Jump to content
  • Advertisement
Sign in to follow this  
pTymN

Security, is it really a necessary evil?

This topic is 5029 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Security may be considered a necessary evil, but I have done quite well for the past 4 years on my windows machine with no antivirus and no software firewall this and that. A hardware firewall and the good sense not to install every little update that my browser asks me to install has been sufficient. Switching to Firefox has certainly made this alot easier. I know windows users that have every kind of antivirus antispyware program known to man and they still have to reinstall frequently due to infections. So the questions are: Can any system of security and preventive monitoring programs really protect ignorant users from their own bad habits? Is it right to make things more difficult for users like myself who do everything as an admin, and find security related problems annoying? Disclaimer: I'm only talking about a user's rights on their own machine. I would definately agree that security is needed when talking to a remote machine. In a purely theoretical sense, only the user ultimately makes the choices that can compromise his computer.

Share this post


Link to post
Share on other sites
Advertisement
Quote:
Original post by pTymN
Can any system of security and preventive monitoring programs really protect ignorant users from their own bad habits?
No, of course not. Any program designed to protect users against their own stupidity is doomed to fail.

Share this post


Link to post
Share on other sites
Quote:
Original post by doynax
Quote:
Original post by pTymN
Can any system of security and preventive monitoring programs really protect ignorant users from their own bad habits?
No, of course not. Any program designed to protect users against their own stupidity is doomed to fail.

And shouldnt be used anyways.

Share this post


Link to post
Share on other sites
Quote:
Original post by Extrarius
The only real solution to stupidity is to limit freedom. If you can't do something, you can't do it wrong.


Much agreed! I think that security is not only protection from other people - but protection from ourselves as well.

Quote:
Original post by pTymN
Can any system of security and preventive monitoring programs really protect ignorant users from their own bad habits?


I would have to say yes - but then that user couldn't do much other than turn on the PC - in which that freedom would be taken away. As they say - the only 'safe' computer is disassembled and packed underground - or something like that.

Quote:
Security may be considered a necessary evil, but I have done quite well for the past 4 years on my windows machine with no antivirus and no software firewall this and that. A hardware firewall and the good sense not to install every little update that my browser asks me to install has been sufficient. Switching to Firefox has certainly made this alot easier.

I know windows users that have every kind of antivirus antispyware program known to man and they still have to reinstall frequently due to infections.


I think it also depends on what they are doing on the web as well. If you only go to cnn.com everyday and thats it - chances are your not going to get any problems. But as soon as you start searching the web and clicking on everything, then yes, all the protection in the world will do nothign to save you.

I personally use Norton AV, Adaware, and ZoneAlarm. I think that an AV is really important - just because so many pages now have that trojan-byte verify downloader something or another. The other day I was just looking at music lyrics - just one page and I got 3 of them. When you need information such as that, and it is not avaliable on 'trusted' servers, then I think security is important.

Quote:
Is it right to make things more difficult for users like myself who do everything as an admin, and find security related problems annoying?


What do you mean? I know that the only drawback to using NAV is that is slows down the comp a bit - because of realtime checking. For ZoneAlarm - I have to choose wheter I want to allow a program to use the itnernet or not when it tries for the firs time, but I set it that way. As for adaware - no hinderances there - it does what it is supposed to and does not get in my way. I do not think that any program has the 'right' to make things difficult for you - but you would have to tell me of a program that does - for all the programs I am currently thinking of at least let you customize them.

- Drew

Share this post


Link to post
Share on other sites
I've never bought into the limiting access trend. Even if you limit a user to 'user' [rather than root/admin] they can still write to their own files. Joe User will still raise hell with IT if their files disappear, which a virus/worm/stupid user can still do, even without admin rights.

Share this post


Link to post
Share on other sites
Quote:
Original post by Telastyn
I've never bought into the limiting access trend. Even if you limit a user to 'user' [rather than root/admin] they can still write to their own files. Joe User will still raise hell with IT if their files disappear, which a virus/worm/stupid user can still do, even without admin rights.
In a properly designed system (Which I'd say doesn't exist right now), the IT person would give _user_ access to execute (for example) the word processing program and the internet browser, permission to create/read/write/delete files/folders in their own directory, and nothing else. Safe computing practices wouldn't matter since they are not allowed to unintentionally run deltree c:

The only hole left would be software bugs, and many of the bugs that appear currently could be easily eliminated by some proxy software (to prevent viruses coming in/out), UI-control software {automagically closes the word processor's macro editor if it ever opens, for example}, and simmilar freedom-limiting software.

Like I said, if you can't do something, you can do it wrong.

Share this post


Link to post
Share on other sites
I myself am a little concerned by your initial post, pTymN.
Do you hardly ever connect to the internet or something?
If so then you may have just been lucky.

Otherwise, if you do go online often then there's a good chance that you have at least 1 virus on your computer by now, and probably at least 1 spyware or adware too. It's quite possible that you wouldn't know you had them without a detection tool of some sort.
A keystroke logger once made it's way through our hardware firewall and onto my PC. In fact, for all you know, your PC could be regularly trying to infect other's PC's.
For everyone's sake I recommend you install just these 3 well regarded programs: AVG antivirus 7 free edition, Ad-aware 6, SpyBot Search & Destroy 1.3.
That should be all you need.

It is indeed right to slightly inconvenience those that are ignorant to virus attack, as it can often be those person's PC's that are constantly attempting to infect others. The inconvenience is minimal really. You can always choose not to download and install MS's updates.
However the thing you have to be aware of is they're not just patching some hole that has been open for ages and has never been exploited and isn't likely to be. When they release a patch, they typically release the details of the exploit too. This means that there is a sudden increase in liklihood of getting a virus without the patch. Hence when they come out, you really should install them within a few weeks.

Quote:
I know windows users that have every kind of antivirus antispyware program known to man and they still have to reinstall frequently due to infections.
There are a lot of FAKE adware/spyware detection programs out there. These programs claim to detect spyware on a clean OS install that hasn't had anything installed on, or ever connected to the net etc. They also actually install spyware! This is why you must only use very well known programs for this kind of thing. Even popular websites such as C|net host these fake detection tools as featured downloads!!! Their creators push up the ratings with fake opinions to make them seem respectable!

(Maybe this thread would be more suited to the lounge btw, there is no programming involved here really)

Share this post


Link to post
Share on other sites
iMalc: I've been in the same situation as the OP for a while now (no idea how long, but a year at least), except that I use online scanners every few months just to be sure, and I run ad aware and S&D every once in a while to check up on things, and so far the worst I've had is tracking cookies, which aren't really all that bad ("OMG COOKIES!").
Most viruses these days basically just ask you to run them, and the few that don't abuse people that have bad IE or OE setting or habits (ie autoinstall=on or clicking 'yes' to install an active x control, etc)

Share this post


Link to post
Share on other sites
what about "buffer overflow"? It's purely programmer's fault. What about unnecessary services/servers installed by default? It's package-maker's fault....

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!