Windows security system passes new milestone

For discussions about security.
Post Reply
Message
Author
User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

Windows security system passes new milestone

#1 Post by prehistoric »

Before anyone jumps on me for saying I have had relatively good luck with the free COMODO Internet Security suite, I have to report that I had a struggle with the November 17 update. This was apparently rushed out in response to the flood of recent M$ updates. After wasting considerable time on a Vista system, (no I will not support your Vista installation, this one is a special legacy,) I ended up uninstalling the previous version, running a batch file to remove any leftover components, and then running COMODO's free registry cleaner to get a decent configuration for installing the latest version.

Here is where I approach the subject line. For anyone who doesn't already know, I don't recommend using Windows without a good broadband connection for updates. If you have updated the system, M$ Office, Adobe Reader, etc. you can spend time updating your protection software, assuming M$ hasn't managed to cripple it. (For about two weeks, Windows Defender kept removing part of CIS as malware.)

In the above case, the CIS installation program was a 39 MB download. After (finally) getting it to install, I clicked on the link to update the virus signature database. This didn't seem to accomplish anything, so I opened a window to check active Internet connections. This revealed megabytes of downloaded data accumulating. After an hour or so, it stopped with a total of 106 MB in the virus signature database. (It would go faster if thousands of other people weren't trying to update at the same time.) This completed initialization.

Next, it started several more connections to update things found after the initialization data was frozen. I confess I didn't carefully monitor how much it added. The total CIS storage requirement is around 150 MB.

That initial virus signature database for Windows is now larger than the entire Puppy 4.3.1 distribution. It was behind the state of the art by the time I got the antivirus program reinstalled correctly, requiring yet more updates. The effort put into securing that system is increasing exponentially, with diminishing returns.

I rest my case for Puppy.

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#2 Post by mikeb »

Hmm just stripped a laptop....estimated the downloads involve with update amounted to 20 times the actual software installed.
Install windows with latest service pack..remove the crap and turn off updates

mike

User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

security?

#3 Post by prehistoric »

mikeb wrote:...Install windows with latest service pack..remove the crap and turn off updates
O.K. but what do you do about updating security?

My post was primarily about the updates to Internet security programs to combat new malware. I've just cleaned out three Windoze systems which had security programs from various vendors, but were behind on updates. At least one of those was run the way you seem to recommend.

Here are my security recommendations for systems without updates: don't run IE; don't run Windows; don't go on the Internet.

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#4 Post by mikeb »

O.K. but what do you do about updating security?
The updates are primarily for the crap that would be removed so become irrelevent. Treat the cause not the symptoms. Some idiot decided that being able to run scripts embedded in media was a good idea :D

I was talking about a fresh install with latest SP is a much more efficient way of updating than hundreds of individual installs. Like we are talking replacement files and some registry entries....indeed XP with SP3 is not much larger than the original XP...the main increase is due to newer drivers.

Update manually to be more selective if the need is felt...read the release notes and see what they are for (I'll take bets :) )...

mike

User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

selective updates

#5 Post by prehistoric »

mikeb,

Actually, I do update manually and read the notices.

What I was trying to get at in my previous post was that my reason for starting this topic was not the M$ updates, per se, but rather the number of threats security software is trying to defend against.

To repeat: one virus signature database initialization is now the size of the entire Puppy 4.3.1 ISO. This initialization came after downloading a 39 MB installation program, and was followed by further updates -- to the security software, not the OS.

People depending on M$ security generally get clobbered, in my experience. I've watched systems running Norton security get clobbered because this was not updated in a timely manner. (Their license was current, but they were impatient about letting it complete security downloads/updates before shutting down, so they skipped them.) Other systems running McAfee, AVG, etc. have ended up in my hands for similar reasons.

Jemimah has said that I must live in Defcon. YMMV

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#6 Post by mikeb »

but rather the number of threats security software is trying to defend against.
the gates were left truly wide open with arrows and notices to help along the way :D .

I jumped in as this is quite relevent to what I'm involved in at the moment which is a case of
a) make windows much more immune and functional or
b) make linux much more acceptable and compatible to be used as an alternative

challenges in both areas. :shock:
I'm hoping the business enviroment I'm working in at least I won't have the 'I can't live without msn' and 'I want to install those shiney free smilies' , 'I want free russian pron' and 'ooo MR zumgabwe wants me to look after $1000000' syndrome.
One bonus is the machines are pretty reliable now :D

Your point is that it's all become ludicrously messy so I'm hoping to untangle the knotted ball of wool a little :)

regards
mike

ps why do people faint when I mention that I have never used any antivirus software...they do...there's this awkward silence..... mind you I fall silent when facebook and big brother get talked about...

