[wplug] Windows - Is this happening to you too?

[A. McCullough]

Bill Moran wrote:

> I don't believe this for a second.  I use XP on one of the computers I use
here
> at the office, and I do quite a bit of recreational browsing on it as well,
yet
> have _never_ gotten any spy/adware.

Then you're truly one of the few lucky Windows users on the planet.

> I can only assume that folks do things that they _think_ are "just visiting a
> page" and install the junk.  Either that, or they're just too embarrassed by
> what they do online to admit it.

These days all you need to do is be able to get HTML mail in your email program
and you can be just as nailed as if you downloaded the crap. The second you open
a "nastygram" like that you can have downloaded something and not know it. Yes,
I know you can configure your email program (even Outlook Express) to show you
just the headers and not the full email, but seriously, how many people do that?

> AV software doesn't recognize or prevent ANY adware.  I have theories as to
why
> this is so, but no proof.

I didn't say it was to prevent adware. What I was trying to point out is that in
addition to the usual spyware/adware there is a nasty new Windows exploit that
software such as antivirals, adware removers, and firewalls don't yet recognize.
My point was Windows' vulnerabilities in general.

> Does he?  Most people I talk to who _think_ they have a firewall only have a
nat
> box.  nat is not security.  Even if he _does_ have a firewall, if it's in the
> default config, it's not any protection against adware.

I also didn't say it was a hardware firewall. He's running ZoneAlarm Pro. I'll
admit this may not be the most effective solution, but it's another piece of the
protection armor nonetheless. While it's set to block most forms of mobile code
(Javascript, activeX, etc.) it doesn't know about stopping .chm files. Nor does
the antivirals or adblockers.

> In my experience, various adware blockers will block _some_ adware, but not
all.

This is unfortunately true, and partially for the same reason you can run an
antiviral and still catch a virus. New stuff comes out all the time and without
the proper definitions your programs can miss stuff. The other thing is that
even the best antiviral programs reviewed out there don't have a 100% detection
rate, and the best adware programs are lucky if they approach a 70% detection
rate

> True, and I'll be able to say something similar to what I said about Windows:
> properly secure the box and educate users and the incidence will go down
> dramatically.

You've said something which may be impossible - "educate users". There will
always be folks who barely know how to get dressed in the morning but still run
computers :)

> If Microsoft were smart, they wouldn't have ANY root account on Win XP.
They'd
> just have a security technique where attempting to do anything that required
> admin privvies would popup a warning box that alerted the user to potential
> danger and asked for the admin password.  They sort of do this now, except
they
> missed the critical other side to it ... not letting users run with admin
> privvies all the time.

True again. But this IS Microsoft you're talking about :)

Cheers,
Anna