Ad Widget

Collapse

Announcement

Collapse
No announcement yet.

Viruses appears to be back again

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #46
    Originally posted by bob p View Post
    2. Block Flash. It's a security problem.

    3. Block Java. Same as above.
    Good advice, however, you mean Java Script. It really has nothing to do with Java except the name.

    I leave Java Script active, but use a Flash blocker. I also use an ad blocker. I haven't been having any problems this time around, however, even with these things blocked I was getting a notice about that the web site might harm my computer the last time this happened. Since I'm on a Mac, I knew nothing on any of these sites could harm my computer, so I just shut that warning off in Safari.

    Originally posted by bob p View Post
    Without Flash, I'm totally protected against flash exploits.
    You also miss out on a lot of the content on the web. I'm not a huge Flash fan, but when I need it, I have it.

    If you want to forget any of the other precautions you listed, get a Mac. I've been using them with no virus protection since the early 90s. And that's running on an administrator account, just as I'm doing now.

    And it's all the Unix-y goodness of Lunix (actually it's more UNIX than Linux), but with real commercial software available. I like Linux, but I need Photoshop, Cubase and Protools.
    It would be possible to describe everything scientifically, but it would make no sense; it would be without meaning, as if you described a Beethoven symphony as a variation of wave pressure. — Albert Einstein


    http://coneyislandguitars.com
    www.soundcloud.com/davidravenmoon

    Comment


    • #47
      Originally posted by David Schwab View Post
      Since I'm on a Mac, I knew nothing on any of these sites could harm my computer
      That sounds like an absolute. Is it not possible or did you mean "highly improbable"?
      Originally posted by Enzo
      I have a sign in my shop that says, "Never think up reasons not to check something."


      Comment


      • #48
        On Mac OS X the default is a regular user account. If you want to do anything dangerous, the system prompts you for your password. I suppose under the hood it works with sudo.

        Running a non-administrator account under XP is a good idea, until you come across an important piece of software that won't work unless you run as administrator. Then you have one account that can do everything, and another account that can't. Guess which one you end up using all the time.

        Or should I say, guess which one I ended up using. Your mileage may vary

        Flash is dreadful, but unfortunately it became an industry standard. The only escape is that Steve Jobs banned it from his iDevices because of a personal grudge against Adobe.
        "Enzo, I see that you replied parasitic oscillations. Is that a hypothesis? Or is that your amazing metal band I should check out?"

        Comment


        • #49
          What I would recommend at this point, if you are using Firefox:
          Click your upper left screen firefox tab
          click add ons
          search, from the box "ad block plus"
          Install ad block plus add on to firefox, it's a firefox approved add on
          restart the computer
          should be working now, and can be updated.
          The ad block plus does a good job of blocking the flash based attacks. When installed, there do not seem to be any further intrusions.
          I have had zero problems after I installed that add on from firefox.
          However don't go crazy blocking everything, as you have that option available. There is such a thing as blocking too much stuff.

          Also, if you are using a free antivirus, I recommend you dump that-- and use a professional antivirus instead. Free antivirus does not have the juice to detect update and quarantine many of these attacks.

          You can also use add block plus to disable facebook social tracking, and other irritating tracking cookies, etc...

          If you are using internet explorer, you have my condolences. Even NASA has stopped using that.
          Last edited by soundguruman; 02-12-2012, 02:15 PM.

          Comment


          • #50
            Originally posted by David Schwab View Post
            Good advice, however, you mean Java Script. It really has nothing to do with Java except the name.
            Yes. When I wrote that, I was talking about web browsing, and Java in that text should mean JavaScript. I use NoScript to block all JavaScript in Firefox until I whitelist a particular site. Not many sites get whitelisted.

            Downloaded Java applications are even more risky. Java is a very powerful language. Java apps have the ability to directly access your hard disk. You really don't want a Java app to execute on your system with root user privileges -- doing that hands the remote programmer the keys to your computer. Once you execute his software, it can do ANYTHING on your system, without limits.

            I leave Java Script active, but use a Flash blocker. I also use an ad blocker.
            By doing that you are allowing permissive interweb communication, in which javascript tracks your browsing activity, and relays information about you to third party tracking sites. That may or may not be a problem, depending on what you want. To get a better idea on how many web sites are secretly passing information about you behind your back, you may want to install the Collusion add-on for Firefox. You'll be amazed how many tracking services are sharing all sorts of information about you when you leave JavaScript enabled. If you have any concerns whatsoever about privacy, then JavaScript is your worst enemy. I won't enable javascript unless I absolutely MUST have it to browse a site that I am forced to trust with 100% confidence -- like my bank -- and nobody else.

