Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Are the Days of Individual Security Over?

Soulskill posted more than 3 years ago | from the fight-botnets-with-socialism dept.

Security 125

angry tapir writes "People solely relying on patching and upgrades are lulling themselves into a false sense of security, and individual protection is no longer sufficient in the age of multi-vector attacks, according to the president of the Australian Internet Industry Association. According to AIIA's Peter Coroneos, vendors need to intervene at the network level and provide security tools at multiple levels to help secure people from the variety of threats that are emerging."

cancel ×

125 comments

Sorry! There are no comments related to the filter you selected.

decon/body armor, fractal reasoning, supplies.. (-1)

Anonymous Coward | more than 3 years ago | (#35651242)

supplies, survivor transport, secure, survive/thrive. secure.

Re:decon/body armor, fractal reasoning, supplies.. (0)

Anonymous Coward | more than 3 years ago | (#35652528)

Wait, which operating system has 99% of all malware?

Can't we just stop using that?

Re:decon/body armor, fractal reasoning, supplies.. (1)

Opportunist (166417) | more than 3 years ago | (#35654318)

Won't change much. Sorry to come to MS's defense, but the absolute stupidity of users and software supplier's ability to provide security holes will prevail, even against the best security.

It might surprise you, but holes in MS's OSs are not the main attack vector these days. It's user stupidity and popular third party programs like flash and pdf-reader. And for neither, you can provide an OS patch.

The share of user stupidity in a system's security problems is well described by the "Dancing Pigs" [wikipedia.org] theory. In a nutshell: A user will open the gates to any malicious software for the progress of getting something he wants. For the really stupidheads, dancing bunnies and the promise of nudie pics will suffice, because they don't understand that these things don't need elevated security privileges to work, and they learned that when they are prompted to grant privileges they have to click "yes" because else "it does not work". Don't think that this would not work on the more clued people, since a crack for some system relevant software (like, say, the OS) would probably need privileges to tinker and toy with the OS and its files and nobody would consider it a problem. Or, if you vow to be honest and thus not be susceptible to such vectors, you just need to download a driver from a typo'ed homepage and you're there as well. I've even seen reputable download pages being hacked and some files being replaced with malware, so don't think you'd be safe from this. All that needs to happen is a hacked SVN repository. Or do you REALLY review and audit all the source you download and compile, hmmmmm?

Third party software is also a big vector these days, now that MS has Windows more or less sealed. Browsers are, to varying degree, a vector. And don't think sandboxing javascript would change that, please don't be so naive.

Oh, you might say that a true separation of user and system makes a difference. Since 'til this day this isn't done so well in Windows. Well, it WOULD make a difference if people didn't only use one user account for everything. Be honest: How many accounts do YOU have on your machine? I'd wager 99 out of 100 people have one admin/root account and one user account. Does it make a difference in this scenario whether you hijack the machine or only the account? It makes it harder to hide your malware, granted, but unless it is found the effect is the same: The user will use his only account, and hence that trojan, running "only" with his privileges, will do so as well. You COULD of course disallow the execution of certain functions without elevated privileges (like, say, running in another process' context), but guess what, that IS already the case with Windows, did it ever stop any infection? Hardly.

*yawn* (0)

lennier1 (264730) | more than 3 years ago | (#35651256)

There's no such thing as 100% secure.

Film at 11!

Re:*yawn* (2, Insightful)

HungryHobo (1314109) | more than 3 years ago | (#35651356)

the solution?
A monoculture of course!
and telling everyone that *someone else* is handling security for them.

Re:*yawn* (2)

Weezul (52464) | more than 3 years ago | (#35652930)

I'm convinced this article is simply FUD meant to push the insane content filters so desired by Australia's political class. You'll notice the site's name in cio.com.au. As pointed out down thread, the article basically proposes using "industry standards" as an end run around the legal hurdles Australian's leaders have encountered while trying to copy China's "Great Firewall".

We had another recent article explaining how the NSA decided that preventing intruders was impossible, instead concluding that security needed to permeate the whole process. If they fucking NSA cannot implement a sufficiently effective firewall, well I don't trust the ISP doing it either.

I'm afraid the only real solution will be modifying the end user experience to improve security. Two recent examples : Europe's adoption of EMV [wikipedia.org] "Chip & PIN" smart cards, deprecating naive & dumb credit cards still used in America. Apple's Time Machine software provides a user experience that painlessly inspires people to spend hundreds of dollars on back up drives and follow sound backup procedures.

Apple's File Vault hasn't been nearly as effective at encouraging encryption as Time Machine has been at encouraging backups, but more serious approaches might work. You'll need some form of partial disk encryption if your using say bitcoin [bitcoin.org] anyways. There are similarly many way of improving virus scanners to detect possible new botnets, less obtrusive, and less resource hungry.

Re:*yawn* (1)

anegg (1390659) | more than 3 years ago | (#35654010)

I agree that the article cited is of questionable value and use. However, I'm not sure EMV is the best example for demonstrating improved security through a modified end-user experience.

EMV may improve security some, but more importantly for the purveyors, it shifts liability... from Wikipedia "The supposed increased protection from fraud has allowed banks and credit card issuers to push through a 'liability shift' such that merchants are now liable (as from 1 January 2005 in the EU region) for any fraud that results from transactions on systems that are not EMV capable.[2] For transactions in which an EMV card is used, the cardholder is assumed to be liable unless they can unquestionably prove they were not present for the transaction, did not authorize the transaction, and did not inadvertently assist the transaction through PIN disclosure."

Re:*yawn* (1)

Opportunist (166417) | more than 3 years ago | (#35654384)

But I hope you do not imply that "Chip & PIN" are secure. It's better than the old system, granted, but this "better" is like the "better" you reply to the question how you're feeling after you've been at death's door.

Oh and by the way..... (4, Interesting)

cpu6502 (1960974) | more than 3 years ago | (#35651268)

"After you secure your network Mr. ISP, remember to filter out these websites." (hands over blacklist including playboy.com, domai.com, etc)

Re:Oh and by the way..... (4, Insightful)

Excelcior (1390167) | more than 3 years ago | (#35651556)

Oh yeah, and don't forget www.somefringepoliticalview.com, and while we're at it, www.theopposingpoliticalparty.com, and hey, I've heard that religious teachings are bad for kids, so how about www.christianity.com and www.jewish.com....

"They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." - one of the best quotes ever, from Benjamin Franklin, 1775.

Re:Oh and by the way..... (0)

Anonymous Coward | more than 3 years ago | (#35651814)

"They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." - one of the best quotes ever, from Benjamin Franklin, 1775.

I prefer;

“Wine is constant proof that God loves us and loves to see us happy.” – Benjamin Franklin

Just saying.

Re:Oh and by the way..... (1)

Amouth (879122) | more than 3 years ago | (#35652216)

and?

i always thought it odd that the southern baptists denounce alcohol but their savior turned water into wine for a party.

Re:Oh and by the way..... (1)

BrokenHalo (565198) | more than 3 years ago | (#35652358)

...while any atheist can readily turn wine into water after a party.

