New Fire Fox Update

First I must stress that I'm not going back on what I've been saying for
years! Firewall, AV and AS are all the *software* required. Safe Hex is
still essential!


It's aimed at the generation presently under construction that
speaks in text-speak and you can't have a quiet moment in public
anymore because at least one of them has tinny music coming through
their head phones. The generation those devices have and are being
aimed at, are who Vista is aimed at - the ones who don't understand
what the problem is about spyware - so long as they get a ringtone
or some cool cursors. Sheep. Pliable consumers. M$ is for business,
not you and me.

Then why is my 18 year old bugging me to put Ubuntu on a dual boot
with XP and hates cell phones, XBox, PlayStation and Wii? My evil
influence?

Undoubtedly.


I'd better eat some chips after that!


Shane


I'm gonna have a bowl and play Devil May Cry 3 ;-) It's about all I
use XP for nowadays.


I bet he does, too, now that ol' Mr Portals himself and his sidekick Steve
Balls-ache are edging him out!

Very interesting read Shane but as I said I will hold of giving my opinion
until I see it g

It's no use talking to me about text talk I don't understand it half the
time and always use the predictive text on my phone to spell out the full
words g it drives Kelly mad if she has to use my phone as she's one of
the text kids g

I agree with you with regards safe hex, all I have on here is
SpywareBlaster, Zone Alarm Pro, Ad-Aware 2007 and NOD32 plus of course my
fingers on the mouse and keyboard telling everything where to go g
Joan


Shane wrote:

The indisputable truths of what he says in that piece are 1. that
asking if you really *really* want to run that, for everything
remotely system-related you click on, over and over and over - which
rapidly becomes extremely annoying to anyone who knows how to use a
computer and wants to use the one they paid a lot of money for, not
have a nanny forced upon them by Microsoft - is not remotely how you
combat viruses and hackers.

snip

'Predictive text' sounds like that ruddy business where you hit one key and
three letters come up - that drives me round the bend when I try to send a
text message! On account of I've got my mum's old phone (I stopped using
them after Devon - but when I was going back and forth with my dad's
troubles she thought it'd be a good idea - and I agree. It's what they're
for!). But I don't see where in hell you're supposed to turn it back to just
straight forward typing!

So that's what it's called is it?

Or are you just guessing? ha ha!

Shane


Joan Archer wrote:
Very interesting read Shane but as I said I will hold of giving my
opinion until I see it g

It's no use talking to me about text talk I don't understand it half
the time and always use the predictive text on my phone to spell out
the full words g it drives Kelly mad if she has to use my phone as
she's one of the text kids g

I agree with you with regards safe hex, all I have on here is
SpywareBlaster, Zone Alarm Pro, Ad-Aware 2007 and NOD32 plus of
course my fingers on the mouse and keyboard telling everything where
to go g Joan


Shane wrote:

The indisputable truths of what he says in that piece are 1. that
asking if you really *really* want to run that, for everything
remotely system-related you click on, over and over and over - which
rapidly becomes extremely annoying to anyone who knows how to use a
computer and wants to use the one they paid a lot of money for, not
have a nanny forced upon them by Microsoft - is not remotely how you
combat viruses and hackers.

snip

No, it doesn't seem to be in the online version.

In fact I get the idea they don't want us to be able to read the whole comic
without paying for it! Basters!


Shane


Joan Archer wrote:
No I don't do you have an URL for it.
Joan

Shane wrote:
Incidentally, Joan. I don't know if you read Viz or not, but I fear
there's been a case of identity theft (don't worry - not yours!).
There's a letter on the letters page from an Arthur Sixpence.
Personally I don't think that's likely at all!


Shane

On Sat, 21 Jul 2007 19:10:11 +0100, "Shane" wrote:
Joan Archer wrote:

I have seen the odd thing about UAC and a few peoples thoughts on it.
Microsoft were trying to make a more secure OS with Vista, after all
there are a lot of baddies out there in cyber-space

To stop viruses and hackers you keep them from getting into the machine in
the first place, and if you can't do that, the damage has already been
done - the horse has already bolted.

Welcome to the real world - you're as much of an ostrich as MS, there.

The world's largest, cheapest and most powerful mail servers are
botnets of infected PCs. It's pointless being prissy, pretending that
prevention of infection is all everyone will ever need to do.

And 2., that it doesn't protect your data files, ie what you value, it
protects the operating system, which can be re-installed and be none the
worse for it and is essentially valueless.

Two things:

1) Yes, I agree with you

User permissions and UAC have NOTHING to do with protecting your data,
because even the most limited user rights still have the right to edit
(and thus trash) data. At best, they may present a speedbump to
stealing the data, if the account is so locked down that it has no
ability to sent anything to Internet or removable drives.

The whole user account thing is an exercise in "vendor vision", i.e.
it reduces MS and OEM support responsibilities.

