Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 31 Jul 2014, 15:58
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Windows security system passes new milestone
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [11 Posts]  
Author Message
prehistoric


Joined: 23 Oct 2007
Posts: 1255

PostPosted: Wed 18 Nov 2009, 22:07    Post subject:  Windows security system passes new milestone  

Before anyone jumps on me for saying I have had relatively good luck with the free COMODO Internet Security suite, I have to report that I had a struggle with the November 17 update. This was apparently rushed out in response to the flood of recent M$ updates. After wasting considerable time on a Vista system, (no I will not support your Vista installation, this one is a special legacy,) I ended up uninstalling the previous version, running a batch file to remove any leftover components, and then running COMODO's free registry cleaner to get a decent configuration for installing the latest version.

Here is where I approach the subject line. For anyone who doesn't already know, I don't recommend using Windows without a good broadband connection for updates. If you have updated the system, M$ Office, Adobe Reader, etc. you can spend time updating your protection software, assuming M$ hasn't managed to cripple it. (For about two weeks, Windows Defender kept removing part of CIS as malware.)

In the above case, the CIS installation program was a 39 MB download. After (finally) getting it to install, I clicked on the link to update the virus signature database. This didn't seem to accomplish anything, so I opened a window to check active Internet connections. This revealed megabytes of downloaded data accumulating. After an hour or so, it stopped with a total of 106 MB in the virus signature database. (It would go faster if thousands of other people weren't trying to update at the same time.) This completed initialization.

Next, it started several more connections to update things found after the initialization data was frozen. I confess I didn't carefully monitor how much it added. The total CIS storage requirement is around 150 MB.

That initial virus signature database for Windows is now larger than the entire Puppy 4.3.1 distribution. It was behind the state of the art by the time I got the antivirus program reinstalled correctly, requiring yet more updates. The effort put into securing that system is increasing exponentially, with diminishing returns.

I rest my case for Puppy.
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8041

PostPosted: Wed 18 Nov 2009, 23:57    Post subject:  

Hmm just stripped a laptop....estimated the downloads involve with update amounted to 20 times the actual software installed.
Install windows with latest service pack..remove the crap and turn off updates

mike
Back to top
View user's profile Send private message 
prehistoric


Joined: 23 Oct 2007
Posts: 1255

PostPosted: Thu 19 Nov 2009, 12:40    Post subject: security?  

mikeb wrote:
...Install windows with latest service pack..remove the crap and turn off updates


O.K. but what do you do about updating security?

My post was primarily about the updates to Internet security programs to combat new malware. I've just cleaned out three Windoze systems which had security programs from various vendors, but were behind on updates. At least one of those was run the way you seem to recommend.

Here are my security recommendations for systems without updates: don't run IE; don't run Windows; don't go on the Internet.
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8041

PostPosted: Thu 19 Nov 2009, 13:02    Post subject:  

Quote:

O.K. but what do you do about updating security?

The updates are primarily for the crap that would be removed so become irrelevent. Treat the cause not the symptoms. Some idiot decided that being able to run scripts embedded in media was a good idea Very Happy

I was talking about a fresh install with latest SP is a much more efficient way of updating than hundreds of individual installs. Like we are talking replacement files and some registry entries....indeed XP with SP3 is not much larger than the original XP...the main increase is due to newer drivers.

Update manually to be more selective if the need is felt...read the release notes and see what they are for (I'll take bets Smile )...

mike
Back to top
View user's profile Send private message 
prehistoric


Joined: 23 Oct 2007
Posts: 1255

PostPosted: Thu 19 Nov 2009, 19:18    Post subject: selective updates  

mikeb,

Actually, I do update manually and read the notices.

What I was trying to get at in my previous post was that my reason for starting this topic was not the M$ updates, per se, but rather the number of threats security software is trying to defend against.

To repeat: one virus signature database initialization is now the size of the entire Puppy 4.3.1 ISO. This initialization came after downloading a 39 MB installation program, and was followed by further updates -- to the security software, not the OS.

People depending on M$ security generally get clobbered, in my experience. I've watched systems running Norton security get clobbered because this was not updated in a timely manner. (Their license was current, but they were impatient about letting it complete security downloads/updates before shutting down, so they skipped them.) Other systems running McAfee, AVG, etc. have ended up in my hands for similar reasons.

Jemimah has said that I must live in Defcon. YMMV
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8041

PostPosted: Thu 19 Nov 2009, 22:35    Post subject:  

Quote:
but rather the number of threats security software is trying to defend against.

the gates were left truly wide open with arrows and notices to help along the way Very Happy .

