Sujet : Re: Win11 explorer bug?
De : blockedofcourse (at) *nospam* foo.invalid (Don Y)
Groupes : sci.electronics.designDate : 13. Dec 2024, 03:17:54
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <vjg5gr$327bf$1@dont-email.me>
References : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
User-Agent : Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2
On 12/12/2024 6:21 PM, Edward Rawde wrote:
"Don Y" <blockedofcourse@foo.invalid> wrote in message news:vjfvvb$310fn$1@dont-email.me...
On 12/12/2024 4:36 PM, Edward Rawde wrote:
Most users have banal needs for a firewall. If running Windows hosts,
then the filter in the host is even finer-grained than a filter in
an external firewall (as the host-based filter can be tailored
to specific applications).
>
The host based filter is worthless if the user is administrator (like most Windows users are) because malware can
configure/disable
the firewall as it likes.
>
It's not going to suddenly decide that, e.g., PhotoShop needs access to
the internet!
>
I don't permit outbound connections to a long list of countries.
>
You're thinking two-dimensionally. Your *neighbor*'s PC can be acting as
a C&C node for a foreign actor. Just like the camera INSIDE your "perimeter
defenses" (WELCOMED in!) can act on behalf of some other agency.
>
IP filtering doesn't buy you any real protection.
>
It does if you watch the logs for anything unusual.
>
Do you have more than one host? Printer? etc. How many thousands of
connections are you going to examine every day?
Automatic (python scripts in my case) examination of successful connections (ignoring anything blocked) takes a few seconds per day
so that I can easily see anything out of the ordinary. Connection between anything on my network and another nearby IP on the same
(or not far away) ISP would have been obvious.
Wow! I'm sure none of the banks, government agencies, corporations,
etc. haven't YET thought of that!
Why are you wasting your time protecting your own network when
you could be pulling down big bucks protecting these other
institutions from the "clowns" that they've been employing, to date?
Just like I watch who goes in and out of my house and who I give keys to.
Imagine owning a house where you can't tell who comes and goes or who has keys.
>
Knowing who has keys tells you ONLY who has keys. It tells you nothing
of whether they are using them, have given them to someone else to use, etc.
>
Do you really spend your waking hours watching all the lockable doors on
your property? AND, connections to your computer(s)?
See above. Security personnel are generally trained to watch for anything unusual.
Knowing whether a complete stranger has entered your house is all that's needed.
It is of course best that they stay locked out.
So, obviously THAT doesn't work -- as there are reports of data breaches
almost every day (not counting those that are NOT reported).
That's how it is for most people online and they aren't interested in knowing more, except perhaps briefly after the ransomware
cleanup.
>
A simpler solution is simply not to have anything "stealable" on a machine
that can be compromised.
A better solution is not to get anything compromised.
I REALLY don't understand why you don't head up the IT department at a
Fortune 100 company. Or, director of cyberssecurity in some nationstate!
Do such breaches NOT happen in your country?
If you could commandeer THIS machine, remotely, you could look to see
who I correspond with. And, what I've downloaded, recently.
>
And, that's about it!
>
If you manage to install malware, then you could use it as a C&C node to
manipulate other machines -- machines that I don't own (because the only
other thing on this network is a printer and the modem).
>
And, at the next semi-annual review, I will discover your malware
and remove it -- along with taking steps to protect against reinfection
(e.g., install the custom boot loader that I have on the laptop that
wipes the OS each time I boot)
I wouldn't want to use a laptop which wipes the OS each time I boot.
With spinning rust, it only adds a few minutes to the boot time.
Because you only install the applications that you need to expose to the
outside world: a browser and MUA. With an SSD, it would be almost instantaneous.
[I've built such laptops for "disadvantaged" students so I didn't
have to keep cleaning crap off of their machines each time they
visited a site they shouldn't have]
Several decades ago, a "transformer" was installed on such a pole
(why was it SUDDENLY needed, there?) outside from a business that
sold "growing supplies" to folks who were suspected of being marijuana
growers.
>
The joke was that the transformer had NO wires (primary or secondary)
attached to it. And, a large, rectangular region that resembled a
"window" -- on the side facing the business.
>
"Gee, wanna bet that's a (really poorly disguised) camera??" :>
>
It must have been powered by something, even if everything else was wireless.
>
A large battery. The voltage present on the pole is ~11KV (14KV?) or more.
Silly to design a surveillance device that has to accept those high voltages
for power when you have all that volume to use for an energy store!
>
(You can always come back to visit it a month later to replace the battery
and retrieve the stored video footage!)
A camera system which requires me to go up a ladder to change the large battery and retrieve the footage doesn't sound like fun to
me.
You're not a police force trying to catch unsuspecting drug dealers!
Sitting outside the business in an "unmarked car" for several weeks
is likely going to be noticed!
Win11 explorer bug?
Re: Win11 explorer bug?