Sunday, September 06, 2009


At the New York Times today here.

School bells ringing, children singing, back to Robert Hall PC Barn, again!

Anyway, that's Riva Richmond's tune in "Keeping That New PC Clean and Pure."

"School starts soon, and many people are getting spanking-new computers. Ah, the joy of a new and more powerful toy — and a clean slate," she writes as preamble on how to set up a secure PC. Except she doesn't. It's just the gathering up of all the old advice that you might as well skip because it's worn out and pro forma. (And besides, your kid knows more about the computer than you. Everyone knows that, right?)

Why is the advice worn out, exhausted? For many reasons, two of which I'll mention. First, updating software is embedded in the way of the PC and the average user can't turn it all off even when he or she tries to. And because this is the way things are, all users eventually find their computers bricked or badly glitched by a patch or update.

As qualification for my role as biting fire ant, DD will point readers to one of the first books on the why's and wherefore's of computer virus writing and anti-virus software in 1994. And that I've been dealing with the world of PC security even longer, since the advent of something I once edited called the Crypt Newsletter.

"CHECK YOUR FIREWALL SETTINGS," advises Richmond. "Do this before you even connect your computer to the Internet."

Yeah sure, you betcha. In the real world, your PC is sold to you with Windows firewall ready. For those standard readers prone to checking their settings anyway, there's not much they can do in the way of fiddling except turn it off. At which point the PC nags them. In fact, one of the most reliable 'features' on a PC is its insistance on regular nagging for many things, not just security.

"Mac users can check and adjust their firewall settings by clicking on the Apple icon and going to System Preferences and clicking on Security and then Firewall," she continues.

Remember when I was nice to some Pacifica radio host back in July?

He claimed he used a Mac.

Next, Richmond goes into the routine on how you want to always be updating your PC. Set computer update to stun now, so it will do it even when you're asleep. That's the message.

Using this strategy, eventually you're machine will get bricked. Or it will inevitably work worse than it did before. And then a little worse, always incrementally worse. Like most people, this will bring you back down to earth, always living with increasingly diminished expectations. Richmond leaves that part out. She also leaves out the bit about automated nagging.

"ADD SECURITY SOFTWARE," the Times reporter continues.

Has anyone normal actually been able to avoid buying a PC in the past decade that doesn't come with anti-virus software pre-installed, waiting to nag you for your subscription?

In fact, the phenomenon of overnagging -- or overharping -- about installing anti-virus software has contributed to the booming business of globally delivered plagues of fake anti-virus software. This world is now so twisted you can see ads for so-called anti-virus software on MSNBC, software which started out as a fake-anti-virus program but now supposedly gone legit. Would you trust such a program? It's called StopSign -- ads for it feature come hither young people delivering the pitch in in eastern European accents -- and you can read the bizarre story through Google.

"Firewalls won’t help fend off viruses or Trojan horses that can come through e-mail messages, Web sites and pop-up ads," Riva Richmond continues for the Times.

Great wrong advice. Yes, they can. Where does the newspaper dig up these people?

My firewall does this. It's called Jettico. If you want to use Jettico, careful now. If Richmond's advice column seemed about right to you before you read this, you could stand to brick your machine installing it.

"There are several free antivirus programs, like AVG 8.5 Free, Avast Antivirus and the forthcoming Microsoft Security Essentials, so even penniless students have no excuse to go without," adds the piece.

It's correct about the free part. However, it doesn't inform that anti-virus software products work by what's known as enumerating badness.

That is, the anti-virus software developers try to gather up all the computer viruses in the world, categorize them, and put detection in the software after the fact. This process, which everyone is locked into, guarantees the newest computer virus will always slip through and have to be submitted to the industry so that detection can be added.

It means your anti-virus software will fail, at least once, eventually. Like DD's did last week when a new version of a fake anti-virus arrived. Fake-antivirus malware also relies upon the PC user's familiarity with automated nagging which cannot be turned off.

Not to worry, the firewall stopped it -- remember, that software Richmond tells readers won't "help fend off" malware? So I submitted it to my friendly neighborhood anti-virus vendor, the one that did not detect it. Two days later, the software caught the new samples in my bad and evil software zoo.

"Since a lot of malicious programs now come through Web sites, you will also want to use one of the many free tools available to help you avoid malicious sites," comes another bit of advice.

Eh ... not so valuable. Again, it's advice which ties you to the underlying bedrock of a world reliant on enumerating badness. And since the bad actors know that people try to avoid obviously malicious sites, or who already use filters which try to steer them off, they're always busy trying to poison and infiltrate sites which are not assumed to be malicious.

Perhaps a better column would have advised readers to expect some manner of tears at a point in time, perhaps sooner rather than later. And that the global system of enumerating badness for the securing of a fundamentally insecure device attached to a fundamentally insecure network ensures this, no matter what one may choose to do.

However, then we'd be in to explaining how malicious software attacks a PC and attaches to a clean system and what steps one takes to make reflexive the removal of it when all the stuff already mentioned in such an article -- fails.

Or one could dispense with such unpalatable and indigestible advice for, "Take it to someone who knows. Open wallet."


A double dose of 'Oof!' The New York Times serves a Sunday dose of malware embedded in poisoned advertising.

Don't do as I do, do as I say. Hmmm, don't do that, either. Nevermind.


Anonymous bonze said...

The helpful authors forget to include a link to Marcus Ranum's Ultimately Secure DEEP PACKET INSPECTION AND APPLICATION SECURITY SYSTEM.

Since I applied this elegant technology to "patch" my system, I've been COMPLETELY FREE of annoyances such as viruses, system prompts, internet access, and glowing screens. (I'm posting this from the library.)

10:31 AM  
Blogger George Smith said...


11:08 AM  

Post a Comment

<< Home