Thursday, May 26, 2005

Security Awareness for Ma, Pa and the Corporate Clueless

Check this out: Security Awareness for Ma, Pa and the Corporate Clueless.

One thing I've often wondered, though. Is the Wintel platform really as bad as it's made out to be?

I mean, I'm a Solaris guy, and I know that Wintel is bad. It's obvious that the cost is way higher than our Sun/Solaris setup, and the reliability/availability is way lower.

But the idea that home users have to spend hours per week maintaining their PCs just sounds crazy to me.

I'll admit here that I have a PC at home. It's a reasonably modern, broadband connected PC, running Windows XP. Nothing special about the setup - it gets the latest service packs and patches applied regularly and promptly. But it has no third-party security software of any kind on it. No anti-virus, no firewall other than the basic one that XP now provides.

Is my machine infested with trojans, spyware, and virusses? I don't think so. I occasionally check, but we don't see any problems, and everything runs pretty solidly.

Am I just lucky?

Probably not. You see, there are a couple of things that I (and perforce the rest of the family) do to keep it that way.

Rule 1. No Internet Explorer. Period. Total. It's not the default browser, and everything except windows update is forced to run at the highest security setting I can think of. No icon on the desktop. Depending on personal preference, we run either netscape or firefox.

Rule 2. No email. Period. Total. You want email, you ssh into a real computer and read it from there. I'm still a ucb mail person, but the wife uses pine. Whatever, there's no chance of any garbage getting through onto the machine.

Rule 3. (OK so I can't count.) No network clients other than decent browsers and ssh. No music, chat, online services, none of that rubbish.

Given that, I've found Windows XP to be an adequate, and largely trouble-free and useable, environment.

Of course I would rather run Solaris on it, but (at least last I heard) you couldn't get Flight Simulator, Zoo Tycoon, Age of Empires, or Rise of Nations for Solaris.

1 comment:

tarpon said...

I use WinXP, and so does the family, guests and guests kids. They all have music, do plenty of downloads and emails out the wha-zoo. Heck the wife uses email as her PIM/filecab. Who knows how many photos, and from where they came, all are stored on the NAT 250GB drive(with mirror).

I have three rules, the virus checker is on, no software download and install, and they must use mozilla suite. The browser is set to dump all info when closed, and passwords are encrypted with a master password.

Sensitive files go into an encrypted directory.

My ISP does virus scan on email.

My home network has a $50 Linksys router, so I don't have to worry about ports being left open and being scanned -- I control that with the router options. We maccess the net broadband at 6Mbps.

I run a Linux server from home over's service. Server has a blog, wiki, ftp, home page, with secure directories for friends and others to use.

For the last 5 or so years I have had no issues, other than blue screens of death for who knows what reasons, and system hardware software failures.

My take, the naive get caught. mostly with IE and outlook. But they might download and install trojans which I prohit with account permissions on XP -- no one is allowed to run as admin anytime -- but me. The *Nix people have overblown the security issue, if NIXes were used by the naive, the problems would stop the world. Only Apple has a handle on naive users and NIXes.

I would take all the above precautions regardless the OS.

BTW my friends get so balled up with viruses, inspite of what I tried to do to help, that every few years they just buy a new computer and give the old one to goodwill. Virus, what's that they ask.

OpenSolaris lacks too many features to be useful for home use or even small business. Start with software install, and go from there. I just don't have time for all the jargon when the Centos RH clone has all those dialogs for easy intuitive setup and maintanence.