"For the first year of Puppy I ran without a firewall (I don't think there was one) and the paranoia went . . . "
Windows is a tempting target, and everyone loves it when the big guy is brought down a notch or two, but that doesn't mean that Linuix is free of all security risks.
http://www.linuxformat.co.uk/modules.ph ... &issue=105
Is Linux Right For Me?
I don't know whether to laugh, cry or have an aneurism over that quote, so instead I'll simply say this:Trobin wrote:I'm not convinced that Microsoft has access to my data.
If you've booted a Microsoft OS, Redmond is root, and not you.
[size=84][i]hangout:[/i] ##b0rked on irc.freenode.net
[i]diversion:[/i] [url]http://alienjeff.net[/url] - visit The Fringe
[i]quote:[/i] "The foundation of authority is based upon the consent of the people." - Thomas Hooker[/size]
[i]diversion:[/i] [url]http://alienjeff.net[/url] - visit The Fringe
[i]quote:[/i] "The foundation of authority is based upon the consent of the people." - Thomas Hooker[/size]
-
Bruce B
Trobin wrote:I'm aware that Microsoft collects data on the hardware in my computer as part of the activation process.
Thank you for your answer. (question omitted for brevity and doesn't seem necessary to me)
What is more true, that it collects this data? Or that it continues collecting data, even after the activation process is verified?
How can anyone, including you know what data it collects?
Bruce B wrote:3) Are you convinced that it has been observed that significantly more data is being collected than necessary for the purported purpose of making sure YOU'RE not the pirate?
The manner in which this determination has been made is by measuring the size of the data they take, compared with how much data it actually would need to make registration code database check.Trobin (reply) wrote:Of that I am not convinced.
Nobody I know of has ever been able to state with precision what the data is. We can rely on what Microsoft purports, and that very reliance requires trust.
I suppose it would be silly and trivial of me to mention tracking movies you watch on your computer?Trobin wrote:I have no problem with Microsoft wanting to know the hardware specifications of my computer so that my copy of Vista/XP is tied to one specific computer.
What would bother you? What about methods?
If I wanted to know more about you, would it be OK if I simply took the information and didn't tell you?
Would you rather that I ask?
If I sold clothes, would it be okay if I followed you around and took opportunity to look into your drawers and closet to learn more about what you would be inclined to buy?
Wouldn't you rather that I said, "Trobin, I want more of your business. How can I serve you better? Are there styles or brands you'd like which aren't in stock? Are you interested in taking advantage of sales? If so, I can notify you when I have them?"
And after you have made your purchase, I leave you alone.
Trobin, on the subject of tone, what is the tone of an apologist?Trobin wrote: However the tone of the comments I've seen here, as well as elsewhere, seem to indicate that Microsoft wants to access the data that I put into my computer, letteras, spreadsheets, emails, etc. Of that I am not convinced.
If Microsoft wanted access to your documents, they don't need your permission. I don't however, think they'd want a collection of random files for someone to read, unless you were of considerable interest.
If I wanted user data from a huge user base, I'd tightly index the user files and add them to huge databases which could be queried thousands of different ways.
On the other hand, if I say to you that Microsoft has already patented specific ways to do what you don't think want, I think it would take a bred in the wool apologist to say: I don't see anything to indicate . . .
Note: A patent is not a request for permission. It's the making of a law giving Microsoft exclusive rights to the methods.
Microsoft patents the mother of all adware systems
Bruce
-
Bruce B
It is fine with me if you write gospel.alienjeff wrote: If you've booted a Microsoft OS, Redmond is root, and not you.
If it is worthy of canonization, maybe it deserves formalization also. How about?
- The Book of Alien Jeff - Chapter 1, Verse 1
Once the book is written, then the religion, the cult followers, the strict obedience and the tithes.
"Thank you for your answer. (question omitted for brevity and doesn't seem necessary to me)
What is more true, that it collects this data? Or that it continues collecting data, even after the activation process is verified? "
Did a little bit of research on what Microsoft collects when the activation thing is done. An algorythm is run on your computer that collectd data and creates a series of hash numbers. It is those hash numbers that Microsoft collects, and matches with your copy of Vista / XP.
"
PostPosted: Today, at 10:30 am Post subject: Reply with quote
Trobin wrote:
I'm aware that Microsoft collects data on the hardware in my computer as part of the activation process.
