worldwide internet threat map

what sells is determined by the free market. In the free market, junk windo ws is what most buy. Linux does better but isn't perfect. There have been n ew OSes written from the ground up to solve the problems of linux, but with out a wide apps base they have very few followers, and with very few follow ers get little development thus few new apps.

EULA

More publicity about ms's problems would help the clueless, but no-one want s to risk being sued nor upset the profitable model.

Google blocks attempts to visit suspect sites via google searches. It's a r ather flawed system though.

NT

Reply to
tabbypurr
Loading thread data ...

I was reading this post without knowing who wrote and didn't even get halfway through before I thought, "What idiot wrote this?" I scrolled up to find... JL wrote it. Surprise!!!

Once again, showing a complete ignorance of all the issues.

"Told by an idiot, full of sound and fury, Signifying nothing."

I never realized Shakespeare had met JL.

Rick C.

Reply to
gnuarm.deletethisbit

How?

How would the delivery service identify them as infected packets?

Presumably the identification happens after they have been delivered and the malicious code has attempted to execute, thus identifying itself as malicious in the process.

If malware included a bit-string that identified it as malware, it would be rather easy to block. Real malware does seem to be a bit more subtle.

--
Bill Sloman, Sydney
Reply to
bill.sloman

I have an idea... Since the Internet is never going to dig into every pack et sent to find the ones carrying malware, maybe someone could invent softw are that will run on your own personal computer to analyze the data coming into YOUR machine (a much smaller task) to look for malware. It can self-u pdate frequently as new threats emerge and be used by many, many people spr eading the development and maintenance cost so you might only need to pay s ay, $50 a year or so.

Not sure what to call this new category of software that is anti-viruses an d other malware... what would be a good, generic name??? Hmmmm....

Rick C.

Reply to
gnuarm.deletethisbit

You are assuming that nothing can ever be done to eliminate viruses and spyware and ransomware. Starship Enterprise will be dead in space because some 3-month old Klingon kid planted a worm in the computer.

Nothing will ever change.

Got it.

Computers need hardware protection against malware. DEC did that way better than Intel. We could do it even better now.

Single-CPU solutions are difficult. We can afford lots of processors these days.

It helps to to accept that things might be possible before you invent them.

--
John Larkin         Highland Technology, Inc 

lunatic fringe electronics
 Click to see the full signature
Reply to
John Larkin

As has been pointed put, virus protection software does a pretty good job.

Probably not.

John Larkn's understanding of the real world doesn't seem to get up-dated as frequently as it might.

Nothing could be further from the truth.

Not that John Larkin has any idea how ...

And this helps exactly how?

As with perpetual motion machines - if you don't think that they are possible you will clearly never invent one, but it's equally clear that being silly enough to imagine that they are possible is not going to let you do any better.

--
Bill Sloman, Sydney
Reply to
bill.sloman

There's essentially no way to even verify your software compiler isn't itself compromised and silently inserting malicious code into your binaries, or that all compilers aren't already silently compromised, even! Or that the CAD hardware design tools you use to design the hardware to provide the protection aren't compromised. Etc.

Reply to
bitrex

I'm always amused that people who post to a electronic design group are so emotionally invested in things being impossible and never changing. They invent reasons to not design stuff. That's fine with me... much less competition.

A CPU could be hardware firewalled so that it can't mess up anything but the application it is currently running. Absolutely all access to external resources could be managed.

Intel can't even keep data from being executed, or keep stacks from overflowing and poking hostile code into random places in executable space. Or protect the system from Word macros. When in doubt, execute it.

DEC didn't allow any of that. No CPU should allow that.

--
John Larkin         Highland Technology, Inc 
picosecond timing   precision measurement  
 Click to see the full signature
Reply to
John Larkin

Before I deliver the wrath of the gods upon my critics, methinks it might be useful if you would kindly disclose if JL is John Larkin or Jeff Liebermann.

