Id10Ts and the €conomic$ of $ecurity
Page 1 of 6 123 ... LastLast
Results 1 to 10 of 54

Thread: Id10Ts and the €conomic$ of $ecurity

  1. #1
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190

    Id10Ts and the €cnomic$ of $ecurity

    They're at it again

    Ron O'Brien, senior security analyst at Sophos, explained to internetnews.com that the Mac statement was made in the context of whether the end user is committed to the effort or time to manage and maintain a safe and protected Windows environment. If not, he said, then perhaps Mac would be a more viable alternative
    So, I have a $3,500 PC with Windows and I should now ditch that for $4,000 worth of Apple, that I have even less idea how to use? And this will make me "more secure"?

    As we all know, second hand PC kit is pretty worthless, so that would be an almost total write-off.

    Rather than spend $4,000 and waste $3,500 wouldn't it make more sense to employ a professional to create a secure Windows environment?......................it would be one hell of a lot cheaper, and most stuff will auto-update.

    All you would need then is a maintenance contract?

    For an existing PC home owner this has to make sense. The trouble is that most home owners don't even realise that there is a problem...............so they won't be buying an Apple anyway


  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Nihil, where's the quote from? (full article as I'm curious what "Mac statement was made in the context ..")
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    Where do you buy your PCs and your Macs? You're being ripped off heh...

    Anyways.. it all depends on your PoV.. For end users here to get a tech into your home, you're looking at $120/hour... So 10 hours of work costs you $1200... Now let's assume we're talking about an end user with no knowledge what-so-ever..

    Now lets define some constants...

    Windows XP: $250.00 (That's prolly low)
    Windows Install Time: 1 Hour
    Driver Install Time (including gathering of the drivers): 1 Hour
    Lifespan of a PC for the average Home User: 2 years (this is fairly reasonable in my opinion)
    Required Visits for Maintainance: 1 Visit per Month
    Length of time per visit: 2 hours if no problems (defrag, updates, reboots, etc)
    Additional problems per year: 2 (this is fairly reasonable)

    So... I bought a PC for $3500 (your numbers)...

    I decided that this is the best idea to get someone to come in and set everything up...

    They come in and I'm using my computer directly connected to my modem... oh.. It's already infected... they wipe it out... but the company I bought it from didn't provide me with a copy of XP and there's no CD Key... I have to buy XP... and they were there for an hour at this point... 120 + 250 so far... They get it up and running (remember our constants) That's another 240 (install + drivers).. Im up to $610... They sell me on a router and convince me to go wireless... router + wifi card are 100... I'm up to 710... So they spend 2 hours securing and updating and configuring... I'm up to 950... I sign a contract for monthly visits.. $2880.... I'm already well over the price of the PC if I add the two additional problems that will pop up.. plus most likely another reinstall at some point... Add another year of that and my computer has broken my bank.. Costing me in the neighbourhood of $10,000 for 2 years of usage... Or..I could go out and pick up a Mac.. From a Mac Mini ($600) to an iMac ($2000) or maybe a MacBook for around ($1500)... Macs are currently not targetted and I'm totally clueless and feel Macs are totally secure.. I use my Mac for two years... prolly have 0 problems (the fact is that most Mac users never experience a problem... even if the risk exists.. it just doesn't happen)... I have the PC which my kids play on whatever happens to it happens to it and I have my Mac... total cost... under 5K... To the end user this is the better deal...

    This is why we have so many problems... Techs over charge for in home visits and for many end-users unhooking their computer to bring it into the shop and then hooking it back up is just as complicated as doing the work themselves...

    /me points back to original idea posted long ago of licensing computers much like we do guns and cars...

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Sorry MsM it is from EITPlanet's security news on our front page:

    http://www.enterpriseitplanet.com/se...le.php/3619416

    "Trojans on the March"

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi There HT~ ,

    I think that we have had this discussion before?

    Where do you buy your PCs and your Macs? You're being ripped off heh...
    That is SO TRUE!.............. I think I suggested that to compare, you have to use an exchange rate of $1 = £1? So a $3500 machine is around £2000, which is a good upper end device but only equivalent to $2000 to you guys.

    On the other hand, our onsite charges are way lower................ I guess $60~70 per hour. Please remember that we are 62 million sweaty bodies stuffed into an area a half the size of the State of Oregon?.............. the tech does not have to travel that far

    I do not consider OS costs or the like, as you paid that when you bought the machine. Also, if you pay for it up front, your machine can be "hardened" in the shop, before you even get it.

    Lifespan of a PC for the average Home User: 2 years (this is fairly reasonable in my opinion)
    That would NOT be considered reasonable over here............at least 5 years domestic and 3 years commercial would be typical. As an instance I would say that over 50% of domestic machines are still running 98/ME and a lot of businesses/institutions are still on Win2000.

    Required Visits for Maintainance: 1 Visit per Month
    That I cannot accept. Windows will update automatically, all your anti-malware stuff does, and things like defrag can be scheduled as tasks. Once every six months would be closer for a domestic machine IMO?

    I don't get many recalls to stuff I build and commission...........a few upgrades, a bit of telephone support and advice...........and a few hardware failures (incidentally, those are starting to get annoyingly more frequent).

