Spyware: have we lost the war?

• Related stories

• Alerts

Add your opinion

1. The future of anti-spyware Matthew Lye -- 16/05/06

   The problem is the same as the problem with viruses, as long as there is enough motivation to create new technologies to infect computers the 'war' can never be won.
   
   After 30 odd years of malicious viruses affecting the way people use their computers the problem still continues, unfortunately with the added financial benefit of spyware and adware, and to a lesser extent malware, the problem with just continue to grow.
   
   The best thing people can do to avoid the problem is to run windows in a limited user mode without program installation rights. This will prevent 95% of spyware, adware, and malware from getting onto your machine.

   • Reply to comment
   • Report offensive content

2. simply a layered approach Mark -- 16/05/06

   I don't see how this concept of securig the connection is much different from current best practice of making sure a machine has anti-virus and is patched against any security vulnerabilities. I would guess that both companies would still recommend that users install anti-spyware packages. Their solutions provides protection in the case that detection or disinfection isn't available yet for a particular spyware threat.
   
   It's that whole Defense in Depth approach.

   • Reply to comment
   • Reply to blog
   • Report offensive content

3. World War III - The world vs Malware Jim -- 17/05/06

   In our current operating environment? No, we'll never be safe. There's two root causes that all exploits can be traced back to - OS Security & User stupidity.
   
   I'm a PC and Mac system engineer. Those are the OS's I am interested in, those are the OS's I know, so in my (little?) rant below those will be the OS's I concentrate on. It will appear a lot to be a comparison article between the two.
   
   OS Security:
   Macs are definitely the more secure route at the moment and this comes down to a couple of reasons. Mac fans like to say "It was built on security from the ground up" then go on about BSD etc. The flavour of BSD chosen to base it on has proven to be one of the better ones, but BSD doesn't have the same usage levels as *nix. The issue of usage levels can be pushed even further as only roughly 5% of computers are Macintosh (at best).
   
   If you're farming for a certain drop in WoW are you more likely to target the rare spawn or farm the more common faster spawning mobs?
   
   Most haxx0rZ and script kiddies just go for numbers. Windows has the market share and due to this it has more people who know it better. Due to more people knowing it better there's more people working on exploits for it. Due to more people working on exploits for it it's easier to find the information required to exploit a system or better yet find a pre-made tool that will do it for you and become a script kiddie. To target macs you need to know what you're doing and generally have taught a lot of it to yourself.
   
   If you look at the "viruses" that have been written for mac so far (a whopping three of them at most), they were all proof-of-concept viruses. This means they were written by the white-hat community and never got released to the wild. This has proven that it's possible and I'm sure if the black-hat community wanted to start exploiting macs they'd be able to do the same things or worse without too many headaches. Apple releases close to as many patches as Microsoft do these days, yet because they are white-hat discovered nobody hears about them until the patch is getting pushed out to client machines.
   
   Many Mac users also like to make claims similar to "Oh, but it's not a real virus. It won't spread. I mean, you have to manually run the program (and sometimes type in your password) before it even runs!". Gee, sounds exactly the same as a large number of Windows viruses that have run rampant. If they can be called "viruses" in the PC world despite not being fully automated than so can your proof of concept viruses.
   
   The other area of security borders on user stupidity. By default users on a mac have standard user access. They want to do anything, they get a popup asking for their password to temporarily elevate their privelages which lasts throughout the installation/configuration changes. For a standard user created these elevated priveledges still aren't full admin access and it's almost always enough to do what you want to do. Once you drop back down, you can continue to do ... what you want to do.
   
   Windows on the other hand, the first account it creates for you is a full admin account with no password! Brilliant! No standard user is going to then create other accounts for themselves to use. Even if they did, the standard "user" account is so locked down that they can barely use the computer, constantly logging into an elevated user to install or do most things, unable to save anything to their main C: drive (most pre-built PC's just have the one partition), unable to do **** They quickly revert back to the admin account, opening the system up to anything and everything.
   
   User stupidity:
   Even if security gets tightened on the OS so that all users have restricted access it won't stop all exploits. Backing behind my claims to this point can be seen in this link (http://sunbeltblog.blogspot.com/2006/04/pssstyou-wanna-see-firefox-exploit-in.html). When comparing browsers most look at Internet Ex

   • Reply to comment
   • Reply to blog
   • Report offensive content

4. The battle is not lost... Darren Moss - em3.com.au -- 17/05/06

   Good article.
   I agree with Mathew that we really need to take away administrative priviledges from the every day user who runs office productivity, web browsing and email applications.
   
   When there are no permissions to install back doors and trojans, we significantly reduce opportunity for internet nasties to infect machines.
   
   This assumes your machine is patched for security and virus updates ... now there's a challenge for the home computing market.

   • Reply to comment
   • Reply to blog
   • Report offensive content

5. Spyware - Have we lost the battle Michael J Boland -- 18/05/06

   I still don't understand, when there is such a simple solution, why people putup with viri, spyware, and all the other manifest problems with Windoze.
   I have to run Windoze at times, but I do not let it have ANY net contact.
   I generally don't need to run a firewall, and cirtainly have no need for anti-virus/anti-spyware software, and yet I remain as secure as the day I installed the OS.
   People - you are being hoodwinked by all this security mumbo jumbo as just more excuses for the existence and need of so called xsperts (x-unknown quantity, spert- drip under pressure) who keep ignoring the simplest, easiest most friendly solution on the planet for ALL users, and I have been a happy netizen since the nets existence without a virus worry.

   • Reply to comment
   • Reply to blog
   • Report offensive content

6. I have the cure for Spyware... !!!!!!!!! Anonymous -- 20/05/06

   www.distrowatch.org
   Simple really.
   
   enjoy!

   • Reply to comment
   • Reply to blog
   • Report offensive content

• Most Popular

• Most Discussed

Hot Spot - What's Important

Footy Club switches to Single Business Communications Solution

Connect growing business demands using Next Dimension Working™

Click here to find out more about Telstra's single solution vendor capabilities

Find out how to combine network connectivity with mobile broadband and IP telephony

Reader Services

Popular Topics

Essentials