Re: ZoneAlarm KeyAccess
- From: "tom_sawyer70@xxxxxxxxx" <tom_sawyer70@xxxxxxxxx>
- Date: Sun, 21 Dec 2008 12:07:19 -0800 (PST)
On Dec 20, 5:40 pm, "Kyle T. Jones" <KBf...@xxxxxxxxxxxxxx> wrote:
I get the idea: you run into more security problems with Windows. This
has more to do with the success of MS than anything else. Yes, they
could put out a more secure product (one of the main reasons people hate
Vista? A bit of extra security, which shows up in terms of constant
prompts "are you sure you want to do this", "did you initiate this", etc)..
Windows gets targeted because targeting windows gives you a huge chunk
of the total networked PC population.
Windows gets targeted because there are so many paper-certs,
businesses and "administrators" who are not capable to perform even
the most basic security functions. Yes, they're popular, but there a
lot of "easy" scores for a hacker too. Microsoft enables people to get
going easily, but they compromise security in return.
As for MS, they have no vested interest in making things secure. Why
is it that they "break" most user applications when going from version
to version, but they cannot close the same buffer overflows in IE that
span multiple versions? "Security" is not enabling a host of
unnecessary features by default.
Further, there is tremendous resource waste in needing anti-virus,
etc. My daughter was recently given a laptop as a gift and even with
a firewall, anti-virus and a host of other software, locking down some
of her popular sites (webkinz, etc.), it lasted all of a couple of
weeks before it was compromised with garbage software. She's used a
Linux PC with all of the same applications, and it's been fine over
the past couple of years. She gets a kick when some sites invoke that
"your pc may be compromised" and starts "scanning" the c: drive on the
linux box.
In any case, a firewall will eventually be a necessity for any operating
system that is successful enough to have a significant population using
it. Scanners are a bad paradigm... good firewalls are a better "answer".
Second, I'd rather have an OS that locks everything down and the
administrator or owner, grants access rather than have an open system
and have to find "holes" after the fact.
I have no idea what you're talking about. There will always be a
functionality VS security tension: the more you want to do, especially
when it comes to doing things over a network, the more "holes" you have.
There is no system that "locks everything down". There is no perfect
security. There is simply the truth that, at this point, Apple/Mac and
Linux are simply too insignificant (in terms of PCs) to be targeted much.
Out of the box, OS's such as Linux or NetWare for that matter, provide
little to no access to important file system or administration
functions. Windows tends to open and enable things to make it easier
for the end-user who only knows how to start setup.exe. I hear the
Windows is targeted due to popularity, but then why was NetWare not
targeted when they were the most popular network software or Apache
not targeted over IE? Either there was no interest, or those systems
are run by more experienced administrators, or the software is
natively more secure ... or a combination. Or, hackers were banking
on Windows admins to allow them right in the door.
On the other hand, there are tons of exploits that target "holes" in
*nix based servers. So I'm not sure exactly what OS you're thinking of,
that "locks everything down".
I think that we would agree that nothing is foolproof, but some are
better than others. However, there are entire genres of software that
were the result of Microsoft's vulnerabilities (anti-virus for one).
Pluseth, much software necessitates the use of Windows. Don't get me
started on WINE style emulation. Now *that* is some garbage.
I guess it depends ... I run everything I need on my SuSE box and
regularly exchange files between Open Office (at home) and MS Office
(at work).
So, I'm left with my original question: which firewalls do you (or the
person I replied too originally) recommend over ZoneAlarm?
I NAT through my router, use the default firewall in SuSE and Red Hat,
and follow our security standards from work (I work at a Bank) for
blocking ports, etc.
I'm rebuilding my daughter's laptop (WIndows) because it was
compromised with some junk. But I have never had to do such a thing
on my Linux pcs and laptops.
Cheers.
PS: along these lines, I do think we'll eventually see a paradigm shift:
much of the essential stuff, including the OS, will reside in ROM or
psuedo-ROM partitions on the hard drive. There are already locking
systems around... get a virus, turn the PC off and on, bang, virus gone.
The problem is updates, changes, etc... turn it off and on, those are
gone as well.
A lot of colleagues use something like VMware for their children to
have access to "machines" that reset each session for this reason.
.
- References:
- ZoneAlarm KeyAccess
- From: samson the builder
- Re: ZoneAlarm KeyAccess
- From: Kyle T. Jones
- Re: ZoneAlarm KeyAccess
- From: Orange Hussein Dood
- Re: ZoneAlarm KeyAccess
- From: Kyle T. Jones
- Re: ZoneAlarm KeyAccess
- From: tom_sawyer70@xxxxxxxxx
- Re: ZoneAlarm KeyAccess
- From: Kyle T. Jones
- ZoneAlarm KeyAccess
- Prev by Date: Re: Advice needed.
- Next by Date: Re: Humanitarian Bowl has sold a grand total of........
- Previous by thread: Re: ZoneAlarm KeyAccess
- Next by thread: Re: ZoneAlarm KeyAccess
- Index(es):
Relevant Pages
|