    I get lots of stuff bought at the equivalent of Walmart though

    I would look at a process model along these lines:

    1. Buy PC at Walmart
    2. Take PC to maintenance shop and get security set up instore.
    3. Guy delivers and sets up (hey, if it takes more than 30 minutes, you really should be throwing trash for a living?)
    4. Applications update themselves.
    5. Annual check - up.

    Something like that?............OK with SOHO you might want a router and a hardware firewall...... wireless? no thanks............ not needed.

  6. #6
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    For end users here to get a tech into your home, you're looking at $120/hour...
    Here in Shawnee country, the high-end outfits (the ones with the fancy vans) charge $120/hour, but I'm often going up against folks who go as low as $35/hour (onsite!). I'm seeing some interesting wrinkles in the local market now. One outfit now offers a remote maintenance contract and never show up onsite, all for a few hundred bucks a year. Who knows what they're really doing on users' PC's? Or how securely they're connecting (probably remote desktop).

    ...I would say that over 50% of domestic machines are still running 98/ME and a lot of businesses/institutions are still on Win2000.
    Not in the States. Mostly I see XP anymore. Dell has been an absolute monster in the computer market here. "Dell" is the first thing from someone's mouth when they talk about a new PC. And they push some c-h-e-a-p units on consumers (under $400 now). And they must be pushing some hellacious packages on businesses and institutions judging from the rollout work I see.

    Most businesses I service are going thru PC's every 2-3 years, sometimes less. The "overhead" (AV apps, firewalls, and ass't other security) is so great, they have to have newer stuff. Consumers are mindless when it comes to software. Hell, I've heard of people who go out and buy new PC's rather than clean up what they have.

    The Sophos guy makes a valid point. For us, switching to a Mac might be disconcerting, but if you don't know computers...well?
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  7. #7
    Junior Member
    Join Date
    May 2006
    Posts
    21
    Originally posted here by brokencrow
    The Sophos guy makes a valid point. For us, switching to a Mac might be disconcerting, but if you don't know computers...well?
    Yeah, but you have to keep in mind that this is a tactic that will work only as long as most people don't use it. If enough people switch to Macs, Macs will start getting exploited. Personally, I won't be surprised if we see a major attack against Macs sometime in the next couple years. Really, how long is it going to be before someone realizes that there are all these computers just sitting out there waiting to be compromised? And then all these geniuses who think they're secure because they're running Macs will be out there on the Net distributing trojans and such just the same as they are now.
    Information wants to be a fireman when it grows up.

  8. #8
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by realchesherkat
    Yeah, but you have to keep in mind that this is a tactic that will work only as long as most people don't use it. If enough people switch to Macs, Macs will start getting exploited. Personally, I won't be surprised if we see a major attack against Macs sometime in the next couple years. Really, how long is it going to be before someone realizes that there are all these computers just sitting out there waiting to be compromised? And then all these geniuses who think they're secure because they're running Macs will be out there on the Net distributing trojans and such just the same as they are now.
    This has been discussed many times... While accurate.. and while here we frown on security through obscurity... It is valid practice... if It wasn't then why would people hide the safes in their homes... There are also many operating aspects of Microsoft operating systems.. .The Windows NT based series in particular (XP, 2k, 2K3) that make it particularly susceptible to malicious software... aspects that don't exist in the unix and mac world..

    Brokencrow:
    The Sophos guy makes a valid point. For us, switching to a Mac might be disconcerting, but if you don't know computers...well?
    Why is it disconcerting for us to switch to a Mac??? My Mac has recently become my primary computer... many of our engineers use Macs... my director uses a Mac.. another member of my team uses a Mac.. technicians I know at another company use Mac... My Mac gives me the power of unix... but the ease of use of Windows.. It's purdy and it's functional... It is not disconcerting to me in the least.. I fully support the move to a Mac..

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    I fully support the move to a Mac..
    Which suggests that you have missed the point? Here we have a supposed security product vendor suggesting that people abandon their previous investment and lash out on an Apple computer because they will be more secure.

    I do NOT consider that to be sound professional advice. Please note and remember that this advice was to people who basically know nothing about computers................home users? What we might be happy with, is irrelevant in this context.

    What you are suggesting is little short of defeatist?................dump PCs and buy Apples to be protected...................... if you are a security professional you have to grasp the nettle and say that the answer is education, or at least hire someone who has it.

    Once you have secured a Windows box, there really isn't that much to do other than to keep stuff up to date, and most stuff does that of its own accord these days. Problem is, these things are being sold in a basically unprotected/secured state.

    Seriously, to suggest that buying different hardware and operating systems is a security "solution" is ludicrous...................you are just building a problem for the future.

    Hey, you have a "Mac"............. so you don't need security sites huh?.............. so all there is left is general support and chit chat?........................... you know that is not true........... but your average home user might just believe it?

  10. #10
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Surprise, surprise, always figured you for a dyed-in-the-wool MS man, HT.

    My disconcernation at switching to a Mac would be finding the equivalent apps to what I already use in Windows and the time in acclimating myself to them. And then supporting Windows' users as I do, I need time on Windows machines to keep up skillsets.

    Perhaps most importantly, it would really cut into my living if I found myself surrounded by people who used computers as unaffected by viruses and spyware as Apples. Maybe Wozniak could port ActiveX to Mac?
    “Everybody is ignorant, only on different subjects.” — Will Rogers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •