Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 37

Thread: Microsoft will start fighting spyware/adware

  1. #11
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915
    Originally posted here by Tiger Shark
    Wow HT.... Nice rant.... (You forgot the tags BTW.... )
    [rant][/rant] and [edit][/edit] should be added as valid tags

    1. I use a firewall at home.... Am I incapable of setting up my domain in such a way that it is protected from the public network yet functions perfectly within it's self... No.... But it's a **** load easier to throw up a firewall and run the domain behind it..... Let's be fair from that standpoint.... Then let's look at Joe Public. It's far from "easy" to close all the ports that M$ has open by default so Joe has little hope of protecting himself. OTOH, if the ports weren't open by default then Joe wouldn't be able to network his two computers.... So he wouldn't buy M$ because his buddies have told him he can't network it.... he'd buy something else, equally full of holes as M$, that fills that "hole" that M$ didn't.... So we're back to square one on that argument....
    The firewall makes things easier sure.... but saying you should have it to protect yourself is what's wrong... They're trying to say that having a firewall is needed to protect yourself.... Having a firewall is all fine and dandy.. but the way I see it they're just passing blame.

    2. Get updates.... Well, we can argue the semantics of the language all day... It's irrelevant really... The issue you really have is the frequency. Now, IRRC, everyone and their dog were bitching, (nice pun huh? ), about M$ issuing a patch every few days... Now your bitching about them issuing a patch "block" every month.... But you praise SUSE 9.1 for issuing a patch every day.... Where's the equity there? You might also remember that M$ issued an emergency patch mid-month last month.... Doesn't that help to satisfy your "only once a month" issue?
    I've never once bitched about frequent patches from MS... I prefered it that way... I'd rather know that my computer is up to date immediately, rather than waiting 30+ days for a patch.. Even if they don't put them on on Automatic Updates and put them on another page... or even the MSDN I'd be more than happy with that. BTW if this exists somewhere could someone link me to it? BTW it's SuSE 9.2 ... 9.1 is old now.

    3. Hmmm.... There's AV for *nix.... ClamAV comes to mind.... People in the *nix world see fit to write AV programs.... Could it be that there are viruses in the *nix world? Of course.... Wherever there are people that will try to exploit computers with malware, regardless of the OS, there will be the requirement to have protection for every OS.... So the advice is good....
    That's not fair.. I never mentioned *nix in my AV discussion. There will be viruses... but if patches were released more quickly and efficiently and if the OS was coded better... than the need for AV would be greatly decreased... Mind you end-user stupidity plays a huge role in this... but when we're getting computers in that are Fully Patched and up-to-date (in theory) and they're being infected with both viruses and malware across the internet... that tells me there's a problem with the OS... A firewall would prevent this.. but again shouldn't be needed if they released an OS that wasn't full of holes.

    If XP was a new OS... I wouldn't complain as much.. but how long does it take to patch major holes in an Operating System? They've had a good amount of time already. Couldn't they in however many years it has been available to the public block these problems that are causing the spread of this malware?

    HT.... You and I and many members here are quite capable of doing almost anything they want to lock down their computers.... But we are a "little different".... We are in the 1000th of one percent that can do it or even knows it's important and why.... You can't blame M$ for selling a product any more than you can blame SUSE 9.1 for needing an upate every day..... If you think about it they are becoming synonymous....
    I can blame MS for selling a product that will no doubt be less effective than Spybot S&D and AdAware SE (both of which are available free of charge)... I'll try their software (assuming they make a trial available) but much beyond that I doubt I'll touch it..

    Don't take this, or my previous post, as Microsoft bashing... I use their software quite frequently... I work in a 95% MS Shop... Besides my laptop (Linux) I work with 2 Linux servers, a 2K3 server and a 2000 Workstation... Also an XP VM... of those two servers, one of them is a VM and they prolly account for 25% of the *nix around here... It's not used frequently... I also run XP at home.. I'm even connected to it right now by Remote Desktop... I just have some issues with the way Microsoft describes security... Being the company they are.. they should be working for user education... and pushing to better the IT community. Instead they are trying mask the need for computer knowledge and give users basics... It'd be like handing someone keys and saying here go drive... without ever training them or showing them how it's done... It's not right.

    Peace,
    HT

  2. #12
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,018
    This is going to leave a bad taste in my mouth (defending Microsoft ).. but here goes.