User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

vulnerability

#7 Post by prehistoric »

There are aspects of this problem which do not depend on the highly-specific characteristics of the OS. The Internet was designed to connect people using computers. Security was hardly considered at the beginning.

Theoretical debates about establishing and maintaining an identity on a shared resource like the Internet were unresolved at the time. Even if they had been neatly handled, we would still have the problem of malicious human users. Can you establish the point at which a human being goes over to the dark side?

The highly-specific nature of huge numbers of vulnerabilities is tied to current economics. Profits are derived from incompatibilities and limited lifetimes. A product which works anywhere, and keeps working forever, without support, is a sure-fire money loser -- in the long run. This makes bug-free code a liability, and leads to the rationale of "security through obscurity". This may not be true in many senses, but obscurity can be certainly be profitable in a narrow and short-term sense.

Currently profitable Internet scams depend as much on social engineering as on code. (Consider phishing.) The fundamental source of vulnerability is the person using the system without understanding either it or the shared resources being accessed. Unresolved problems in the original design of interactions scarcely help.

I started this topic because of a feeling we have passed a watershed where business as usual is becoming less and less acceptable. If the complexity of defense now exceeds the complexity of an entire system, which does most things most users want, that is highly significant.

benali72
Posts: 292
Joined: Wed 09 Aug 2006, 17:27

good insights from prehistoric

#8 Post by benali72 »

prehistoric,

great point about how long updates take to download for Windows, and how sometimes one gets into complexities and conflicts while applying them. I had never thought about this aspect of Windows overhead.

>>>> I don't recommend using Windows without a good broadband connection for updates.

Agreed! I don't think anyone could use Windows any more with a dial-up modem because of the requirements of Windows Update and security product definition files updates.

Plus take an old XP system and you'll find TONS of space wasted on all those HF$ and MIG$ files in the Windows directory left over from updates that no typical user knows to delete. I've seen systems where these files easily consume a gigabyte if they've been running MS Update for several years.

Plus of course there is all the performance overhead. Every time you work on a file or read an email or download a file, AVG (or some similar product) is slowing performance while it scans it to protect you from malware.

>>>> The effort put into securing that system is increasing exponentially, with diminishing returns.

Yes! Especially with older systems like P-III's, I'm finding that Windows security overhead kills their performance and usefulness, whereas Puppy requires none of this.

Windows 95/98/ME machines are no longer safe or performant enough to use for all the reasons you mention.

Whereas, you can actually use Puppy on a P-II or P-III with dial-up and get real work done.

Puppy is a good tool in creating a greener planet because it thwarts the unnecessary obsolescence forced upon consumers by the MS monopoly. Don't trash all those old P-IV's, P-III's, and P-II's .... puppy-ize them!

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#9 Post by mikeb »

A product which works anywhere, and keeps working forever, without support, is a sure-fire money loser
which is probably why the 'known about for 10 years' reasons for such insecurity has never been dealt with....a company that spends billions on software development ain't that stupid...If their operating system falls in a heap within a year or so then that's good business...money is the great spoiler.
Windows 95/98/ME machines are no longer safe or performant enough to use for all the reasons you mention.
a gui running on 16bit dos is simply a non contender for current equipment...It can actually be made secure.

mike

User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

Now, how about getting help?

#10 Post by prehistoric »

I have to confess that some of my problems with that COMODO update were purely my own fault. I have since succeeded on two more systems with less trouble. The difficulty here is staying current with Windoze, security and malware, it takes significant mental effort.

Let's revisit the argument that "if there's something wrong with my Windows system I can pay someone to fix it." Listen to a former employee with real system skills. Note: This is not the original Geek Squad, it is now owned by Best Buy.

This helps explain why I've been getting more and more pitiful cries for help recently, despite my known aversion to Windows. I'm under priced.

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#11 Post by mikeb »

Well not surprising...the standard approach to 'repair' is a glorified version of windows help :D or reinstall....

Well it's keeping you busy :wink:

regards

mike

Post Reply