Forget the security industry!

Dear Group,

My post will probably be called a rant. I do not think it is,
but you are free to judge.

Recently I had to face some security issues, because my
PC got infected with some Trojans, which caused problems
with slow running, pop-up ads and possibly other events
I did not become aware of.

In the process of dealing with this issue I began to realize
how huge an industry is thriving on security related issues.
This industry turns over billions of $s every year, possibly
tens of billions by promising one form of relief or another.

I can't believe that the advertisments placed on the screens
of people who do not want to see them and the info gained
by advertisers by knowing what house wives watch can
possibly explain the explosion of malware which we are
exposed to.

It may well be that sales by security firms and experts are
the culprits which continue to drive this abuse of the public
in general and of businesses which rely upon networks.

Since I can't detect any serious effort by anybody in power
to cut down on spam and malware, I think that the following
solution may be worthwhile for the individual knowledgeable
user.

Have one PC which is connected to the internet. Have another
one which stores and manages your sensitive data. Transfer
only what is needed between the two machines by disks or
card and use only text files if possible to put any data into the
PC connected to the net.

If the net-PC is infected it will then matter little. If the net PC is
infected to such a degree that its use becomes problematical,
install the OS, a browser and mail service again, nothing else.
I am working on the premise here, that the net PC is used for
e-mail, news, google searches. not for TV, music etc. These
latter services are not essential and those using them will have
to live with the increased risk of an infected machine of reduced
usefulness.

What do you think?

Cheers
GR.

Re: Forget the security industry!

In article , NoSpam@nottobefound.org
says...
> What do you think?

I think that in the 30+ years I've been using personal computers (not
that we called them personal in the early days), that I've never
personally been compromised, never had malware on any of my systems, and
have entire networks that we manage that have no malware and no
compromises, and we do it with a few simple tools, on the MS platforms,
and it's really simple if you understand the threats.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

Dear Leythos,

I appreciate your interest.

You did not offer any opinion regarding the value of my proposal,
but said that you have never had a compromise of any of the systems
under your care. Is this something you guarantee and if you do. at
what price do you do it?

If the issue is so simple, why are there hundreds of companies and
consultants offering their services for good money to defend the
user from ever new and more sophisticated malware threats????

Finally what is the justification for the user of such widely sold gadgets
as PCs to familiarize themselves with malware and defenses against them?
Such defenses should be the task of the industry selling these gadgets and
rendered without the yearly charges for protection services to one or
several
of these providers.

Cheer up, more malware is on its way.
Business is good and is getting better.
GR..

Leythos had the following to say:
>
> I think that in the 30+ years I've been using personal computers (not
> that we called them personal in the early days), that I've never
> personally been compromised, never had malware on any of my systems, and
> have entire networks that we manage that have no malware and no
> compromises, and we do it with a few simple tools, on the MS platforms,
> and it's really simple if you understand the threats.
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

In article , NoSpam@nottobefound.org
says...
> If the issue is so simple, why are there hundreds of companies and
> consultants offering their services for good money to defend the
> user from ever new and more sophisticated malware threats????

The issue and solution is simple, implementation is next to impossible.

The problem is two things:

1) Ignorant users that believe a computer is like a toaster

2) People not willing to accept a complete change in OS Platforms that
would invalidate all of their investment in software and vendors that
would have useless software.

The above two reasons are why there are a few reputable companies
defending the masses that care enough to be protected and why there are
masses of companies feeding off of the rest.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

Leythos,

Of course almost all computer users are ignorant and think their PC is
similar to a
toaster. Have the vendors of hard- and software not spent billions in ads to
make
them believe that this is so?

On the other hand if the public had been informed that they must study
information
technology or spend oodles of money to secure their PCs, only a fraction of
the
sales would have been made.

Most users have spent a bundle already and are not willing to spend another
bundle
to effect a "complete change in OS Platforms that would invalidate all of
their invest-
ment in software and vendors that would have useless software." And who can
be
certain that the next round will bring results different from the first
round!?

No, the business is geared towards insecurity and derives its income from
insecurity
and no end is in sight. Get two PCs, one for the net, the other for record
keeping
and serious work and forget about the protection racket.

Cheers
GR.

The great computer gurus just simply have failed the public
"Leythos" wrote in message
news:MPG.20f2089697f91c72989776@adfree.Usenet.com...
> In article , NoSpam@nottobefound.org
> says...
> > If the issue is so simple, why are there hundreds of companies and
> > consultants offering their services for good money to defend the
> > user from ever new and more sophisticated malware threats????
>
> The issue and solution is simple, implementation is next to impossible.
>
> The problem is two things:
>
> 1) Ignorant users that believe a computer is like a toaster
>
> 2) People not willing to accept a complete change in OS Platforms that
> would invalidate all of their investment in software and vendors that
> would have useless software.
>
> The above two reasons are why there are a few reputable companies
> defending the masses that care enough to be protected and why there are
> masses of companies feeding off of the rest.
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

In article , NoSpam@nottobefound.org
says...
> No, the business is geared towards insecurity and derives its income from
> insecurity and no end is in sight. Get two PCs, one for the net, the
> other for record keeping and serious work and forget about the protection
> racket.

The business is there because the people that user computers and the
vendors that have invested in programs (writing them) are not willing to
accept what it would take to secure the computers. Take a look at Nix,
while more secure than Windows in most cases, the apps are still being
exploited on a daily basis.

To make things universal and also user configurable you have to accept
that you're going to get people that exploit those things.

Most of the malware could be easily stopped if the businesses that
provide internet services would implement security measures, but then
people would complain about not being able to do something or about
being monitored....

The industry is there because the people would rather pay someone to
make them feel safe instead of taking the effort to be safe.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

Post removed (X-No-Archive: yes)

Re: Forget the security industry!

Now the reply below is typical.

It blames the person who paid for his PC, paid for software, paid
the ISP to be an IGNORAMUS if he can no longer afford the time
or the money to secure his machine.

Listen carefully!

If the operators of a system are incompetent or unwilling to make
it secure and earn billions in the process, dont blame the little guy
who foots the bill for problems. The problem is generated by the
greed and the unwillingness of those who profit, not by the little guy
who suffers.

If an amusement park can't offer safe rides, is the visitor supposed
to show up with helmet, ambulance and proper health insurance?

Yet if the internet is not safe, you do require the visitor to purchase
protection contracts, pay for unnecessary repairs and ever new software
and then call him an IGNORAMUS if he does not appreciate his role
as the cow who gets milked.

GR.


"Jim Higgins" wrote in message
news:md6i839bh78pvhfou0jeope3i2ofheqh5j@4ax.com...
> On Sun, 01 Jul 2007 21:13:10 GMT, "NoSpam"
> wrote:
>
> [snip]
>
> >If the net-PC is infected it will then matter little. If the net PC is
> >infected to such a degree that its use becomes problematical,
> >install the OS, a browser and mail service again, nothing else.
> >I am working on the premise here, that the net PC is used for
> >e-mail, news, google searches. not for TV, music etc. These
> >latter services are not essential and those using them will have
> >to live with the increased risk of an infected machine of reduced
> >usefulness.
> >
> >What do you think?
>
> I think the irresponsible attitude that it doesn't matter how infected
> a net-connected PC becomes is a major part of the reason so many
> infections are so easily spread. In your case you actively support
> the notion. In the case of most it just happens through sheer
> ignorance. Those so ignorant that they don't know or care what they
> spread are generally too ignorant to avoid infection. It's a vicious
> cycle and the malware writers thrive on it. So do many so-called
> security companies. Problem is that there's no guaranteed software
> solution to protect the ignorant from themselves. It's also why the
> rest of us have to worry about protecting ourselves against the
> ignorant.

Re: Forget the security industry!