            Here's a sidetrack on OS selection and security. We all know that Windows is BAD, and that it's the ultimate in low-hanging fruit for the bad guys.
            Moving to BSD (Mac) or Linux sure helps a lot, but it doesn't make you invincible. Although the OS user security levels and permissions paradigms have been ironed out for decades, there are still all sorts of security problems that come along with the applications that run on the OS because programmers are human and humans make mistakes. Just take a peek at the sites that log security exploits and you'll see that the problems exist on all the platforms. What I like about Linux is that developers are not afraid to admit security problems when they come up, and they actually like it when users find and report security problems. Compare that to Windows, where MS would rather not admit anything they don't have to admit. The nicest thing about Linux (at least in my eyes) is that with the right software distribution you have granular control over the revision number for every application that runs on your system. You can monitor something like GLSA (Gentoo Linux Security Advisories) to know which packages have problems and which don't. You can fine tune your system to avoid any package with a security advisory, and then stop updating the system once it's tweaked the way you like it. It's possible to freeze your OS in a stable state and leave it there, without having to continually perform updates. In that respect, Linux is the opposite of Windows -- with Windows, you have to constantly update to be sure you've got the latest security updates because new exploits are noticed all the time. With Linux, it's possible to freeze the system packages in a stable state and just not bother with constantly updating if that floats your boat. There's no reason to update the OS/kernel unless you want to install a new software package that absolutely requires it, and that's a pretty rare / black swan event. With Mac, I can't honestly say that I know that is going on because Apple isn't very open about things.


            You also miss out on a lot of the content on the web. I'm not a huge Flash fan, but when I need it, I have it.
            I can honestly say that I don't really miss what I'm allegedly missing. I have to admit, I'm one of those guys who uses the internet a lot, but I'm very selective about what I like to use. I may be odd in that I don't have a Facebook account and I don't participate in any social media. It's a rare occasion that I want to watch a YouTube video, and if it's in Flash, I often don't bother. I'm one of those guys who's been "online" since the days of the 300-baud modem, and I don't really care about what I might be "missing." IMO most of what's on the internet is vapid content that doesn't interest me. That said, if I absolutely have to have Flash, I can run virtualized Windows/Flash on a 32-bit linux machine, where I can load a fresh image of the virtualized OS for the browsing event and dispose of it afterward. That's the equivalent of performing a fresh Windows install for your session and reformatting the disk when you're done. Pretty hard to get exploited that way.



            If you want to forget any of the other precautions you listed, get a Mac. I've been using them with no virus protection since the early 90s. And that's running on an administrator account, just as I'm doing now.
            I used to publish my own linux distribution, which I built from source code. I'm not a Mac kind of guy, but I think that the Mac is a much better platform than Windows. As far as running an administrator account for day to day purposes, that's just a bad idea, regardless of whether your're running Unix, Linux, Mac/BSD or Windows. Root accounts are for performing root functions, not common use functions. The foolhardiness of performing unnecessary tasks with superuser privileges has been recognized for decades. It's definitely not a good idea. In fact it's such a bad idea that many Linux distributions force you to not have access to the root account by default, such as Ubuntu. I find the concept of browsing on a superuser account to be so foreign to me that I have trouble finding words to express the extent to which I think that is a really BAD idea. It's hard to imagine doing anything more foolish with a computer.

            Being a really geeky guy, I go even farther in nailing down the security holes in my system. I have a dedicated linux-based firewall between my ISP's hardware and my LAN. It uses IP-Tables to drop packets bound for any IP address that is not on a context-appropriate white list. This allows me to control the kind of traffic (port number) that comes in/goes out of my system, as well as which IP addresses in the world are allowed traffic on those ports.
            "Stand back, I'm holding a calculator." - chinrest

            "I happen to have an original 1955 Stratocaster! The neck and body have been replaced with top quality Warmoth parts, I upgraded the hardware and put in custom, hand wound pickups. It's fabulous. There's nothing like that vintage tone or owning an original." - Chuck H

            Comment


            • #51
              Originally posted by bob p View Post
              Yes. When I wrote that, I was talking about web browsing, and Java in that text should mean JavaScript. I use NoScript to block all JavaScript in Firefox until I whitelist a particular site. Not many sites get whitelisted.

              Downloaded Java applications are even more risky. Java is a very powerful language. Java apps have the ability to directly access your hard disk. You really don't want a Java app to execute on your system with root user privileges -- doing that hands the remote programmer the keys to your computer. Once you execute his software, it can do ANYTHING on your system, without limits.
              Not on the Mac they don't. Everything runs in a sand box. If an application of any kind wants to do something you didn't ask it do do, you have to authorize it with your password.

              By doing that you are allowing permissive interweb communication, in which javascript tracks your browsing activity, and relays information about you to third party tracking sites. That may or may not be a problem, depending on what you want. To get a better idea on how many web sites are secretly passing information about you behind your back, you may want to install the Collusion add-on for Firefox. You'll be amazed how many tracking services are sharing all sorts of information about you when you leave JavaScript enabled. If you have any concerns whatsoever about privacy, then JavaScript is your worst enemy. I won't enable javascript unless I absolutely MUST have it to browse a site that I am forced to trust with 100% confidence -- like my bank -- and nobody else.
              Cookies track your browser activity. I use a plugin called Ghostery. It blocks all tracking cookies unless you allow them.

              Ghostery

              It's possible to freeze your OS in a stable state and leave it there, without having to continually perform updates.
              I can choose not to install updates. They are not automatic. But I know that they are bug fixes and security updates. I've never had a bad experience with an Apple update.

              [QUOTE]With Mac, I can't honestly say that I know that is going on because Apple isn't very open about things.[/INDENT]

              No, Apple is pretty open about a lot of things.

              Apple - OS X - Security - Keeps you safe from viruses and malware.

              Apple security updates

              I can honestly say that I don't really miss what I'm allegedly missing. I have to admit, I'm one of those guys who uses the internet a lot, but I'm very selective about what I like to use. I may be odd in that I don't have a Facebook account and I don't participate in any social media. It's a rare occasion that I want to watch a YouTube video, and if it's in Flash, I often don't bother. I'm one of those guys who's been "online" since the days of the 300-baud modem, and I don't really care about what I might be "missing." IMO most of what's on the internet is vapid content that doesn't interest me. That said, if I absolutely have to have Flash, I can run virtualized Windows/Flash on a 32-bit linux machine, where I can load a fresh image of the virtualized OS for the browsing event and dispose of it afterward. That's the equivalent of performing a fresh Windows install for your session and reformatting the disk when you're done. Pretty hard to get exploited that way.
              I'm on the Internet every day. I have been since the early 90s. I use a plugin called ClickToFlash which blocks Flash content unless I want it. I mostly do that because a poorly written Flash file can suck up all your CPU cycles. But well written ones are fine. A good example is this site:

              imani says hi

              I didn't author this, but I host it on my web site. It's a very well written Flash site. it's fast, doesn't bog down your computer, and it's fun.


              I used to publish my own linux distribution, which I built from source code. I'm not a Mac kind of guy, but I think that the Mac is a much better platform than Windows. As far as running an administrator account for day to day purposes, that's just a bad idea, regardless of whether your're running Unix, Linux, Mac/BSD or Windows. Root accounts are for performing root functions, not common use functions. The foolhardiness of performing unnecessary tasks with superuser privileges has been recognized for decades. It's definitely not a good idea. In fact it's such a bad idea that many Linux distributions force you to not have access to the root account by default, such as Ubuntu. I find the concept of browsing on a superuser account to be so foreign to me that I have trouble finding words to express the extent to which I think that is a really BAD idea. It's hard to imagine doing anything more foolish with a computer.
              I don't run as a root account. I run as an administrator account. On a Mac, that's two very different things. On an admin account you can't do things that Apple does not want you to do. Even if you try and move an application to and from the Applications folder, you have to enter your password. On Mac OS X 10.7, Apple decided to hide the Library folder to make it harder to mess with things some people shouldn't be messing with.

              If I were to run as a regular account, I would not be able to do some of the things I do every day, like install and update software.

              I'm a "power user", so I do have a root account that I use for trouble shooting.

              So far no one has been able to write malware for the Mac that doesn't require the user to manually install it and to authorize it with their password. You can have a secure OS, but you have to be web savvy as well.

              Being a really geeky guy, I go even farther in nailing down the security holes in my system. I have a dedicated linux-based firewall between my ISP's hardware and my LAN. It uses IP-Tables to drop packets bound for any IP address that is not on a context-appropriate white list. This allows me to control the kind of traffic (port number) that comes in/goes out of my system, as well as which IP addresses in the world are allowed traffic on those ports.
              The Mac has a good built in firewall. I actually don't even have it running. All I need to do is be behind a router, which in my case is an AirportExtreme, and it's fine. For a while I was running Norton Internet Security, because it was free from my ISP. It would give warning that someone was trying to access my Mac but they were not able to do.

