Rebuttal and Comment To An Earlier Question « Giveaway of the Day Forums

Back to Giveaway of the Day

Giveaway of the Day Forums » Talks

Rebuttal and Comment To An Earlier Question

(6 posts) (6 voices)

Started 1 year ago by FreewareFan
Latest reply from goodgotd

Tags:

No tags yet.

FreewareFan

offline
Member

I'm not sure why a thread was deleted from a user named ShieldsUp, but I thought it was a valid question, that I wish to address. Here is my answer, and I hope it gets the opportunity to be read. If my post also gets deleted, then I will certainly have some questions of my own as to the policies of this forum.

Anyways, my comment to the earlier question is this:

There are possible truths to what you say. My approach to your concept is this: I have this computer that I use for internet access and gaming. It has absolutely 0% personal or sensitive data on it whatsoever.

If I need anything of that nature, I use the second computer, that is not connected to the internet, never has been, never will be. Used for records keeping, account information, etc.. the information contained within it's OS is as safe as one can get.

So, if one of these games happens to be that evil of all evil programs, all the information that will be garnered will be some irrelevant game site passwords, and a couple of forum passwords. Shoot, I'd happily email that information to anyone who asked. :-)

As far as someone using my computer as a possible proxy, I have taken appropriate software and hardware safeguards against that sort of threat. Good luck to any who try. Not that it cannot be done, but it will most assuredly cost more effort that it would be ultimately worth.

At the end of the day, I think that your concerns are probably valid, within an entirely different venue, however. I believe that if a "Global Attack" or anything close to that concept were to occur, it would probably be launched via the venue of cracked and illegal software that is so readily available to 100's of thousands of computer users, wanting something for nothing, or as you term it, the "free lunch" crowd. Much easier to pass code that way, than using a venue like GAOTD.

Just my .02

Posted 1 year ago #
Barry

offline
Member

Hello,
I read the quite controversial post by ShieldsUp also. While reading it, I thought there were some valid points made in the thread, but way over paranoid. Why was the post deleted? Maybe ShieldsUp was not so far fetched in the post after all! In my opinion, GOTD would of been better to address this post with , we do check the software, and a absolutely not, but to just make the post disappear, interesting!?
I think being a little paranoid about identity theft and the malware a person can get from the Net is a good thing, just take a look at sites like Bleeping Computer, their Hijack This thread has over 30,000 topics, from people needing help to recover their computer system from "Nastys" they got from rouge sites, e-mails, bad downloads, you name it.
To sum up, stay away from suspicious web sites, check everything that comes into your computer at least once for malicious software, check out the EULA's, keep your real time "Anti Every Things" running, and then hope for the best.
Good day,
Barry

Posted 1 year ago #
ShieldsUp

offline
Member

Thanks to Freeware Fan & Barry for noticing that my post disappeared, and for your thoughtful responses.

Fan, you're taking more precautions than most, considering that most people don't even own a second computer (I own 3 but can't isolate all downloads since they cover the entire range from game to office productivity). For that matter, many PC users who SHOULD know better still fail to upgrade anti-V defs, still click on unsolicited junk mail with teaser headings, still take unsecure disks and flashcards into work to load/unload data and inappropriate material, still put their entire "friends" mailing list of private addies on the TO: line instead of the BCC: line when forwarding unsolicited "funny" chain letter emails and still write passwords on the inside of desk drawers.

Unless my original post was moved to a more appropriate department (without a courtesy memo from GAOTD alerting me to the move?), I can only presume that I hit a nerve. I posted a legitimate musing about the clear and present danger malware poses to the world at large. It wasn't a histrionic slam at GAOTD by a chicken little/sky is falling newbie. Heck, I even poked fun at my own paranoia. So, IMHO, the unceremonious disappearance suggests that this might be a real danger and all GAOTD participants darn well ought to rethink the definition of "free". If my post remains disappeared, I'll start posting the text on other security forums and blogs until I get a satisfactory answer.

Have a good one, guys.

Posted 1 year ago #
LeKanaw

offline
Member

Hello all,

I didn't read the original post of ShieldsUp, but would have liked to. Strange indeed that it disappeared... The replies peeked my interest!
Well, I'm a bit paranoid myself, about protecting my systems. Not to the extent of FreewareFan though! Good idea to have separate/unconnected systems!

But I must confess I had not considered this possibility...

We were considering buying a Terabyte external drive to add to our WiFi Lan, to store the tons of music my husband keeps buying, the photos, plus the games we get from GGAotDay, the s/w that "we must have", plus the backups of it all...

But now, don't know if this project is such a good idea...
We are very careful, and have layers and layers of "Anti-badstuff" through out all our PCs & Laptops, but still, one never knows, with all the new "Evilstuff" that gets thrown at us every day, every hour even!

