General discussion

Locked

Botnets info that will have you rethinking your PC security

By CG IT ·
Here's an article by Linda Musthaler on botnets that will change the way you think your secure from malware threats.

http://www.networkworld.com/newsletters/techexec/2009/080309bestpractices.html?page=1

While we think we are secure from malware with firewalls, antivirus programs, IPS we are not. For every action in trying to prevent malware, the malware creators will come up with a counter measure. Antivirus? the malware makers come up with way to turn it off. IPS? malware makers encrypt their traffic. No one clicks their malware links in Emails? they come up with driveby infection. Firewalls? Since firewalls allow all outbound traffic by default, all they need it to infect the system.

While we all love to surf the net and go to the millions of different web sites out there, what is on the horizon is cloud computing and controlling a users web experience. If the cloud computing providers have their way, users will no longer connect directly to the millions of web sites out there, they will simply connect to the cloud and be fed the content the cloud provides.

If we remember back in the early days of dialup access, we connected to providers like AOL, CompuServe or Prodigy and they provided the content. Well we are headed back in that direction with thin clients and cloud computing.

This will put a huge damper on malware, botnets, and spam because your thin client has no software that can be exploited or changed [think PROMs and flash memory]. If it's unlocked or "jail broken" it can simply be denied access to the cloud.

While many might scoff at this idea, this is what IBM,Intel,Google,Microsoft,Cisco, are all heading towards by merging telecom and computers together.

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Hate to burst your bubble

by NickNielsen In reply to Botnets info that will h ...

...your thin client has no software that can be exploited or changed [think PROMs and flash memory].

Many PCs now have the capability to flash BIOS via network. Neoware thin clients have had remote update capability since I can remember.

Your next sentence does provide a possible, though imperfect, solution: If it's unlocked or "jail broken" it can simply be denied access to the cloud.

Collapse -

well not the type of updates being discussed in

by CG IT In reply to Hate to burst your bubble

the cloud computing circles. They are talking about a method of authenticating the thin client and if it's not authenticated, it's denied. If it authenticates but does not have the proper software, it's flashed. Microsoft mentioned using it's product activation software techniques but with thin clients, if it doesn't activate it doesn't work, period.

The mfgs and cloud providers are trying to take the loose security cannon, eg the consumer, out of the loop. Cell phones work on a similar principle. No service, no worky.

Collapse -

You and I both know

by NickNielsen In reply to well not the type of upda ...

If there's a way to bugger up that authentication, the cloud providers will do it.

There is some irony with the current push for thin clients. I've been working with thin client PCs for almost three years and my experience with them is that the primary hardware failure is...wait for it...the internal NIC.

If the cloud advocates want success, they've got more to address than the data security issue.

Collapse -

I do remember AOL.

by Tony Hopkinson In reply to Botnets info that will h ...

I remember they put their own political bias into their search engine, so it wouldn't return information that was for things they didn't agree with.

The idea of small number of groups controlling access to information is anathema to the world wide web.

I remember when defender came out (not one of my favourite products !) AOL at the time had a component that was a default on option 3rd party component that defnder marked as malware (which in my opinion it was, or at last crapware). Couple of phone calls between MS and AOL, and it got redefined.

F**k what IBM, Intel, Google et al want. I don't, so they can jam the cloud up their collective arse. Nothing to do with internet security and everything to do with control.

Collapse -

Your right tony it's everything to do with control.

by CG IT In reply to I do remember AOL.

And they want to control it and with that, rake in the billions of $$ of monthly fees they will collect from Joe Consumer who doesn't care except to surf the net, email, and well that's about it.

Collapse -

So what's new and what makes anyone think that

by HAL 9000 Moderator In reply to Botnets info that will h ...

Thin Clients are the answer?

As stated in the article when things change the BotNet Writers change their attack so what makes anyone actually think that the use of Thin Clients will cure this Scrooge of the Internet?

Instead of directly attacking software the BotNet Writers will attack the hardware and when that happens it's curtains for everyone as the attack on software will be so Yesterday that it will only be used as a Backup tot he main attack vector on the hardware.

Not to mention that once they perfect that Attack Vector it will be even harder to disinfect a system and most will remain infected to be used for even more serious attacks.

Col

Back to Hardware Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums