Jump to content

More IT in the Hood


Recommended Posts

sunrat

Let's keep it civil please folks. We can be fanboys of whatever we like to as long as we respect other peoples' fanboyisms too.

  • Agree 1
  • Thanks 1
Link to post
Share on other sites
Bookmem
1 hour ago, sunrat said:

Let's keep it civil please folks. We can be fanboys of whatever we like to as long as we respect other peoples' fanboyisms too.

I don't have much of a problem with fanboys, but pots calling the kettle black get under my skin.

Link to post
Share on other sites
V.T. Eric Layton

Friends, Romans, countrymen, lend me your ears...

 

BE NICE, dammit!

 

Thank you. :)

 

 

/End Admin Statement

  • Agree 3
  • +1 1
Link to post
Share on other sites
goretsky

Hello,

 

A lot of people keep their computers on all of the time.  A lot of people do not.  There are many discussions about one way being better than the other in terms of prolonging the life of a computer.  Personally, I tend to turn things off when not in use.  No reason to waste electricity.  I also make a habit of starting checks for operating system and driver updates after I have logged into a computer.  It gives me a reason to get a cup of coffee (or water, depending upon the temperature).

 

The preloaded software market is an interesting one.  Companies such as Symantec (now Broadcom and Norton LifeLock) and McAfee used to spend hundreds of millions of dollars a year to get trial versions of their software preloaded into installs from tier-one computer manufacturers, and then have all sorts of revenue split agreements with the manufacturer when the computer owner renewed the software (decreasing percentage on subsequent renewals, guaranteed minimums, etc.).  I recall that one time, about 15 years ago, McAfee had a subordinated debt offering, and the stated purpose was to get its software preloaded into a larger amount of OEM installs.  Apparently, this was a winning strategy for some time, as the market rewarded both companies for their aggressive growth.

 

The problem with criminals is that they commit crime.  Microsoft and third-party security software companies work both separately and together with each other to combat them, but just as in the physical world, computer-mediated crime is pretty much here to stay.

Microsoft acquired GeCAD in 2003 and GIANT the following year in 2004.  The latter the basis for the initial Microsoft AntiSpyware program in 2005, which was released by Microsoft because at that time the largest of the third-party antivirus (really antimalware at this point) companies were perceived as not doing enough to protect people from privacy-invasive software such as spyware.  There is some truth to this, too: searching for very specific, small pieces of code written in assembly language is a little bit different than trying to identify programs written in higher-level languages.  The same detection principles applied to spyware could lead to increased false positives and false negatives, and some of those companies were loathe to make expensive changes to something that was highly profitable for them.  This was a also a time of huge marketing opportunity for other, smaller companies that did things differently from the start, many of whom are still around today.

 

There were no threats, perceived or otherwise, against Microsoft from third-party security vendors over bundling security software with Windows XP.  At the time Windows XP was being developed (late 1990s), there wasn't a consideration on Microsoft's part about entering that space, and they were still dealing with issues and concerns about putting security ahead of convenience. 

 

Now, with Windows Vista, things were a bit different:  Microsoft had announced that 64-bit consumer versions of Windows Vista would include PatchGuard, Microsoft's implementation of kernel patch protection. This meant that any attempt to modify kernel memory space, data structures, etc., would result in a bug check by the operating system, also known as a Stop error or even more popularly, a blue screen of death (BSOD).  The three largest security software companies at the time, Symantec, McAfee and Trend Micro, had created products which relied on modifying the operating system's kernel in order to provide their functionality, and they were the ones which were taking out full page ads in the Wall Street Journal, threatening to go to the government, and so forth.  I should point out that many of the other security companies, who had managed to make things work without touching the kernel, were supportive of Microsoft's inclusion of PatchGuard.  Oh, one of the reasons for implementing kernel patch protection was to protect computers against rootkits, which were viewed as a security problem.

As it stands, Microsoft released Windows Vista with PatchGuard intact, those third-party companies ended up making changes and implementing workarounds, and the number of new rootkits appearing decreased over time.  I think, though, that what happened here strengthened Microsoft's resolve to release its own security software.

 

As mentioned, criminals commit crime, and Microsoft and all the third-party security companies out there fight those criminals, through technical means as well as coordinate with law enforcement.  But it is extremely rare for criminals to be identified, let alone prosecuted.  The overwhelming majority of computer-mediated crime is free of risk and consequence for them, which has led to the current pandemic of ransomware.  There is no scenario where Microsoft or the third-party security ecosystem have anything to gain from not doing everything they possibly can to prevent the spread of malicious code.  That is because the problem is fundamentally not a technical one, but a civil one and because there is so much criminality that it is impossible for the security ecosystem to stop all of it.

 

All of the companies in the security software ecosystem work together to stop the spread of malicious code and hopefully to even provide law enforcement with enough intelligence to lead to the successful prosecution and conviction of the criminals behind it.  The idea that some are tainted because of where they are headquartered is conspiracy-nut theory, and just as bad as saying Norton LifeLock and McAfee are in bed with the NSA because they are American companies.  Security software companies built themselves into global brands based on trust.  If one were to become involved with a government (participate in spying or whatever), that company would be out of business in a matter of days.  The governments of the countries those companies are in know that, and don't interfere with them because to do so would damage their economies.

By the way, while I have limited my comments to Microsoft because they were the operating system vendor initially mentioned, they are not the only operating system vendor in the security ecosystem.  Apple, Google, open source operating system maintainers and even companies which have a huge internet presence like Akamai, Amazon, Facebook and so forth all have a part to play as well.

 

Regards,

Aryeh Goretsky

 

 

  • Thanks 3
  • +1 2
Link to post
Share on other sites
sunrat

Interesting insights there, thanks Aryeh. It's good to read a viewpoint not tainted by prejudices or misconceptions.

  • Like 1
Link to post
Share on other sites
securitybreach

Thanks for the insight Aryeh, interesting stuff :thumbsup:

  • Like 1
Link to post
Share on other sites
raymac46

I use both Windows and Linux, and I try to practise safe computing in both cases. My original post spoke about restarting PCs and I do that with both systems regularly. It continues to be my experience that a restart can solve a lot of problems with drivers and anti-malware programs, and I encourage anyone who contacts me with problems to do that first. In my friend's situation, his old printer simply was incompatible with the latest Windows 10 so restart didn't help.

With any desktop I will switch it off to save power when not in use. I suppose I could just sleep a laptop, but in my view it does little harm to shut it down.

I apologize if anyone thought I was prejudiced or misinformed.

 

  • Like 1
Link to post
Share on other sites
securitybreach

Well I am guilty as I never turn off any of my machines. They reboot for kernel updates but that is it.

  • Like 1
Link to post
Share on other sites
Digerati
1 hour ago, securitybreach said:

Well I am guilty as I never turn off any of my machines.

Guilty of what? If something is designed to just go to sleep (which is really just going into a stand-by mode), there is nothing to be guilty about. In the case of modern computers, the operating systems are specifically coded to perform "housekeeping" chores when the user is idle and will purposely wake the computer to install updates and run critical tasks like security scans. 

 

If you have ANY device that lets you turn it on via a remote control (such as a TV, cable box, DVD player, ceiling fan, space heater, etc.) it is not really "off" when "off". It is just in stand by. 

Link to post
Share on other sites
securitybreach

Oh, I know... I just meant that  I never turn off any of my computers.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...