              Since 1994, I have had two instances of having a virus on my Mac. Both of those came from removable media, and not the internet, and I was able to remove them as soon as they were discovered.

              No OS is perfect, but the Mac OS is a very secure OS, regardless to what some "Internet Security experts" say. I like Linux too. I used to run a distribution on one of my Macs. I also used to like BeOS a lot. But both suffered from a lack of software.
              It would be possible to describe everything scientifically, but it would make no sense; it would be without meaning, as if you described a Beethoven symphony as a variation of wave pressure. — Albert Einstein


              http://coneyislandguitars.com
              www.soundcloud.com/davidravenmoon

              Comment


              • #52
                Originally posted by David Schwab View Post
                Not on the Mac they don't. Everything runs in a sand box. If an application of any kind wants to do something you didn't ask it do do, you have to authorize it with your password.
                I've been under the hood on these things long enough to have seen sandbox failures/exploits and breaking out of chroot jails in different flavors of 'nix. Not to say that you aren't safe by doing what you're doing, but that you're always safer if your protection involves multiple layers between you and the bad guys. I don't put my faith in sandboxing all by itself.

                Cookies track your browser activity. I use a plugin called Ghostery. It blocks all tracking cookies unless you allow them.
                Indeed they do. And you can manage them. But it's important to note that tracking/spying via cookies is passe', largely because you are aware of it and you know to take action. Modern tracking techniques allow web sites that you aren't even visiting to retrieve information about you in real time, regardless of your cookie management scheme., through the execution of javascript embedded in the web pages that you do visit. It seems that no matter how much we users pay attention to solving these sorts of problems, someody always seems to come up with a new way to store/recover the information to make you vulnerable.

                If you take some time to monitor what the javascript on web pages is actually doing, you'll find that they're all sending information aboutyour browsing activity to companies like facebook and doubleclick. What's so interesting about this is that I don't have a facebook account, and I've never been to the facebook site, but facebook is still collecting/updating a dossier on me. They do this by paying other websites to include javascript in their web pages that forwards information to facebook. This information could be indexed by your IP address, or by your NIC MAC address if you allow javascript execution. These techiques allow companies like facebook to track browser activity across every site you visit, indexing it to the MAC address on your NIC. Don't underestimate what kind of tracking facilities are in place on the web sites you visit. It's a lot more complex than cookies.



                The Mac has a good built in firewall. I actually don't even have it running.
                At the risk of stating the obvious, If you don't have it running then it isn't doing you any good.

                All I need to do is be behind a router,
                That's a good first step as far as security is concened; it protects you from a brute force attack from an outside hacker, but it's far from a complete solution. I'm sure that you're aware that a firewall, a router, and a firewall/router perform different functions. An SPI firewall/router will protect you to the extent that your internal LAN addresses are not directly accessible from the outside world. An SPI firewall/router doesn't protect you from exploits that are taking place via a "legitimate" packet stream that you have initiated. In that case, a more sophisticated method of intrusion detection is required. The state of the art now is actually focused more closely on extrusion detection, via packet payload examination, to control what kind of information is leaving your computer during a browsing episode. This requires a packet sniffing system and a firewall that is expressly configured to drop packets that are headed for unsavory destinations. All things considered, it's a lot easier just to block javascript execution by unauthorized sites, and to blacklist their IP domains at the router level, dropping packets to the people who are trying to take advantage of user naivety. Enabling javascript is inherently dangerous.

                In the big scheme of things, people who worry about having their PC hit with a virus or a trojan are paying attention to one level of internet security and completely ignoring another. The bigger threat, IMO, comes from the spyware/tracking paradigms that are currently in use to collect all sorts of information about you using javascript. This concept bothers some people more than others. Some people aren't even aware of the kind of information that's being collected about them; the problem isn't even on their radar.
                "Stand back, I'm holding a calculator." - chinrest

                "I happen to have an original 1955 Stratocaster! The neck and body have been replaced with top quality Warmoth parts, I upgraded the hardware and put in custom, hand wound pickups. It's fabulous. There's nothing like that vintage tone or owning an original." - Chuck H

                Comment


                • #53
                  Could this Thread be moved to the Lobby, instead of being in the Pickup Makers Forum?
                  The Lobby or Fun with Computers forum, is where all the other virus threads are.
                  Things are better now, Lets move on!
                  T
                  Last edited by big_teee; 02-13-2012, 03:08 AM.
                  "If Hitler invaded Hell, I would make at least a favourable reference of the Devil in the House of Commons." Winston Churchill
                  Terry

                  Comment


                  • #54
                    Originally posted by bob p View Post
                    I've been under the hood on these things long enough to have seen sandbox failures/exploits and breaking out of chroot jails in different flavors of 'nix.
                    Not on Macs. But you are welcome to give some examples.