I took a class on English literature in college. I vaguely recall Shakespeare being mentioned. Does that count?

--
Jeff Liebermann     jeffl@cruzio.com 
150 Felker St #D    http://www.LearnByDestroying.com 
 Click to see the full signature
Reply to
Jeff Liebermann

Sniffing the traffic with something like Snort: "Snort performs protocol analysis, content searching and matching." The problem is that for every type of attack, there needs to be an applicable rule database: Keeping it up to date and out of the hands of the evil bad guys is not a trivial exercise. There is also the problem of false positives, which could block valid traffic, and encrypted (VPN) traffic that can't be sniffed.

--
Jeff Liebermann     jeffl@cruzio.com 
150 Felker St #D    http://www.LearnByDestroying.com 
 Click to see the full signature
Reply to
Jeff Liebermann

Then show us the way oh great Nebuchadnezzar! Construct your many CPU device with great hardware security!!! We await your ever wise design.

Rick C.

Reply to
gnuarm.deletethisbit

On Wednesday, October 3, 2018 at 11:29:40 AM UTC-4, snipped-for-privacy@ieee.org wrote :

ible you will clearly never invent one, but it's equally clear that being s illy enough to imagine that they are possible is not going to let you do an y better.

I actually met someone, in the business, who thinks perpetual motion (altho ugh I'm sure he won't call it that) is possible. He was showing me plans f or a device that would charge a battery from a battery. I tried to ask he "why?" but he kept explaining the how talking about capacitors capturing en ergy that would otherwise be lost and I don't know what all... until I hear d the phrase "over unity" and I realized he was trying to get more out than in. lol

Rick C.

Reply to
gnuarm.deletethisbit

Right, that's the problem. Now, one could argue that any spam/DDOS/ whatever-creating node should just be totally blocked by their ISP. Many of these nodes may be in regular use by their legitimate user, and they are totally unaware their machine is part of a botnet. Well, blocking their machine might get them to have the vulnerability fixed. So, there IS a good argument for that. But, there are MILLIONS of these single rogue nodes out there. If every PC had to keep a list of all the compromised nodes out there, it would bog their firewall to its knees. So, really, it is the responsibility of the ISP to deal with these rogue nodes, but they don't want to make their PAYING customers mad at them for something that they probably don't even understand.

So, it is a conundrum, at least until the vast number of botnet machines brings the whole internet to its knees. We aren't all that far from that right now.

Jon

Reply to
Jon Elson

Well, don't be so SURE about that!

Well, that works for ME! I do get tons of hacking attempts, but with some extra measures like denyhosts and blocking some specific troublemaker's IPs, it is at least tolerable. But, I currently have about 7000 IPs blocked in my hosts.deny file, I have no idea how much overhead that causes when a legitimate user tries to log in.

Jon

Reply to
Jon Elson

Have you ever noticed how much some antivirus programs slow down a computer? (I run Linux, and don't bother with klunky AV programs.) But, having to scan EVERY packet sent would cause HUGE overhead.

Cutting off net access to identified machines that are sending spam/ malware/etc. is definitely possible, but the ISPs would tick off a LOT of clueless customers. Then, they'd have to handle TONS of support calls. Yes, sure, they are totally in the clear legally, as having a spam producer violates almost any terms of service. But, I do understand why the ISPs do NOT WANT to open this Pandora's box. At some point, they may have to, or the FCC or state regulators may have to get involved to keep the internet running at all.

Years ago, before I discovered the denyhosts program, I used to get over

1000 attempted ssh logins/day on my little web server. When I put in denyhosts with very stiff rules (like 3rd login failure and you are locked out for 3 months) I was VERY interested to discover the attempts dropped off to 3 a day exactly, TO THE HOUR, TWO WEEKS after installing it. This indicates the HUGE number of botnet machines available and the coordination on the dark net by the users of these nodes. They burned 14,000 unique IP addresses to find out how long the retirement of locked out IPs was on my machine! And, when they found that they were still locked out after 2 weeks, they sent out the word on the dark net to not bother with my machine, you won't get in!