Thank you for your answer. (question omitted for brevity and doesn't seem necessary to me)
What is more true, that it collects this data? Or that it continues collecting data, even after the activation process is verified?
How can anyone, including you know what data it collects?
Bruce B wrote:
3) Are you convinced that it has been observed that significantly more data is being collected than necessary for the purported purpose of making sure YOU'RE not the pirate?
Trobin (reply) wrote:
Of that I am not convinced.
The manner in which this determination has been made is by measuring the size of the data they take, compared with how much data it actually would need to make registration code database check. "
How much data is necessary. A series of numbers hardly seems excessive. I recall listening as some guy activated his copy of Vista over the phone. All that was necessary was that he read off a series of numbers that his computer produced.
"I suppose it would be silly and trivial of me to mention tracking movies you watch on your computer? "
I actually don't watch movies on my computer. DVD's aren't all that expensive, especially if you wait until the video stores put previewed movies OVERPRICED. If I did, why would Microsoft be interested. I can see why Hollywood would be interested, but Microsoft?
"What would bother you? What about methods?
If I wanted to know more about you, would it be OK if I simply took the information and didn't tell you?
Would you rather that I ask?"
Sure I'd much rather be asked.
"If I sold clothes, would it be okay if I followed you around and took opportunity to look into your drawers and closet to learn more about what you would be inclined to buy?"
It would not be okay to go through my drawers, but if I went into your store It would be within your rights to keep track of what you sold to me, and make inferences based on what I bought, and it would be done with my consent.
Microsoft might own the mother of all adware programs, but I am the one that visited the website and clicked on the ad.
What is more true, that it collects this data? Or that it continues collecting data, even after the activation process is verified? "
Did a little bit of research on what Microsoft collects when the activation thing is done. An algorythm is run on your computer that collectd data and creates a series of hash numbers. It is those hash numbers that Microsoft collects, and matches with your copy of Vista / XP.
"
PostPosted: Today, at 10:30 am Post subject: Reply with quote
Trobin wrote:
I'm aware that Microsoft collects data on the hardware in my computer as part of the activation process.
Thank you for your answer. (question omitted for brevity and doesn't seem necessary to me)
What is more true, that it collects this data? Or that it continues collecting data, even after the activation process is verified?
How can anyone, including you know what data it collects?
Bruce B wrote:
3) Are you convinced that it has been observed that significantly more data is being collected than necessary for the purported purpose of making sure YOU'RE not the pirate?
Trobin (reply) wrote:
Of that I am not convinced.
The manner in which this determination has been made is by measuring the size of the data they take, compared with how much data it actually would need to make registration code database check. "
How much data is necessary. A series of numbers hardly seems excessive. I recall listening as some guy activated his copy of Vista over the phone. All that was necessary was that he read off a series of numbers that his computer produced.
"I suppose it would be silly and trivial of me to mention tracking movies you watch on your computer? "
I actually don't watch movies on my computer. DVD's aren't all that expensive, especially if you wait until the video stores put previewed movies OVERPRICED. If I did, why would Microsoft be interested. I can see why Hollywood would be interested, but Microsoft?
"What would bother you? What about methods?
If I wanted to know more about you, would it be OK if I simply took the information and didn't tell you?
Would you rather that I ask?"
Sure I'd much rather be asked.
"If I sold clothes, would it be okay if I followed you around and took opportunity to look into your drawers and closet to learn more about what you would be inclined to buy?"
It would not be okay to go through my drawers, but if I went into your store It would be within your rights to keep track of what you sold to me, and make inferences based on what I bought, and it would be done with my consent.
Microsoft might own the mother of all adware programs, but I am the one that visited the website and clicked on the ad.
-
Bruce B
Bruce B wrote:The manner in which this determination has been made is by measuring the size of the data they take, compared with how much data it actually would need to make registration code database check.
That is almost funny, it would be if I thought you wanted to be funny.Trobin wrote:How much data is necessary. A series of numbers hardly seems excessive. I recall listening as some guy activated his copy of Vista over the phone. All that was necessary was that he read off a series of numbers that his computer produced.
How would you like your ABCs served? In alphanumeric representations, hexadecimal, decimal or in binary?
