual site), etc, etc, etc.

A less vigilant person might have followed the url-link in the email, and what usually happens is you "login" to your account, are requested to change your password (for security reasons), and at that point, it's already too late: you haven't gone to the actual website, you've gone to a data-logger who will then access your account, change your password, and start funneling money out of your account/bank account/credit card.

The point is, vigilance is not just for the Windows crowd. Data can be lost from any computer, it's just harder from a Mac or a Linux-box.

[loki]

And just so you know that us Mac-heads aren't impervious to losing their data, I just received an email (in my spam folder) from "PayPal" telling me that my account had been temporarily suspended for security reasons. All I had to do was follow the link to reset it to active. Problem was, the email was sent from "support-at-paipal.ca" (I've spelt the @ symbol so no-one clicks it). Also, there was no company logos/watermarks, no company disclaimer (usually companies tell you not to follow the link, but instead to login and then follow prompts from the actual site), etc, etc, etc.

A less vigilant person might have followed the url-link in the email, and what usually happens is you "login" to your account, are requested to change your password (for security reasons), and at that point, it's already too late: you haven't gone to the actual website, you've gone to a data-logger who will then access your account, change your password, and start funneling money out of your account/bank account/credit card.

The point is, vigilance is not just for the Windows crowd. Data can be lost from any computer, it's just harder from a Mac or a Linux-box.

Just to add to this, NEVER click a link in an email to go to paypal, your bank, or anything really as some of the scam emails are virtually impossible to tell the difference from the real thing, you should go to the site my manually typing the address into the browser of choice and then logging on.

oh and as a side note, if Apple users continue to be cocky and think that they can't get a virus or other malware they are going to end up getting hit hard, the main reason apples seem better is because there are just fewer malicious programs out there for them, not because they are designed so much better. Millions of people are probing M$ software daily looking for exploits because why waste your time writing something to attack 10% of the market? As that number goes up so will the number of attacks, same goes for Linux with a bit of a buffer because most of the attackers run linux and are linux fan boys :). Me I like all of them, they are all excellent and fit different people and tasks well.

[FalcoColumbarius]

You know how I do my on line banking? I put my coat on; walk a line down to my Starwagon, drive on a plotted line down to my bank then walk through the front door and say "Hi guys, let's do some business". Call me old fashioned if you like.

Falco.

[mararmeisto]

...[O]h and as a side note, if Apple users continue to be cocky and think that they can't get a virus or other malware they are going to end up getting hit hard, the main reason apples seem better is because there are just fewer malicious programs out there for them, not because they are designed so much better...

While cockiness may have been included in my previous posts, I was more intending to provide a statistically demonstrable example of how using one OS over another will lessen your possibilities for 'problems'. Mac OSX and Linux are not impenetrable just more difficult, and considering most of the online 'theft' is perpetrated by a similar character of people as those who commit physical thefts - the opportunist - if you have a more 'difficult' OS installed on your computer, it is less likely to be targeted. Windows is ubiquitous and simply presents many more opportunities.

[loki]

...[O]h and as a side note, if Apple users continue to be cocky and think that they can't get a virus or other malware they are going to end up getting hit hard, the main reason apples seem better is because there are just fewer malicious programs out there for them, not because they are designed so much better...

While cockiness may have been included in my previous posts, I was more intending to provide a statistically demonstrable example of how using one OS over another will lessen your possibilities for 'problems'. Mac OSX and Linux are not impenetrable just more difficult, and considering most of the online 'theft' is perpetrated by a similar character of people as those who commit physical thefts - the opportunist - if you have a more 'difficult' OS installed on your computer, it is less likely to be targeted. Windows is ubiquitous and simply presents many more opportunities.

just to be clear, it's not more difficult to compromise apple or Linux it just doesn't happen as it's not worth attacking such a small market when you are working with success rate that is likely less than 1%. That is my point really, not trying to insult anyone for their choice of operating systems just pointing out that the real differences are not the same as the marketed or perceived ones :)