    People bitch and gripe about how insecure Microsoft is, when 90% of the time, they are the ones that went "Ooh..what happens if I click here". This is keeping in mind that I am talking about the common, everyday user. They do something you and I know better than to do, and it is Microsoft's fault that they didn't protect them from being idiots.

    So then Microsoft goes out and purchases on of the top rated anti-adware/anti-spyware applications on the market (Don't take my word for it, check out Eric Howe's results and here. )

    Microsoft will use the acquisition to provide its customers with new tools to help protect them from the threat of spyware and other deceptive software. In addition, key personnel from Giant will be joining Microsoft’s security efforts.
    So, in addition to being able to provide new tools to customers (I know they'll make money from it, that's what they call capitalism),
    ...key personnel .... will be joining Microsoft’s security efforts. <--- that is the part that is important. If all they wanted was to make a buck, why bring along the personnel? I'm sure they have their own capable staff that could do that, but what they are lacking are people that understand malware.

    We're not talking just little script kiddie crap. CWS and VX2 have just come out with some very nasty variants. The most recent version of CWS modifies PE files (which I believe puts it in the category of virus, and out of the realm of just being a nuisance). That variant should be on your shelves just in time for the New Year. How many here know how to repair an 'adjusted' PE file? I used to be worried about viruses and worms. Right now, I'm worried that script kiddies are going to learn from CWS and VX2....

    But I digress. Microsoft puts out patches, and gets bashed. Microsoft buys a really good application to hopefully help protect the end user, and they get bashed. ( I hope they keep a free version available, even if it is a trial version. In many cases, that's all I need to get a user fixed up). The common user isn't protected from themselves, and Microsoft gets bashed.

    The common user doesn't want to be educated about safe use, and proper set up. They figure if they pay $1800 (US) for something that is small enough to fit on a desk, then it should be good to go. So now Microsoft is put in the position of protecting people from themselves, and at the same time, not pissing off the people that don't need protecting by taking away functionality?

    Ok, so maybe Microsoft deserves a little crap, but how could they possibly anticipate the lengths the people that write ad/spyware will go to make a buck? They try to make the Internet and computing an interesting and vivid experience, how can they be blamed for people exploiting that?

    Microsoft has held several MVP conferences in which spyware and security was the focus. As a result of some of those conferences, developers from Microsoft have joined at least one well known malware removal forum to get a first hand look at just what goes on. At any rate, I am cautiously optimistic. You can't stop a runaway train on a dime (how is that for a mixed metaphor?)..it's going to take them a bit to get things turned around.

    Excuse me...I need to go wash the taste out of my mouth...

  3. #13
    Senior Member
    Join Date
    Feb 2004
    Posts
    270

    The common user doesn't want to be educated about safe use, and proper set up. They figure if they pay $1800 (US) for something that is small enough to fit on a desk, then it should be good to go. So now Microsoft is put in the position of protecting people from themselves, and at the same time, not pissing off the people that don't need protecting by taking away functionality?
    So why isnt it good to go ? I mean it *should* be good to go. I know that most linux distro's are good to go. But they dont cost me anything like ms software does.

    But I digress. Microsoft puts out patches, and gets bashed. Microsoft buys a really good application to hopefully help protect the end user, and they get bashed. ( I hope they keep a free version available, even if it is a trial version. In many cases, that's all I need to get a user fixed up).
    Why is it that most of MS action is buying another company. I mean how hard is it too make a good antimalware program on themselves. The small ones are poping out all around them. They do sells the largest and best selling os on this planet right. That means they should be able to write it themselves.
    Since the beginning of time, Man has searched for the answers to the big questions: \'How did we get here?\' \'Is there life after death?\' \'Are we alone?\' But today, in this very theatre, you will be asked to answer the biggest question of them all...WHO LIVES IN A PINEAPPLE UNDER THE SEA?

  4. #14
    I'm not going to post much, lest I get out of hand. But here we go.

    So why isnt it good to go ? I mean it *should* be good to go. I know that most linux distro's are good to go. But they dont cost me anything like ms software does.
    Install a defalt fedora core 3 installation, and then look at the running services/ports and the like on startup. Install Redhat 7 (which came out with XP, IIRC), and notice even after PATCHING that it still has a lot of unaddressed bugs with the dev responce "upgrade to 8, or fedora".

    Sometimes the work that goes into fixing something isn't worth the trouble due to the closing effects. Maybe they had a bad beginning coding team, and have since fired them, but still have to live with the effects?