You do have a choice, depending on the tool to view the series of numbers.
If I want to steal copies of the ABCs off your computer from a remote location, I'd probably use TCP/IP, steal them as data packets and have the computer do what it does, assemble the packets into a file. Then I have all your ABC's even though they transmitted in a different format.
Your attempt to mitigate the amount of data taken by defining the data as a series of numbers, doesn't make the best of arguments.
But the patent is not about clicking on the ads. It's also not about being responsible for the ads you click on.Trobin wrote:Microsoft might own the mother of all adware programs, but I am the one that visited the website and clicked on the ad.
It's more about a law granting Microsoft an exclusive method of profiling you, by way of scanning those user documents of yours, inside your computer, in an effort to profile you, for the purported purpose being better able to serve you a targeted ad. One you will more likely click on.
Why would any Microsoft user care about that, if the day comes that they apply this particular patent right to his/her computer?
vista off
You all talk about data collection, but soon vista will only be able to be rented for a monthley fee, Miss the payment and your mbr is removed.
Thats why people in the know are moving to linux including large multi users as the user will not even have access to there OWN data!!!!!
And who wants an operating system that will not work if you change the hard drive
I Dont
Thats why people in the know are moving to linux including large multi users as the user will not even have access to there OWN data!!!!!
And who wants an operating system that will not work if you change the hard drive
I Dont
"Trobin wrote:
How much data is necessary. A series of numbers hardly seems excessive. I recall listening as some guy activated his copy of Vista over the phone. All that was necessary was that he read off a series of numbers that his computer produced.
That is almost funny, it would be if I thought you wanted to be funny. "
"Your attempt to mitigate the amount of data taken by defining the data as a series of numbers, doesn't make the best of arguments. "
Consider it funny if you want. I worked tech support for a while and I listened in while the person activated his computer. I heard the questions asked and the answers given.
"f I want to steal copies of the ABCs off your computer from a remote location, I'd probably use TCP/IP, steal them as data packets and have the computer do what it does, assemble the packets into a file. Then I have all your ABC's even though they transmitted in a different format. "
That's one way of doing it. However that's not exclusive to Microsoft. works just as well with Unix/inux as well.
How much data is necessary. A series of numbers hardly seems excessive. I recall listening as some guy activated his copy of Vista over the phone. All that was necessary was that he read off a series of numbers that his computer produced.
That is almost funny, it would be if I thought you wanted to be funny. "
"Your attempt to mitigate the amount of data taken by defining the data as a series of numbers, doesn't make the best of arguments. "
Consider it funny if you want. I worked tech support for a while and I listened in while the person activated his computer. I heard the questions asked and the answers given.
"f I want to steal copies of the ABCs off your computer from a remote location, I'd probably use TCP/IP, steal them as data packets and have the computer do what it does, assemble the packets into a file. Then I have all your ABC's even though they transmitted in a different format. "
That's one way of doing it. However that's not exclusive to Microsoft. works just as well with Unix/inux as well.
-
Bruce B
I doubt the questions asked were encrypted. And if they were that would have been funny.Trobin wrote:Consider it funny if you want. I worked tech support for a while and I listened in while the person activated his computer. I heard the questions asked and the answers given.
Activation is not something that one does one time. If it were, I'd be on your side of the argument. The process is repeated over and over and over and over and over and over again. That might seem like a lot of overs and it is.
But lets be truthful. Shortly after the WGA was encouraged on the XP users as a 'critical security update' which is wasn't, observant Windows users noticed that it was phoning home several times a day!
This simple fact makes my absurd use of the words 'over and over' look pitifully small.
This simple fact brought enough criticism on Microsoft that they agreed to not phone home with such frequency.
And none of this has to do with phone activation. Phone activation doesn't stop the clandestine phone calls home either.
Bruce B wrote:If I want to steal copies of the ABCs off your computer from a remote location, I'd probably use TCP/IP, steal them as data packets and have the computer do what it does, assemble the packets into a file. Then I have all your ABCs even though they transmitted in a different format.
Technology is not exclusive. But use of technology and behavior varies.Trobin (in reply) wrote:That's one way of doing it. However that's not exclusive to Microsoft. works just as well with Unix/inux as well.
I don't copy any ABCs off people's computers, Puppy Linux doesn't either.
Microsoft does.