And if there is a concerted effort to prepare an attack via seemingly innocent s/w, we are all doomed!!

Must start investigating for better WiFi protection and even more protective layers, I guess? *sigh*
Peace, M.

Posted 1 year ago #
xxxxxx

offline
Blocked

There's no need to give away a good virtual machine, there's already good ones available for free:

Microsoft VirtualPC 2007
Microsoft Virtual Server
VirtualBox (runs on Windows x86 and x64, OS X and Linux)
VMWare Player (Uses "pre-compiled" VMs you can download)

As well as numerous Linux Live CDs and if you're of a Windows disposition, look at BartPE to make a Windows "Live" CD, (technically a Preinstallation Environment but the principle is the same).

Also, Linux Live CDs can be run from within the host OS by using Qemu.

If you want cheap, US$50 will get you Parallels Workstation 2.2 for Windows & Linux.

And, IIRC, I believe that the Virtual HDs can be used interchangeably between VirtualPC, VMWare and Parallels, (or can be made to work by running a small conversion program).

Damn Small Linux will boot off of a flash drive from within the host environment - no need to reboot.

There are free sandbox programs that isolate a program from the system - SandBoxie is one.
GAOTD have previously given away two sandbox programs that you can use to protect yourself - Bufferzone and Returnil Virtual System.

Along the same lines but commercial is arguably one of the best HD backup programs around - Acronis True Image Home V11 which adds 'Try & Decide' - Hit the button to 'Try' a program. Hit 'Yes' or 'No' at system shutdown/reboot to keep or lose changes.

Personally, I use the routers hardware firewall, a software firewall (PCTools) and avast! - that's it for my main PC that does mostly everything. But, my XP Pro installation is nlite'ned - there is no IE, there is no non-essential Windows services running - the entire installation CD with drivers JUST for my system is ~200MB. Wherever possible I use 'portable' software - that is, it doesn't require installation - thus as far as Windows is concerned it doesn't exist, no vector for a virus to target something specific.
As I posted in another thread, GAOTD wrapper doesn't give registration details after installing on my system because as far as it's concerned there is no browser - so it just exits.
I have another PC, (full XP Pro install), which does nothing but download from Usenet - no firewall, no anti-virus. It never runs or unarchives anything it downloads, it just runs one program - it has not had any problems with virus/malware/spyware/etc since I installed it over a year ago. It doesn't even do Windows Updates and never will - it's permanently stuck at SP2.

BUT it doesn't matter how much security you use - it can all be compromised by the user.

As it goes: 'You make better idiot-proof software, they make a better idiot'.

;)

Posted 1 year ago #
goodgotd

offline
Member

I guess I just have too big a junkbox.

4 computers active on the LAN, all with internet access. Win2000 pro, sp4. I prefer avg (got the free pro at the moment) over avast, and comodo for software firewall. but a NAT router is first defense from outside. Cobian Backup to another machine on my 'main' Athlon XP machine. firefox with noscript... well.

This is the least of 'em, a 1999 gateway solo 2550 laptop, P-IIIm 450, 192 meg laptop, with usb 1.1 to a USB NIC accessing the LAN, though it's primary mission is reading ebooks.

Half-a-dozen other computers all the way back to '386's for playing old DOS games at sane speeds, and a pile of components. Anyone want an S-100 machine with terminals and a 20 gig hdd? pay the shipping, it's yours.

OTOH, the day I got DSL- 7 years and a bit ago- even though at the time I only had one computer to hook up, I made sure I *never* had the computer directly hooked up to the DSL bridge- I installed a SMC 7004ABR wired ethernet gateway/router to isolate the internet from my machine. fairly spendy, but I never regretted it.

If they still had 'em with modem ports, I'd suggest one for people stuck with dial-up!

Even that had a basic firewall, and provision to set one or a group of computers to 'cut off' from the internet, completely. Like a Network Attached Storage box, etc. No access either way. (there's how to have a safe network drive...)

A friend of mine cascaded his wireless router off one for better control, and both of us just upgraded to 3COM 3CR858-91 OfficeConnect routers- (51 bucks at NewEgg, 6 bucks shipping- just don't use the setup wizard. it's easier not to!) faster, better (SPI) firewall, VPN if needed, dyndns updater, far more flexible setup including blocking url's and domains- next time my grandkid comes over, 2 a.m. logins to myspace and yahoo everything is gonna be tough!

and yeah, the usenet/bittorrent k6-2/450 machine is a bit more isolated, avg but no firewall. so far, the biggest problems I've had are tracking cookies. RoboForm keeps personal details and logins handy but encrypted.

Posted 1 year ago #

RSS feed for this topic

Reply

You must log in to post.