Re:Oh and by the way..... (1)

bendodge (998616) | more than 3 years ago | (#35652424)

Wine does not necessarily equal alcohol in the Bible. ;) It was not possible to get drunk on normal Jewish wine. What we consider wine today was called "strong drink."

Re:Oh and by the way..... (1)

Culture20 (968837) | more than 3 years ago | (#35652654)

But the party host scolded his servants for keeping the "good wine" for after the party goers already got drunk on the "bad wine".

Re:Oh and by the way..... (3, Informative)

GooberToo (74388) | more than 3 years ago | (#35652892)

That's completely untrue despite being a common lie to justify modern alcohol taboos.

Wines were cut when served. The strength of the uncut wine was extremely dependent on the degree of delusion at the time of serving. The uncut wine was stronger than common table wines today. The cut wine was commonly stronger than your typical modern beer. Realistically, wine served then commonly had the alcohol content somewhere between modern beer and modern table wines.

Furthermore, as you can read in my post below, its believed one of the reasons Jesus was asked to create more wine is because they were not properly cutting the wine for the guests, making it extra potent.

Furthermore, it is well understood, the more drinks one had, traditionally, the less cut and therefore more potent the drink. This is because wines then had strong flavors of tar and pitch and cutting made it less offensive. But once had had become joyful, the need to cut the drink became substantially reduced. Such things don't happen, if as you suggest, intoxication is all but impossible.

There is what is commonly taught and widely believed from churches, and then there is the truth...

Re:Oh and by the way..... (1)

Opportunist (166417) | more than 3 years ago | (#35654430)

So, what you say is, essentially, that Jesus just watered down the too strong wine?

I didn't know our restaurant owners here are miracle workers!

Re:Oh and by the way..... (2)

cpu6502 (1960974) | more than 3 years ago | (#35653700)

>>>It was not possible to get drunk on normal Jewish wine

Abraham got drunk.
He slept with his daughters.
So I guess it IS possible to be inebriated on Biblical jewish wine.

Re:Oh and by the way..... (2)

FutureDomain (1073116) | more than 3 years ago | (#35655010)

You need to reread your bible. It was Abraham's nephew Lot who got drunk and slept with his daughters.

Re:Oh and by the way..... (1)

GooberToo (74388) | more than 3 years ago | (#35652588)

i always thought it odd that the southern baptists denounce alcohol but their savior turned water into wine for a party.

That's because, like most established religions, they fabricate "facts" to support their political and societal ambitions. If you look, you'll find southern baptists were created when alcohol consumption in polite society was an issue as were concerns over slavery and tobacco production.

Furthermore, other denominations condemn alcohol on the basis that modern booze is far stronger and therefore not traditional. But that ignores that traditional wines were in fact, extremely potent, typically stronger than common table wines, and were in fact, commonly cut with water, honey, fruits and juice, etc., before served. Sadly, this was all but a requirement because of the strong notes of pitch and tar which permeated wines then. In fact, you can safely say the cocktail was very traditional before it was re-discovered by modern society.

While not commonly preached, its believed the reason Jesus was called to create more wine is because the celebration participants were not cutting their wine sufficiently to allow the supply to last. But the party must go on. For whatever reason, people like to pretend that if Jesus was human or even had a good time, it somehow undermines his religious stature. I find that position most bizarre given that the current Pope was a Nazi.

Re:Oh and by the way..... (1)

SigmundFloyd (994648) | more than 3 years ago | (#35652590)

Yeah, because major religions are soooo fucking endangered with the current ruling classes of the world.

Man, you really need to pull your head out of wherever you're keeping it.

Re:Oh and by the way..... (2)

operagost (62405) | more than 3 years ago | (#35653174)

Yeah... try searching "religious persecution" on Google some time. It's not about endangering the religions, it's about the endangerment of the believers. Or do you not care what happens to people who believe things you don't?

Re:Oh and by the way..... (1)

sconeu (64226) | more than 3 years ago | (#35653338)

This just screams out for a Godwin-like response.

Re:Oh and by the way..... (0)

cpu6502 (1960974) | more than 3 years ago | (#35654394)

>>>major religions are soooo fucking endangered with the current ruling classes of the world.

When several courts order parents, on several occassions across multiple states, to pull their children out of homeschool or religious school & send them to a non-religious government school, then YES I'd say religions/religious practice is being endangered. Freedom of choice means freedom of choice for ALL, even those we consider "bible thumpers".

But the Liberals-Democrats-Progressive Republidicks would have you believe freedom of choice only applies for homosexuals and abortionists, but not the Christians or Jews or Muslims or Buddhists. Clearly they are wrong-headed.

Re:Oh and by the way..... (1)

Alex Belits (437) | more than 3 years ago | (#35654658)

"...and remember, kids -- Cthulhu fhtagn!"

Just for the record, I wholeheartedly support indiscriminate oppression of all religions.

Re:Oh and by the way..... (0)

Anonymous Coward | more than 3 years ago | (#35652968)

This comment is about as "Insightful" as belch from an unemployed, non-insured, overweight, angst-ridden former clansman at a tea party rally in Kentucky.

Re:Oh and by the way..... (0)

Anonymous Coward | more than 3 years ago | (#35654368)

You're thinking small. If they control which sites are prohibited and which are not, then it opens a whole new can of worms.
Let's think it like this. You have a website, it generates a lot of income, but it's based outside the country, and your taxpayers are pouring money into it. But if you control which site gets through, you simply tell them, pay up taxes like every other company from our country, or get banned.
How will it happen? Well, once they have control, they'll introduce a small tax, something really small payable by anyone on minimum income, but enough to get them registered, you know, for legal purposes. Then they say they need more money for taxes, and will raise it a little, and so on and on, until they become taxed just like everything else in said country.

The internet has thrived because it remained free.

and by the by (1)

ThatsNotPudding (1045640) | more than 3 years ago | (#35655116)

- one of the best quotes ever, from Benjamin Franklin, 1775

and one heeded less and less. Soon both police states and helicopter parents fretting over precious snowflakes may ban the quote altogether as blatant pre-9/11 thought crime.

Re:Oh and by the way..... (1)

CAIMLAS (41445) | more than 3 years ago | (#35653098)

What's wrong with playboy.com or domai.com, from a security perspective?

should the ISP intervene? (3, Insightful)

crank-a-doodle (1973286) | more than 3 years ago | (#35651274)

hmmm.......

"vendors need to intervene at the network level"

Doesn't this seem like just another excuse to let networks censor material by just labeling it insecure?

Re:should the ISP intervene? (1)

TaoPhoenix (980487) | more than 3 years ago | (#35651318)

Nice - looks like the early gestalt is agreeing this is weasel wording.

However, it's a race to see which is worse, censorship, hypertracking misdemeanors, selling higher grade user info, obfuscated blackmail, and more.

More weasel words? (4, Insightful)

TaoPhoenix (980487) | more than 3 years ago | (#35651286)

Rule for the modern world.
1. Assume malice. Once you determine there's no malice, you can go back to your normal discussion.

"need to intervene at the network level and provide security tools at multiple levels to help secure people from the variety of threats that are emerging". That's one of the better ones lately. Ask yourself: what are these security tools capable of doing *besides* stopping viruses?