NoSpam wrote:
> Now the reply below is typical.
>
> It blames the person who paid for his PC, paid for software, paid
> the ISP to be an IGNORAMUS if he can no longer afford the time
> or the money to secure his machine.
>
> Listen carefully!
>
> If the operators of a system are incompetent or unwilling to make
> it secure and earn billions in the process, dont blame the little guy
> who foots the bill for problems. The problem is generated by the
> greed and the unwillingness of those who profit, not by the little guy
> who suffers.
>
> If an amusement park can't offer safe rides, is the visitor supposed
> to show up with helmet, ambulance and proper health insurance?
>
> Yet if the internet is not safe, you do require the visitor to purchase
> protection contracts, pay for unnecessary repairs and ever new software
> and then call him an IGNORAMUS if he does not appreciate his role
> as the cow who gets milked.
>
> GR.
>

You problem is trying to assign blame, when it is very simple if a
person can't adequately provide for the administration of their computer
they should pay someone else to take care of it.


John

Re: Forget the security industry!

NoSpam wrote:

> Now the reply below is typical.
>
> It blames the person who paid for his PC, paid for software, paid
> the ISP to be an IGNORAMUS if he can no longer afford the time
> or the money to secure his machine.


Well, if he can't afford the ongoing cost associated with his purchase, then
maybe he shouldn't make the purchase in first place.

Why don't I have a car? I could easily afford one. But the taxes and the fuel...

> If an amusement park can't offer safe rides, is the visitor supposed
> to show up with helmet, ambulance and proper health insurance?

>

> Yet if the internet is not safe,


and it will never be safe. That's why it's your responsibility.

Re: Forget the security industry!

My Dear,

You said
>You problem is trying to assign blame, when it is very simple if a
>person can't adequately provide for the administration of their
>computer they should pay someone else to take care of it.

This is: clearest form of protection racket. Pay and we shall protect
you,... possibly.

Sounds like Chicago in the 20s.

I think we can expect to be safe on a public highway like the internet
without paying out protection money.

GR.
----- Original Message -----
From: "John Mason Jr"
Newsgroups: comp.security.firewalls
Sent: Monday, July 02, 2007 11:29 AM
Subject: Re: Forget the security industry!


> NoSpam wrote:
> > Now the reply below is typical.
> >
> > It blames the person who paid for his PC, paid for software, paid
> > the ISP to be an IGNORAMUS if he can no longer afford the time
> > or the money to secure his machine.
> >
> > Listen carefully!
> >
> > If the operators of a system are incompetent or unwilling to make
> > it secure and earn billions in the process, dont blame the little guy
> > who foots the bill for problems. The problem is generated by the
> > greed and the unwillingness of those who profit, not by the little guy
> > who suffers.
> >
> > If an amusement park can't offer safe rides, is the visitor supposed
> > to show up with helmet, ambulance and proper health insurance?
> >
> > Yet if the internet is not safe, you do require the visitor to purchase
> > protection contracts, pay for unnecessary repairs and ever new software
> > and then call him an IGNORAMUS if he does not appreciate his role
> > as the cow who gets milked.
> >
> > GR.
> >
>
> You problem is trying to assign blame, when it is very simple if a
> person can't adequately provide for the administration of their computer
> they should pay someone else to take care of it.
>
>
> John
"John Mason Jr" wrote in message
news:138ih112mp7mcba@news.supernews.com...
> NoSpam wrote:
> > Now the reply below is typical.
> >
> > It blames the person who paid for his PC, paid for software, paid
> > the ISP to be an IGNORAMUS if he can no longer afford the time
> > or the money to secure his machine.
> >
> > Listen carefully!
> >
> > If the operators of a system are incompetent or unwilling to make
> > it secure and earn billions in the process, dont blame the little guy
> > who foots the bill for problems. The problem is generated by the
> > greed and the unwillingness of those who profit, not by the little guy
> > who suffers.
> >
> > If an amusement park can't offer safe rides, is the visitor supposed
> > to show up with helmet, ambulance and proper health insurance?
> >
> > Yet if the internet is not safe, you do require the visitor to purchase
> > protection contracts, pay for unnecessary repairs and ever new software
> > and then call him an IGNORAMUS if he does not appreciate his role
> > as the cow who gets milked.
> >
> > GR.
> >
>
> You problem is trying to assign blame, when it is very simple if a
> person can't adequately provide for the administration of their computer
> they should pay someone else to take care of it.
>
>
> John

Re: Forget the security industry!

In article , NoSpam@nottobefound.org
says...
> I think we can expect to be safe on a public highway like the internet
> without paying out protection money.

Wrong, you pay a lot to be safe on the Public Highway, it's called
Taxes, and unless you're a non-working slouch you pay for a safe highway
- and lets not forget the Illegals in this country that make our
highways unsafe and dangerous - much like the Illegal actions on the
Internet.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

NoSpam wrote:


> This is: clearest form of protection racket. Pay and we shall protect
> you,... possibly.
>
> Sounds like Chicago in the 20s.


This is: clearest form of protection racket. Pay and we shall repair your
car,... possibly, we'll best as we can. Car repair men really are scumbags,
aren't they?

> I think we can expect to be safe on a public highway like the internet
> without paying out protection money.


Sure, but not with incompetent fool like you running around.

Re: Forget the security industry!

Hi,

NoSpam schrieb:
> Now the reply below is typical.

And your attitude, too.

>
> It blames the person who paid for his PC, paid for software, paid
> the ISP to be an IGNORAMUS if he can no longer afford the time
> or the money to secure his machine.

So, you see, we have to pay to make our cars secure.
This bloody insecure streetnetwork!
I pay taxes, so why don't they have automatic external guidance systems
and some soft and fluffy airbags around my car?


> If an amusement park can't offer safe rides, is the visitor supposed
> to show up with helmet, ambulance and proper health insurance?

Actually, over here you can go on rides with prett unsecure machines
in amusement parks, and es, some of them need you to wear a helmet.


> Yet if the internet is not safe, you do require the visitor to purchase
> protection contracts, pay for unnecessary repairs and ever new software
> and then call him an IGNORAMUS if he does not appreciate his role
> as the cow who gets milked.

Once upon a time, when the internet was started, there was a little
saying: "If you connect to the net, then you donate part of your machine
to it". Even then, people where aware of the dangers an open connection
imposes. But hey, it got dangerous, when the majorit of the system on
the network belonged to IGNORAMI.


But, you know,
the market mechanisms are brilliant. If your ISP doesn't offer you the
kind of protection you want/need, swithc to a better fitting one.


Cheers,
Jens

Re: Forget the security industry!

Post removed (X-No-Archive: yes)

Re: Forget the security industry!

On Mon, 02 Jul 2007, in the Usenet newsgroup comp.security.firewalls, in article
, NoSpam wrote:

>Of course almost all computer users are ignorant and think their PC is
>similar to a toaster. Have the vendors of hard- and software not spent
>billions in ads to make them believe that this is so?

You probably don't remember the advertisements for the original IBM PC
(not the XT or AT, but the original model 5150 with 256 KB of memory,
and one or two 360K floppies and no hard disk) from 1981. It used a
mime dressed and made up to look like Charlie Chaplin (movie star from
the 1930s) - apparently in the business of selling hats, and he is
prancing around his newly discovered PC. Pressing one key (almost
certainly the Enter key), there magically appears (slowly) a pie chart
showing some representations of data that is going to show this hat
salesman how to improve his profits. Yeah, right. The "program" that
was run was called PIECHART.BAS - a demonstration of Bill Gates wonderful
programming capability (written in BASIC).

>On the other hand if the public had been informed that they must study
>information technology or spend oodles of money to secure their PCs,
>only a fraction of the sales would have been made.

When was the last time you drove a car with a manual transmission and a
clutch? It's to hard to learn how to use a clutch??? Obviously.

