Linked by Howard Fosdick on Thu 1st May 2008 01:55 UTC
Privacy, Security, Encryption Security consultant Howard Fosdick has contributed the latest entry in the 2008 OSNews Article Contest: a highly detailed examination of security and privacy on the Windows platform, and how to use free software tools and a little knowledge to protect your privacy online.
Thread beginning with comment 312322
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: interesting-ish
by raver31 on Thu 1st May 2008 06:00 UTC in reply to "interesting-ish"
raver31
Member since:
2005-07-06

For this case, why not install Linux then ?

I mean, you have crippled all the internet applications on that machine, therefore, for them to browse they have to use Firefox or Opera. But there is still some sites that will install Windows trojans when you open the site in FF and blindly click OK anyway, so visiting dodgy sites in an alternative browser on Windows is still unsafe if you have not got a clue what you are clicking on.

Also, you cannot do what you suggest to people's computers because it will break compatibility with applications that need a fully working internet explorer for the installation or operation.

Reply Parent Score: 4

RE[2]: interesting-ish
by Valhalla on Thu 1st May 2008 12:51 in reply to "RE: interesting-ish"
Valhalla Member since:
2006-01-24

raver31 wrote:
-"I mean, you have crippled all the internet applications on that machine, therefore, for them to browse they have to use Firefox or Opera. But there is still some sites that will install Windows trojans when you open the site in FF and blindly click OK anyway"

well, that depends. if you are crazy enough to browse the web logged in as administrator then yes you are certainly vulnerable to trojans should you encounter a site that eploits a bug in your browser.

however, installing and running Firefox, Opera etc under a unpriviledged account will make sure that although exploits may allow malicious code to be executed, the amount of damage that code can do is limited to the rights of unpriviledged account.

running IE is another matter though. since Microsoft chose to integrate it into the system there are likely possibilities for for exploits to compromise the system under the guise of IE which may give the malicious code further priviledges.

raver31 wrote:
-"Also, you cannot do what you suggest to people's computers because it will break compatibility with applications that need a fully working internet explorer for the installation or operation."

apart from when using windowsupdate.com, I haven't encountered situations or software where I need internet explorer.

Reply Parent Score: 2

RE[3]: interesting-ish
by Adam S on Thu 1st May 2008 13:22 in reply to "RE[2]: interesting-ish"
Adam S Member since:
2005-04-01

Windows Update is a standalone app in Vista and Server 2008 and you don't need IE for it.

Reply Parent Score: 3

RE[2]: interesting-ish
by Adam S on Thu 1st May 2008 13:21 in reply to "RE: interesting-ish"
Adam S Member since:
2005-04-01

I always wonder if people like the parent have actually tried this in real life.

What happens when this person - your client - buys a game and can't play it? What happens when they try to download some software and can't run it? What happens when they buy some exotic hardware - like an iPod - and it doesn't work right? What happens when they want to buy something from the iTMS and they can't access it?

Linux is great, don't get me wrong, but it's not the solution for everybody. When are people going to realize that Linux is NOT a panacea, and you can't just slap it onto someone's PC when they ask for your help?

Reply Parent Score: 4

RE[3]: interesting-ish
by Sophotect on Thu 1st May 2008 13:44 in reply to "RE[2]: interesting-ish"
Sophotect Member since:
2006-04-26

I can perfectly understand your reasoning about Linux not being the cure for the average user. But as i said elsewhere, if you are not dependant on running some Windowsapplication natively, it may be. In my experience the need to use Windows is an illusion. It wasn't once, but it is now. For exactly the same reasons which are mentioned in the article. Because these measures are way over the top of what an "average user" can or is willing to manage and understand why he has to do that. Of course some peripherals do not work, or do it less than optimal. But one can perfectly circumvent that problem by choosing them accordingly. And have less stress that way.

Edited 2008-05-01 13:50 UTC

Reply Parent Score: 1

RE[3]: interesting-ish
by raver31 on Fri 2nd May 2008 10:51 in reply to "RE[2]: interesting-ish"
raver31 Member since:
2005-07-06

Exotic hardware like an ipod ? You are aware that ipods and linux work seamlessly ? Rythmbox, Amarok, gpodder etc etc

anyway, you are right, most people cannot use Linux, but my initial response was to the parent post, where someone locked down a Windows box so tight that Linux would actually work better.

Reply Parent Score: 2

RE[2]: interesting-ish
by stabbyjones on Fri 2nd May 2008 00:17 in reply to "RE: interesting-ish"
stabbyjones Member since:
2008-04-15

i'm not saying it's perfect but it's a step towards stopping people with no idea destroying their pc.

i don't run windows myself anymore (debian) but convincing other people to make the switch when they're used to their ways is hard.

most people with a low pc skill use webmail not outlook and while it's sitting there it's useless and a possible threat.

if you force people to use opera or firefox (which is my point in blocking IE) you can can block scripts and ads and even though there are still vulnerabilities there is less chance of someone with a low skill level destroying the system after you've set it up.

if anything needs IE you can always allow connections from IE temporarily. it's blocked by a firewall and not removed from the system. so functionality isn't reduced

this doesn't change anything in the system itself and is more of a simple lockdown. i much prefer getting a call saying an application isn't working rather than the whole system is shagged.

Reply Parent Score: 1

RE[2]: interesting-ish
by autumnlover on Mon 5th May 2008 15:59 in reply to "RE: interesting-ish"
autumnlover Member since:
2007-04-12

why not? Because Linux is not "safe version of Windows". Period.

Reply Parent Score: 2