[Mr. Flibble]

just to be clear, it's not more difficult to compromise apple or Linux it just doesn't happen as it's not worth attacking such a small market when you are working with success rate that is likely less than 1%. That is my point really, not trying to insult anyone for their choice of operating systems just pointing out that the real differences are not the same as the marketed or perceived ones :)

I am going to have to disagree on you with this one slightly. :) While it is true that *nix machines are generally of a lower profile than Windows boxes, this is not the only reason for the amount of malware. One fundamental coding difference is the concept of privilege escalation. Unix was designed from the ground upwards to be a multi-user system, whereas Windows (Dos based, not NT based versions anyways) were not. Thus, the user level design of Windows had a "always run as root" mentality - exactly the opposite of a *nix box. So, unfortunately, many applications require "root" privs on a Windows machine when they should not really require them. That, and the "multi-user" aspects of Windows are a late add on; and were not added on and enabled properly until later.

In order to compromise a *nix machine (unless you run something like Sendmail or BIND that desires root privs, which is not really done anymore anyways) you must first compromise the user account, and then compromise the root account to gain control of the entire machine. For many windows installations this is not the case.

Windows is changing this mentality, and that is a good thing. Unfortunately, some holdovers of this model still exist, and thus Windows does have a easier attack profile even when discounting for how common the OS is.

[Green1]

just to be clear, it's not more difficult to compromise apple or Linux it just doesn't happen as it's not worth attacking such a small market when you are working with success rate that is likely less than 1%. That is my point really, not trying to insult anyone for their choice of operating systems just pointing out that the real differences are not the same as the marketed or perceived ones :)

This doesn't stand up to scrutiny at all, just look at the server market, Apache is the most popular web server in the world, and yet it has much less malware written for it than does IIS, it has nothing to do with popularity, it has to do with security. The same holds true for exchange vs sendmail (more mail servers runs sendmail, more malware for exchange) as well as various other applications.

Just because the most popular operating system also has the most exploits, doesn't mean that it has them soley because it is popular. It has more to do with the fact that they didn't even remotely consider security in their designs until the past few years, and they have a LOT of catching up to do.

Now all of that said, apple users shouldn't sit back and believe they are bulletproof just because they don't run windows, there ARE viruses for mac out in the wild, and regardless of operating system, the weakest link is still the user. There isn't a system out there that will protect you from yourself, if you click on every file that strangers email you, and if you believe every pop-up and banner ad you read, then you WILL be compromised eventually.

[marsgal42]

At work we use Linux and Solaris for the stuff that matters. I read my email on an XP box, but that's about all I do with it. Viruses and malware are non-issues.

My computer at home, the one I spend my own money on (and the one I'm using right now) is a Mac. I have Linux at home as well.

One approach I've played with is loading Linux on a Sun box, like the Ultra 5 workstation sitting next to my Mac. The resulting system is ample for most web browsing and email, running about the same speed as a fast Pentium II box. Being a Linux box it's impervious to all Windows attacks. With an UltraSPARC processor it's impervious to all x86 attacks as well. Us Sun hackers were doing 64 bits before most of the Windows fanboys could even count that high.

...laura

[Mr. Flibble]

Us Sun hackers were doing 64 bits before most of the Windows fanboys could even count that high.

Sun!? You ZFS fanboi's! (Joking!)

[psilosin]

All this OS bashing is making me nostalgic for the IRC days when dropping an mteardrop /all from BitchX instantly won you any argument you were having with someone running windows95 :)

[mararmeisto]

[R]egardless of operating system, the weakest link is still the user...

...usually resulting in a case of PEBKAC.

[loki]

wow, I thought we where talking about desktops, and the point about linux and unix being more secure because of the not running as root thing, that is just training and the point that I am trying to make. Talking about apache is a totally different beast that isn't an OS. Everyone loves to bash Microsoft, I'm not a M$ fanboy by any means but I do look at all OSs without bias, Windows is a damn good OS, so are lots of linux distros and OSX, they all have their ups and downs.