    Why is it that most of MS action is buying another company. I mean how hard is it too make a good antimalware program on themselves. The small ones are poping out all around them. They do sells the largest and best selling os on this planet right. That means they should be able to write it themselves.
    So let me get this straight. You would also want Ford to make their own tires from scratch instead of use one from a company they have a deal/own? Like Goodyear? Why continue reinventing the wheel when someone already has a solid idea and product, and you can expand further upon it. Stand upon the shoulders of giants and you can get farther than they did because of their wisdom combined with yours.

    That's not only a basic buisness stradegy, It Just Makes Sense too.

  5. #15
    Senior Member
    Join Date
    Feb 2004
    Posts
    270
    Install a defalt fedora core 3 installation, and then look at the running services/ports and the like on startup. Install Redhat 7 (which came out with XP, IIRC), and notice even after PATCHING that it still has a lot of unaddressed bugs with the dev responce "upgrade to 8, or fedora".

    Sometimes the work that goes into fixing something isn't worth the trouble due to the closing effects. Maybe they had a bad beginning coding team, and have since fired them, but still have to live with the effects?
    I would have to agree sometimes the work that goes into fixing isn't worth it. But xp is the most current MS desktop OS out. And it isn't the first one to have these problems. It was my understanding that XP was a "new" OS that it didnt have any parts of 9x or even dos left. Does this mean its really a hard thing to solve or are their different motives. I think the latter.

    So let me get this straight. You would also want Ford to make their own tires from scratch instead of use one from a company they have a deal/own? Like Goodyear? Why continue reinventing the wheel when someone already has a solid idea and product, and you can expand further upon it. Stand upon the shoulders of giants and you can get farther than they did because of their wisdom combined with yours.
    In the light of the example you provided I can only say. You are correct I am not.

    Although comparing microsofts size to that of most others I fear MS will crush their new acquisition. Also (and I could be very wrong on this point) I believe ms media player was actually a company togherter with a product they bought. The first few versions I really liked the new ones suck. I hope MS wont do the same with this situation.
    Since the beginning of time, Man has searched for the answers to the big questions: \'How did we get here?\' \'Is there life after death?\' \'Are we alone?\' But today, in this very theatre, you will be asked to answer the biggest question of them all...WHO LIVES IN A PINEAPPLE UNDER THE SEA?

  6. #16
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,018
    So why isnt it good to go
    Because there is no such thing as secure code (and if there is, I can't think of an example). As long as I can get a dissassembled listing, I can modify it in any way I see fit. The longer the code, the more opportunities there are.

    I know that most linux distro's are good to go.
    Umm, with all due respect, no. I'm no guru with Linux, but I bet someone here could tell us which Linux distros are completely secure right out of the box. There are not as many opportunities for exploitation for many reasons which have been stated on this board ad nauseum.

    Why is it that most of MS action is buying another company.
    You tell me...how hard is it to write a good antimalware program when the target changes daily? It's impossible to shat out a program overnight to deal with malware. by the time development, coding, and bug testing are done, there are enough new variants that by the time the code is finally released, it is already outdated.

    A good example. Intermute bought out the CWS Shredder. Within just the last day, they announced that it was now able to defeat a very *****ly version of CWS. But guess what. In the time they were taking to rewrite it, we have a brand new version. As mentioned above, this one alters PE files so that they start up Cool Web Search. Would you care to try to write a program that will kill that? Even the people that specialize in removing malware can't keep up.

    They do sells the largest and best selling os on this planet right. That means they should be able to write it themselves.
    That is a non sequitur. Sales does not indicate a an ability to write anti-malware programs. It only indicates they have a good marketing plan..

    I'm not picking on you MoonWolf . My point was that Microsoft is trying to make inroads and improve their product. I said up above that 90% of the people bitching are the ones that infected themselves in the first place. The other 10% have legitmate gripes. It's so easy to jump on the Microsoft bashing bandwagon. Personally, I have had very few problems with the Windows OS. I don't necessarily agree with their business model. Maybe if I did, I would be a billionaire, instead of some penniless schmuck.

    Further pushing the bandwagon are techs that have no clue what malware is, or how to fix it, so they reinstall the system, and blame it on Microsoft's crappy OS. (I can think of several in the town I live in )

    All I am saying is if you have a legitemate beef about Microsofts OS, go ahead and gripe. If you are having a problem just because you don't understand the OS, that is something entirely different. (and I don't mean you personally). And if you are griping just because every one else gripes, grow a pair of stones and make your own decisions.