>Most users have spent a bundle already and are not willing to spend
>another bundle to effect a "complete change in OS Platforms that would
>invalidate all of their investment in software and vendors that would
>have useless software."

http://www.distrowatch.com The inexpensive versions selling for under
under ten bucks (perhaps with shipping not included - add two bucks as a
wild guess) are all unlimited. That includes the office applications and
everything except the un-needed anti-virus software. If you want to
install the same CDs/DVD on ten thousand systems - go for it, as it is
perfectly legal to do so. Want to give those CDs/DVD to anyone for free
when you're finished installing? You can do that as well. Don't try
that with Vista. And it works on the same hardware that your XP and W2K
does, or even the systems you had to throw away because they lacked the
horsepower to run XP/W2K. Spending money is not the barrier.

The real problem is resistance to change. You don't want to change what
you are doing - heck, you _might_ actually be forced to read a pamphlet
and NOBODY wants to do that. Geez, the icons are slightly different and
are in a different place!!! THAT'S TO HARD!!!

Have you read the "instructions" that came with your toaster? Of course
not - who needs to? Besides, they are just full of foolish instructions
such as telling you not to wash the toaster in hot sudsy water in the sink
or something.

Old guy

Re: Forget the security industry!

Jim Higgins wrote:


> My anti-virus software filters the trash from email from people like
> you - assuming RoadRunner doesn't already filter it


So does my spam filter. You need an additional software package for such a task?

> My software firewall
> rejects intrusion attempts from people like you infected up the wazoo
> 30 days after putting a new system on the Internet.


So does my TCP/IP stack already. Why exactly do you duplicate this behaviour?

> And if I were to get infected it will throw up a warning that something is
> trying to get out.

You'd wish. How should that work?

> And I run an SPI router despite not having a home network.

> It's called being responsible.


It's called stupid.

> I do my best to protect myself

Obviously you don't. You're just doing nonsense without thinking about any
actual concept.

> I don't claim to have the best defenses possible, but I do claim to have
> never been infected.

Judging from the fact that you're a dirty spammer, this is very doubtful.

Re: Forget the security industry!

Moe Trin, 7/2/2007,3:58:50 PM, wrote:

> The real problem is resistance to change. You don't want to change
> what you are doing - heck, you might actually be forced to read a
> pamphlet and NOBODY wants to do that.


That reminds me of a joke:

Q: How many Virginians does it take to change a lightbulb?

A: What's wrong with the old lightbulb?

Re: Forget the security industry!

Dear Old Guy,

You wrote:
>When was the last time you drove a car with a manual
>transmission and a clutch? It's to hard to learn how to
>use a clutch??? Obviously.

I do not know how the clutch of a motor car gets into our
discourse on computer security, but you are herewith informed
that I always drive a car with a clutch and a stick shift. My
current one is a Toyota Camry with five forward and one
reverse gear and I would not have it any other way.
Now is your question and my reply going to resolve any
security issue? Please reply stating your answer to this question.

Furthermore regarding your last few paragraphs which sound
just a bit contemptuous of my initiative and intelligence, I like
you to know that I programmed an IBM 635 machine in
assembly language in 1959 and an IBM 704 in FORTRAN
starting in the same year. I am still writing programs in FOR-
TRAN and I am building my own PCs. NOT that I claim that
it takes great intelligence or diligence to do these things, but
they do seem to contradict you suspicions, dont they?
Would you mind telling me what you did in those years and
what makes you believe that you may look down upon me???

Since I am a very, very old guy, I do believe that the sellers,
that is MS and the rest of the security and software business
should deliver what they promised to deliver and not refer to
the future, to new software, to new ways, to new gadgets. I
am convinced that the current setup with proper enforcement
of existing rules and persecution of offenders CAN BE MADE
secure. That it is not done is related to the potential loss of busi-
ness and not to unsurmountable technical difficulties. It is not
the great new software invention which will bring about security
but the WILL to achieve it.

From a very, very old guy to an old guy
GR.

GR.

"Moe Trin" wrote in message
news:slrnf8im7i.eko.ibuprofin@compton.phx.az.us...
> On Mon, 02 Jul 2007, in the Usenet newsgroup comp.security.firewalls, in a
rticle
> , NoSpam wrote:
>
> >Of course almost all computer users are ignorant and think their PC is
> >similar to a toaster. Have the vendors of hard- and software not spent
> >billions in ads to make them believe that this is so?
>
> You probably don't remember the advertisements for the original IBM PC
> (not the XT or AT, but the original model 5150 with 256 KB of memory,
> and one or two 360K floppies and no hard disk) from 1981. It used a
> mime dressed and made up to look like Charlie Chaplin (movie star from
> the 1930s) - apparently in the business of selling hats, and he is
> prancing around his newly discovered PC. Pressing one key (almost
> certainly the Enter key), there magically appears (slowly) a pie chart
> showing some representations of data that is going to show this hat
> salesman how to improve his profits. Yeah, right. The "program" that
> was run was called PIECHART.BAS - a demonstration of Bill Gates wonderful
> programming capability (written in BASIC).
>
> >On the other hand if the public had been informed that they must study
> >information technology or spend oodles of money to secure their PCs,
> >only a fraction of the sales would have been made.
>
> When was the last time you drove a car with a manual transmission and a
> clutch? It's to hard to learn how to use a clutch??? Obviously.
>
> >Most users have spent a bundle already and are not willing to spend
> >another bundle to effect a "complete change in OS Platforms that would
> >invalidate all of their investment in software and vendors that would
> >have useless software."
>
> http://www.distrowatch.com The inexpensive versions selling for under
> under ten bucks (perhaps with shipping not included - add two bucks as a
> wild guess) are all unlimited. That includes the office applications and
> everything except the un-needed anti-virus software. If you want to
> install the same CDs/DVD on ten thousand systems - go for it, as it is
> perfectly legal to do so. Want to give those CDs/DVD to anyone for free
> when you're finished installing? You can do that as well. Don't try
> that with Vista. And it works on the same hardware that your XP and W2K
> does, or even the systems you had to throw away because they lacked the
> horsepower to run XP/W2K. Spending money is not the barrier.
>
> The real problem is resistance to change. You don't want to change what
> you are doing - heck, you _might_ actually be forced to read a pamphlet
> and NOBODY wants to do that. Geez, the icons are slightly different and
> are in a different place!!! THAT'S TO HARD!!!
>
> Have you read the "instructions" that came with your toaster? Of course
> not - who needs to? Besides, they are just full of foolish instructions
> such as telling you not to wash the toaster in hot sudsy water in the sink
> or something.
>
> Old guy

Re: Forget the security industry!

Leythos,

It is elementary. I pay the internethighway tax. It is
called the monthly fee for ISP service. Think before
you write.

GR.

"Leythos" wrote in message
news:MPG.20f31948e9f1aea4989783@adfree.Usenet.com...
> In article , NoSpam@nottobefound.org
> says...
> > I think we can expect to be safe on a public highway like the internet
> > without paying out protection money.
>
> Wrong, you pay a lot to be safe on the Public Highway, it's called
> Taxes, and unless you're a non-working slouch you pay for a safe highway
> - and lets not forget the Illegals in this country that make our
> highways unsafe and dangerous - much like the Illegal actions on the
> Internet.
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

Sebastian you are off my list. Once more you wrote the
justification for it in the form of nonsense!

GR


GR.
"Sebastian G." wrote in message
news:5et1h7F39c63rU1@mid.dfncis.de...
> NoSpam wrote:
>
>
> > This is: clearest form of protection racket. Pay and we shall protect
> > you,... possibly.
> >
> > Sounds like Chicago in the 20s.
>
>
> This is: clearest form of protection racket. Pay and we shall repair your
> car,... possibly, we'll best as we can. Car repair men really are
scumbags,
> aren't they?
>
> > I think we can expect to be safe on a public highway like the internet
> > without paying out protection money.
>
>
> Sure, but not with incompetent fool like you running around.