That is just one indication of the kind of resources these hackers have available to them.

Jon

Reply to
Jon Elson

y

If the customers don't understand the issue, why would they know enough to blame their ISP??? It's no easier to block the messages at the ISP than it is on the home computer... but that's not even the problem. It's not that the home computer is being attacked, it's that the home computer is compro mised.

I am pretty sure if the ISP could effectively and easily stop malware attac ks without creating horrendous problems for their customers, they would. I seem to recall my email being blocked a number of times because my provide r was black listed because of one customer being compromised. That's a pre tty sever solution to the spam problem, cutting off an entire ISP. That's the sort of problem you will have in spades if you try to block all malware at the ISP level.

Heck, I have a program I use frequently that is NOT infected which sets off AVS software on a regular basis. We contact various AVS vendors periodica lly to get it whitelisted, but with the next release the program gets blott ed again. Imagine that at the ISP level!

Rick C.

Reply to
gnuarm.deletethisbit

Yes, that does happen. Spamblocking an ISP tends to happen mostly in situations where an ISP has one or more really "bad actor" customers, is notified of the problem, and fails to do anything about it. Spamhaus (as one example) has a well-defined escalation policy, slowly broadening their spam listing for an ISP's address space over time as the result of an ongoing problem (or an ISP's decision to be complicit in their customer's misbehavior).

Yes, it would be nasty. Distinguishing malware from goodware, or malware accesses from legitimate accesses, is a hard problem in the technical sense. I suspect it's equivalent to the Halting Problem, and thus there's no perfect solution to it... just heuristics, with both false-positive and false-negative results.

Consumer ISPs these days often do perform some blocking that's intended to stop certain forms of illegitimate use. For example, many consumer-grade ISPs now block direct outbound connections to TCP port

25 (SMTP) from their customers... in order to send outbound email the customer must connect to the ISP's mail relay server, and use proper identity credentials. This gives the ISP the ability to detect excessive bulk emailing, and throttle or block it.
Reply to
Dave Platt

I could elect to pay my ISP to filter packets for me. There are also DNS servers that don't serve up the IP addresses of known hazards. That's a start.

9.9.9.9

It wouldn't be difficult to have serious protections built into the hardware and software of a computer system. We are just too stuck with ancient legacy designs to do that any time soon.

It will happen.

We just spent two hours with our IT consultant, talking a lot about security issues. His opinion is that in 20 years, hardly anybody will need IT consultants. Interesting guy.

--
John Larkin         Highland Technology, Inc 
picosecond timing   precision measurement  
 Click to see the full signature
Reply to
John Larkin

That's nothing !

If you want to see a "koook" and one that thousands of people follow, check out this guy... He says that he is the ONLY person that knows what magnetism is ! People believe this shit that they can't even follow ! Makes my head hurt ! Lots of new words. It's dialectric accelleration !

formatting link

And he is the only person on earth that understands how a radiometer works

formatting link

Sheeesh !

Reply to
boB

Hehe... I had the misfortune of having the same guy (Ken Wheeler, aka "Theoria Apophasis") call me out of the blue a few years ago. He called to convince me that electrons don't exist, and that we were actually seeing discharges of "dielectricity" per Tesla researcher Eric Dollard. Since 2004, we've been using a 5 MeV industrial electron accelerator to inject trillions of electrons inside various shapes of clear acrylic. By manually discharging these charged-up specimens, we create beautiful internal Lichtenberg figures. We've been studying the physics of dense charge trapping and detrapping processes in acrylic for well over 20 years.

Since I remained skeptical, he abruptly hung up on me and then began trashing me on various fringe sites on the Internet and on my YouTube videos (until I blocked him). He's every bit as arrogant and nasty on the phone as he is on his video channel. He does have a rather large YouTube following though - go figure...

Bert

formatting link

Reply to
Bert Hickman

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.