Nope. All the person was asked to do was click on the Activate by phone option and read off a series of numbers.Bruce B wrote:I doubt the questions asked were encrypted. And if they were that would have been funny.Trobin wrote:Consider it funny if you want. I worked tech support for a while and I listened in while the person activated his computer. I heard the questions asked and the answers given.
Activation is only done when substantial changes are made to the computer hardware.Activation is not something that one does one time. If it were, I'd be on your side of the argument.
I gather your talkingh about the WGA Notifier which is supposed to run at boot up. The idea is to see if the user is running pirated (stolen) software. If one chose to run a pirated (stolen) copy of Vista or Xp that's a risk they chose to take. They could also choose not to connect that computer to the internet in which case Microsoft would never find out.But lets be truthful. Shortly after the WGA was encouraged on the XP users as a 'critical security update' which is wasn't, observant Windows users noticed that it was phoning home several times a day!
XP and Vista also phone home to check to see if there are any updates. The auto update function can also be turned off.
This simple fact makes my absurd use of the words 'over and over' look pitifully small.
This simple fact brought enough criticism on Microsoft that they agreed to not phone home with such frequency.
And none of this has to do with phone activation. Phone activation doesn't stop the clandestine phone calls home either.
Bruce B wrote:If I want to steal copies of the ABCs off your computer from a remote location, I'd probably use TCP/IP, steal them as data packets and have the computer do what it does, assemble the packets into a file. Then I have all your ABCs even though they transmitted in a different format.
Trobin (in reply) wrote:That's one way of doing it. However that's not exclusive to Microsoft. works just as well with Unix/inux as well.
And yet I recieve no ads that in anyway can be related to the data on my computer. I recieve no ads unless I click on a web site that is supported by ads, or use a program that is adware supported. Otherwise nada.Technology is not exclusive. But use of technology and behavior varies.[/quopte]
Very true.
I don't copy any ABCs off people's computers, Puppy Linux doesn't either.
Microsoft does.
-
urban soul
- Posts: 273
- Joined: Wed 05 Mar 2008, 17:03
- Location: "Killing a nerd is not as much fun as ist sounds" B.Simpson
- Contact:
You got It! It's a tradeoff between a company that treats your privacy with disrespect (The whole GUI programming shows disrespect with all that popup culture, report to microsoft, microsoft certified, having a file system that disallows the user linking and managing rights, etc, etc) and an OS that makes a fool out of you if you use write support on a ntfs partition. Apple is better in many respect but my firewall logs show that OS X phones home so frequently that I may not recommend it.Trobin wrote:Yes Puppy runs free but sometimes there is some truth to that saying that there is no such thing as a free lunch.
-
Bruce B
urban soul,
I think Apple and Mac people have always been a breed to themselves.
There was a time when you needed Apple if you needed performance. Especially if you were dealing with Graphics.
There was a time when computers were not connected.
I don't when Apple/Macs started the phoning home, but I've know of it for a long time.
--------------------
Changing subject: I'm looking for a award, not a Darwin award, just an award for asking the dumbest question of the day.
What would Vista or XP do in regards to it's WGA if you never connected it to the Internet.
I mean apart from the obvious fact that you wouldn't have the Genuine Advantage.
Would it run in the absence of the Advantage?
Bruce
I think Apple and Mac people have always been a breed to themselves.
There was a time when you needed Apple if you needed performance. Especially if you were dealing with Graphics.
There was a time when computers were not connected.
I don't when Apple/Macs started the phoning home, but I've know of it for a long time.
--------------------
Changing subject: I'm looking for a award, not a Darwin award, just an award for asking the dumbest question of the day.
What would Vista or XP do in regards to it's WGA if you never connected it to the Internet.
I mean apart from the obvious fact that you wouldn't have the Genuine Advantage.
Would it run in the absence of the Advantage?
Bruce
-
Bruce B
That's exactly what I'd expect from an uninfected machine.Trobin wrote:And yet I receive no ads that in anyway can be related to the data on my computer. I receive no ads unless I click on a web site that is supported by ads, or use a program that is adware supported. Otherwise nada.
They don't index your hard drive and user files, if they did, I'm confident the Windows nerds and geeks would notice, and the news would spread like wildfire.
Then their PR department would explain it in a way that would satisfy the faithful, that it's a service for their own good.
But it hasn't happened yet. We presently have is the patent to see what it does.
{quote]What would Vista or XP do in regards to it's WGA if you never connected it to the Internet.
I mean apart from the obvious fact that you wouldn't have the Genuine Advantage.
Would it run in the absence of the Advantage? [/quote]
Yep. I ran XP for months without it's being connected to the internet.
I mean apart from the obvious fact that you wouldn't have the Genuine Advantage.
Would it run in the absence of the Advantage? [/quote]
Yep. I ran XP for months without it's being connected to the internet.
-
Bruce B
Trobin,
Thank you.
Sometimes we get locked in by application dependency.
I have a Nikon slide/negative scanner with only Windows software support, Photoshop and I'd like to do photo quality printing.
Windows 9x would work, but hardware support is harder to come by. Not to mention that the OS itself has a hard time with todays big drives.
If the Nikon software and XP are happy, it would be a more practical approach. (as much as I hate to say it)
At present I've not put together the high quality photo printing system.
A little 35mm negative contains a lot of information. With the scanner we are looking at files sizes of about 35 MB per negative, before the information collected becomes flat.
A better image can be obtained from the digitization process than using an enlarger.
The reason why is the enlarger lens is several inches from the paper and the exposure time is fairly lengthy. Even with a good lens, during this exposure, the light scatters leaving you with a more fuzzy image than what was in the negative.
You end up with a really nice picture that looks like it was taken with a 35mm camera.
With digital printing, the finished image might look as if it were taken with larger format film.
I guess that's enough rambling for now.
Bruce
Thank you.
Sometimes we get locked in by application dependency.
I have a Nikon slide/negative scanner with only Windows software support, Photoshop and I'd like to do photo quality printing.
Windows 9x would work, but hardware support is harder to come by. Not to mention that the OS itself has a hard time with todays big drives.
If the Nikon software and XP are happy, it would be a more practical approach. (as much as I hate to say it)
At present I've not put together the high quality photo printing system.
A little 35mm negative contains a lot of information. With the scanner we are looking at files sizes of about 35 MB per negative, before the information collected becomes flat.
A better image can be obtained from the digitization process than using an enlarger.
The reason why is the enlarger lens is several inches from the paper and the exposure time is fairly lengthy. Even with a good lens, during this exposure, the light scatters leaving you with a more fuzzy image than what was in the negative.
You end up with a really nice picture that looks like it was taken with a 35mm camera.
With digital printing, the finished image might look as if it were taken with larger format film.
I guess that's enough rambling for now.
Bruce
Having built my own unattended install of XpPro using cab files and other trickery, I can say with absolute certainty that XpPro will run without WGA present.Bruce B wrote:Would it [WinXP/Vista] run in the absence of the Advantage?
WGA is stripped out of the installation (along with some other garbage that tries to watch what I do). It does try to install itself during the first update through Windows Update, but if one un-selects it you aren't bothered again with it. I've both IE7 and WMP11 included and they don't mind at all.
-
Bruce B
John Doe,
Thank you.
I have the technology to monitor everything a Windows computer does in terms of background connections, right down to all DNS lookups as well as detailed logging about all connections.
I say this because spyware by nature is covert and intended not to be noticed. It is a background process and can be triggered by any number of events. The only way I know that is not happening is by implementing a variety of monitoring techniques.
I read your post as an implication that your computer is not phoning home. But I'm not sure if that's what you are saying.
If you are saying that it's not, how do you know?
Moreover, I've read articles where Microsoft 'updated' computers and even rebooted them, when the user had explicitly set the controls to not do such things.
Do you have any comment about what I've read in this area?
Bruce
Thank you.
I have the technology to monitor everything a Windows computer does in terms of background connections, right down to all DNS lookups as well as detailed logging about all connections.
I say this because spyware by nature is covert and intended not to be noticed. It is a background process and can be triggered by any number of events. The only way I know that is not happening is by implementing a variety of monitoring techniques.
I read your post as an implication that your computer is not phoning home. But I'm not sure if that's what you are saying.
If you are saying that it's not, how do you know?
Moreover, I've read articles where Microsoft 'updated' computers and even rebooted them, when the user had explicitly set the controls to not do such things.
Do you have any comment about what I've read in this area?
