Re: Threats to your Internet usage - what, why, and how
"Curt Christianson" <curtchristnsn@NOSPAMyahoo.com> wrote in message
news:uuBS7WGOJHA.1164@TK2MSFTNGP02.phx.gbl...
| Interesting link Maurice--thank you. And...
|
| <quote>
| Many users of the Internet believe that because of the billions of users,
| they are protected from malicious attacks.
| <end quote>
| ...I believe that is *precisely* why we *are* so vulnerable.
|
| --
| HTH,
|
| Curt
|
|
http://dundats.mvps.org/
|
http://www.aumha.org/
|
http://dundats.mvps.org/AutoIt/default.aspx
|
|
Right, it only takes a few to become infected and it spreads like wildfire.
The reliance on products which give the impression of security when they may
not actually provide much protection is rampant.
Secunia just tested several suites:
http://secunia.com/gfx/Secunia_Exploit-vs-AV_test-Oct-2008.pdf
and found most did not perform as one might expect. IN FACT, there was a
*dismal* showing for protection. As usual one product had to be better than
the others, but even that product really provides little protection.
http://secunia.com/blog/29/
http://blogs.zdnet.com/security/?p=2030&tag=nl.e589
Coupled with user failure to apply updates and use of other security
measures in addition, such as monitoring, firewalls, and other; and this
Internet becomes a vast playground for hackers and malicious sites, while
supposed "security experts" appear to provide misleading ideas on just what
works and how to protect oneself.
The same basic techniques used years ago to infect people are still being
used, but now we have server coding, page: PHP, JAVA, PERL, and dozens of
others, that can be used to inject and invade. Root kit revealers can only
show what they know how to detect; anti-virus programs can only find what
they know even if they use heuristics; SpyWare detectors can or might show
something or they might not;; the level of infection has gone DEEP into the
flawed OS structures. And let's not forget those who think a NAT or the
lowly router is a firewall and all they need.... even CISCO hasn't figured
out how hardware can actually protect someone. One breach or hacked device
and the protection collapses.
The last *EMERGENCY* update from Microsoft for its servers {and OSs} went
mostly unnoticed by the regular users, and yet what it attempted to address
was major security issues.... yet still just a PATCH, a bandaid applied to a
gushing wound...
--
MEB
http://peoplescounsel.org
a Peoples' counsel
_ _
~~
| "MEB" <meb@not
here@hotmail.com> wrote in message
| news:um2Zn5GNJHA.740@TK2MSFTNGP03.phx.gbl...
| >
| > Many users of the Internet believe that because of the billions of
users,
| > they are protected from malicious attacks.
| > These people apparently fail to understand the WHAT, HOW, WHY some of
| > these
| > attack activities occur. Others believe that the protections offered by
| > the
| > OSs somehow keeps these malicious activities from occurring.
| > Hackers LOVE these people, they are the "meat and potatoes" of the
hacker
| > world.
| >
| > I've posted things like "clickjacking", linked sites, SSI {server-side
| > includes}, embedded code, and other methods in this group, however,
there
| > still seems to be a lack of comprehension of certain points.
| >
| > Here's a link to one site which deals with some parts of the hacker
world
| > and its effect, perhaps we should discuss more:
| >
http://www.shadowserver.org/wiki/
| >
| >
| > --
| > MEB
| >
http://peoplescounsel.org
| > a Peoples' counsel
| > _ _
| > ~~
| >
| >
|
|