Re:More weasel words? (3, Interesting)

andrea.sartori (1603543) | more than 3 years ago | (#35651728)

Ask yourself: what are these security tools capable of doing *besides* stopping viruses?

Exactly. And yet they can give a user a false sense of security, so I dare say "security provided by ISPs" could even be part of the problem.
Have the days of individual security ever begun by the way? People "solely relying on patching and upgrades" were always lulling themselves etc., just not for the reasons suggested by Mr Moroneos: and not necessarily for Windows only (one word: rootkits), although it heroically stands as the most exploited target. Some of the worst threats are still represented by bad password policies -- or no password policies at all -- and vulnerability to social engineering. 15 years ago it was not called that, but there were examples in the wild back then. (What I recall on the fly is ILoveYou, but I'm sure somebody less lazy than me can come out with other examples from 1995-ish.) Some people will click the wrong link, open the wrong messages, etc.: ISPs cannot correct people's behaviour, unless in the horrific ways we can all imagine (see several of the comments here.)
Or is there something in TFA I didn't get? I confess the word "cloud" repeated every other line gave me a hard time understanding what the hell he was talking about.

Re:More weasel words? (3)

CastrTroy (595695) | more than 3 years ago | (#35651802)

Individual security is the only way. That is, taking individual responsibility for your own security, of your own systems. I haven't had a virus in a very long time, and it's because I don't do stupid things. A vast majority of people who have problems with security have problems because of their own incompetence, and their own misunderstanding of the situation. And that not only goes for people, but for organizations as well.

Re:More weasel words? (2)

mlts (1038732) | more than 3 years ago | (#35653404)

Individual security isn't rocket science either. Last virus that I had end up running uncontrolled was the WDEF virus on the Mac, pre System 7. One can do some fairly simple measures so their individual security is up to par:

1: First and foremost backups. Not RAID. True backups with media rotated out. This way, if malware nails the drives and the backup media, restoring is still possible. Backups mean what would be at best a day long install-fest (finding the OS media, installing the OS, applications, and then digging past the used condoms under the bed to find the piece of paper with the license keys for the above) into putting a recovery CD or USB flash drive in, telling it to restore, walking off for an hour or so and coming back to a restored box. It also doesn't hurt to periodically burn critical documents to CD or DVD. For critical stuff, I like having it on burned media (stored offsite -- even a climate controlled self storage is better than nothing, as Iron Mountain may be too expensive), stored encrypted (WinRAR archives or TC volumes) at a cloud provider, and present on a fileserver.

2: Some means of separating your internal machines from the Internet. In the past, I used a Linux box, NAT, and ipchains/iptables rules. These days, I just use a decent firewall/NAT box [1].

3: A method of blocking ads. AdBlock does far more to keep out unwanted crap than any antivirus. Since the largest vector for infection of PCs these days is through the Web browser, blocking out the ad servers (and most of their "wink, wink, nudge, nudge" attitude towards advertisers that use malicious add-on code) pretty much ensures a clean browsing environment.

4: Common sense. If a pr0n site requires a "codec" or "pr0n viewer" application, find a clean site.

5: Use top tier stores if at all possible for music/movies/software. If one has to pirate and doesn't know reliable sources (i.e. someone who doesn't read /.), use word of mouth with people who know their stuff for sites/programs. The answer is NOT eMule/LimeWire/etc. Nor is it "warez search engines" which demand you vote for them, then dump you to another site, all the while trying every browser based exploit possible on your setup.

6: Encrypt everything, especially laptops. TrueCrypt, BitLocker, PGP for Mac (until Lion comes out with true HDD encryption), LUKS for Linux, EFS for AIX [2], and so on. Encryption turns a theft into a "mere" hardware loss, which insurance is for. Done right, it means not having to worry about the data on the drives that were stolen. I prefer mechanisms that use hardware security (BitLocker + TPM with a PIN, TrueCrypt + a keyfile on an IronKey, PGP whole disk encryption + a cryptographic token) so brute-forcing a passphrase can't be done.

7: If traveling with a laptop, use a VPN service at Wi-Fi hotspots. This way, not just FireSheep attacks become a non-issue, but if the owner of the Wi-Fi router is sniffing packets, they won't be able to glean much, other than perhaps traffic timing analysis.

[1]: If someone says that NAT by itself is security, one has to resist laughing in their face. NAT by itself is just security through obscurity.

[2]: AIX's EFS is totally different from EFS on Windows. Same with AIX's IPSec mechanism being different from Windows's IPSec.

Re:More weasel words? (1)

nuckfuts (690967) | more than 3 years ago | (#35654882)

Or is there something in TFA I didn't get? I confess the word "cloud" repeated every other line gave me a hard time understanding what the hell he was talking about.

I thought I was understanding him, until my brain bashed into this sentence:

"One credit union customer has been running end-point security for three years and has already experienced authentication token security.”

Whaaaaat???

Re:More weasel words? (1)

PopeRatzo (965947) | more than 3 years ago | (#35651820)

Rule for the modern world.
1. Assume malice.

Nah. I say the best protection is not having anything worth stealing that's not in my head.

Re:More weasel words? (0)

Anonymous Coward | more than 3 years ago | (#35652382)

It's difficult not to have an identity, and life is hard when you reduced the value of your identity to zero.

Re:More weasel words? (1)

Opportunist (166417) | more than 3 years ago | (#35654508)

Quite hard. You have bandwidth and processing power, both worth stealing.

Hanlon's Razor & "2 Men and the tiger." (0)

Anonymous Coward | more than 3 years ago | (#35654172)

[ 1 ] Hanlon's Razor says "Never ascribe to malice that which can be adequately explained by stupidity." I'd add laziness and greed, but that's just me.

Point is, the folks doing the attacking are not doing so with malice, they're doing so because it's easier than a real job. Being a mindful, aware, contributing member of society is hard.

Ok, but still, attacks are happening. Fine:
[ 2 ] Two men walking along a trail, suddenly come upon a tiger. The 1st bends down to snug laces, and the 2nd remarks: "What are you doing? You can't outrun a tiger!" The first replies, "I don't have to outrun the tiger. I only have to outrun YOU."

Security is not a destination, it's a process, and you only need to be ahead of 50% of the rest. Not such a hard goal, really. And, no, these ideas are not dissonant, they combine to relieve the FUD of this thread.

Repeat both aphorisms 4x per day for a week, and relax. The world's ultimately not such a scary place, people are inherently good (or at least "not so bad") and it will all work out pretty ok in the end.

No they don't! (1)

Anonymous Coward | more than 3 years ago | (#35651288)

I run a popular rolling release linux distro, by the time you clowns have identified a threat I'll be patched. I don't run flash or any proprietry software so you're not going to be helping there either.

In summary: This is not a valid excuse to sidestep privacy protections and intercept communications data with DPI kit.

In short: Fuck You!

Re:No they don't! (1)

e70838 (976799) | more than 3 years ago | (#35652684)

I have ubuntu with flash and proprietary video driver. ssh is the single open port. My backup disk is physically disconnected (usb drive). I regularly check last connection and running processes. Do you think I am at risk ?

Re:No they don't! (0)

Anonymous Coward | more than 3 years ago | (#35652856)

Are you serious? As long as you update regularly, you'll have updates as fast as they can update their network ruleset to detect exploits. As for SSH, if you permit root logins and set the password to 1234... welll, clearly personal security is not dead.