Bruce
ethreal, snort, airsnort? you watching all the ports or just DNS and TCP?Bruce B wrote:I have the technology to monitor everything a Windows computer does in terms of background connections, right down to all DNS lookups as well as detailed logging about all connections.
understood. As someone that knows how to write and install services on windows, I must say your thought is warranted.Bruce B wrote:I say this because spyware by nature is covert and intended not to be noticed. It is a background process and can be triggered by any number of events. The only way I know that is not happening is by implementing a variety of monitoring techniques.
you are correct, in that you are not sure what I was tryig to say. thanks for asking and letting me clarify. I was trying to be specific in answering your question about operation without 'Advantage' ( which I assumed to mean 'Windows Genuine Advantage').Bruce B wrote:I read your post as an implication that your computer is not phoning home. But I'm not sure if that's what you are saying.
I wasn't, but since you are interested; I'd be willing to send you a CD for 'peer review'.Bruce B wrote:If you are saying that it's not, how do you know?
That might very well happen. I couldn't make any definitive comment on the matter.Bruce B wrote:Moreover, I've read articles where Microsoft 'updated' computers and even rebooted them, when the user had explicitly set the controls to not do such things.
*see above.Bruce B wrote:Do you have any comment about what I've read in this area?
@OP:
"Is Linux Right For Me?"
Yes, it is. If you like to work on computers, play media, chat with people, watch movies and/or surf the internet (on as broad a sectrium of hardware as possible, with as much ease of use as the community can provide) Linux is right for you. It might or might not be easier for you to understand than windows. I'd recommend starting with Puppy linux and going from there.
don't feel obligated to stick with one or the other. use them both and draw your own conclusions.
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
I think that is sound advice.don't feel obligated to stick with one or the other. use them both and draw your own conclusions.
What works for you is obviously the best solution (more clues on request)
I used a mixed system for a while.
People persuing some war for against a distro or a way of using your computer are conflict based.
If it works - use it..
-
Bruce B
John Doe,
Thanks for the detailed and thoughtful replies.
As you can see it's been so long since I've worked seriously with Windows and I've not even dealt with XP to any noteworthy extent, I need a primer in certain areas. By the way, I have XP it came with a computer purchase. I have more computers than I've counted.
In other areas, I am on top of things because I read IT articles a lot.
------------------------
For the balance of this post, I'll present some random thoughts about spyware, monitoring unwanted outbound and whatever comes to mind. I'm tired so please don't expect quality writing.
Originally the concept of a firewall was controlling unwanted inbound. That was before the reality of the computer software betraying you from the inside.
All outbound computer connections happen by way of IP address there is no other way.
Anyone writing badware either has to have the IP address in the badware or get the address on a name lookup (DNS query)
The query is the most common way for any type of application. The domain name is a stable that can be moved to various servers and get the address to accompany the move. If the software is written to get home by IP address that software has lost all phone home ability if the address changes.
Moral to the paragraph is: Monitoring DNS lookups will catch 90% if not more of the outbound attempts.
I can't remember in spyware using direct IP connections. But I am aware of the possibility and because of that monitoring DNS queries is short of perfect, even though in experience it is perfect.
We could run a port scan on our computer and scan all 65,535 ports to see if anything is bound to or listening on. This could help locate trojans, which I classify differently than spyware.
Spyware doesn't usually bind to a port, but works on triggered events. But again the dns query catches them.
The software firewall should be one that has a default of everything is forbidden unless specifically allowed.
The specificity is protocol types, ip address range, ports, application, in bound and outbound, with alerts for each time something is attempted which is not defined.
With a web browser you have to allow it unfettered access to at least port 80 on any IP address. This is a serious breach if you allow the Internet Explorer this permission. The reason why is it is designed to host other applications without knowing if the hosted application is a good guy or a bad guy.
The other day a brother of mine called me and said he was bothered because he's been testing an application that demonstrates it can slip past the firewall.
No way.
Way!
Okay, lets fix it. Go into your Internet Explorer settings and set it up to use a proxy server that doesn't exist.
Retest the application. On retest it failed every single time to complete its series of tests.
I tell him, all that is happening here is this software that demonstrates your firewall doesn't work is using Internet Explorer hooks. The Explorer is allowed access and the tests by-pass the firewall checks because you have given the Explorer permission.
