|
|
|
|
 | |
The following is reprinted from Gizmodo Richards' Tech Support Alert Newsletter. (With the kind permissions of the author and Gizmos' Newsletter.) The author of this delightful and insightful rant, er piece, is a dog fancier, and I could go on and on and on about him except that's all I know.... Enjoy. Computer Security - the Long and Winding Road An Aussie user's stubborn struggle for sensible security Protection is a thriving business and still we hear security experts complain that we dumb users don't take the dire threats that face us seriously enough. They say things like: The most common cause of an accident is the nut behind the wheel. As a user, I can tell you what it's like behind the wheel and why some of us have given security away as all too hard. There's also a whiff of suspicion on our side that the threats are hyped up, that the WMD don't really exist and that fear is driven into our hearts to make us buy more protection. I rely on my desktop and laptop for work so security is a serious issue, but I can tell you that it's been a bad trip on a bumpy road to find decent protection that's easy to live with. Norton Nonsense My first experience was with Norton Antivirus a few years ago, after I upgraded from a Mac to a PC, a move I now regret. I have friends with Macs who smirk and gloat a lot when the subject of malware comes up. Installing Norton was a little like hiring the mafia to protect your shop in the bad old days of the Bronx. The body guard I ended up with made all kinds of demands, turned my house upside down, took over my phone line to get orders from head office and insisted on checking everything I mailed out, despite declaring the contents of my house clean after exhaustive inspections. I adjusted my working life to accommodate Norton – what else could I do? I needed protection and I'd paid good money for it. When it was time to renew the contract, the mafia made me an offer I couldn't refuse: more protection. I opted for the bundle with the works (NIS), a 70mb download that took over two hours to trickle down my dial-up line. It popped an icon on my desktop but when I double-clicked on it, nothing happened. The little lump just sat there and sulked, no matter how hard I clicked or how loud I screamed at it. I got on the phone to Symantec Support and, after waiting in the queue for a while, a cheerful fellow in Pakistan told me very politely that something must have gone very, very wrong with the download and that I had to do it again. He wished me better luck this time. I ended up yelling at him but he remained impeccably polite. I didn't have time to jump through the hoops again so I called a computer guru a tennis friend recommended. He came the next day, big guy with a baseball cap on his head and an enormous watch on his wrist. He listened to my tale of woes, fiddled with the Norton icon on the desktop, shook his head, opened Windows Explorer, found the installer.exe file and coaxed it into life. The rest was the usual Norton merry-go-round of downloading the latest updates, rebooting and the rest. He gave me instructions on how to set the thing up, pocketed his $75 and left. That was almost as much as the upgrade cost me. Norton turns Noxious New Norton brought two of his mates, Firewall and Spam Filter, and I found myself running into them at every turn of the dial-up connection. They told me to turn XP's firewall off but when I tried to do that, big M got really shitty and flashed red alerts and warning signs at me like those on the freeway that say: Go Back, You're Going The Wrong Way, you Moron. I sat there in a cold sweat, my fingers trembling over the mouse. Will I or won't I? Norton said there could be a serious conflict – is that what they mean by deadly embrace? Two firewalls colliding? The new guys Norton brought with him weren't very bright, it turned out. Firewall even stopped apps like Internet Explorer from accessing to the net. I took me hours to acquaint him with the facts of life, while his sidekick Spam was busy creating chaos in Outlook. He threw emails from trusted friends into the Spam folder and others into the Junk folder. Real spam still got through, mails offering me cheap Viagra and penis enlargements. How do they know ...? Spam Filter had to go. What was the point of having him check all the emails when I had to check that he did it right? And he was as slow as an old clerk with eyeshades and sleeve protectors. He kicked up a big fuss but I put my foot down and chucked him out. His boss yelled at me; Firewall didn't seem to care. I tried to get on with my work but with Norton's heavies in the backseat my PC had become a slug to drive. Norton's big updates also competed with M doing the same thing whenever I was online. It was like watching two bodybuilders trying to squeeze through the eye of a needle. While they were at it, me and my work didn't get a look in. The empire strikes back They say viruses can bring your PC to a grinding halt but Norton did a pretty good job on his own, insisting on scanning every document I opened even offline. The mafia was making my life a misery and I didn't like it. As I thought back to the simple life I once led, my PC started crashing. I'd be typing away and a message would pop up saying: Word has encountered a problem and needs to close. Sorry about the inconvenience. Then I started getting a message announcing that the system had recovered from a serious error. I called my guru and told him what was happening. He said it was a virus. I said it couldn't be with the mafia in charge of security. He said: could be spyware or a Trojan – Norton doesn't see those guys. I used to think spies worked for the CIA and Trojans were the people of ancient Troy. The guru came and installed Spybot on my machine and told me to run a full scan. I did that but the little bot found nothing. When I phoned my guru with that news he asked how much memory I had in my system. 128mb, I answered. That could be the reason for the crashes, he said: not enough memory for the apps I was running. He offered to install another 128mb and I agreed, thinking it would ease the load. It didn't have much impact on performance and it didn't stop the crashes. I took the machine to another guru's shop a suburb away for a second opinion. He listened to my tale of woes, nodded sagely and said: it's a virus. I shook my head and left it with him, thinking viruses must be the flavour of the month. It took a few days to fix and it turned out to be a corroded motherboard, not a virus. The joys of living by the sea ... This was when I began to wonder if this whole virus thing was just a ruse to suck us mug punters into buying more software. Still, I ended up with an upgraded computer and 512mb of memory – the second guru said memory was cheap and I should grab some more. By now I knew the game Norton and Microsoft played, force-feeding my PC like a Strasbourg Goose. Rebellion Some months later, when the mafia's contract came up for renewal, I refused. I half expected their pals to come knocking on my door but Norton HQ just sent me taciturn emails. When I checked the net for more suitable security guards, I found that I wasn't the only one who'd had problems with the boys from Norton. In fact the whole world seemed to complain that Norton was hard to install, hard to update, high on interference and higher on system overhead. The only low marks were for support. One disgusted user summed it up this way: "Is there any way at all to complain to Symantec, on line or by phone?" I swapped Norton for Trend Micro's PC-cillin, but getting rid of the mafia turned out to be a struggle on an epic scale. The web is a mighty tool when you need help and I found many sites that offered step-by-step guidance. They even pointed me at programs that get rid of all the baggage the Norton left behind. But the Norton boys had the last laugh: I still have a remnant on my system, a Symantec Network Drivers Update. It's like an old stain that none of my cleaning tools can shift. Trendy Micro was easy to install and behaved like a discreet butler from day one. He had manners and understood his role in life. He also brought a firewall but didn't complain when I turned the Windows firewall back on. Peace in our time Now I had antivirus software I could live with, two firewalls that didn't make a fuss, and once a week I'd get the little SpyBot to scan for spyware. Peace returned and so did performance: tossing Norton out gave my PC a bigger shot in the arm than all those memory upgrades - I swear I heard my machine breathe a sigh of relief. Now Windows was up and running in 40 seconds from a cold start and every program I launched burst onto the screen like Jackie Chan crashes into a den of bad guys. I should've left well enough alone and enjoyed the easy ride, but I copped a bad attack of spam and wasted more time on useless spam filters. Eventually I changed my email address and the problem went away. Then I upgraded to broadband and, with the front door to my PC always open, I worried about giving the weasels out there more time to get in. From the research I did on the net it was clear that Trend-Micro's suite wasn't considered best of class, and the consensus was that SpyBot on its own wasn't enough protection against all the hijackers, keyloggers, backdoors and blended threats (think of poisoned smoothies) that faced me. I was in a quandary: the protection I had was easy to live with and I was reluctant to change that. A new battlefield A few months ago I bought a new laptop and thought it'd make a good test-bed for security software. The Dell 6400 came with a Core Duo CPU, 1GB of memory and a McAfee internet suite. Mac was a pain to set up and behaved like a close relative of the boys from Norton. I had a more fundamental pain to deal with, however: the lapdog ran like a Dachshund. It took over two minutes for Windows to come up and programs were slow to launch. I tried to get rid of all the bloatware Dell had stuffed down its throat but ended up making Windows fall over in a heap. A kind friend installed standard XP on the machine and suggested getting rid of McAfee while we were at it. Mac was almost as hard to get rid of as Norton but at last my new laptop had found its wings. Having paid for McAfee, I didn't feel like shelling out more bucks for antivirus software so I installed AVG, which I'd read good things about. And I liked their slogan: tough on viruses, easy on users. It was a cinch to set up, had the footprint of a ballerina and the weekly updates tiptoed down the line without elaborate choreography. I knew it can't quite pirouette with the best of them but it was easy on the eyes and nerves. AVG doesn't come with a firewall so I installed Comodo's latest (v2), after reading a couple of positive reviews. It had a nice interface but refused to learn despite assuring me that it was in the mood, sorry - mode. Every day it asked me the same dumb questions about every program that needed to access the internet. I tired of that so I tossed it out and went looking for a smarter firewall. I saw that Sygate had many admirers and that the company had been bought by Norton (a good sign?) so updates and support were no longer available. By now I'd learnt to muddle through on my own and that didn't worry me. In any case, firewalls aren't built against specific threats – they're more like a rabbit fence that keeps out kangaroos and dingos as well. Sygate's wall was a fast learner and made few demands on my laptop or me. It's a model of quiet efficiency. This kind of stuff is sour milk in the latte of a simple user. I have neither time nor skill to make gremlins like these go away so Ewido had to go. People said good things about Windows Defender, which surprised me until I read that it didn't come from Bloatware Inc. in Redmond. It does now and downloading it turned into an effort akin to crossing Sydney in peak-hour on a pushbike, since I run Firefox on my laptop and the big M doesn't seem to like the little M much. And big M now goes through this routine where it reaches into bowels of your computer and reads the entrails to make sure they're kosher, and it won't do that if you accessed the download site with Firefox. I still have IE on the laptop but it's broken (how that happened is another story) so using IE wasn't an option. I'd read something about an IE explorer plug-in, which I tracked down and installed without problems. But then it teased me, playing hide and seek with me, and no amount of fiddling with the link on the toolbar could coax it into action. I gave up and returned to the Microsoft site, which still insisted on reading my system's entrails. Further down the fine-print I saw another option: a validation plug-in for Firefox. Across town we went once more but that plug-in didn't work either and I was still stuck on the IE download page, Microsoft keeping the door shut and me banging my head on it. I have a stubborn streak. The more cheesed off I became, the more determined I grew not to let the sadists from Redmond defeat me. Further inspection of the fine print pointed to another validation option, which eventually produced a key I had to enter in a special box. Miracle of miracles, it worked. The big M now graciously allowed me to download IE 7 beta 3, and it installed okay. Next I downloaded Windows Defender and installed it without problems. Then I clicked on the Help menu of IE beta 3 to read up on the options for setting it up. When I tried this with beta 2, it popped up the old familiar panel telling me that IE had encountered a problem and needed to close. Like a lemming following its siblings off the cliff, IE beta 3 jumped off with the same last gasp – "sorry for the inconven ..." I was as mad as a scrub bull caught in a bog, dived straight into the Add and Remove Panel and ripped IE beta 3 out of there, having a vague recollection of reading somewhere that this desperate act brings back IE 6 by default. I got IE 6 back alright but, during all that back-and-forth, the various versions of IE must've swapped some genes because IE 6 now features the same problems as the betas I threw out. I poured myself a triple Scotch to calm down and went back to Windows Defender, which gave me no problems setting it up. It has a nice interface but it can't count: every couple of days it told me I hadn't scanned for spyware in 15 days, even when I'd run a scan the night before. A couple of weeks later it sent me an update that wouldn't install. Every time I cranked the lapdog up it would download the same update and report that it had been unsuccessfully installed. It seems the big M has taken the same high ground as Rolls-Royce – their cars don't break down but merely refuse to proceed. Turning Automatic Updates off didn't solve the problem either: every time I turned the laptop on, it told me that the same tiresome update was ready to install, and I couldn't find a way to turn this moron off. So out the Microsoft Offender went. Before that problem arose I'd installed the software on my desktop and it has caused me no problems there. You work that one out. The quest of building a good security set-up from freeware had lost its appeal. Maybe it was time to put money on the table, and if it was, I wanted the best. Gizmo gave the nod to NOD32, along with many others in the know. That it took care of both viruses and malware was attractive, after the fun and games I'd had so far. NOD32 wasn't hard to set up but there were more boxes to tick than on a population census form. If there was an auto-config option I missed it. Once that was done I hardly noticed NOD32 and the updates were just as discreet. This suite also has a tiny footprint, which is something the boys from Norton should study long and hard. Now I noticed that my desktop, which runs the same software except for Trend Micro in place of NOD32, used 420mb at idle, whereas my laptop made do with 320. I checked the Task Manager and found that Trendy Micro (2006) had put on a lot of weight in maturity: it chewed up 120mb of memory at runtime, while NOD32 got by with 20mb. And yet Trendy's weight has little impact on my desktop's performance. You work that one out. I've run some simple security tests on both my machines. Steve Gibson's port scan tells me that every single port is stealthed, and a malware test I ran produced a screen full of warning signs from my firewalls and antivirus programs. I don't doubt that there are still holes the weasels can sneak through, but I'm drawing the line there - I spend enough time every week scanning for nasties as it is. If I add rootkit revealers and CWS shredders and heaven knows what else, I won't have any time left to get my work done. I'm not about to install a VM environment and surf in a sandbox either. I found a really useful piece of software that warns me of dodgy sites: McAfee Site advisor. I only hope its traffic lights are reliable. If they are, this is the kind of software every PC company should pre-install instead of all that other garbage. Why don't the gurus who blame the nut behind the wheel lean on the manufacturers instead? To deliver operating systems that are secure in the first place; to make sure their computers work out of the box the way they should and come with software that doesn't require a PhD to install or bring PCs to their knees. Why don't they lean on the ISPs to do their share of screening out the bad guys? Why don't they talk to some users and get a reality check? (Briard has kindly forwarded this picture of a dog. I'm not sure if it's an Australian sleepdog or some other breed that looks sleepy, but there you have it. Oh, and in case you didn't know, the Australian sleepdog is a cross between a sheep and some kind of dog.)
|
| |
 |
| |
Please use our Guest Book if you have any comments or complaints. Thank You! |
| |
| [PiffleCo] [News & Rants] [Picture de la jour] [Pussy Pictures] [Computers] [References] [Norton you say?] [GuestBook] [Sweetgrass Band] |