I only mentioned my setup in passing, to demonstrate that it's just the latest feeble excuse ISPs to intercept your communications data. They want to do targeted advertising and data sales but first they have to find a way to get DPI kit deployed.

Re:No they don't! (1)

mlts (1038732) | more than 3 years ago | (#35653644)

Your network security is good, but physical security might need some work. It can't hurt to encrypt the backup disk (perhaps a TrueCrypt file is the most foolproof), and use some form of encryption for Ubuntu.

Of course, other types of security (Remington, Ruger, Smith & Wesson, Calico) can't hurt either.

Re:No they don't! (1)

cpghost (719344) | more than 3 years ago | (#35654002)

You may be at risk:
  • You probably don't do remote syslog(), so hackers could hide their activity by erasing all evidence.
  • You probably don't have stuff like tripwire in use so you can be alerted of system binaries being replaced with a root kit.
  • You don't run at a higher securelevel, like you with with OpenBSD (so you can't protect said system binaries even against root).
  • Your binary video driver's blob could be anything but genuine (and that runs at kernel privilege, where it could hide malicious processes too)
  • Do you really trust firefox etc... to be always bug free? What about cross platform attacks?

If you're serious about security, I'd recommend using a non-mainstream architecture (say, SPARC, ARM, PowerPC...), running a non-mainstream heavily audited OS (again, perhaps OpenBSD)... But most importantly: security is a matter of attitude and discipline, you need to get used to it, and you need to maintain it regularly. Don't rely entirely on others to do your security homework.

Re:No they don't! (0)

Anonymous Coward | more than 3 years ago | (#35653100)

No, by the time they've identified a threat you will already be compromised.

Ok, this is coming from Australia (2, Insightful)

rolfwind (528248) | more than 3 years ago | (#35651358)

So stop taking it seriously. They don't seem to have much respect for the individual in anything anymore:
http://en.wikipedia.org/wiki/Censorship_in_Australia [wikipedia.org]

This just looks like another power grab.

Re:Ok, this is coming from Australia (1)

Threni (635302) | more than 3 years ago | (#35651788)

Lol! Australian Internet Industry Association? Who? Big time! Personally I'm not going to reconsider my views until I heard what the Scots have to say about this.

Re:Ok, this is coming from Australia (1)

Gadget_Guy (627405) | more than 3 years ago | (#35652268)

Hang on, folks... So we are supposed to care what Threni thinks about the AIIA? Who? Personally I'm not going to reconsider my views until I heard what pedo666 has to say about this.

Seriously, just because you haven't heard of an organization does not mean that you should simply discount their views. It only takes one person in the world to have an insightful thought, and it is most likely that you have never heard of that person before.

Re:Ok, this is coming from Australia (0)

Anonymous Coward | more than 3 years ago | (#35652808)

Well, I've always thought it would be nice if ISPs did more spam filtering, but I think the ideas outlined in the summary may be going too far. As others have pointed out, we need more people to be aware of basic security concepts. We don't want them even less aware and putting blind trust in everyone else to protect them.

somersault (posting anon because I moderated above)

no really, WTF Austrailia?! (1)

Thud457 (234763) | more than 3 years ago | (#35653044)

You're the descendants of bad-ass convicts! Why the hell are you racing to outdo America with all the "OMG, WON'T SOMEBODY PLEASE THINK OF THE CHILDREN!!!" BS ?!!!!


In summary, grow a pair .

Great Firewall v2 (3, Insightful)

Ltap (1572175) | more than 3 years ago | (#35651364)

Seems like another argument to take responsibility away from individual users. I'm sure it involves filtering domains that "may be virus vectors and may contain illegal content that the user is being protected from". Little "Great Firewalls" for each ISP? Considering that this is coming from Australia, it might be a part of yet another attempt to push for the creation of a Great Firewall at the ISP level, using "industry standards" to enforce it instead of a law that has to be approved and might be struck down.

Let's get the astroturfing out of the way (4, Funny)

mrclisdue (1321513) | more than 3 years ago | (#35651376)

It's early in the thread, so I'll get the astroturfing over with post-haste.

The only corporation that has any clue as to what constitutes effective security is Microsoft. Everything Microsoft does is great. The iPad isn't anywhere near as great as the yet-to-be-released tablet that Microsoft is planning.

Have I mentioned, yet, how great Microsoft is? Google is actually evil, despite what they say.

If Microsoft wasn't great, they would have 0% market share.

And even though I have a 7 year old cellphone, which I use sparingly (prepaid ftw), if I were to bother with a smartphone, it would definitely be something with Microsoft Windows Phone 7.

OK, MIcrosoft: where's my moola?

cheers,

ps - afaict, there are no ms-related products in my life, and there *probably* never will be. Slackware 13.37 RC 3.14159265358979323846264338327950288419716 ftw!

pss - I still want my money.

Re:Let's get the astroturfing out of the way (0)

Anonymous Coward | more than 3 years ago | (#35651870)

If Microsoft wasn't great, they would have 0% market share.

Damn straight!

MS still has over 90% market share.

The markets are never wrong!

Microsoft is therefore great!

QED.

Re:Let's get the astroturfing out of the way (0)

Anonymous Coward | more than 3 years ago | (#35652034)

> 3.14159265358979323846264338327950288419716

Jeez. At least get your rounding right.

Decoupling E-Business from the Ethernet in Systems (-1)

Anonymous Coward | more than 3 years ago | (#35651386)

Dr P Lovenstein, Eugene Axe, Big Daddy, Drs E Tails and Phil Harmonical
Abstract
The machine learning solution to Lamport clocks is defined not only by the refinement of the UNIVAC computer, but also by the confirmed need for wide-area networks []. After years of essential research into journaling file systems, we disconfirm the synthesis of lambda calculus, which embodies the practical principles of interactive machine learning. Here, we concentrate our efforts on proving that the location-identity split can be made heterogeneous, symbiotic, and client-server.
Table of Contents
1) Introduction
2) Model
3) Implementation
4) Evaluation

        * 4.1) Hardware and Software Configuration
        * 4.2) Experimental Results

5) Related Work
6) Conclusion
1 Introduction

Recent advances in homogeneous models and compact configurations are rarely at odds with XML. such a claim is often an intuitive intent but fell in line with our expectations. On the other hand, the memory bus might not be the panacea that researchers expected. The notion that physicists collaborate with distributed methodologies is rarely well-received. Unfortunately, write-ahead logging alone cannot fulfill the need for atomic models.

Harden, our new system for distributed archetypes, is the solution to all of these problems. In the opinion of analysts, the disadvantage of this type of approach, however, is that the foremost stochastic algorithm for the emulation of agents by N. Williams et al. [] is maximally efficient. Even though related solutions to this quagmire are significant, none have taken the large-scale method we propose in this work. Nevertheless, this approach is never adamantly opposed. Combined with decentralized configurations, this finding studies a system for the intuitive unification of voice-over-IP and Smalltalk.

On the other hand, this solution is fraught with difficulty, largely due to the UNIVAC computer []. We view Markov software engineering as following a cycle of four phases: evaluation, development, storage, and location. For example, many heuristics locate reliable communication. Therefore, we see no reason not to use pseudorandom methodologies to investigate thin clients.

This work presents three advances above related work. First, we discover how Markov models can be applied to the improvement of public-private key pairs. We investigate how erasure coding can be applied to the exploration of e-business. We disconfirm that even though DNS and Byzantine fault tolerance can agree to answer this issue, kernels and access points can collaborate to achieve this objective.

The rest of this paper is organized as follows. We motivate the need for context-free grammar. Furthermore, to fulfill this ambition, we concentrate our efforts on validating that architecture and gigabit switches are usually incompatible. Finally, we conclude.

2 Model

In this section, we explore a model for visualizing wide-area networks. This may or may not actually hold in reality. Further, consider the early methodology by R. Shastri; our methodology is similar, but will actually realize this intent. Obviously, the framework that our methodology uses is solidly grounded in reality.

dia0.png
Figure 1: The relationship between Harden and Web services.

Next, we assume that each component of Harden deploys collaborative methodologies, independent of all other components. Though statisticians entirely hypothesize the exact opposite, our heuristic depends on this property for correct behavior. Despite the results by Zhao et al., we can argue that Web services [] and hash tables can cooperate to fulfill this objective. The question is, will Harden satisfy all of these assumptions? Yes.

We consider a heuristic consisting of n hierarchical databases []. Our application does not require such a compelling improvement to run correctly, but it doesn't hurt. Similarly, we hypothesize that peer-to-peer methodologies can provide relational methodologies without needing to learn multicast methods. Thusly, the framework that Harden uses is unfounded.

3 Implementation

Harden is elegant; so, too, must be our implementation. The hacked operating system contains about 15 semi-colons of Prolog. Despite the fact that we have not yet optimized for usability, this should be simple once we finish optimizing the client-side library. Harden requires root access in order to develop the evaluation of the producer-consumer problem. One can imagine other approaches to the implementation that would have made coding it much simpler.

4 Evaluation

As we will soon see, the goals of this section are manifold. Our overall evaluation approach seeks to prove three hypotheses: (1) that the Atari 2600 of yesteryear actually exhibits better average sampling rate than today's hardware; (2) that evolutionary programming no longer affects tape drive throughput; and finally (3) that 802.11 mesh networks no longer influence performance. Unlike other authors, we have intentionally neglected to study RAM space. Second, the reason for this is that studies have shown that 10th-percentile clock speed is roughly 33% higher than we might expect []. We hope that this section proves the contradiction of complexity theory.

4.1 Hardware and Software Configuration

figure0.png
Figure 2: The expected time since 1980 of our approach, as a function of sampling rate.

One must understand our network configuration to grasp the genesis of our results. We performed a simulation on MIT's mobile telephones to quantify topologically psychoacoustic modalities's impact on W. B. Zhao's understanding of Byzantine fault tolerance in 1995. though such a claim at first glance seems unexpected, it is buffetted by existing work in the field. For starters, we added 25kB/s of Ethernet access to our network to quantify self-learning epistemologies's lack of influence on P. Robinson's exploration of extreme programming in 1980 []. We doubled the NV-RAM throughput of DARPA's network. We added a 8TB floppy disk to our mobile overlay network to understand the effective ROM speed of our network. Further, we removed some NV-RAM from our network. This step flies in the face of conventional wisdom, but is instrumental to our results. Lastly, we quadrupled the effective ROM throughput of our system to consider communication.

figure1.png
Figure 3: These results were obtained by Nehru and Bose []; we reproduce them here for clarity.

We ran Harden on commodity operating systems, such as ErOS Version 8c and DOS Version 5c. we added support for Harden as an embedded application. We added support for Harden as a runtime applet. All of these techniques are of interesting historical significance; Charles Bachman and Robert Floyd investigated a similar configuration in 1970.

figure2.png
Figure 4: The effective work factor of Harden, as a function of bandwidth.

4.2 Experimental Results

figure3.png
Figure 5: The median instruction rate of our system, compared with the other solutions.

figure4.png
Figure 6: These results were obtained by J. Dongarra et al. []; we reproduce them here for clarity.

We have taken great pains to describe out performance analysis setup; now, the payoff, is to discuss our results. We ran four novel experiments: (1) we dogfooded Harden on our own desktop machines, paying particular attention to flash-memory throughput; (2) we asked (and answered) what would happen if randomly randomized hash tables were used instead of multi-processors; (3) we dogfooded our heuristic on our own desktop machines, paying particular attention to floppy disk speed; and (4) we dogfooded Harden on our own desktop machines, paying particular attention to NV-RAM throughput.

We first analyze experiments (3) and (4) enumerated above as shown in Figure 4. The many discontinuities in the graphs point to duplicated energy introduced with our hardware upgrades. On a similar note, the data in Figure 6, in particular, proves that four years of hard work were wasted on this project. The curve in Figure 2 should look familiar; it is better known as H*(n) = ( loglogloglogn + n + log( logn +logn ) ! ! ).

Shown in Figure 4, experiments (3) and (4) enumerated above call attention to Harden's power. This follows from the investigation of IPv6. Note the heavy tail on the CDF in Figure 2, exhibiting exaggerated popularity of I/O automata. Furthermore, the data in Figure 6, in particular, proves that four years of hard work were wasted on this project. Furthermore, note that Figure 6 shows the expected and not effective mutually exclusive tape drive space.

Lastly, we discuss the second half of our experiments. We scarcely anticipated how accurate our results were in this phase of the evaluation strategy. Further, error bars have been elided, since most of our data points fell outside of 05 standard deviations from observed means. On a similar note, Gaussian electromagnetic disturbances in our extensible overlay network caused unstable experimental results.

5 Related Work

We now compare our solution to prior ambimorphic modalities approaches []. Unlike many prior methods [,], we do not attempt to evaluate or provide redundancy []. It remains to be seen how valuable this research is to the electrical engineering community. Along these same lines, a recent unpublished undergraduate dissertation [] introduced a similar idea for massive multiplayer online role-playing games []. Our application is broadly related to work in the field of e-voting technology by White, but we view it from a new perspective: active networks []. Our solution to stochastic configurations differs from that of Ivan Sutherland et al. as well []. Usability aside, our framework analyzes even more accurately.

Our heuristic builds on prior work in permutable archetypes and algorithms. Our design avoids this overhead. Next, unlike many prior methods [], we do not attempt to control or study the visualization of the World Wide Web []. We had our solution in mind before Taylor et al. published the recent well-known work on active networks []. Richard Hamming et al. [] suggested a scheme for visualizing concurrent models, but did not fully realize the implications of spreadsheets at the time [,,,]. Despite the fact that this work was published before ours, we came up with the method first but could not publish it until now due to red tape. Instead of architecting the Turing machine [,] [,], we fulfill this ambition simply by studying linked lists [,,]. Ultimately, the methodology of Y. Raman et al. [,,] is an important choice for erasure coding [].