By giving the IE false information about how to connect it doesn't know and neither do the applications using its 'features'.
The problems with the IE is not just ActiveX and scripting, it's also the hosting features.
Thus far we covered monitoring DNS queries, monitoring and controlling with good firewall and problems with IE.
Next is the browser. Don't give the trusted browser any Internet access permission. It only has permission to access your proxy server.
The proxy server is what handles everything between the browser and the Internet.
Among other things, it logs every single connection made, type of connection GET, POST, CONNECT, time, error codes, data size, full URL.
Now you know.
Set it up for real time visual feedback on the DNS queries.
Firewall alerts and logging of all Internet Explorer activity.
Firewall alerts and logging of any activity you didn't specifically allow.
Detailed logs of your browsing activity.
That was all in the good old days.
---------------------
Now I just run Linux and I'm prudent in my use of connectivity applications. If I suspect anything, I'll be on top of it.
If anyone read through all this, thank you.
Bruce
Thanks for the detailed and thoughtful replies.
As you can see it's been so long since I've worked seriously with Windows and I've not even dealt with XP to any noteworthy extent, I need a primer in certain areas. By the way, I have XP it came with a computer purchase. I have more computers than I've counted.
In other areas, I am on top of things because I read IT articles a lot.
------------------------
For the balance of this post, I'll present some random thoughts about spyware, monitoring unwanted outbound and whatever comes to mind. I'm tired so please don't expect quality writing.
Originally the concept of a firewall was controlling unwanted inbound. That was before the reality of the computer software betraying you from the inside.
All outbound computer connections happen by way of IP address there is no other way.
Anyone writing badware either has to have the IP address in the badware or get the address on a name lookup (DNS query)
The query is the most common way for any type of application. The domain name is a stable that can be moved to various servers and get the address to accompany the move. If the software is written to get home by IP address that software has lost all phone home ability if the address changes.
Moral to the paragraph is: Monitoring DNS lookups will catch 90% if not more of the outbound attempts.
I can't remember in spyware using direct IP connections. But I am aware of the possibility and because of that monitoring DNS queries is short of perfect, even though in experience it is perfect.
We could run a port scan on our computer and scan all 65,535 ports to see if anything is bound to or listening on. This could help locate trojans, which I classify differently than spyware.
Spyware doesn't usually bind to a port, but works on triggered events. But again the dns query catches them.
The software firewall should be one that has a default of everything is forbidden unless specifically allowed.
The specificity is protocol types, ip address range, ports, application, in bound and outbound, with alerts for each time something is attempted which is not defined.
With a web browser you have to allow it unfettered access to at least port 80 on any IP address. This is a serious breach if you allow the Internet Explorer this permission. The reason why is it is designed to host other applications without knowing if the hosted application is a good guy or a bad guy.
The other day a brother of mine called me and said he was bothered because he's been testing an application that demonstrates it can slip past the firewall.
No way.
Way!
Okay, lets fix it. Go into your Internet Explorer settings and set it up to use a proxy server that doesn't exist.
Retest the application. On retest it failed every single time to complete its series of tests.
I tell him, all that is happening here is this software that demonstrates your firewall doesn't work is using Internet Explorer hooks. The Explorer is allowed access and the tests by-pass the firewall checks because you have given the Explorer permission.
By giving the IE false information about how to connect it doesn't know and neither do the applications using its 'features'.
The problems with the IE is not just ActiveX and scripting, it's also the hosting features.
Thus far we covered monitoring DNS queries, monitoring and controlling with good firewall and problems with IE.
Next is the browser. Don't give the trusted browser any Internet access permission. It only has permission to access your proxy server.
The proxy server is what handles everything between the browser and the Internet.
Among other things, it logs every single connection made, type of connection GET, POST, CONNECT, time, error codes, data size, full URL.
Now you know.
Set it up for real time visual feedback on the DNS queries.
Firewall alerts and logging of all Internet Explorer activity.
Firewall alerts and logging of any activity you didn't specifically allow.
Detailed logs of your browsing activity.
That was all in the good old days.
---------------------
Now I just run Linux and I'm prudent in my use of connectivity applications. If I suspect anything, I'll be on top of it.
If anyone read through all this, thank you.
Bruce