As long as anything running in the user's contexts has the same power
as the user, this will always be the case. UAC is a welcome change in
that for the first time, the user at the keyboard has control elevated
over scripts and automation that (it is at last acknowledged) may not
be running and acting with the user's intent.

2) No, I disagree with you

Re-installing the OS is NOT a painful process; the side-effects can be
catastrophic if you have the Dubious Advantage of an OEM wipe-only
"recovery disk" (vendor-vision again... what exactly does this disk
"recover"?). Even if you did get a proper OS disk and know how to use
it, you will still revert to an older and more exploitable code base,
and lose many protective settings etc. you may have applied.

And after all that, it's prolly not going to kill the malware anyway,
or the malware will be restored with your "data" backups, or however
it got in the last time, it will do so again - because by not bothing
to detect and assess what happened, you've learned NOTHING.

How does any of that amount to protection from baddies? Firewalls, anti
virus, anti spyware, these are what protect both you and the system - and
nothing more than those are required.

That's why infected PCs are so rare, right?

Are they so stupid that they can't see the lunacy of a protection system
that protects the system but *not* your personal files?

Yes - that's not stupidity, that's policy, and standard across the
industry. A support dude in a call center has to handle X calls per
hour, and spending time helping users with things that are not the
vendor's responsibility is often a firing offence.

Anyone here found great support techs at a company, only to find they
are "no longer with us" when you go back a few months later?

This vendor-vision fits the corporate world, too, where the model is:
- everything we need is on the server anyway
- so the desktop is a disposable chew-toy

When you speak of "just" re-installing the OS, you are fitting in with
that mindset; that's how professional IT "maintains" desktop PCs.

One reason there are so many malware'd PCs is because the owners
didn't do everything they could have done to prevent getting infected,
and perhaps ostriches like MS assume this is the only reason.

Another reason is because even if you do all the right things at the
best of your ability, you can still get malware'd anyway. Do I claim
I'm not malware'd? No, because I'm not in a position to distinguish
between being malware-free and being malware'd by something smart
enough to hide itself from me.

But a third reason is that if the only choice is between staying
malware'd and "just" wiping and rebuilding the PC (again), some folks
will just shrug and stay malware'd.

At best UAC is just for show

It's actually developed as a transitional technology, much like ISA
PnP support from the Win95 era.

It's possible to code apps that won't pop up UAC at all, and it is
expected that as sware vendors catch up (and perhaps the only slugs
slower than sware vendors are telcos) so we will have a system that
transparently works better, just as PnP has become today.

In fact, UAC is itself a catch-up technology.

You've heard *NIX folks claiming their model is more secure, and a big
part of that goes about escalation prompts to "authenticate as root".

Same thing in MacOS; certain things require extra authentication or at
least an "are you sre?" dialog to click through.

And 3rd-party sware has offered this as an add-on feature in Windows;
personal firewalls and then tools like PrevX and All-Seeing-Eye that
prompt you for internal matters, just as UAC does.

M$ is for business, not you and me.

That, unfortunately, has been my conclusion as well.

I've written about that in other posts, but part of the problem is
that we are assumed to be a "done deal".

In the big business sector, Linux is now what mini-computers, Netware
and UNIX were before; a credible competitor that has to be wrestled
with for market share.

But Linux is comparitively useless for consumers, and Apple are too
timid to compete head-on, preferring to play the lock-in game. After
all, why support many millions of users at a low margin, if you can
make as much money with 1% of that user base by gouging on price?

So all MS has to do is keep the big OEMs sweet, and we're in the bag.
In effect, MS and OEMs gang up as a closed cartel to feast on you.

I'd better eat some chips after that!

And I'm off to make some tea :-)



--------------- ----- ---- --- -- - - -
To one who only has a hammer,
everything looks like a nail
--------------- ----- ---- --- -- - - -

I'll look at the rest later, Chris, but for now point out that I'm talking
about from the point of view of users who know how to operate the computer,
that the point is it is entirely set for novice mode now and unless you're a
novice, is an awful experience. But that M$ only want novice customers and
want them to remain novices.


Shane


cquirke (MVP Windows shell/user) wrote:
On Sat, 21 Jul 2007 19:10:11 +0100, "Shane" wrote:
Joan Archer wrote:

I have seen the odd thing about UAC and a few peoples thoughts on
it. Microsoft were trying to make a more secure OS with Vista,
after all there are a lot of baddies out there in cyber-space

To stop viruses and hackers you keep them from getting into the
machine in the first place, and if you can't do that, the damage has
already been done - the horse has already bolted.

Welcome to the real world - you're as much of an ostrich as MS, there.

The world's largest, cheapest and most powerful mail servers are
botnets of infected PCs. It's pointless being prissy, pretending that
prevention of infection is all everyone will ever need to do.