6 Conclusion

In conclusion, we validated here that the seminal probabilistic algorithm for the refinement of SCSI disks by Taylor and Taylor is impossible, and our application is no exception to that rule. Our framework for improving permutable information is clearly good. We concentrated our efforts on arguing that flip-flop gates and public-private key pairs can interact to realize this objective. Along these same lines, we also presented an analysis of Moore's Law. The evaluation of vacuum tubes is more typical than ever, and our framework helps theorists do just that.

They never were sufficient (1)

dkleinsc (563838) | more than 3 years ago | (#35651388)

Seriously, whatever made him think that consumer machines, particularly Windows machines, were even close to being secure? Remember that you're dealing with Aunt Tillie who may still be running Windows ME here.

Now, one thing ISPs could do that might make sense is to have an automated system that contacts a user if they see something suspicious (e.g. several hundred thousand emails at 3 AM) from their connection. That of course assumes that the ISP deletes the data in question within a reasonable time frame.

Re:They never were sufficient (1)

Attila Dimedici (1036002) | more than 3 years ago | (#35651504)

I would agree. It would be a good idea if the ISP were to contact a user if certain suspicious behavior (sudden massive increase in the number of emails being sent at odd hours, sudden, prolonged increase in amount of traffic) to let them know there might be a problem. If the suspicious behavior continues and after multiple contacts the user fails to contact ISP to confirm that such behavior is due to user action the ISP may suspend the user's access to the Internet (for the purpose of triggering the user contacting the ISP to allow the ISP to inform the user of the problem and how to correct it if it is due to an infection).

Re:They never were sufficient (1)

cpu6502 (1960974) | more than 3 years ago | (#35651584)

>>>suspicious behavior (...sudden, prolonged increase in amount of traffic)

Like downloading youtube videos?
Running Utorrent to grab missed episodes of Supernatural?
And you think the ISP should suspend the user if there's no answer???

Judas Priest - stop giving them ideas!

Re:They never were sufficient (1)

Attila Dimedici (1036002) | more than 3 years ago | (#35651798)

Not after no answer for one incident, no answer for repeated incidents. The suspension would be until the user contacted the ISP and said, "Oh yes, I was doing something at that time which would explain that spike in emails/usage." No need to specify what, merely the statement that, yes, the unusual usage pattern that you noticed is the result of something I chose to do. Or the user says, "What do you mean I sent out 5,000 emails?" (Actually, Comcast already shuts off your email if you send out too many emails in 24 hours. I do not remember what that number is anymore, but my previous employer ran into it every now and again before they switched to a business class connection.)

Re:They never were sufficient (0)

Anonymous Coward | more than 3 years ago | (#35651856)

So, you mean business class connection is mainly for spammers!

Re:They never were sufficient (1)

cpu6502 (1960974) | more than 3 years ago | (#35652694)

"Oh yes, I was doing something at that time which would explain that spike in emails/usage."

- "What were you doing sir?"

- "None of your business."

- "Sorry sir but I cannot reactivate your account until you tell me what you were doing, because we're concerned about your safety, and protecting the net from virus attacks."

- "It's personal."

- "Then I cannot..."

- "Okay fine I was bittorrenting some TV shows."

- "That is illegal under our TOS, which forbids running an uploading server or program. I'm sorry but we must keep you suspended indefinitely until management reviews your case."

It's already happened to some Comcast users.

Re:They never were sufficient (1)

Attila Dimedici (1036002) | more than 3 years ago | (#35652908)

And that I have a problem with. It is not Comcast's (or any other ISP) business what I do with my Internet connection. The only thing this is a valid use for is to make customers aware if they have a virus on their system.
The correct response when told what the user was doing was not:
"I was bittorrenting some TV shows."
It would be:
"I was downloading some files."
If they ask what files, the answer is, "I'm sorry that is privileged information that you have no legal basis for asking. If you still feel that you need to know, please have your lawyers contact me. If you do not restore my connection at this time, I will have my lawyers contact you."

Re:They never were sufficient (1)

mlts (1038732) | more than 3 years ago | (#35653752)

It also helps to use an anonymous VPN service, even one that is in the same country. This way, Comcast has no way of telling what is going over the PPTP/L2TP link.

It also strengthens the case of either they provide a legal reason that a judge would sign off on, or they provide compensation for what might be a material breach in their contract terms.

Re:They never were sufficient (1)

SnugglesTheBear (1822258) | more than 3 years ago | (#35651652)

But what good would be alerting the common person that they are infected? Most modern malware comes coupled with a rootkit of some sort that subverts AV protection so just running AV would be out of the question. Asking a standard user to reformat their own machine is also out of the question as most users aren't comfortable with that. So basically I feel that you would have to relinquish control of your machine to the ISP for any type of effective treatment to take place. Not that I agree with such big brother antics.

Re:They never were sufficient (1)

Attila Dimedici (1036002) | more than 3 years ago | (#35651826)

I have yet to run into a virus that I could not remove from the PC without reformatting. That being said, I really have not thought about how the ISP should respond to those individuals who will not, or cannot, clean the virus off of their system.

Re:They never were sufficient (1)

dkleinsc (563838) | more than 3 years ago | (#35652078)

But what good would be alerting the common person that they are infected?

First off, it means they're less likely to put in, say, their credit card information or bank account numbers.

Secondly, the ISP could provide a referral service for a pro to come clean up the machine. It may be the Geek Squad or something, but there's a good chance it will help.

Re:They never were sufficient (1)

mlts (1038732) | more than 3 years ago | (#35653868)

Problem is that with most modern malware, cleaning up is almost pointless. The only real way to get back to a known state is reformatting and restoring to a point in time that is definitely before any infected code got free reign, or formatting and installing from scratch, reloading the OS and apps, and hopefully any recovered data.

I don't mind an ISP notifying (perhaps via SMS) about viral threats, as it puts their IDS system to good use. However, I am leery of having an ISP automatically pull the plug on what it suspects may be an infection... just too much room for abuse on that front.

Re:They never were sufficient (0)

Anonymous Coward | more than 3 years ago | (#35651660)

Good idea..increase in the responsibility of the ISP..meaning they would actually have to do something besides billing for the service..

Re:They never were sufficient (1)

Charliemopps (1157495) | more than 3 years ago | (#35651736)

Almost all ISPs already do this. If they don't they risk having blocks of IP addresses they own blacklisted by other ISPs.

My personal security firm (0, Interesting)

Anonymous Coward | more than 3 years ago | (#35651494)

... is Smith and Wesson.

cheap, effective, and protected by the U.S. Constitution.

Re:My personal security firm (0)

Anonymous Coward | more than 3 years ago | (#35652170)

Oh I get it.. you're going to shoot your computer. The only computer safe is one unplugged and not connected to the network. Since yours will be shot to hell, it can't possibly be hacked.

Your guns are useless (0)

Anonymous Coward | more than 3 years ago | (#35652518)

I'll have punched you in the cocks and stolen your lunch money before you've even pulled your guns out.

Re:My personal security firm (0)

Anonymous Coward | more than 3 years ago | (#35653166)

So when someone hacks your computer you shoot it? I guess that takes care of the problem.

apt-get upgrade (0)

Anonymous Coward | more than 3 years ago | (#35651518)

sudo apt-get upgrade has been good enough for me for years. Thank you very much.

(I also have ClamAV with the Fireclam extension for Firefox to scan the downloads but well...)

What a world (4, Interesting)

erroneus (253617) | more than 3 years ago | (#35651582)

I'm pretty sure we all know the score here. We know who the bad guys are and what they are after. We know who the vendors of the platforms being exploited are and why they aren't or can't be patched. We know why end users continue to pretend they don't know or understand what is happening or what they can do to prevent it.

I just wonder what things would have to happen to overcome all of this crap? Will there have to be a cyber 9-11 attack somewhere to wake everyone up?

The other day, a person I went to some classes with called me and told me she "got a virus... or several viruses." I invited her over and she brought her laptop with her for me to examine and clean if possible. She was afraid to turn it off. But what was refreshing to me was the fact that she did everything right.

1. She went to another computer and changed all of her on-line passwords -- banking, insurance, bill paying, email, everything.
2. She ceased all work and use of her computer immediately.
3. She was using a browser that wasn't MSIE.

What I saw what just about what I expected to see. A window that was decorated to look like a Windows window "running a scan" and reporting several infections all over her computer. Problem was, since she was using something other than MSIE, the window wasn't manipulated to hide the URL this was supposed to be coming from... showed to be somewhere in eastern europe. A dialogue box was up with two buttons -- both of which lead to downloading an EXE file. And had this been MSIE, I had no doubt that the machine would have already been compromised -- seen that too many times. And oh yeah, all of this continued to work despite that she wasn't connected to the internet at all. Fascinating stuff and kinda pretty.

Still, I booted one of my machines over to Windows, updated everything and AV signatures too. I pulled her hard drive and connected it to a USB adapter and connected it to my computer to perform a scan. After a very long time, nothing showed up leaving me 98% certain that all was well and that nothing had happened to her machine.

Still, she doesn't fully understand the technologies but she at least listened to advise to not run MSIE on the WWW and to stop using her computer and to change her passwords from a different computer. How many people do you know would do that? I don't know too many... in fact, she was the first. I had another classmate who had a similar problem and she was terrified but she KEPT USING HER COMPUTER. I was like "uh.... okay... these are the risks... it's on you now."

Motivations and desires push people to do things, often stupid things, in spite of their knowledge of the risks involved. AIDS is still alive and killing for that very reason and so is drug-pushing spam. (Though lately, I have seen a LOT less of that... actually, none... either my filters are learning way good or there is simply less of it out there and what is out there is being caught.)

In a perfect world, Microsoft would abandon its Win32 and create a new OS based on BSD like Apple did. We would still have reasons to "hate" on Microsoft and they would still find ways to screw things up I am sure, but a better OS is definitely needed for the world and if it ain't going to come from Microsoft, I find it hard to imagine where it would come from in the near future.

Re:What a world (1)

McTickles (1812316) | more than 3 years ago | (#35651686)

But the real question is, did you get to see her private files ?

Re:What a world (1)

erroneus (253617) | more than 3 years ago | (#35651784)

Seriously? No. Wouldn't have wanted to... some people are best with their clothes on. (myself included)

Re:What a world (0)

Anonymous Coward | more than 3 years ago | (#35652740)

But the real question is, did you get to see her private files ?

Seriously? No. Wouldn't have wanted to... some people are best with their clothes on. (myself included)

Sheeesh. Files?

Re:What a world (0)

Anonymous Coward | more than 3 years ago | (#35651772)

so she had a web page running an animated gif on it. The scan showed no infection, which means she didn't click on the scan now button. If she had clicked on the scan button and been running any windows system after XP another big warning would have come up and asked her if she wanted to install the exe you mentioned. By telling your friend she is safe not using MSIE you are doing her a disservice. This kind of scam happens with any browser, when people think only IE can be highjacked people think they are safe using FF or Chrome.
Pretty common attack, most people fall for it, especially people using xp.

Re:What a world (1)

erroneus (253617) | more than 3 years ago | (#35654324)

Actually, no, it was a very sophisticated Javascript application that managed to keep itself running even after the web browser was closed and opened again. I didn't dissect it... wish I had now.

The fact that it wasn't running MSIE has, in my experience, prevented MSIE specific code from running which would have led to worse things.

There was no "scan now" button.

But yes, this attack is common and relies largely on gullibility and a lack of knowledge of the users who normally wouldn't be able to close the application (as is the case with MSIE but with with Firefox).

She was made safer by not running Firefox. From there I showed her how to use NoScript as well to be even more aware of what is happening.

While it is [demonstrably] true that this happens with any browser, the ability for MSIE to change the user windows, hide the URL and all other things makes MSIE especially convincing to users when the code is created right. There are and have been "no click" installs of such things due vulnerabilities in or connected with MSIE.

In any case, she was an uncommon responder -- she "fell for it" but took good measures to resolve it and did not actually get infected where others would have.

98% certain? (1)

OglinTatas (710589) | more than 3 years ago | (#35652646)

and 2% fearful that you got the same root kit she has?

Still, I booted one of my machines over to Windows, updated everything and AV signatures too. I pulled her hard drive and connected it to a USB adapter and connected it to my computer to perform a scan.

or Plop Linux + Avast + latest 400.vps on bootable CDR. That's how I end up fixing peop's computers (if I'm feeling charitable, i.e. if they are family). No way am I plugging a known compromised device on my LAN, let alone directly to my computer, no matter how patched I think it is. And I don't even run Windows.

Plop [www.plop.at] what a relief it is.

What he's saying (2)

cerberusss (660701) | more than 3 years ago | (#35651600)

It's kinda hard to see what the conclusion of TFA is, since it doesn't really take a moment to summarize anywhere in the piece. But basically we have two people speaking. Peter Coroneos tries to say something that home routers should contain more/better security.

Then he says: "people need to ask if Cloud applications are secure and private". I don't see what that has to do with security but rather with privacy, but there you go.

Then there's TrustDefender co-founder and CEO, Ted Egan, who's trying to peddle his company product, which seems to be a piece of software not unlike a trojan, which detects other trojans.

OK, that was a waste of time.

Re:What he's saying (1)

c0lo (1497653) | more than 3 years ago | (#35652818)

It's kinda hard to see what the conclusion of TFA is, since it doesn't really take a moment to summarize anywhere in the piece.
[...]

OK, that was a waste of time.

Mate, before following your conscience and actually reading TFA, a quite commendable act anyway, I direct your attention to the smaller details of:

it security finally slashvertisement story

from the fight-botnets-with-socialism dept

Rebuild it stupid! (and Geeknote) (1)

Grindalf (1089511) | more than 3 years ago | (#35651762)

Don't they rebuild their machines once a day like I do? It's a synch! That way you can arrange your Operating Systems across you machines the way you like for that day. Learn to click and type fast , that's what I did BTW The Blue Ray versions of the Star Trek movies are now available on the Star Trek website – they have ditched the blurred versions and put out the high feng shuey originals like Spielberg did with Close Encounters (and re tinted Lucasarts still have to do). This is important geek culture!. I can't wait ...

"Back in MY day..." (1)

Shoten (260439) | more than 3 years ago | (#35651878)

With the increase in population and vice, there are so many people walking around that it's hard for a single homesteader to protect their land and family all by themselves these days. It used to be that when someone walked onto your property you could see them coming from a mile away, and you could get a pretty good idea of what they was a-hankerin' to do by the way they looked and what they had with'em. These days, in Silver Gulch, with every kind of person around, and so many people walkin' about, it just doesn't do to have everyone have to look after their own. Which is why we need a sheriff, to keep law and order! The only way to keep the miscreants from overrunnin' the town is for the good, law-abidin' citizens to work together! ....same thing, different century, essentially.

Re:"Back in MY day..." (1)

savanik (1090193) | more than 3 years ago | (#35652040)

What? Be reasonable! I don't want some yahoo sheriff coming onto my property and enforcing some law, some arbitrary law, someone came up with no idea what's true and proper to do on my own land! I'll treat my servants however I like on my farm. If there's some problems around Silver Gulch, well, that's what we got those Anonymous vigilantes over there for, running around and hanging people they think done the world wrong. Why, everyone should be proud of those fellas. Even if they get a few innocent people that don't know any better, they're cleaning up this town because nobody else has the gumption. Besides, those people they're lynching probably did something to deserve it.

Re:"Back in MY day..." (0)

Anonymous Coward | more than 3 years ago | (#35652510)

PS - I also don't want that sherif to taze me bro when I start asking political questions, or appear at peaceful protests to be corralled.

Um...hes a 3 letter so be careful... (1)

Chanc_Gorkon (94133) | more than 3 years ago | (#35651934)

First indicator that this guy may be wrong is he's a CIO. CIO's have staff that probably tell him the kind of crap that he has in this article, but let's look at what he has....a quote of his quotes:

"Coroneos said vendors need to intervene at the network level and need to provide security tools at a multiple levels to help secure people from the multiple levels of threats that are emerging."

I think this means that vendors need to design security as a function of their software and of their networks which gets a big DUH! I don't think he means that the ISP needs to do this necessarily.

"The rise of cloud computing is also adding another dimension to the security problem.

“If you look back 15 years ago we were talking about thin clients and now we are seeing an increase in migrations to the Cloud,” he said.

“However, there are issues with the Cloud, including data protection and security.”"

Ok....cloud computing is NOT inherently insecure, however you DO happen to give up control of the data once it gets moved to the cloud. Cloud Computing is one of trust. Do you trust Amazon's S3 Service? What about Google? Is Cloud Computing really something different? I also dispute that Cloud Computing is a new concept. It's a different way of doing what we already do. You have complete control of a server that is running on the internet instead of sitting in your companies rack and the setup may include data synchronization. Cloud Computing is nothing more than networking with a new spin. Does this add a new dimension? Maybe, but I don't see it as being any different since you have most of the same control over the server in the cloud that you do in your home.

What this all boils down to is trust. If it's something that really needs to be secure, you put multiple layers of Firewalls and endpoint protection on them and then you encrypt the hell out of it and NEVER even think about putting it into the cloud and the regular home user just isn't equipped for this.

With all of that said, there should be walled ISP's as well as unwalled. The experienced use the unwalled and the non experienced don't. There you ALSO enter into another level of trust: you trust your walled ISP to only block the bad stuff and not the good stuff. The question is: who determines what is bad and what is good??

Re:Um...hes a 3 letter so be careful... (1)

McNihil (612243) | more than 3 years ago | (#35652326)

With "First indicator that this guy may be wrong is he's a CIO." you make that CIO sound so like "Chief Idiot Officer." :-J

But on topic now... there is only one security model that works and it is Active with Proactive Security where one monitors 24/7 for any breaches and searches for holes before they are exploited. This actually takes knowledge and time which costs real money. Useless information (most human beings data... especially now in the age of Facebook et.al.) doesn't need this overhead. In this latter scenario the individual security is not only dead but completely unnecessary.

The article not even a storm in a teacup and mostly useless and definitely nothing new under the sun.

Ask your local firearms dealer... (1)

PinchDuck (199974) | more than 3 years ago | (#35651980)

He'll tell you it's alive and well.

Fluff Article (1)

Anonymous Coward | more than 3 years ago | (#35651992)

Coroneos said vendors need to intervene at the network level and need to provide security tools at a multiple levels to help secure people from the multiple levels of threats that are emerging.

I work in IT Security and I barely understand what he is talking about. Is he suggesting that we don't have the tools to detect and counter-act these threats at the network level already? Is he saying we should implement network level solutions such as filtering? If so, why target that advice at vendors and not service-providers? The tools already exist. The suggestion is so light on details and ambiguous, it's meaningless as a direction.

Monty Python? (1)

TerranFury (726743) | more than 3 years ago | (#35652244)

In the article, he writes,

It reminds me of a Monty Python skit where a building is being held up by trust. It’s only standing up because people are believing it will stand up[...]

Anybody know what skit he's referring to?

Windows will NEVER be secure (1)

jonwil (467024) | more than 3 years ago | (#35652638)

Windows will NEVER be secure.
To be secure (or secure enough to avoid viruses etc) would mean sacrificing other things that are more important to Microsoft's customer base including ease-of-use and backwards compatibility.

Re:Windows will NEVER be secure (1)

Bengie (1121981) | more than 3 years ago | (#35654650)

Which is funny, because OSX has been shown less secure than Win7.

Win7 on the network is quite secure, but I guess if you start running random programs from unknown providers, you may get malware. But hey, the same can be said for Linux and its on-going fight against priv elevation exploits.

Are the Days of Individual Security Over? (1)

c0lo (1497653) | more than 3 years ago | (#35652936)

Q: Are the Days of Individual Security Over?
A: most definitely yes: the individuals have all been secured! Now it is time to move forward to social security...

Errr... what? Ah,now I see why this is coming from:

the fight-botnets-with-socialism dept.

And the cat and mouse game continues (1)

bryan1945 (301828) | more than 3 years ago | (#35653448)

The only way to be 100% secure is to have no network connection at all. Preferably also turned off and locked in a safe. Virus --> anti-virus software --> anti anti-virus & polymorphic virus --> etc. DOS attack --> countermeasures --> DDOS --> more counter. Network attacks --> firewall --> ISP level network --> something new?

Yes, very simplified and not very accurate, but it shows the constant war between attackers and attackees.

We're saved. Saved! (1)

Just Some Guy (3352) | more than 3 years ago | (#35653474)

the Australian Internet Industry Association. According to AIIA's Peter Coroneos, vendors need to intervene at the network level and provide security tools at multiple levels to help secure people from the variety of threats that are emerging."

[Industry] spokesman declares that life as we know it is about to end, and that only [industry] is in a position to protect us. Given the proper financial incentives, of course, and made mandatory by legislation "for our own good" if need be.

Color me shocked.

I have individual security (1)

gurps_npc (621217) | more than 3 years ago | (#35653580)

It is called an OS that is not Windows. If you use your PC to surf the web, write, and do your taxes, then you don't need windows.

Look, there are things an ISP can do to keep itself secure. For example, they can look for suspicious activity and kill your connection if it becomes obvious you are owned.

But pretty much anything else becomes them providing LESS service, not more.

Yesss!!! (1)

Alex Belits (437) | more than 3 years ago | (#35654684)

We should collectively rush to close the barn doors after the horses are out.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>