I jumped in as this is quite relevent to what I'm involved in at the moment which is a case of
a) make windows much more immune and functional or
b) make linux much more acceptable and compatible to be used as an alternative

challenges in both areas. Shocked
I'm hoping the business enviroment I'm working in at least I won't have the 'I can't live without msn' and 'I want to install those shiney free smilies' , 'I want free russian pron' and 'ooo MR zumgabwe wants me to look after $1000000' syndrome.
One bonus is the machines are pretty reliable now Very Happy

Your point is that it's all become ludicrously messy so I'm hoping to untangle the knotted ball of wool a little Smile

regards
mike

ps why do people faint when I mention that I have never used any antivirus software...they do...there's this awkward silence..... mind you I fall silent when facebook and big brother get talked about...
Back to top
View user's profile Send private message 
prehistoric


Joined: 23 Oct 2007
Posts: 1255

PostPosted: Wed 02 Dec 2009, 12:01    Post subject: vulnerability  

There are aspects of this problem which do not depend on the highly-specific characteristics of the OS. The Internet was designed to connect people using computers. Security was hardly considered at the beginning.

Theoretical debates about establishing and maintaining an identity on a shared resource like the Internet were unresolved at the time. Even if they had been neatly handled, we would still have the problem of malicious human users. Can you establish the point at which a human being goes over to the dark side?

The highly-specific nature of huge numbers of vulnerabilities is tied to current economics. Profits are derived from incompatibilities and limited lifetimes. A product which works anywhere, and keeps working forever, without support, is a sure-fire money loser -- in the long run. This makes bug-free code a liability, and leads to the rationale of "security through obscurity". This may not be true in many senses, but obscurity can be certainly be profitable in a narrow and short-term sense.

Currently profitable Internet scams depend as much on social engineering as on code. (Consider phishing.) The fundamental source of vulnerability is the person using the system without understanding either it or the shared resources being accessed. Unresolved problems in the original design of interactions scarcely help.

I started this topic because of a feeling we have passed a watershed where business as usual is becoming less and less acceptable. If the complexity of defense now exceeds the complexity of an entire system, which does most things most users want, that is highly significant.
Back to top
View user's profile Send private message 
benali72

Joined: 09 Aug 2006
Posts: 276

PostPosted: Wed 02 Dec 2009, 14:00    Post subject: good insights from prehistoric  

prehistoric,

great point about how long updates take to download for Windows, and how sometimes one gets into complexities and conflicts while applying them. I had never thought about this aspect of Windows overhead.

>>>> I don't recommend using Windows without a good broadband connection for updates.

Agreed! I don't think anyone could use Windows any more with a dial-up modem because of the requirements of Windows Update and security product definition files updates.

Plus take an old XP system and you'll find TONS of space wasted on all those HF$ and MIG$ files in the Windows directory left over from updates that no typical user knows to delete. I've seen systems where these files easily consume a gigabyte if they've been running MS Update for several years.

Plus of course there is all the performance overhead. Every time you work on a file or read an email or download a file, AVG (or some similar product) is slowing performance while it scans it to protect you from malware.

>>>> The effort put into securing that system is increasing exponentially, with diminishing returns.

Yes! Especially with older systems like P-III's, I'm finding that Windows security overhead kills their performance and usefulness, whereas Puppy requires none of this.

Windows 95/98/ME machines are no longer safe or performant enough to use for all the reasons you mention.

Whereas, you can actually use Puppy on a P-II or P-III with dial-up and get real work done.

Puppy is a good tool in creating a greener planet because it thwarts the unnecessary obsolescence forced upon consumers by the MS monopoly. Don't trash all those old P-IV's, P-III's, and P-II's .... puppy-ize them!
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8041

PostPosted: Wed 02 Dec 2009, 14:32    Post subject:  

Quote:
A product which works anywhere, and keeps working forever, without support, is a sure-fire money loser


which is probably why the 'known about for 10 years' reasons for such insecurity has never been dealt with....a company that spends billions on software development ain't that stupid...If their operating system falls in a heap within a year or so then that's good business...money is the great spoiler.

Quote:
Windows 95/98/ME machines are no longer safe or performant enough to use for all the reasons you mention.

a gui running on 16bit dos is simply a non contender for current equipment...It can actually be made secure.

mike
Back to top
View user's profile Send private message 
prehistoric


Joined: 23 Oct 2007
Posts: 1255

PostPosted: Wed 02 Dec 2009, 16:58    Post subject: Now, how about getting help?  

I have to confess that some of my problems with that COMODO update were purely my own fault. I have since succeeded on two more systems with less trouble. The difficulty here is staying current with Windoze, security and malware, it takes significant mental effort.

Let's revisit the argument that "if there's something wrong with my Windows system I can pay someone to fix it." Listen to a former employee with real system skills. Note: This is not the original Geek Squad, it is now owned by Best Buy.

This helps explain why I've been getting more and more pitiful cries for help recently, despite my known aversion to Windows. I'm under priced.
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8041

PostPosted: Wed 02 Dec 2009, 18:10    Post subject:  

Well not surprising...the standard approach to 'repair' is a glorified version of windows help Very Happy or reinstall....

Well it's keeping you busy Wink

regards

mike
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [11 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0863s ][ Queries: 12 (0.0107s) ][ GZIP on ]