Menu Sign In Contact FAQ
Banner
Welcome to our forums

Is this "security threat" real?

During one of my idle moments (while drawing up a big cable harness) I have come across this.

I can’t help thinking that this (which is all over the internet) is almost totally bullsh*t.

A PC may have a vulnerability, but first the attacker has to somehow put himself in a position to exploit it.

99.9% of PCs are behind NAT routers, so apart from the brief time (usually 180 seconds) during which the NAT hole is open both ways, the PC is invisible from the internet. And even during those 180 seconds, it is externally visible only from the IP which was being accessed, so an attacker on another IP won’t see it.

So attacks need to come from the inside.

The usual way nowadays is to send an email with an infected payload. I think around 99% (I really mean 99%) of PC users are using Micro$oft Outlook for their email, so attackers will work on vulnerabilities in that. The attacker is either using a back door in the email client (to execute code of his choice) or is hoping that the recipient will click on every link in the email… and is not running any form of AV software. And the email (normally from a spammer) will need to get through the ISP’s email filters; it is very rare for that to happen nowadays.

The other way is to have an infected website. That is how kids’ PCs tend to get infected so rapidly; they tend to click on every link they see. The wares/crack/game cheat etc websites are often infected. Pilot forums running on off the shelf software also tend to get regularly infected Adult websites are surely going to be fair game too. AV software picks up some of this stuff but not all.

After WinXP is no longer security-patched, or indeed before, the two areas above can be addressed by using an email client other than Outlook, and by using a browser which continues to be security-patched e.g. Firefox or Chrome. I have not been using M$ software for email or browsing “for ever”. In fact I have not used any M$ email software since first getting onto the internet in 1995. I have Outlook Express set up for sending only, for easy use in the Send To right-click context.

If somebody has a PC running XP which does what they need, why should they waste their time putting win7 or win8 on it, hunting around for the extra RAM needed to make it work acceptably, or even discarding it, buying a new PC, and then spending a potentially huge amount of time transferring their data. That is itself a nontrivial job… transferring email accounts, mailboxes, bookmarks. It’s OK for an IT geek but the average computer user will never find where the stuff is stored, and when they change their PC they lose all their old emails. Many also lose all their old photos – that’s another issue…

So should these journos really advise people to use Firefox or Chrome for browsing, and some non-M$ email app (e.g. Thunderbird)?

I suppose there are cases where the NAT router has open holes in it. There is a protocol in the cheap and nasty consumer routers which enables an app on the PC to open holes in the NAT. I once spent a day trying to get the Vodafone SureSignal box to work, only to discover that the config software was relying on having this facility, but the port numbers were undocumented. I sent it back immediately I discovered this… But, surely, your ISP doesn’t open your PC to the internet outside your current dynamic-IP session. And if you are on a static IP, then you are doing that for a reason (e.g. running a web server from home) so you need to know what you are doing security-wise because any public website is going to get massively DOSed 24/7. At work we have dictionary attacks running against our stuff all day and all night.

In an “obvious target” situation like somebody working inside a bank, that’s different, because attackers will try social engineering to try to get somebody to execute a piece of code of the attacker’s choice. Once this is running internally, you can do all kinds of stuff. But if you run a bank, you should employ an IT specialist in this area anyway, and he can chuck all the PCs in the bin every year and give everybody a fresh new one

What am I missing?

Last Edited by Peter at 25 Dec 17:31
Administrator
Shoreham EGKA, United Kingdom

I feel along with much of your thoughts, Peter. Myself do most of my work from a couple of Linux boxes, but (like many people, I think) I have a couple of legacy Windows applications; I run these on a Win XP, virtualised with VirtualBox. Certainly I use neither Outlook nor Internet Explorer.

I think you are also right re the average user being behind the NAT plus firewalls plus reverse proxies of the Internet Service Providers.

No worries here, though of course one never knows.

Professionally, the matter is quite different – I have been in committees on the subject, not in a bank but rather in a government’s administration – not a good feeling to know oneself in the first line of fire of able and motivated attackers.

EBZH Kiewit, Belgium

I think WIn XP (which i have used for many years on ThinkPads) is a thing of the past now. Win 7 makes most if not all decent computers faster and more comfortable. Of course it still “works”, somehow – but when i switch on my ThinkPad A31P today (the machine that was the standard equipment on the Space Shuttle! and costs around € 4000 in 2005) i do not leave it on for long … it’s just too slow for what I’m used to now.

But actually years ago I went to Mac, and I never looked back. I think I’ll stay with the MacBook/iPad/iPhone combiantion for the next years …

I use XP at home and at work, and there is no point in changing away from it. We are not changing the apps. Our accounts software (Sage) has been on its current version for about 10 years and does all we need. We run Office 2003, etc.

It would suprise me if win7 was faster on a given hardware than XP. It may well be faster with some heavy apps with 8GB RAM than XP is with the maximum 3.5GB that it can make use of.

One weird issue is that a lot of windows apps are dirty and store data in the Program Files directory. Win7 is supposed to provide a backwards compatible way to cover for this but it doesn’t always work. OTOH I prefer apps storing everything in the PF directory (from where it can be easily backed up) than in a number of obscure places in Docs and Settings and also dropping crud all over the Registry.

The vulnerability which would concern me is if somebody can place packets of their choice on the internal company LAN. They won’t be able to login into the PCs without having the logins (in theory) and same goes for the admin of the router. But with a fixed and public IP it’s a concern which one cannot eliminate totally. Then those packets will get presented to the ethernet ports of the PCs and if there is a back door there, you have a problem. So we run a web server on a different subnet so the packets don’t go anywhere near the LAN. But this relies on the router having no back doors… Still, this is a clever attack and miles away from the XP security argument I mentioned earlier which is really just vulnerability to a random attack. This is an area where you do want the PCs to be secure (on their ethernet ports), but you can always put the internal LAN behind yet another NAT router…

I wonder what today’s malware writers are mainly going for? One purpose must be botnet creation (zombie PCs for spamming). Another might be collecting bank details (maybe installing keyloggers?). Otherwise, what national security stuff could one glean from the average PC owner?

Last Edited by Peter at 25 Dec 19:54
Administrator
Shoreham EGKA, United Kingdom

All machines (like in our company) we changed from Win XP to Win 7 were really faster aftwerwards and especially much more comfortable. Time goes on and except some problems you have with each and every upgrade operating systems really get better, more stable and faster all the time. I don’t see the point staying with Win XP.

Also if you want to integrate a Windows computer with an iPad or iPhone – it will only work with Win 7 and at least Office 2010. Otherwise you cannot sync the PC with iPhones/iPads through the cloud. because the necessary little app for doing this does not work with XP.

Last Edited by Flyer59 at 25 Dec 20:24

The Cloud?

I am getting comprehensively out-geeked here

Or maybe out-PRd.

I have progressed to the dizzy heights of Dropbox, which is quite good. Hey there is even a Symbian app for it (Cutebox) Now, if you are a real geek you will have read of the Dropbox vulnerability whereby there is a way to tell if somebody has previously uploaded the same document – you time how long your own transfer takes. Potentially handy for detecting “leakage”… I thought that was quite funny.

Administrator
Shoreham EGKA, United Kingdom

Yes, the Cloud :-)

Dropbox is a good start actually! I have a 100 GB DB account – i have everything i need to have EVERYHERE in the Dropbox. Alle airplane manuals, a lot of company stuff, all our passports, travel, insurance, car, airplane, house documents… ANYwhere i go i have it all available. And I started to introduce it in our company too and my people slowly start to love it. And I do MOST of my work through Dropbox too. I hate eMail attachments!

Also all my iDevices and my two Macs (one at home and one in the office) are all synced through the Cloud – ad i have the SAME computer anywhere I am, i never have to think where a certain file is. They are all EVERYHWERE I am.

I am simply too lazy for old technology ;-))

By the way: I am covinced that WIn 7 is much safer than XP. And sooner or later you will no alternative but upgrading …. I fear.

Last Edited by Flyer59 at 25 Dec 20:24

There is a theory that “adult” sites are actually safer than most because the last thing the operator wants is for his customers to be put off by virus attacks. I should add that I have not had occasion to test this theory

EHLE / Lelystad, Netherlands, Netherlands

I know a guy who is high level sales at Cisco and he says some of their best customers are p0rn video server operators

Administrator
Shoreham EGKA, United Kingdom

I am covinced that WIn 7 is much safer than XP.

That may be true on purely static and theoretical and technical grounds. We may certainly hope the creators did pay attention to the security aspect! There is however the fact that whoever wants to break something will first try to break the most common thing. Win7 and its version of IE must be prime targets for hackers.

XP, though of course it was originally as draughty as the gates of hell, must be fairly secure after so many years of security patching.

Myself prefer Linux, one of my mean reasons is the “security through obscurity” principle. Another reasons is that the innards of Linux are maintained by hackers (depending on your definition of “hacker”, admittedly).

BTW where you can see reason to stay with XP, I can see no reason to leave it. Performance is not an issue anyway, given the performance of even the cheapest hardware today. And the legacy applications that are my only reason for having Windows at all might perhaps not even run on more recent versions.

EBZH Kiewit, Belgium
20 Posts
Sign in to add your message

Back to Top