Re: Alerting - Malicious software removal tool

Leythos wrote:
In article <ggpfj0$h6h$1@xxxxxxxxxxxxxxxxxxx>, notvalid@xxxxxxxxxxxxxxx says...
Leythos wrote:
In article <2587A271-ED15-49A5-A39F-556393F20D68@xxxxxxxxxxxxx>, steve.riley@xxxxxxxxxxxxx says...
Meanwhile, the customers I consult with are grateful for this tool. The CSOs and CTOs and security architects I work with around the world, who represent several million client computers, have commented that the MSRT is one of the most responsible things they've seen us do -- in addition to all the work we've done to improve the quality of Windows. Plus, much of what the MSRT removes are worms that exploit vulnerabilities in humans, not vulnerabilities in the software -- even a perfect operating system (which is impossible to build) can't protect itself from that.
Steve, you wrote that "CSO's and CTO's.... 'commented that the MSRT is one of the most responsible things they've seen us do..."

I agree, it's great that you, Microsoft, put out a tool to clean malware off your OS that you have spend years not securing against that malware.
The big problem is the users, they want to be connected but don't understand the risks. And some businesses choose to ignore them.

The end users just want a machine that is cheap and works, they really don't want to pay a premium.

Otherwise they would either learn or pay someone else to admin the box

The malware protection companies are no better because they really don't provide much informatin past the marketing spew

I think the issue is more two issues:

1) Insecure OS that hasn't fixed the problems because MS is afraid they will take a hit (sales) if they don't support older applications, so they keep producing an OS/Versions that have the same fatal flaw.

2) Users that think of computers as appliances.

With that in mind, why shouldn't users think of their computers as appliances? If the OS was secure it would be just another appliance.


Don't get me wrong, I own a company that is a MS partner, sells MS based solutions, never had a compromised computer on any of our customers networks, and I've been doing this since the late 70's.
[snip]
I'll give you an example of what happens to many HOME users - a nice
[snip]
I got the computer back in two weeks, hosed again. The "Mom" had let the kid use the administrator account because he could not get his "Games" to run under his account, etc.... Needless to say, it was compromised again in less than two weeks because the OS, using MS Suggested High-
Security settings would not provide the user with what they needed to run the programs that they wanted to use while protecting them from malware.
You had a user bypass the security, can't really blame MS for this one unless it was an MS game

User "Didn't bypass" security, they used the computer in a normal manner. It's normal to install applications as Administrator, and it's "normal" to run many applications as Administrator since they won't run as a limited user.

So, again, the flaw is in the OS, allowing itself to be compromised.


But if the individual is running as root/admin privs then they must accept some level of responsibility.

Though I do agree MS does have some level of responsibility mostly by ommision not making it clear to the new user where they could be vulnerable.

The other software manufacturers should also bear part of the blame for not properly configuring their programs to run with an appropriate level of privileges.

John









<snip>
.

Relevant Pages

  • Re: Is MSIE dead as a browser - if Microsoft does not patch it then it is as far as I am concerned!
    ... it has to do only with ultimate responsibility. ... might not know better when it comes to doing timely security updates, ... Most malware uses some sort of buffer overflow exploit. ... How many patches will it take to make my XP OX as secure as my ...
    (microsoft.public.security.virus)
  • Re: Alerting - Malicious software removal tool
    ... much of what the MSRT ... I agree, it's great that you, Microsoft, put out a tool to clean malware ... Users that think of computers as appliances. ... Security settings would not provide the user with what they needed to ...
    (microsoft.public.security.virus)
  • Re: Pentester convicted..
    ... and thus politely forcing them take responsibility for the protection of privacy of the data they carry. ... and ignored the first 2 reports. ... A security pro notices a flaw, checks to make sure he is not on crack ... Download FREE whitepaper on how a managed service ...
    (Pen-Test)
  • Re: Windows Security Center damaged
    ... This one runs four different "command-line" scanners, ... In the Security Center, ... I'm sure that some malware caused that ... ETrust Internet Security Suite includes a firewall. ...
    (microsoft.public.windowsxp.security_admin)
  • RE: [Full-Disclosure] Insecurity in Finnish parlament (computers)
    ... > It is unlikely that all the computers have the same security ... > (both in TeliaSonera and in our parlament). ... Red herring. ...
    (Full-Disclosure)