                    [QUOTE]Indeed they do. And you can manage them. But it's important to note that tracking/spying via cookies is passe', largely because you are aware of it and you know to take action. Modern tracking techniques allow web sites that you aren't even visiting to retrieve information about you in real time, regardless of your cookie management scheme., through the execution of javascript embedded in the web pages that you do visit. It seems that no matter how much we users pay attention to solving these sorts of problems, someody always seems to come up with a new way to store/recover the information to make you vulnerable.

                    If you take some time to monitor what the javascript on web pages is actually doing, you'll find that they're all sending information aboutyour browsing activity to companies like facebook and doubleclick.
                    That doesn't happen because I'm using Ghostry. Here's what happens at this site:



                    At the risk of stating the obvious, If you don't have it running then it isn't doing you any good.
                    It's not running because I generally don't need it. The problem is that it becomes a nuisance in some situations. I'm also running LittleSnitch which warns about network connections.

                    The built in Firewall also has a "stealth mode" which does not respond or acknowledge attempts to access the computer from the internet. So you can't ping it.

                    That's a good first step as far as security is concened; it protects you from a brute force attack from an outside hacker, but it's far from a complete solution. I'm sure that you're aware that a firewall, a router, and a firewall/router perform different functions. An SPI firewall/router will protect you to the extent that your internal LAN addresses are not directly accessible from the outside world. An SPI firewall/router doesn't protect you from exploits that are taking place via a "legitimate" packet stream that you have initiated. In that case, a more sophisticated method of intrusion detection is required. The state of the art now is actually focused more closely on extrusion detection, via packet payload examination, to control what kind of information is leaving your computer during a browsing episode. This requires a packet sniffing system and a firewall that is expressly configured to drop packets that are headed for unsavory destinations. All things considered, it's a lot easier just to block javascript execution by unauthorized sites, and to blacklist their IP domains at the router level, dropping packets to the people who are trying to take advantage of user naivety. Enabling javascript is inherently dangerous.
                    I agree, but as I said, in the last 18 years I have had zero problems on the internet. There really aren't any "exploits" going on here. I can see that there are attempts to connect from the outside, and they can't.

                    As macs get more popular hackers might start targeting them, but currently it's not happening. And as soon as word gets out that there is some exploit, or at least a proof of concept exploit, Apple fixes it.


                    In the big scheme of things, people who worry about having their PC hit with a virus or a trojan are paying attention to one level of internet security and completely ignoring another. The bigger threat, IMO, comes from the spyware/tracking paradigms that are currently in use to collect all sorts of information about you using javascript. This concept bothers some people more than others. Some people aren't even aware of the kind of information that's being collected about them; the problem isn't even on their radar.
                    See, I can see all network traffic going on.



                    When Safari makes a connection, it shows up there. There's no tracking going on here.
                    It would be possible to describe everything scientifically, but it would make no sense; it would be without meaning, as if you described a Beethoven symphony as a variation of wave pressure. — Albert Einstein


                    http://coneyislandguitars.com
                    www.soundcloud.com/davidravenmoon

                    Comment


                    • #55
                      Originally posted by big_teee View Post
                      Could this Thread be moved to the Lobby, instead of being in the Pickup Makers Forum?
                      The Lobby or Fun with Computers forum, is where all the other virus threads are.
                      Things are better now, Lets move on!
                      T
                      I agree! I don't think I can move it, but tboy can.
                      It would be possible to describe everything scientifically, but it would make no sense; it would be without meaning, as if you described a Beethoven symphony as a variation of wave pressure. — Albert Einstein


                      http://coneyislandguitars.com
                      www.soundcloud.com/davidravenmoon

                      Comment


                      • #56
                        There, I moved it to "Fun with Computers". David, I'm not sure why you couldn't move it, maybe the administrative menu needs JavaScript to work?

                        How do you get that window that shows all network activity? It looks handy.

                        I'm an Apple fanboy. I trust that they come with a reasonable security policy out of the box.
                        "Enzo, I see that you replied parasitic oscillations. Is that a hypothesis? Or is that your amazing metal band I should check out?"

                        Comment


                        • #57
                          So can you view YouTube videos without Flash on WinXP or Win 7?
                          The Blue Guitar
                          www.blueguitar.org
                          Some recordings:
                          https://soundcloud.com/sssteeve/sets...e-blue-guitar/
                          .

                          Comment

                          Working...
                          X