[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Regarding a recent virus that reached my Radsafers address



Franz (and the list):



I reject your petulant posturing that you can buy a PC, connect to the

internet, and have no responsibility to the others on the net. Given your

premise, you can buy a car and do whatever you like. No responsibility for

following traffic laws, and no responsibility towards others using the road.

Do you feel the same way about firearms?



YOU CAN DO ANYTHING YOU WANT WITH YOUR PC, BUT ONCE YOU HAVE AN INTERNET

CONNECTION, YOU AFFECT ME, AND YOU HAVE A RESPONSIBILITY TO ACT TO PREVENT

YOURSELF FROM SPREADING MALICIOUS CODE. I don't care what happens to your

computer, only to mine. That includes becoming part of the attacks on

internet services through letting your computer be used as a covert server

for a hacker somewhere else in the world.



Maybe Code Red only affects certain systems (2000, NT), but the much more

damaging Sircam affects any Windows(r) system. Some even attack Macintosh

systems.



In a perfect world, Microsoft, AOL, AT&T, Excite, and all the others would

be suppliers of perfect products, and there would be no cretins who decide

to make mischief on the net. We are not in a perfect world, and safe

computing is up to us. If all computers had basic security--a good firewall

and an always scanning malicious code (virus, Trojan, worm, etc) detector,

the problems we see would not be anywhere near the severity we experience.

You are correct to want Microsoft to build these into Windows(r), but

wouldn't that make them more vulnerable to the anti-trust litigation

currently underway? You're on your own after whatever Microsoft delivers.



First off, Steve Gibson is one of the world's recognized experts on computer

security. He is the one Yahoo turned to for news on the actual effects of

Code Red and Sircam. Please note that many of the useful utilities are FREE.

You are correct, there is not a direct link to:

http://www.ZoneLabs.com



on the first page. For those who are not convinced that they want a

firewall, there is a plethora of information on security, and a series of te

sts that can be run on your computer without compromising any information

stored on your computer. I hope your computer would come up stealth in all

categories, and pass the leak test showing you have an effective firewall.

Actually, I am more concerned that you pass the leak test, because that is

how you will affect my computer. I am safe from intrusion that I do not

allow. I am not safe from email and other sources of malicious code except

for Norton Antivirus fully enabled and occasional scanning by an on-line

virus scanner at McCaffee.



Since it only reports YOUR activities if you have any spyware hidden in your

computer (RealNetworks or Godzilla have this built in), I am not concerned

for YOUR computer, but for myself, I value my privacy and security.

Therefore I have also installed LavaSoft's AdAware software and regularly

scan for things like Auriate and Double-Click which report my activities.



Franz, did you note that there were no cookies installed on your computer

from grc? At least I hope you do not accept all cookies offered without

setting your browser to give at least a security warning.



I have been a member of the grc mailing list for a couple of years, and

except for a few messages (it's not a regularly published newsletter), have

never received anything from grc.





 Note, for those interested, there is a paper on preventing

Denial-of-Service attacks that states all intellectual property in the

article is placed in the public domain. I am an intermediate computer user,

and was able to follow his discussion. I wonder why MSN, AOL, and all the

other big ISPs, the White House, the Pentagon, and all other sensitive

locations did not follow his advice. It only involves reprogramming how

requests for connection are handled.



Of course, there are some products on the site. However, nothing that a

personal user needs to check security and learn about firewalls is fee

based. The reviews are accurate and responses from the manufacturers or

vendors are also given.



For those who want even more security, there are step-by-step instructions

on how to make Windows(r) even more secure by changing some of the bindings

in the network properties. Yes, these might be considered advanced, however

the instructions are so clear that I expect any user who sets preferences

and customizes software can follow them without problem.



Yours for safe computing while pursuing my radiation safety consulting.



Michael Kay, ScD, CHMM

makay43@home.com









----- Original Message -----

From: "Franz Schoenhofer" <franz.schoenhofer@chello.at>

To: "Michael Kay" <makay43@HOME.COM>; "Bjorn Cedervall"

<bcradsafers@HOTMAIL.COM>; <radsafe@list.vanderbilt.edu>

Sent: Sunday, August 12, 2001 12:29 PM

Subject: Re: Regarding a recent virus that reached my Radsafers address





>

> Private:

> Franz Schoenhofer

> Habicherg. 31/7

> A-1160 Vienna, AUSTRIA

> Phone: -43 699 11681319

> e-mail: franz.schoenhofer@chello.at

>

> Office:

> MR Dr. Franz Schoenhofer

> Federal Ministry for Agriculture, Forestry, Environment and Water

Management

> Dep. I/8U, Radiation Protection

> Radetzkystr. 2

> A-1031 Vienna, AUSTRIA

> phone: +43-1-71100-4458

> fax: +43-1-7122331

> e-mail: franz.schoenhofer@bmu.gv.at

>

>

>

> -----Ursprüngliche Nachricht-----

> Von: Michael Kay <makay43@HOME.COM>

> An: Bjorn Cedervall <bcradsafers@HOTMAIL.COM>; radsafe@list.vanderbilt.edu

> <radsafe@list.vanderbilt.edu>

> Datum: Sonntag, 12. August 2001 00:57

> Betreff: Re: Regarding a recent virus that reached my Radsafers address

>

>

> >I think it appropriate to send this off topic message in light of the

> >severity of recent malicious code attacks on Radsafe and email in

general.

> >

>

> >To become educated and get a link to the best, FREE, firewall go to

> >http://www.grc.com

>

>

>

> I visited this site, but - contrary to you - I could not find a link to a

> free firewall.

>

> I am far from being a computer expert, but what I understand from this

site,

> is that there are a lot of bombastic descriptions, which supposedly only

> computer professionals understand - if at all, The final aim seems to have

> readers lured to provide their e-mail addresses to receive "information"

and

> to buy products.

>

> To have a PC, an internet connection and an e-mail address cannot result

in

> having the obligation to become a (pseudo) computer specialist, who

> constantly has to check dozens of sites and journals to find out about the

> latest worm, trojan horse or virus and to either buy or download new

> software. In the case of this "RED"-worm, which only infects users of

> Windows 2000 and Windows NT I just wonder, why one has to register for

that.

> Should not Microsoft inform all those, who registered, about the problems

> and provide them instantly with anti-worm software? The ones, who have not

> registered, because they have the software from piracy: It would be their

> problem they have to struggle with.

>

> The topic is maybe not so much off topic. I see a similar method as it is

> used with "radioactivity": First you scare people and then you sell the

> remidy.

>

> Franz

>

>

>

>



************************************************************************

You are currently subscribed to the Radsafe mailing list. To unsubscribe,

send an e-mail to Majordomo@list.vanderbilt.edu  Put the text "unsubscribe

radsafe" (no quote marks) in the body of the e-mail, with no subject line.