And 2., that it doesn't protect your data files, ie what you value,
it protects the operating system, which can be re-installed and be
none the worse for it and is essentially valueless.

Two things:

1) Yes, I agree with you

User permissions and UAC have NOTHING to do with protecting your data,
because even the most limited user rights still have the right to edit
(and thus trash) data. At best, they may present a speedbump to
stealing the data, if the account is so locked down that it has no
ability to sent anything to Internet or removable drives.

The whole user account thing is an exercise in "vendor vision", i.e.
it reduces MS and OEM support responsibilities.

As long as anything running in the user's contexts has the same power
as the user, this will always be the case. UAC is a welcome change in
that for the first time, the user at the keyboard has control elevated
over scripts and automation that (it is at last acknowledged) may not
be running and acting with the user's intent.

2) No, I disagree with you

Re-installing the OS is NOT a painful process; the side-effects can be
catastrophic if you have the Dubious Advantage of an OEM wipe-only
"recovery disk" (vendor-vision again... what exactly does this disk
"recover"?). Even if you did get a proper OS disk and know how to use
it, you will still revert to an older and more exploitable code base,
and lose many protective settings etc. you may have applied.

And after all that, it's prolly not going to kill the malware anyway,
or the malware will be restored with your "data" backups, or however
it got in the last time, it will do so again - because by not bothing
to detect and assess what happened, you've learned NOTHING.

How does any of that amount to protection from baddies? Firewalls,
anti virus, anti spyware, these are what protect both you and the
system - and nothing more than those are required.

That's why infected PCs are so rare, right?

Are they so stupid that they can't see the lunacy of a protection
system that protects the system but *not* your personal files?

Yes - that's not stupidity, that's policy, and standard across the
industry. A support dude in a call center has to handle X calls per
hour, and spending time helping users with things that are not the
vendor's responsibility is often a firing offence.

Anyone here found great support techs at a company, only to find they
are "no longer with us" when you go back a few months later?

This vendor-vision fits the corporate world, too, where the model is:
- everything we need is on the server anyway
- so the desktop is a disposable chew-toy

When you speak of "just" re-installing the OS, you are fitting in with
that mindset; that's how professional IT "maintains" desktop PCs.

One reason there are so many malware'd PCs is because the owners
didn't do everything they could have done to prevent getting infected,
and perhaps ostriches like MS assume this is the only reason.

Another reason is because even if you do all the right things at the
best of your ability, you can still get malware'd anyway. Do I claim
I'm not malware'd? No, because I'm not in a position to distinguish
between being malware-free and being malware'd by something smart
enough to hide itself from me.

But a third reason is that if the only choice is between staying
malware'd and "just" wiping and rebuilding the PC (again), some folks
will just shrug and stay malware'd.

At best UAC is just for show

It's actually developed as a transitional technology, much like ISA
PnP support from the Win95 era.

It's possible to code apps that won't pop up UAC at all, and it is
expected that as sware vendors catch up (and perhaps the only slugs
slower than sware vendors are telcos) so we will have a system that
transparently works better, just as PnP has become today.

In fact, UAC is itself a catch-up technology.

You've heard *NIX folks claiming their model is more secure, and a big
part of that goes about escalation prompts to "authenticate as root".

Same thing in MacOS; certain things require extra authentication or at
least an "are you sre?" dialog to click through.

And 3rd-party sware has offered this as an add-on feature in Windows;
personal firewalls and then tools like PrevX and All-Seeing-Eye that
prompt you for internal matters, just as UAC does.

M$ is for business, not you and me.

That, unfortunately, has been my conclusion as well.

I've written about that in other posts, but part of the problem is
that we are assumed to be a "done deal".

In the big business sector, Linux is now what mini-computers, Netware
and UNIX were before; a credible competitor that has to be wrestled
with for market share.

But Linux is comparitively useless for consumers, and Apple are too
timid to compete head-on, preferring to play the lock-in game. After
all, why support many millions of users at a low margin, if you can
make as much money with 1% of that user base by gouging on price?

So all MS has to do is keep the big OEMs sweet, and we're in the bag.
In effect, MS and OEMs gang up as a closed cartel to feast on you.

I'd better eat some chips after that!

And I'm off to make some tea :-)



--------------- ----- ---- --- -- - - -
To one who only has a hammer,
everything looks like a nail
--------------- ----- ---- --- -- - - -

On Sun, 22 Jul 2007 13:45:32 +0100, "Shane"

I'll look at the rest later, Chris, but for now point out that I'm talking
about from the point of view of users who know how to operate the computer,
that the point is it is entirely set for novice mode now and unless you're a
novice, is an awful experience. But that M$ only want novice customers and
want them to remain novices.

Here's the maths:

Skills needed to use the PC
-
Skills needed to use the PC safely
=
Safety gap

Malware thrives in the Safety Gap.

It is a disservice to newbies to pretend they do not have to know the
difference between "run code" and "view data", or to know where their
PC ends and where the Internet begins.

We need a safer UI. Without that, it won't only be total newbies that
get shot to pieces... it's not enough to secure access to authorised
users if the consequences of what these users do are far beyond the
effects they might have intended.

And as to "newbies" in the workplace...

"I'm sorry, but you appear to have mis-represented your skill set at
your job interview, on the basis of which you were hired. This
invalidates your hired status - goodbye."



------------ ----- --- -- - - - -
Things should be made as simple as possible,
but no simpler - attrib. Albert Einstein
------------ ----- --- -- - - - -

2.0.0.5 just came out? It's 2007!

I'm a bit behind the times, running 1.5.0.6.
It has this weird issue, where clicking the drop down for typed urls makes
the list appear and disappear, just the first time for the session.

"Alias" wrote in message
...
Heather wrote:
Nope....I have 2.0.0.4....is that the one?? Came out a week or two ago.

Figgs, older and faster, grin.

"Alias" wrote in message
...
Alias



Yep, I have version 2.0.0.5. Came out today, both in English and in
Spanish. Open Fire Fox. Help/Check for Updates.

Alias

I do intend dealing with this thoroughly - but what with the conditions
here, I really do have better things to do. For now I shall observe that you
appear to have based the bulk of your argument and abuse on failing to have
read the follow-up post (to Alias) made 10 hours earlier. It seems barely
credible that you would put so much effort into a rebuttal yet not read a
post made by the person you are seeking to contradict, 10 hours earlier.
Anyway, I shall deal with that later.


Shane

cquirke (MVP Windows shell/user) wrote:
On Sun, 22 Jul 2007 13:45:32 +0100, "Shane"

I'll look at the rest later, Chris, but for now point out that I'm
talking about from the point of view of users who know how to
operate the computer, that the point is it is entirely set for
novice mode now and unless you're a novice, is an awful experience.
But that M$ only want novice customers and want them to remain
novices.

Here's the maths:

Skills needed to use the PC
-
Skills needed to use the PC safely
=
Safety gap

Malware thrives in the Safety Gap.

It is a disservice to newbies to pretend they do not have to know the
difference between "run code" and "view data", or to know where their
PC ends and where the Internet begins.

We need a safer UI. Without that, it won't only be total newbies that
get shot to pieces... it's not enough to secure access to authorised
users if the consequences of what these users do are far beyond the
effects they might have intended.

And as to "newbies" in the workplace...

"I'm sorry, but you appear to have mis-represented your skill set at
your job interview, on the basis of which you were hired. This
invalidates your hired status - goodbye."



------------ ----- --- -- - - - -
Things should be made as simple as possible,
but no simpler - attrib. Albert Einstein
------------ ----- --- -- - - - -

On Tue, 24 Jul 2007 10:29:59 +0100, "Shane" wrote:

I shall observe that you appear to have based the bulk of your
argument and abuse on failing to have read the follow-up post
(to Alias) made 10 hours earlier.

I don't see all posts in every thread, for various reasons... shrug

But I am puzzled as to why you think I'm "arguing" or "abusing" the
material I replied to - if anything, I thought I was re-inforcing the
points made. My point is that MS dumbs things down so far that folks
can easily get themselves into trouble... like handguns for toddlers.

cquirke (MVP Windows shell/user) wrote:
On Sun, 22 Jul 2007 13:45:32 +0100, "Shane"

I'll look at the rest later, Chris

Maybe you're replying to an earlier (no snipped) post?

I'm talking about from the point of view of users who know how to
operate the computer, that the point is it is entirely set for novice
mode now and unless you're a novice, is an awful experience.

IKWYM. There's too much stuff that "does things for you"; often
hi-risk things, or things that can mess you up with no undo.

But that M$ only want novice customers and want them to remain
novices.

MS understands the pro-IT world, which is made up of folks speaking
the same language (usually from MS's own certifications etc.).

MS reckon they understand the consumer better than we do, and sales
would appear to prove them right - but those sales may go more about
historical market dominance and OEM relations than folks making a
conscious choice. Linux rarely comes pre-installed, MacOS forces you
to pay "Apple Tax", and most visible software needs Windows.

But in between pitching to newbies (are there any left, by now?
Aren't most PC buyers, repeat buyers?) and the pro-IT in-club, they
don't seem to know what's going on at all.

They treat consumers as if they had no recourse to tech support better
than the "try wiping and re-installing, if that fails we;ll test the
hardware" nadir of volume OEMs. The pits become the standard.



--------------- ---- --- -- - - - -
Saws are too hard to use.
Be easier to use!
--------------- ---- --- -- - - - -