Re: Forget the security industry!

Dear Mr. Higgins,

I do not know you from Adam. How do you imply that you
need tofilter e-mail coming from me. I never heard of you,
never corresponded with you and have no desire to be in
contact with you and your rants.

GR.

"Jim Higgins" wrote in message
news:qhli83dhahfrjbrmj33tukkb0qsj388cia@4ax.com...
>
> People like you who blame everything other than themselves are the
> ones who get infected and then pass it along to others. If you and
> those like you can't afford to protect their investments maybe they
> shouldn't be playing on the Internet in the first place.
>
> My anti-virus software filters the trash from email from people like
> you - assuming RoadRunner doesn't already filter it - and then I don't
> click on every damn thing someone sends me. My software firewall
> rejects intrusion attempts from people like you infected up the wazoo
> 30 days after putting a new system on the Internet. And if I were to
> get infected it will throw up a warning that something is trying to
> get out. And I run an SPI router despite not having a home network.
> It's called being responsible. I do my best to protect myself and in
> the event I fail I try to protect others from me. I don't claim to
> have the best defenses possible, but I do claim to have never been
> infected. And when I say never I mean since the 70s when I built my
> first computer from a kit.
>
> In short, if you're going to swim in white water you learn to swim
> before jumping in. You can blame your bathing suit if you wish, but
> that won't change the facts.
>
>
>
> On Mon, 02 Jul 2007 18:05:22 GMT, "NoSpam"
> wrote:
>
> >Now the reply below is typical.
> >
> >It blames the person who paid for his PC, paid for software, paid
> >the ISP to be an IGNORAMUS if he can no longer afford the time
> >or the money to secure his machine.
> >
> >Listen carefully!
> >
> >If the operators of a system are incompetent or unwilling to make
> >it secure and earn billions in the process, dont blame the little guy
> >who foots the bill for problems. The problem is generated by the
> >greed and the unwillingness of those who profit, not by the little guy
> >who suffers.
> >
> >If an amusement park can't offer safe rides, is the visitor supposed
> >to show up with helmet, ambulance and proper health insurance?
> >
> >Yet if the internet is not safe, you do require the visitor to purchase
> >protection contracts, pay for unnecessary repairs and ever new software
> >and then call him an IGNORAMUS if he does not appreciate his role
> >as the cow who gets milked.
> >
> >GR.
> >
> >
> >"Jim Higgins" wrote in message
> >news:md6i839bh78pvhfou0jeope3i2ofheqh5j@4ax.com...
> >> On Sun, 01 Jul 2007 21:13:10 GMT, "NoSpam"
> >> wrote:
> >>
> >> [snip]
> >>
> >> >If the net-PC is infected it will then matter little. If the net PC is
> >> >infected to such a degree that its use becomes problematical,
> >> >install the OS, a browser and mail service again, nothing else.
> >> >I am working on the premise here, that the net PC is used for
> >> >e-mail, news, google searches. not for TV, music etc. These
> >> >latter services are not essential and those using them will have
> >> >to live with the increased risk of an infected machine of reduced
> >> >usefulness.
> >> >
> >> >What do you think?
> >>
> >> I think the irresponsible attitude that it doesn't matter how infected
> >> a net-connected PC becomes is a major part of the reason so many
> >> infections are so easily spread. In your case you actively support
> >> the notion. In the case of most it just happens through sheer
> >> ignorance. Those so ignorant that they don't know or care what they
> >> spread are generally too ignorant to avoid infection. It's a vicious
> >> cycle and the malware writers thrive on it. So do many so-called
> >> security companies. Problem is that there's no guaranteed software
> >> solution to protect the ignorant from themselves. It's also why the
> >> rest of us have to worry about protecting ourselves against the
> >> ignorant.
> >

Re: Forget the security industry!

Der Jens,

Same old nonsense in your reply.

Remember I and millions of others PAID: paid for PCs,
paid for DSLs, paid for Modems, paid for OSs (I paid for
95,98,NT,2K) paid for AVs,for the whole thing. Did we
get security? No. Now you security people want more
money, more, more, more

WILL YOU DELIVER SECURITY. NOOOO!

Sounds to me like you are planning on an eternal
war with eternal tribute to security.

GR.


"Jens Hoffmann" wrote in message
news:5et2s8F3agh3lU1@mid.uni-berlin.de...
> Hi,
>
> NoSpam schrieb:
> > Now the reply below is typical.
>
> And your attitude, too.
>
> >
> > It blames the person who paid for his PC, paid for software, paid
> > the ISP to be an IGNORAMUS if he can no longer afford the time
> > or the money to secure his machine.
>
> So, you see, we have to pay to make our cars secure.
> This bloody insecure streetnetwork!
> I pay taxes, so why don't they have automatic external guidance systems
> and some soft and fluffy airbags around my car?
>
>
> > If an amusement park can't offer safe rides, is the visitor supposed
> > to show up with helmet, ambulance and proper health insurance?
>
> Actually, over here you can go on rides with prett unsecure machines
> in amusement parks, and es, some of them need you to wear a helmet.
>
>
> > Yet if the internet is not safe, you do require the visitor to purchase
> > protection contracts, pay for unnecessary repairs and ever new software
> > and then call him an IGNORAMUS if he does not appreciate his role
> > as the cow who gets milked.
>
> Once upon a time, when the internet was started, there was a little
> saying: "If you connect to the net, then you donate part of your machine
> to it". Even then, people where aware of the dangers an open connection
> imposes. But hey, it got dangerous, when the majorit of the system on
> the network belonged to IGNORAMI.
>
>
> But, you know,
> the market mechanisms are brilliant. If your ISP doesn't offer you the
> kind of protection you want/need, swithc to a better fitting one.
>
>
> Cheers,
> Jens

Re: Forget the security industry!

Hi GR,
I believe it is incorrect to blame PC users for not being sufficiently
knowledgable to operate their PC's without running the risk of having
data stolen, operating system corrupted or be bombarded with unwanted
advertising. The argument they are too ignorant is often founded on a
type of elitism that would hold computer development back by many
years. It is all those people who have not got time to study the
intricacies of computer security that provide the revenue to fund
software and hardware development. Often it is not ignorance founded
on stupidity but a choice to spend the time that would be needed
obtain the knowlegde to 'surf safely' on other areas: going to the
pub, studying art/mathematics, etc. Therefore, should be about
producing products that can be used by as many consumers as possible.
However, for the reasons mentioned in previous posts that is not what
all software and hardware manufactures believe in. Add to this the FUD
peddled by many 'security advisors' and you have a multi-million
dollar industry that counters the efforts of others to increase the
percentage of populations that use computer based technologies.

Of course there are degrees of culpability and compromises that need
to be made between usability, knowledge and security, but these should
not result the extremes we are now experiencing. Finally, I do agree
with an earlier person who posted stating that ISP's could resolve
many of these problems.


Yours respectfully,

ST

NoSpam wrote:

> Now the reply below is typical.
>
> It blames the person who paid for his PC, paid for software, paid
> the ISP to be an IGNORAMUS if he can no longer afford the time
> or the money to secure his machine.
>
> Listen carefully!
>
> If the operators of a system are incompetent or unwilling to make
> it secure and earn billions in the process, dont blame the little guy
> who foots the bill for problems. The problem is generated by the
> greed and the unwillingness of those who profit, not by the little guy
> who suffers.
>
> If an amusement park can't offer safe rides, is the visitor supposed
> to show up with helmet, ambulance and proper health insurance?
>
> Yet if the internet is not safe, you do require the visitor to purchase
> protection contracts, pay for unnecessary repairs and ever new software
> and then call him an IGNORAMUS if he does not appreciate his role
> as the cow who gets milked.
>
> GR.
>
>
> "Jim Higgins" wrote in message
> news:md6i839bh78pvhfou0jeope3i2ofheqh5j@4ax.com...
> > On Sun, 01 Jul 2007 21:13:10 GMT, "NoSpam"
> > wrote:
> >
> > [snip]
> >
> > >If the net-PC is infected it will then matter little. If the net PC is
> > >infected to such a degree that its use becomes problematical,
> > >install the OS, a browser and mail service again, nothing else.
> > >I am working on the premise here, that the net PC is used for
> > >e-mail, news, google searches. not for TV, music etc. These
> > >latter services are not essential and those using them will have
> > >to live with the increased risk of an infected machine of reduced
> > >usefulness.
> > >
> > >What do you think?
> >
> > I think the irresponsible attitude that it doesn't matter how infected
> > a net-connected PC becomes is a major part of the reason so many
> > infections are so easily spread. In your case you actively support
> > the notion. In the case of most it just happens through sheer
> > ignorance. Those so ignorant that they don't know or care what they
> > spread are generally too ignorant to avoid infection. It's a vicious
> > cycle and the malware writers thrive on it. So do many so-called
> > security companies. Problem is that there's no guaranteed software
> > solution to protect the ignorant from themselves. It's also why the
> > rest of us have to worry about protecting ourselves against the
> > ignorant.

Re: Forget the security industry!

NoSpam wrote:
> Same old nonsense in your reply.

Same old nonsense in yours.

> Remember I and millions of others PAID: paid for PCs, paid for DSLs,
> paid for Modems, paid for OSs (I paid for 95,98,NT,2K) paid for
> AVs,for the whole thing. Did we get security? No. Now you security
> people want more money, more, more, more
>
> WILL YOU DELIVER SECURITY. NOOOO!
>
> Sounds to me like you are planning on an eternal war with eternal
> tribute to security.

What you fail to understand is this: security is not a product. It's not
something you can install on your computer to keep you secure for all
time and under all circumstances. To achieve security YOU will have to
actively participate in the process, no matter if you like that or not.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Forget the security industry!

In article <98eii.7266$7k7.2457@trnddc01>, NoSpam@nottobefound.org
says...
> Leythos,
>
> It is elementary. I pay the internethighway tax. It is
> called the monthly fee for ISP service. Think before
> you write.

No, you're confused again, there is no "Internet Highway Tax", you are
paying for a provider to give you a connection, much like you pay for a
Driveway from your house to the street - once you are on the street your
taxes pay for the limited amount of safety that is provided on the
public roads.

Something else you forget, it's your legal responsibility to maintain
your vehicle in SAFE OPERATIONAL STATE. If you don't personally know how
to do that you pay others to do it for you - same with a computer.

Think before you play with the experts.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

In article , NoSpam@nottobefound.org
says...
> Remember I and millions of others PAID: paid for PCs,
> paid for DSLs, paid for Modems, paid for OSs (I paid for
> 95,98,NT,2K) paid for AVs,for the whole thing. Did we
> get security? No. Now you security people want more
> money, more, more, more

It wasn't secure before you bought it, never has been, and there are no
expectations that it would be secure - any person in their half-right
mind knows that computers are not secure.

So, since you started with 95, you should have already known that the OS
is not secure, not on any platform by default, except maybe BSD, not
even HPUX or AIX is secure by default.

You can secure you computer without paying anyone, you just don't appear
to be smart enough and don't appear to understand what you've been told,
you appear to have a Zealots mindset.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

In article <1183413175.271326.220930@k29g2000hsd.googlegroups.com>,
shaun_j_thomas@yahoo.co.uk says...
> Of course there are degrees of culpability and compromises that need
> to be made between usability, knowledge and security, but these should
> not result the extremes we are now experiencing. Finally, I do agree
> with an earlier person who posted stating that ISP's could resolve
> many of these problems.

If you are smart enough to purchase a PC then you're smart enough to
secure it - it's really that simple. The difference between someone that
properly secures their PC and someone that doesn't is that the person
that doesn't didn't care.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

Dear Shaun,

I finally met an understanding person in this news group and I am
glad you formulated the problem so well. It may be too much
to hope that your contributiion will be understood. There are
quite a few participating here who can only communicate in
terms of simplistic or ambiguous sentences or in outright ad
hominem attacks. There are certainly also those who try to
be of help.

I like to now state what I understand to be elitism. Elitism
for me is wanting to or actually belonging to a group of people
who wish to conduct themselves in an ethical way, respectful
of others and their needs. It is not elitism to applaud the develop-
ment of a Babel of computer languages and to possible master
one or two of them and use that as justification to look down
upon those who have not invested the time to emulate such
behavior.

Those who claim that the industry is doing all it can do to save
the PC user from disruption, unnecessary expense, data loss
and data theft and dumb advertisments should prove their
point by providing data on the number of people working at
major ISPs in fighting spam and compare that to the number
of staff working on collecting money, selling accounts and
advertising.

How much does the federal government offer in terms of
grants and development money to develop strategies to trace
and finally convict spammers and hackers?

I have no doubt that such abilities exist already. Take a threat
to security and life originating somewhere in the net! I believe
the culprit would be identified and arrested in less than a day.
Do the same to the million a day spammers and watch the
volume drop.

I suspect that some hackers spend their mornings fighting
spam and their afternoons creating it and that they feel really
good about how smart they are and about getting away wit
burning the candle from both ends.

GR.





for.

..
languages
wrote in message
news:1183413175.271326.220930@k29g2000hsd.googlegroups.com.. .
> Hi GR,
> I believe it is incorrect to blame PC users for not being sufficiently
> knowledgable to operate their PC's without running the risk of having
> data stolen, operating system corrupted or be bombarded with unwanted
> advertising. The argument they are too ignorant is often founded on a
> type of elitism that would hold computer development back by many
> years. It is all those people who have not got time to study the
> intricacies of computer security that provide the revenue to fund
> software and hardware development. Often it is not ignorance founded
> on stupidity but a choice to spend the time that would be needed
> obtain the knowlegde to 'surf safely' on other areas: going to the
> pub, studying art/mathematics, etc. Therefore, should be about
> producing products that can be used by as many consumers as possible.
> However, for the reasons mentioned in previous posts that is not what
> all software and hardware manufactures believe in. Add to this the FUD
> peddled by many 'security advisors' and you have a multi-million
> dollar industry that counters the efforts of others to increase the
> percentage of populations that use computer based technologies.
>
> Of course there are degrees of culpability and compromises that need
> to be made between usability, knowledge and security, but these should
> not result the extremes we are now experiencing. Finally, I do agree
> with an earlier person who posted stating that ISP's could resolve
> many of these problems.
>
>
> Yours respectfully,
>
> ST
>
> NoSpam wrote:
>
> > Now the reply below is typical.
> >
> > It blames the person who paid for his PC, paid for software, paid
> > the ISP to be an IGNORAMUS if he can no longer afford the time
> > or the money to secure his machine.
> >
> > Listen carefully!
> >
> > If the operators of a system are incompetent or unwilling to make
> > it secure and earn billions in the process, dont blame the little guy
> > who foots the bill for problems. The problem is generated by the
> > greed and the unwillingness of those who profit, not by the little guy
> > who suffers.
> >
> > If an amusement park can't offer safe rides, is the visitor supposed
> > to show up with helmet, ambulance and proper health insurance?
> >
> > Yet if the internet is not safe, you do require the visitor to purchase
> > protection contracts, pay for unnecessary repairs and ever new software
> > and then call him an IGNORAMUS if he does not appreciate his role
> > as the cow who gets milked.
> >
> > GR.
> >
> >
> > "Jim Higgins" wrote in message
> > news:md6i839bh78pvhfou0jeope3i2ofheqh5j@4ax.com...
> > > On Sun, 01 Jul 2007 21:13:10 GMT, "NoSpam"
> > > wrote:
> > >
> > > [snip]
> > >
> > > >If the net-PC is infected it will then matter little. If the net PC
is
> > > >infected to such a degree that its use becomes problematical,
> > > >install the OS, a browser and mail service again, nothing else.
> > > >I am working on the premise here, that the net PC is used for
> > > >e-mail, news, google searches. not for TV, music etc. These
> > > >latter services are not essential and those using them will have
> > > >to live with the increased risk of an infected machine of reduced
> > > >usefulness.
> > > >
> > > >What do you think?
> > >
> > > I think the irresponsible attitude that it doesn't matter how infected
> > > a net-connected PC becomes is a major part of the reason so many
> > > infections are so easily spread. In your case you actively support
> > > the notion. In the case of most it just happens through sheer
> > > ignorance. Those so ignorant that they don't know or care what they
> > > spread are generally too ignorant to avoid infection. It's a vicious
> > > cycle and the malware writers thrive on it. So do many so-called
> > > security companies. Problem is that there's no guaranteed software
> > > solution to protect the ignorant from themselves. It's also why the
> > > rest of us have to worry about protecting ourselves against the
> > > ignorant.
>

