Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[alexandertnt]

(Off-topic post about security etc)

And that right there is exactly what's wrong with UAC. If a big company like Microsoft with hundreds of expert programmers on its payroll can't make a tool to determine if a program is dangerous or legit, how exactly is a dumb user supposed to do that? "Oh, we're not liable for any damage to your data. Our system asked you if you wanted to allow this program to do its thing and you clicked yes, it's your own fault. Nevermind that we didn't give you anything whatsoever to enable you to make an informed decision." I'm sorry, that's not security at all, that's just CYA bullshit.

Well you see, the human brain is quite good at heuristically detecting problems. It can determine through inspection if something may be harmful even if it has never came accross it before. Its one of the reason that people do not walk dumbly into fires, even if they have never been burnt by it before. The human brain has identified it as significant threat. Computers are terrable at this. They can compare patterns and thats about it. Even virus scanner heuristics generally just look for "suspicious" things, such as non-standard methods of accessing the internet.

The OS gives you what it can to make these decisions. If a program wants admin-rights, all the OS can do is recognise that this blob of code wants to do admin things, and tell you.

Maby in a few decades computer virus scanners will get good at these heuristics. But they will only be getting better if there are even better viruses to try and stop.

Those Who Sacrifice Liberty For Security Deserve Neither. Benjamin Franklin

So dont sacrifice liberty? Install a different operating system? You have plenty of liberty.

[Andir]

I'll say it to mock people who are really worked up for no reason too.  And, yea, he was.

Do not pick a fight or insult another poster.  Do not continue a fight if you feel you have been insulted.  Report it to the moderator.  If you instead respond in kind, you run the risk of being considered part of the problem.
Despite its prevalence on the internet, bigoted language is frowned upon here.  Do not go there.
Do not disrupt a thread with spam, giant images or intentionally garbled language.

[forsaken1111]

I'll say it to mock people who are really worked up for no reason too.  And, yea, he was.

Do not pick a fight or insult another poster.  Do not continue a fight if you feel you have been insulted.  Report it to the moderator.  If you instead respond in kind, you run the risk of being considered part of the problem.
Despite its prevalence on the internet, bigoted language is frowned upon here.  Do not go there.
Do not disrupt a thread with spam, giant images or intentionally garbled language.

If you think its a problem, just flag it for moderation instead of quoting the rules at people.

[Andir]

I'll say it to mock people who are really worked up for no reason too.  And, yea, he was.

Do not pick a fight or insult another poster.  Do not continue a fight if you feel you have been insulted.  Report it to the moderator.  If you instead respond in kind, you run the risk of being considered part of the problem.
Despite its prevalence on the internet, bigoted language is frowned upon here.  Do not go there.
Do not disrupt a thread with spam, giant images or intentionally garbled language.

If you think its a problem, just flag it for moderation instead of quoting the rules at people.

/shrug
I give people one warning.

[Sordid]

@security discussion: I'm sorry, that's just not good enough. If MS built their system properly, it wouldn't be susceptible to malware in the first place.

[miauw62]

yeah, sure.

If they, as you said, "would  build a tool that can determine wether a program is malware or not", that would turn up false positives. And if you have a decent AV installed, and have common sense installed (very rare!), you should be able to determine wether a program is malware or not.



EDIT:

Also, its nigh impossible, if not entirely impossible to make a system insuspectible to malware.
If you make a system that is first insuspectible, virusses will evolve (more like be modified by their creators), much like real life virusses to be able to invade that system.

Oh, and i forgot to say that most virusses today are trojans, wich could be taken as proof that there are little security holes left to exploit.

[Nadaka]

@security discussion: I'm sorry, that's just not good enough. If MS built their system properly, it wouldn't be susceptible to malware in the first place.

There are no general purpose computers that are not susceptible to malware. The only way make a computer truly not susceptible to malware, you would need separate memory for programs and data, and the only code that can be loaded into program memory is from a read only device.

[Sordid]

There are no general purpose computers that are not susceptible to malware.

Then clearly it's not just MS that needs to stop horsing around and do things properly but everyone else as well. And I don't buy this "oh it can't be done" talk.

[Nadaka]

There are no general purpose computers that are not susceptible to malware.

Then clearly it's not just MS that needs to stop horsing around and do things properly but everyone else as well. And I don't buy this "oh it can't be done" talk.

Did you read the rest of my post? "Doing things properly" means you don't  get to choose what runs on your "computer". You will never be able to update a program. You will never be able to install a game. You will never be able to write your own code. You get only what comes preinstalled and nothing else, ever.

[miauw62]

or you could do the highly controversial secure computing.


But thats mainly the above, its DRM but with computers as a whole i think.

[Sordid]

Did you read the rest of my post? "Doing things properly" means you don't  get to choose what runs on your "computer". You will never be able to update a program. You will never be able to install a game. You will never be able to write your own code. You get only what comes preinstalled and nothing else, ever.

I don't see why that would have to be the case. Surely it's possible to keep the system and the data separate and prevent one from interfering with the other?

[Nadaka]

Did you read the rest of my post? "Doing things properly" means you don't  get to choose what runs on your "computer". You will never be able to update a program. You will never be able to install a game. You will never be able to write your own code. You get only what comes preinstalled and nothing else, ever.

I don't see why that would have to be the case. Surely it's possible to keep the system and the data separate and prevent one from interfering with the other?

You would be wrong.

If there is any way for the user to install and run arbitrary code, a system is susceptible to malware. Even vendor controlled software update/distribution opens a security hole that may potentially allow a man in the middle attack to compromise the process and introduce malware unless it is rigorously controlled.

[Rez]

The system is the data.

[Sordid]

I meant other programs, not data. Sorry about that. And I'm still not buying it. Anyway, back on topic?

[Darkmere]

Other programs *are* data. Everything that isn't hardware is just data.

If you have workable ideas on how to make a perfectly secure modifiable computing platform, several world governments would probably have cushy jobs for you. For life.