Ohhh, great post and lots to take in there.
I agree with you that prevention is something that has to be dealt
with as well, but the idea behind stopbadware is to aim at the root of
the problem and not reduce the visibility of the subject.
Do look at the history of the virus itself. The problem isn't solved,
we just have better protection, but there are still virus out there
and they are indeed trying to get to us "mortals" all the time.
Instead of going to the root of the problem, a new industry was build
around the virus protection. If I produce a virus today and release it
into the wild, I'd hardly get any problems because of this - I can
have fun creating virus's and watch them be detected. - Hooray for
that ... NOT.
On May 12, 2:29 pm, Jart351 <jart351.ar...@ntlworld.com> wrote:
> Only become recently aware of StopBadWare and as a victim of badware /
> malware (like most of us) more than willing to become an activist.
> However in developing approaches to stopping badware and looking
> through the posts within this forum there is very little mention of
> the other side of the coin, i.e. the prevention of badware even
> getting onto a pc in the first place?
There are several different ways badware can get into your PC, the
broadnes of the badware definition doesn't neccesarily mark all
badware as virus or other directly illegal software, but also takes
all and every software package that does something without giving
proper identification of the issues. I.e. if your virus protection
automatically send data to the cmopany that created the software,
you'd have to agree to this, or the virus protection would be deemed
Most often, badware comes wrapped in unidentifiable legal mumbo jumbo,
which requires a degree to understand, and that too is badware (under
the stopbadware terms), even though proper information is given, but
it should be understandable by everyone using a computer.
> As a professional & elder geek I do have some sympathy to the average
> webmaster and those on the hosting side, for example the pleas of some
> of the webmasters within this forum. All I would recommend anyone to
> do is take a look at a really interesting web sitehttp://www.zone-h.org
> which provides a global report on digital attacks, so far 2,255,044
> reported web site hacks in their archive and a 1,000 + a week and
> growing. A report from a few days ago even showed the Microsoft IEAK
> (Internet Explorer Administration Kit) website was a victim of
> defacement. I defy anyone not to come away from that site without a
> sense of depression about the world wide size of the problem(s) for us
> all. So if anyone thinks the problem resides only with overzealous web
> masters we are in a fool's paradise, it is my bet that much of the
> badware is actually applied by the pro hackers without the webmaster's
> or hosts knowledge.
Even I have been attacked by the moslem community, being from Denmark
and a newpaper posting inappropriate drawings. I knew right away that
attacks would happen. Lo and behold - The one place where I knew the
attack would occur, a 3rd party software, was exactly where it
happened. - I did not get anything through the defenses anywhere else
- and I havent got any firewall or other fancy stuff. How can that be?
- Because the defenses that you really need are already pretty well
described though hidden deep inside the documentation of the client os
and server os's.
> This leads me to the main issue i.e. prevention, to assist in
> describing this I will use some of the examples of a very recent
> personal BadWare horror story to highlight this area, I will not fully
> describe my incident within this post, I will follow up later, because
> on this assault I was so personally incensed I am spending the time
> doing the forensic work as to how and who caused my problem, and it
> has already unearthed some very disturbing chain of either deliberate
> or possibly unwitting collaboration.
> So the incident commenced with the usual symptoms a very fast, highly
> tuned PC with triple banked firewalls, two levels of anti virus, etc.
> etc., starts to lose speed, processor working flat out, Internet
> Explorer starts to freeze up regularly. So I soon realize I have an
> uninvited guest.
Let me guess just once - You let the guest in yourself. - You felt
secure behind your system and thought the defenses where enough. -
Well, I have a pretty good security system myself, but even when I
myself want to venture to the internet, I don't jsut go there without
ensuring that I have an extreme grip on what happens with the
computer. Mind you, I never use a server nor a computer that I have
sensitive information on, I use a default totally locked down client.
Should I get any badware, it's only a matter of a few seconds to fix
the issue, worst case, 1 hour work and I'm back to normal.
Before you can prevent anything, you need to identify the entry points
- and from what I have experienced, the major entry point is the user
in front of the computer. I.e. it is the ultimate weak link that
eventually leads to the problem.
Using standard approaches for security can eliminate 99% of the
problems if not more, and then by using some simple approaches can
eliminate the last 0.99% - Once in a while the last bits and pieces
have to be collected and fixed. This is based on actual patterns of
use on publicly accessible computers over a period of almost 12
> The leaders of the industry have a major task to show leadership in
> preventing the problem in the first place and applying to the core
> security niceties of at least ensuring any of their products
> demonstrate good practice to the rest of us mortals. Just to end with
> a little humorous cynicism, as Google are correctly now acting to at
> least highlight potential BadWare web sites I assume they are not
> still taking revenues for ad-words campaigns from them?
As a point, the security of the core OS must be the basic task to fix,
and this is also what the industry is focusing on at present. However,
there is not going to be a fully secure OS for quite a while, if ever.
Hence the requrements for identification now and in the future of such
I think the current approach is pretty good, but does call for
improvements and innovative technology to expand beyond the limits
that are set at present.