Re: Forget the security industry!

Leythos,

Dear Leythos,

I am awed by your expertise. Expertise however needs
to be properly applied and channeled to provide the
benenfits it may be capable of rendering.

Let me continue and end our discussion with the following
remarks.

Since I get a bill from the Internet Service Provider I know
how much to pay and to whom.

I have never been informed by any ISP that I should pay
an additional amount to anybody else. If you or the ISP or
the security industry feel that they need even more money
and that they think that the federal government should pay
up, then they need to take necessary steps to collect from
the Feds.

May be you should become a lobbyist for a new Tax, an
Internet Security Tax, or IST. In the meantime I expect
the ISPs and the softwareproviders to protect me from the
punks. The software firms and the ISP should know their
business, so that their security measures actually work

It is not ethical and in the long run probably counterpro-
ductive to sell a dangerous vehicle and let each owner provide
for his safety. This is not permissible for any product, but
the Internet.

Your argument that each user should purchase additional
hard and software to protect his PC if faulty. Look at the
statistics at the Lavasoft site. There the claim is made that
9 out of 10 PCs are "infected". This is proof beyond any
doubt that the idea that the public can provide for its own
Internet safety is poppy cock .Since an infected computer
can infect uninfected ones, it is essential that the internet
vehicle be made safe by experts and it is clear that this job
cant be left to the individual owner.

GR





provides a service.
"Leythos" wrote in message
news:MPG.20f34cee21e5c611989786@adfree.Usenet.com...
> In article <98eii.7266$7k7.2457@trnddc01>, NoSpam@nottobefound.org
> says...
> > Leythos,
> >
> > It is elementary. I pay the internethighway tax. It is
> > called the monthly fee for ISP service. Think before
> > you write.
>
> No, you're confused again, there is no "Internet Highway Tax", you are
> paying for a provider to give you a connection, much like you pay for a
> Driveway from your house to the street - once you are on the street your
> taxes pay for the limited amount of safety that is provided on the
> public roads.
>
> Something else you forget, it's your legal responsibility to maintain
> your vehicle in SAFE OPERATIONAL STATE. If you don't personally know how
> to do that you pay others to do it for you - same with a computer.
>
> Think before you play with the experts.
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

Dear Leythos,

I do not appreciate your putting my intelligence into doubt.
I also do not appreciate having my mindset evaluated in
such a superficial fashion.

My computer experience goes almost certainly back to a time
when you were not yet born or a toddler. (It started in 1958 on the
largest machines available at that time. Please be careful with
unsubstantiated statements, they will in the end reflect upon you,
not upon the person you are abusing).

I have just posted my definitive summary of the problem as a
response to another one of your posts and I invite you to study
and to reflect upon it.

GR.




"Leythos" wrote in message
news:MPG.20f34d8be6723fa6989787@adfree.Usenet.com...
> In article , NoSpam@nottobefound.org
> says...
> > Remember I and millions of others PAID: paid for PCs,
> > paid for DSLs, paid for Modems, paid for OSs (I paid for
> > 95,98,NT,2K) paid for AVs,for the whole thing. Did we
> > get security? No. Now you security people want more
> > money, more, more, more
>
> It wasn't secure before you bought it, never has been, and there are no
> expectations that it would be secure - any person in their half-right
> mind knows that computers are not secure.
>
> So, since you started with 95, you should have already known that the OS
> is not secure, not on any platform by default, except maybe BSD, not
> even HPUX or AIX is secure by default.
>
> You can secure you computer without paying anyone, you just don't appear
> to be smart enough and don't appear to understand what you've been told,
> you appear to have a Zealots mindset.
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

NoSpam wrote:

> Der Jens,
>
> Same old nonsense in your reply.
>
> Remember I and millions of others PAID: paid for PCs,
> paid for DSLs, paid for Modems, paid for OSs (I paid for
> 95,98,NT,2K) paid for AVs,for the whole thing. Did we
> get security? No.


Yes, you got security. In fact, Windows 2K and its successors Windows XP and
Server 2003 have been evaluated as NSA C2 and CC EAL4 Baseline Profile,
which means that with adequate configuration you can build a very secure and
reliable machine. But, of course, you should know what you're doing.

Oh, and sure by buying an AV program you didn't get any security. You just
got an intrusion detection system which alerts on the most trivial break-ins
only, just exactly as one should expect.

> Now you security people want more money, more, more, more
>
> WILL YOU DELIVER SECURITY. NOOOO!


Actually I've seen quite the contrary: People would rather buy the common
snake-oil pseudo security software rather than a competent security workman
who would achieve permanent security by just once setting up an appropriate
security configuration.

BTW, would you please cease your utterly stupid full-quotings with the
broken quoting style? kthxbye

Re: Forget the security industry!

In article , NoSpam@nottobefound.org
says...
> Dear Leythos,
>
> I do not appreciate your putting my intelligence into doubt.
> I also do not appreciate having my mindset evaluated in
> such a superficial fashion.
>
> My computer experience goes almost certainly back to a time
> when you were not yet born or a toddler. (It started in 1958 on the
> largest machines available at that time. Please be careful with
> unsubstantiated statements, they will in the end reflect upon you,
> not upon the person you are abusing).

You are the one that started the games sonny.

> I have just posted my definitive summary of the problem as a
> response to another one of your posts and I invite you to study
> and to reflect upon it.

And all of your comments point to your needing a Tin-Foil Hat.

No one is asking you to purchase anything, no one is protecting you, no
one is scamming you, no one is causing you a problem.

I don't need those things to protect me because I know how to protect my
networks and system and it works very well. The one I do purchase for
customers are for their benefit in case I fail to see something, in case
I fail to understand a threat base, in case I fail to properly
configured their networks and security methods.

You seem to think that they are selling dangerous tools to people, but
the fact is that a Drill is dangerous to most people, and only those
that learn a little about its use will be able to use it safely - just
like a computer, people CHOOSE TO NOT LEARN, they willingly, knowingly,
refuse to learn in most cases. They know the threats are real, know that
failure to secure their machines by simple means, without cost in most
all cases, will cause them to be compromised....

You just seem to want to rant and spew a mantra that is unfounded, but
you might learn, they say even an old-dog can learn, but you sure seem
more confrontational that even SG is. Settle down, try, try and look at
what everyone here has told you as though you are wrong, without being
upset, and you might just come away with a better understanding.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

"NoSpam" wrote in message
news:bUgii.5935$vG2.5839@trnddc02...
> Dear Leythos,
>
> I do not appreciate your putting my intelligence into doubt.
> I also do not appreciate having my mindset evaluated in
> such a superficial fashion.
>
You sound like the same mentally challenged KatMandu posting in
alt.comp.freeware.