  7. #17
    Ive noticed a trend in the AntiM$OMFG community of bashers. It is as follows:

    1. MICROSOFT DOES TOO MANY PATHCES PER MONTH!!11 OMFG THE OS MUST BE SO BUGGY AND IT'S ANNOYYING!

    Solution: Microsoft releases only one or two larger patches a month versus every few days.

    Responce: OMFG MICROSOFT TAKES FOREVA TO RELEASE PATCHES!!!11 WUT ABOUT THE SECURITY HOLE YESTERDAY!!!111


    2. OMFG THE WINDOWS FIREWALL IS HORRIBLE!11 IT'S OFF BY DEFAULT AND IT SUX ADN I WANT CHOICE. STOP FORCING SOFTWARE M$!!!11five

    Solution: Microsoft turns on the firewall by default as well as releases an enourmous update to the firewall's capability in SP2.

    Responce: OMFG THE FIREWALL DOESN'T DO IDS OR OUTBOUND CHECKING JUST INBOUNDCHECKING!111 I WANT CHOICE IT SHOULDN'T BE FORCED ON ME!!!1


    3. ROFL MICROSOFT HAS SOOO MANY EERORS!!!1 ITS BUGGY AND HAS SPYWARE A LOT!! THEY SHOULD HAVE MADE THEIR SYSTEM MORE SECURE AND STOPPED SPYWARE SOME HOW

    Solution: Microsoft fixes over 500+ security bugs in SP2, rewrote the majority of Windows DLL files and executables for buffer overflow bounds checking. Now they are going to modify a 3rd party spyware-removal product to better suite their direct OS needs to help fight spy/adware.

    Responce: OMFG THEY ARE JUST TRYING TO MAKE MONEY!!!11 SP2 BREAKS A LOT OF PROGRAMS, AND I DON'T BELIVE THAT IT WAS BECAUSE THEY WER CODED BAD!!!!11 OMFG I DON'T WANT SPYWARE REMOVAL I WANT A CHOICE ON WHAT TO USE!!!!11 STOP FORCING SOFTWARE ON ME MS!!!




    This is everywhere. Once Microsoft attempts to solve a problem the MS bashers come out and find something to complain about the solution... usually contradicting what they were origonally complaining about. Let's face it, the majority of the people using and bashing windows are those who are not taking the time to understand it. Like many on AO, I trust in Microsoft's products because I've tested them, learned them, and use them. Think microsoft is sending spyware to report your 31337 files? Why not run your own packet sniffer and see? Think Windows XP is a RAM hog? Well... did you read the manuals and general information about the OS configuration, down to a kernel and service level?

    Windows could eventually become a perfect OS, and those who do not understand it will still complain about it. I'd be fine with the complaining if people would remember to stop screaming and give a general nod of thanks towards Microsoft. They are striving to solve the problems you complain about constantly. But if you don't send bug reports, send crash reports, and help them directly on issues... then chances are they are shooting in the dark trying to fix things.

  8. #18
    Senior Member
    Join Date
    Feb 2004
    Posts
    270
    Luckely there are linux/unix/* bashers too.

    I'm not here to bash Windows or Microsoft(Although I must say I don't like them too much). Hell i love my xbox.

    My concern is that Microsoft in an attempt to fix something is going to **** up this though. K ill shut ip now.
    Since the beginning of time, Man has searched for the answers to the big questions: \'How did we get here?\' \'Is there life after death?\' \'Are we alone?\' But today, in this very theatre, you will be asked to answer the biggest question of them all...WHO LIVES IN A PINEAPPLE UNDER THE SEA?

  9. #19
    Luckely there are linux/unix/* bashers too.
    And I hold them with as equal distaste as I do Windows bashers.

    My concern is that Microsoft in an attempt to fix something is going to **** up this though. K ill shut ip now.
    They might, but at least applaud them for trying. Instead of ignoring you and giving a company middle finger, they listened and will at least attempt to construct a solution. And don't shut up, please. What I said above was not intended directly to you, but a general rant. Your ideas are welcome here, regardless of how conflicting they may be.

    Without different ideas and thoughts there would be no discussion, no improvement, and no change. Glad to have you here, so please continue participating

  10. #20
    seriously good to have you back, pooh =P
    I blame you cos my mind is not my own, so don't blame me if I trespass in your zone!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •