.
As a less sophisticated user than I wish I were, there is something I have wondered about. Why is it that info from 'security experts' is so seemingly poor? Why is it not common that we have accurate information about what our computers have connected to? How is it that software could run on our machnes wihout permission? Why is it not easy to check our services/tasks against a database of known problem-software or to highlight different-than-usual activity? It seems incredible to me that a computer can run as a slave of some evil entity for months, but has no clue it is being used that way. Why, after all this time and zillions of hours of expert activity, are our computers and other devices so abjectly LAME?! Who does that serve?
I remember years ago when I used Norton there was an issue on my machine of Norton code being corrupted by something, but it was unable to protect or correct itself. I was up to me, the user, to deal with that, but I thought that security software that couldn't even protect itself was not very impressive.
.
Your thoughts on privacy?
-
- Posts: 3906
- Joined: Jan 01, 2009 7:03
- Location: Australia
Re: Your thoughts on privacy?
Something that I can't understand either. Why can't we monitor the internet portal? Maybe a hardware interface between incoming wireless or usb ports depending on how you are connected to the internet. Up pops a window saying updates are being downloaded and/or installed which could for all intense and purposes be a lie. I wonder how much of that stuff is just a con to make you feel safe without actually being safe. Why can't we actually physically observe what is being uploaded from our computer and where it is going and also observe what is being downloaded to our computers and where it has come from!! I know enough about interfacing to know it is possible having linked computers in ye olden days via the parallel port with my own hand shaking routines.Quark wrote:. Why is it not common that we have accurate information about what our computers have connected to? .
Re: Your thoughts on privacy?
It is quite possible to sniff the interfaces and see the packets flowing across, even on Android. Sorting out legit traffic from questionable traffic does prove harder as the amount of traffic goes up. Sorting that traffic by app is possible but just takes a bit more work (packet tagging, etc). Now a rootkit can hide traffic from the sniffers. But it is certainly possible to see where your traffic is going, if you have enough patience. On Linux one good tool is EtherApe. This tools shows a real-time graph of destinations, bandwidth and protocol.
And not matter how much malware tries to hide network traffic, I can always stick a computer between the machine in question and the rest of the network and, using transparent network bridging, pass the traffic through while examining it. You could run a standard intrusion detection program like Snort on this bridge and get a pretty good idea of potential threats, at least ones that are already known.
Computer security is not as poor as you make it out to be. Securing individual Windows computers may be difficult for mere mortals (and the security programs make it worse often), but certainly a controlled network can be locked down. I've certainly done it before as part of my job. Keeping Windows from being taken over by malware was always a challenge; until relatively recently, Windows certainly didn't do much to stop it or limit the capabilities of running programs.
The weakest link in the whole endeavor of privacy and computer security is the person behind the keyboard. Even the smartest people can be manipulated by clever perpetrators. And the most secure OS's can be compromised by these techniques. To that end the only way to have total privacy is to keep the computer unplugged from any network, the speaker wires cut, and the power cord removed. Oh and the hard drive run through a wood chipper. But you can do a lot to maintain a reasonable amount of privacy and security. I understand the mathematical theories behind encryption and despite everything the NSA has done and does, strong encryption is still your best privacy defense.
And not matter how much malware tries to hide network traffic, I can always stick a computer between the machine in question and the rest of the network and, using transparent network bridging, pass the traffic through while examining it. You could run a standard intrusion detection program like Snort on this bridge and get a pretty good idea of potential threats, at least ones that are already known.
Computer security is not as poor as you make it out to be. Securing individual Windows computers may be difficult for mere mortals (and the security programs make it worse often), but certainly a controlled network can be locked down. I've certainly done it before as part of my job. Keeping Windows from being taken over by malware was always a challenge; until relatively recently, Windows certainly didn't do much to stop it or limit the capabilities of running programs.
The weakest link in the whole endeavor of privacy and computer security is the person behind the keyboard. Even the smartest people can be manipulated by clever perpetrators. And the most secure OS's can be compromised by these techniques. To that end the only way to have total privacy is to keep the computer unplugged from any network, the speaker wires cut, and the power cord removed. Oh and the hard drive run through a wood chipper. But you can do a lot to maintain a reasonable amount of privacy and security. I understand the mathematical theories behind encryption and despite everything the NSA has done and does, strong encryption is still your best privacy defense.
Re: Your thoughts on privacy?
I think we are seeing a Moore's Law type of increase in the the range and sophistication of aggressive information gathering on the internet. There is some talk that hard drive firmware has been hacked as well. As I said before the Internet may become unuseable for business etc. It is all a very dirty business and puts anyone who uses the internet is a totally weird situation. I guess the only response is to just use computers for media consumption and if you want to do technical things then maybe analog electronic would be good, or go get some oil paints or whatever. That's the way it's going as far as I am concerned. I'm very close to having a permanent decision about it myself.
Re: Your thoughts on privacy?
ref Why can't we actually physically observe what is being uploaded from our computer and where it is going and also observe what is being downloaded to our computers and where it has come from!!
That's the best question ive heard asked by anyone anywhere in a very long time !
Start, control panel, what has your computer been up to / is doing right now with someone else's / and more importantly why !
That's the best question ive heard asked by anyone anywhere in a very long time !
Start, control panel, what has your computer been up to / is doing right now with someone else's / and more importantly why !
Re: Your thoughts on privacy?
.
I'm pleased that this thread has not completely faded. There has been a level of heart-felt concern in the responses that goes to the core of things for computer-users and programmers.
While we as programmers may just want to forget the world's problems and focus on the useful, the creative, even the entertaining side of things, in the background there is the real threat of identity theft, zombie computers, automated spying. How much energy must we give to paranoia and how much left will there be fot the good stuff? Who can we really trust?
Meanwhile, let the programmers give each other tools to protect their computers.
I'm pleased that this thread has not completely faded. There has been a level of heart-felt concern in the responses that goes to the core of things for computer-users and programmers.
While we as programmers may just want to forget the world's problems and focus on the useful, the creative, even the entertaining side of things, in the background there is the real threat of identity theft, zombie computers, automated spying. How much energy must we give to paranoia and how much left will there be fot the good stuff? Who can we really trust?
Meanwhile, let the programmers give each other tools to protect their computers.
Re: Your thoughts on privacy?
But if you read Snowden files, when program crashes and you are asked to send info to Msft it does not really send any info about crash, but stealing your private dataStart, control panel, what has your computer been up to / is doing right now with someone else's / and more importantly why !