Re: Forget the security industry!

On Mon, 02 Jul 2007, in the Usenet newsgroup comp.security.firewalls, in article
, NoSpam wrote:

>Furthermore regarding your last few paragraphs which sound
>just a bit contemptuous of my initiative and intelligence, I like
>you to know that I programmed an IBM 635 machine in
>assembly language in 1959

And you are positive this wasn't a GE. Where exactly did you gain
this early "programming experience"? And what could that possibly have
to do with securing your current computer that really does operate
in a different manner?

>and an IBM 704 in FORTRAN starting in the same year. I am still
>writing programs in FORTRAN and I am building my own PCs. NOT that I
>claim that it takes great intelligence or diligence to do these things

Program in FORTRAN - yeah, I suppose that's correct. But it, and
assembling your own PC is less common. Most computer users would
have grave difficulty using a screw driver to open a case, never mind
not knowing that the 'C' in column 1 meant the card was a comment. But
doing the mechanical labor is relatively simple compared to actually
configuring the software correctly. Or did you dump all of your
Hollerith cards on the top of the stack and not worry about running
things in a coherent manner - something like your top-posting replies
so that people wonder what part of the article you include at the
bottom without context you are responding to, or trimming the parts you
of the article you aren't responding to.

>but they do seem to contradict you suspicions, dont they?

Not really - you haven't a clue how to operate a network connected
computer, or you wouldn't be whining about your system being 0wn3d
because you can't take elementary steps to secure it. Hoping that
after-market crap is going to protect you (and you almost certainly
have that mis-configured too) shows a serious lack of reality.

>Would you mind telling me what you did in those years and
>what makes you believe that you may look down upon me???

59? I was active Air Force at the time, working on fire control systems
and nuclear weapons. I didn't get involved in digital computers until
after I finished military service in '65 - there's not much of a civilian
market for those skills. As for looking down upon you - read your whiny
posts and think why everyone is laughing at you. Could it be that the
rest of the world has some major clue that you're missing?

>Since I am a very, very old guy, I do believe that the sellers,
>that is MS and the rest of the security and software business
>should deliver what they promised to deliver

What in the WORLD do you think they promised? Security? What a major
joke. Read the license agreement you have with your software supplier,
not just microsoft. No, they didn't promise you one damn thing - even
that the software might even work. Read that license again. Or you
_could_ try suing then for failing to deliver on their "promise".

>I am convinced that the current setup with proper enforcement
>of existing rules and persecution of offenders CAN BE MADE
>secure.

Certain rules in what country - or even what region of the world?
You are SERIOUSLY out of touch with reality, and shouldn't be
trying to use a computer connected on a network. Really.

A much simpler solution would be to fine anyone who has their
computer infected (and detectable from the Internet) one months
salary - with the proceeds going directly to the company or agency
that discovers the infected system. Sort of like traffic fines
you have to pay for being caught doing something st00pid on the the
road. After a year or two, things might actually improve as the
clueless either stop using computers, or learn HOW to use them in
a safe manner. Users with clue wouldn't have a problem.

>That it is not done is related to the potential loss of busi-
>ness and not to unsurmountable technical difficulties. It is not
>the great new software invention which will bring about security
>but the WILL to achieve it.

Actually it's quite feasible to achieve security, but no user wants
to jump through the hoops to do so. They depend on the software
vendors to supply something that is pre-configured to work - to do
something that the user thinks they want to do. Can this be done in
a safe manner? No, because the user doesn't want to learn one damn
thing about using the software (and hardware for that matter) and
there are so many DIFFERENT things that computers can be used for. I
really haven't seen a "Windoze for FORTRAN Wankers" - have you? So
there is an after-market in tools that purport to do something else
that the user wants. Like those neat tool-bar thingies that include
an icon you can click to connect directly to your favorite pr0n site
(and see that your computer is properly 0wn3d at the same time - what
a convenience). And who installed that crap? Do you think it's the
Mal-Ware Fairy that sneaks up when you aren't looking, waves her
magic wand, and P00F - your box is loaded once again with malware? I
suppose you also blamed the same fairy for the bugs in your code.

Old guy

Re: Forget the security industry!

Doubting Thomas,

There is always one in a crowd.

I am a very polite person, unlike many in this newsgroup. I shall
therefore bow to you very rude request for information and give
you the info you are asking for. I do expect however the proper
respect and now wisecracking reply.

I gained my early computer experience by doing work on various
projects at General Electric's TEMPO in Santa Barbara. The
work with this and assembly language were taught by IBM
teachers.

I do agree with you that work with Fortran is not like work with
the C-languages or Java or any of the many languages which are
being used currently and with which the the young crop of program-
mers are familiar. It is a fact however, that the logic and the
basic principles of programming are present in all languages.
Knowing one makes the appreciation of others easier.

And you are correct. In those early days we carried our programs
in large cases to the computer center and these cases were filled
with IBM cards some of which with a C punched for 'Comment'
in column one.

I now refer to your rude remarks concerning my possible
computing habits, which you call dumping the cards on top
of the stack and not running things in a coherent manner....
..........
and admit that I just do not know how to reply to such an
emotional discharge.

Furthermore I am awed by your experience with firecontrol
and nuclear weapons and imagine that now, that you are in
civilian life you are frustrated by a certain lack of feeling of
power and have chosen me for target practice.

Regarding the rest of your comments I refer to a recent post of
mine in which I said the following:

<9 out of 10 PCs are "infected". This is proof beyond any

If you have something to say regarding the contents of this
paragraph, I will be interested. If you insist in looking down
upon all those millions of internet users who are, according
to your evaluation to dumb or to lazy to secure their PCs
then I am not.

Cheers and Greetings
GR.



..


