Thread: computer clocks
View Single Post
  #49   Report Post  
John Rumm
 
Posts: n/a
Default
Mary Fisher wrote:

If anyone is tempted by these applications, where are they obtained, how
much do they cost, how are they installed ... etc.

The simplest to get on with would be Thunderbird:

http://www.mozilla.org/products/thunderbird/

Click the download link, run the setup program when done, and then
configure much like you would OE.

The Bat - easy to setup and use - can also do the MS Exchange
integration that usually requires Outlook:

http://www.ritlabs.com/en/products/

Forte Agent - a google will turn up loads of versions, but here is one:

http://www.forteinc.com/main/homepage.php

Tin (not recommended for newbies) in its original versions can be found
he

http://www.tin.org/
And a windows port he
http://two-wugs.net/wintin/

Then people have to learn new skills ...

To some degree yes. In the case of Thunderbird then not many.

It does, alas many do not even read the suggestions (e.g. the recent very
sensible change to turn on the firewall in XP SP2 by default. This was
necessary simply because the majority of users did not bother to enable it
even though it was installed and ready to go).


So you're suggesting applications which don't suggest that users think for
themselves?

I am not suggesting that users don't think for themselves, but at the
same time I do not believe that this is an acceptable get out for
software writers to ship fundamentally insecure products. Now MS have
started to take these issues more seriously, some of their choices with
regard to which default options they use, have been better. However even
their best efforts with WinXP SP2 ("the best windows yet" TM MS) still
fall way short.

It is a big problem, computer security is as you say a boring, techy,
and a very complex subject. You are not going to force many people to
learn about it. Personally I don't like applications that take control
away, and make arbitrary decisions for me. However I also accept that
for some, applications of this type are the only way they will be
moderately safe.

I've been using internet for a few years and have never seen a preview pan.
I've only heard about them from people who've droned on boringly (!) about
how wonderful they are. I've never a) understood why or b) been tempted to
try to discover how to do it. But all these folk have not been OE users,
they've been telling me about preview panes as one of the refinements of
their own systems.

The preview pane is by default "on" in OE and Outlook - it is the
standard UI. (Look at the View | Layout... menu option). Many people
like it because it makes reading emails/news quick and easy - click on
the message title, and the message is displayed.

The weakness is that if you have a message that is obviously spam /
dodgy, there is no easy way to select it for deletion without it also
being previewed.

The following does indeed explain what I suppose you meant but if you look
at your sentence - in innocence as it were - I think you might be puzzled
too.

Yup, I accept that. It is always difficult to know where to pitch
comments like that, and what level of background knowledge to assume.

Yes. Fortunately the companies I deal with on-line are extremely security
aware. I've reported several spoofs. I think this is important but it's
surprising how may people complain about them yet do nothing.

Alas it is not always that simple. Try this quiz:-

http://survey.mailfrontier.com/survey/quiztest.html

That's the key word. Computer users should be educated to safeguard their
pcs. But they won't. You can't expect the software producers to give 100%
protection, users have a responsibility.

I agree. Software producers can't assume full responsibility, although
you may feel they do have some responsibility to at least release
software that is not a walking security exploit.

However who's job is it to do this education?

Compare the situation with car drivers. They are, in theory, taught the
legal and safe way to drive. Very many think they know better and that they
don't need to follow the guidelines. If they have an accident the car
manufacturers can't be blamed.

There is difference here. You are required by law to pass a test and
obtain certification before your drive. You are also required to carry
insurance to protect third parties, and you are also required to have
your vehicle periodically inspected (after three years) to verify it is
not dangerous.

The same can not be said for being charmed by the PC world salesman who
will explain how you can be "on the internet in ten minutes" with "no
training or previous experience".

4) Trojan diallers, another common technique it to compromise dial up
users so that there normal ISP connection is surreptitiously replaced with
a ISP service operating on a premium rate phone number. I have had a
couple of customers recently who had unexpected phone bills of several
hundred pounds more than they were expecting as a result of this.


I've heard of this and while I'm not smug I'm pleased to have broadband. But
that won't be safe forever. Nothing is.

You are safer in that respect, especially if your computers modem (if it
has one) is not connected to the phone line. Chances are you would
notice the reduction in performance if you suddenly got thrown back to
dial up ;-) At the same time because of your permanent connection to the
net, your computer is a much prised target for just that reason.

Many of these activities can carry on undetected for months unless
something happens to draw the users attention to the matter. Typically
this is when too the computer gets compromised by too many separate
threats and is devoting so many of its resources to running these, it no
longer does what it's owner wants or expects. Alternatively some other
problem like a browser hijack forces the owner to attempt to scan and
remove the problem, and they stumble over the other stuff as well.


That's why a user should keep a pc clean. My computer is cleaner than my
house ... !

Out of interest, how did you learn about these issues? How do you select
what software you are going to run to scan for spyware etc?

Pretty much all the email worms and viruses that I receive have at some
time been propagated as a result of a someone using IE/OE.


Pretty much isn't exclusive.

Never suggested it was.

The few nasties that get as far as the computer run into a compatibility
problem, in that the (Non PC, MS, or Intel) email system is not compatible
with them!


I don't understand that - but I'm willing to be instructed.

My email system is not PC compatible, and does not run PC software, and
hence by extension PC targeted malware. This alone would not be good
security (i.e. it is just an example of "security by obscurity") but as
a final line of defence it helps.

Every customer I go to see, who is complaining that their computer is
running slowly or misbehaving in some other way, has a machine loaded
with spyware and trojans that have arrived as a result of a lack of
attention to detail on their part, coupled with use of IE/OE. It is
sometimes difficult to get their attention, but you can change their
software!


Can't you educate them? Or is it in your interest to change their software?

Education, depends on the willingness of the customer to a large extent.
Some take the issues seriously and are keen to do what they can. Those
are easy. Some can't resist clicking on every link in every interesting
sounding email they receive! Most are somewhere in the middle ground.

It is in my interest to keep them safe by whatever means are most
appropriate in the circumstance. That way I get fewer support calls, and
more recommendations.

We publish a few tips on our web site that can help:

http://www.internode.co.uk/qna_internet.htm

We also try to guide people toward using a router for broadband access:

http://www.internode.co.uk/service_homeadsl.htm

You also have to be aware that an unpatched Win2K / XP system can get
compromised just being connected to the internet with no firewall. This is
irrespective of any software that runs on top for email/web access.


That's what firewalls are for ...

But how so you download one safely on a Win2K system?

Or even in Basildon.

shivers don't use that word.... used to work there once!


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/
Reply With QuoteReply With Quote