"Moe Trin" wrote in message
news:slrnf8la8n.jd0.ibuprofin@compton.phx.az.us...
> On Mon, 02 Jul 2007, in the Usenet newsgroup comp.security.firewalls, in
article
> , NoSpam wrote:
>
> >Furthermore regarding your last few paragraphs which sound
> >just a bit contemptuous of my initiative and intelligence, I like
> >you to know that I programmed an IBM 635 machine in
> >assembly language in 1959
>
> And you are positive this wasn't a GE. Where exactly did you gain
> this early "programming experience"? And what could that possibly have
> to do with securing your current computer that really does operate
> in a different manner?
>
> >and an IBM 704 in FORTRAN starting in the same year. I am still
> >writing programs in FORTRAN and I am building my own PCs. NOT that I
> >claim that it takes great intelligence or diligence to do these things
>
> Program in FORTRAN - yeah, I suppose that's correct. But it, and
> assembling your own PC is less common. Most computer users would
> have grave difficulty using a screw driver to open a case, never mind
> not knowing that the 'C' in column 1 meant the card was a comment. But
> doing the mechanical labor is relatively simple compared to actually
> configuring the software correctly. Or did you dump all of your
> Hollerith cards on the top of the stack and not worry about running
> things in a coherent manner - something like your top-posting replies
> so that people wonder what part of the article you include at the
> bottom without context you are responding to, or trimming the parts you
> of the article you aren't responding to.
>
> >but they do seem to contradict you suspicions, dont they?
>
> Not really - you haven't a clue how to operate a network connected
> computer, or you wouldn't be whining about your system being 0wn3d
> because you can't take elementary steps to secure it. Hoping that
> after-market crap is going to protect you (and you almost certainly
> have that mis-configured too) shows a serious lack of reality.
>
> >Would you mind telling me what you did in those years and
> >what makes you believe that you may look down upon me???
>
> 59? I was active Air Force at the time, working on fire control systems
> and nuclear weapons. I didn't get involved in digital computers until
> after I finished military service in '65 - there's not much of a civilian
> market for those skills. As for looking down upon you - read your whiny
> posts and think why everyone is laughing at you. Could it be that the
> rest of the world has some major clue that you're missing?
>
> >Since I am a very, very old guy, I do believe that the sellers,
> >that is MS and the rest of the security and software business
> >should deliver what they promised to deliver
>
> What in the WORLD do you think they promised? Security? What a major
> joke. Read the license agreement you have with your software supplier,
> not just microsoft. No, they didn't promise you one damn thing - even
> that the software might even work. Read that license again. Or you
> _could_ try suing then for failing to deliver on their "promise".
>
> >I am convinced that the current setup with proper enforcement
> >of existing rules and persecution of offenders CAN BE MADE
> >secure.
>
> Certain rules in what country - or even what region of the world?
> You are SERIOUSLY out of touch with reality, and shouldn't be
> trying to use a computer connected on a network. Really.
>
> A much simpler solution would be to fine anyone who has their
> computer infected (and detectable from the Internet) one months
> salary - with the proceeds going directly to the company or agency
> that discovers the infected system. Sort of like traffic fines
> you have to pay for being caught doing something st00pid on the the
> road. After a year or two, things might actually improve as the
> clueless either stop using computers, or learn HOW to use them in
> a safe manner. Users with clue wouldn't have a problem.
>
> >That it is not done is related to the potential loss of busi-
> >ness and not to unsurmountable technical difficulties. It is not
> >the great new software invention which will bring about security
> >but the WILL to achieve it.
>
> Actually it's quite feasible to achieve security, but no user wants
> to jump through the hoops to do so. They depend on the software
> vendors to supply something that is pre-configured to work - to do
> something that the user thinks they want to do. Can this be done in
> a safe manner? No, because the user doesn't want to learn one damn
> thing about using the software (and hardware for that matter) and
> there are so many DIFFERENT things that computers can be used for. I
> really haven't seen a "Windoze for FORTRAN Wankers" - have you? So
> there is an after-market in tools that purport to do something else
> that the user wants. Like those neat tool-bar thingies that include
> an icon you can click to connect directly to your favorite pr0n site
> (and see that your computer is properly 0wn3d at the same time - what
> a convenience). And who installed that crap? Do you think it's the
> Mal-Ware Fairy that sneaks up when you aren't looking, waves her
> magic wand, and P00F - your box is loaded once again with malware? I
> suppose you also blamed the same fairy for the bugs in your code.
>
> Old guy

Re: Forget the security industry!

In article <2aAii.3242$bO2.136@trnddc05>, NoSpam@nottobefound.org
says...
> > > > <9 out of 10 PCs are "infected". This is proof beyond any
> > > > >
If the public cared, they would protect their investment. Since the
public doesn't care, since the ISP's absolve their responsibility, since
they can pay some computer nerd at best buy to fix it, there won't be a
fix.

If the users were fined, based on spew from their computers, then the
problem would go away.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

NoSpam wrote:
> It is a fact however, that the logic and the
> basic principles of programming are present in all languages.

Compare Prolog with XSLT ;-)

Yours,
VB.
--
"Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
geschützt wird, die seinem Ziel und seinem Geist zuwider sind."

Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"

Re: Forget the security industry!

Dear Volker.

No question, there are differences between languages.
However, if you have never learned any language you will have a
hard time learning your first one. If you have learned your first language
and master its grammar you will have an easier time with a second one.
True of False?

I am however aware that modern computer languages can be obscure,
possibly on purpose, and that there are too many of them and way too
many variants. Programmer cherish Job security too, dont they? -)

GR.
"Volker Birk" wrote in message
news:468f4816@news.uni-ulm.de...
> NoSpam wrote:
> > It is a fact however, that the logic and the
> > basic principles of programming are present in all languages.
>
> Compare Prolog with XSLT ;-)
>
> Yours,
> VB.
> --
> "Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
> geschützt wird, die seinem Ziel und seinem Geist zuwider sind."
>
> Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"

Re: Forget the security industry!

NoSpam wrote:
> If you have learned your first language
> and master its grammar you will have an easier time with a second one.
> True of False?

Usually true, because most programming languages have a procedural
imperative paradigm. Most, but not Prolog and not XSLT ;-)

> Programmer cherish Job security too, dont they? -)

Don't think so. There are very good reasons for the two above. They're
not Brainfuck or even Whitespace ;-)

Yours,
VB.
--
"Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
geschützt wird, die seinem Ziel und seinem Geist zuwider sind."

Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"

Re: Forget the security industry!

In article , NoSpam@nottobefound.org
says...
> I am however aware that modern computer languages can be obscure,
> possibly on purpose, and that there are too many of them and way too
> many variants. Programmer cherish Job security too, dont they? -)

Any programmer that doesn't include comments or that tries to make his
code hard to read should be fired or at least put in management.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

In article ,
Leythos wrote:

>Any programmer that doesn't include comments or that tries to make his
>code hard to read should be fired or at least put in management.

Unless, that is, the obfuscation is an expected part of the job,
an effort to stymie reverse engineering and thus slow down
the dispersion of trade secrets (and the cloning of patented
processes without authorization.)

Re: Forget the security industry!

In article , roberson@hushmail.com
says...
> In article ,
> Leythos wrote:
>
> >Any programmer that doesn't include comments or that tries to make his
> >code hard to read should be fired or at least put in management.
>
> Unless, that is, the obfuscation is an expected part of the job,
> an effort to stymie reverse engineering and thus slow down
> the dispersion of trade secrets (and the cloning of patented
> processes without authorization.)

And the compiler can take care of that. If your code does not include
comments and explanations then you did a disservice to those supporting
the application. If you understood this you could still make code that
is hard to reverse engineer but still easy to maintain for those
following you.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Forget the security industry!

"Leythos" wrote in message
news:MPG.20faeb7d3e9cd7419897b8@adfree.Usenet.com...
> In article , roberson@hushmail.com
> says...
>> In article ,
>> Leythos wrote:
>>
>> >Any programmer that doesn't include comments or that tries to make his
>> >code hard to read should be fired or at least put in management.
>>
>> Unless, that is, the obfuscation is an expected part of the job,
>> an effort to stymie reverse engineering and thus slow down
>> the dispersion of trade secrets (and the cloning of patented
>> processes without authorization.)
>
> And the compiler can take care of that. If your code does not include
> comments and explanations then you did a disservice to those supporting
> the application. If you understood this you could still make code that
> is hard to reverse engineer but still easy to maintain for those
> following you.
>

Very little comments are kept in source code anymore. The comments are kept
in other types of documents separate from the code and is maintained. It's
called documentation artifacts.

Re: Forget the security industry!

In article , "Mr.
Arnold" says...
>
> "Leythos" wrote in message
> news:MPG.20faeb7d3e9cd7419897b8@adfree.Usenet.com...
> > In article , roberson@hushmail.com
> > says...
> >> In article ,
> >> Leythos wrote:
> >>
> >> >Any programmer that doesn't include comments or that tries to make his
> >> >code hard to read should be fired or at least put in management.
> >>
> >> Unless, that is, the obfuscation is an expected part of the job,
> >> an effort to stymie reverse engineering and thus slow down
> >> the dispersion of trade secrets (and the cloning of patented
> >> processes without authorization.)
> >
> > And the compiler can take care of that. If your code does not include
> > comments and explanations then you did a disservice to those supporting
> > the application. If you understood this you could still make code that
> > is hard to reverse engineer but still easy to maintain for those
> > following you.
> >
>
> Very little comments are kept in source code anymore. The comments are kept
> in other types of documents separate from the code and is maintained. It's
> called documentation artifacts.

It doesn't matter where you keep them as long as they are updated as
needed when making changes to the source. If you don't have
comments/descriptions, as I said before, you are doing a disservice to
all the people that support/follow you.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)