Good Sam Community

SCVJeff wrote:
So let me explain it the other way...
OFTEN people here make reference comments to things that they thought they included in the comment. While you're change in punctuation does change that, I'll bet you had no idea that there is a real program called Security Onion that we've been using on Linux boxes for over 5 years. It's not just a term

Sigh - yes I did know. I am an IT Systems Manager. :W

The funny thing about freak is that it is due to the US Feds mandating weak, broken encryption. Remember downloading Netscape Navigator and having to swear you would not export the strong encryption versions.

I think it is also funny that people will spend big bucks on hardware, and then use the free versions of maleware protection and anti-virus. the companies that have free versions also sell BETTER versions that offer much more protection.

It comes as no surprise that vulnerabilities which may have existed for years, are only now being discovered. The latest effecting both Android and Apple mobile browsers, allowing vulnerable websites to use weaker export-grade encryption mandated by U.S. law, giving a potential gateway to hackers to break the encryption. Even WhiteHouse.gov and FBI.gov were vulnerable but have now been patched. Chrome browser was not affected. See the article here at Apple plans fix next week for newly uncovered Freak security bug.

Martyn wrote:

SCVJeff wrote:

Martyn wrote:

SCVJeff wrote:

wa8yxm wrote:
There is (Far as I know) no company by this name but I believe in Onion Security

Layer upon layer upon layer.

What name?

Onion Security :S

read it again....

I suggest you do - the poster may not have used good punctuation, but it makes sense... here, I'll modify it for you....

There is, as far as I know, no company by the following name, but I believe in 'Onion Security'
:S

So let me explain it the other way...
OFTEN people here make reference comments to things that they thought they included in the comment. While you're change in punctuation does change that, I'll bet you had no idea that there is a real program called Security Onion that we've been using on Linux boxes for over 5 years. It's not just a term

SCVJeff wrote:

Martyn wrote:

SCVJeff wrote:

wa8yxm wrote:
There is (Far as I know) no company by this name but I believe in Onion Security

Layer upon layer upon layer.

What name?

Onion Security :S

read it again....

I suggest you do - the poster may not have used good punctuation, but it makes sense... here, I'll modify it for you....

There is, as far as I know, no company by the following name, but I believe in 'Onion Security'
:S

bwanshoom wrote:
The study that the article links to doesn't even list Android which seems very odd. While iOS has more vulnerabilities disclosed at least the fixes reach the customers in a reasonable timeframe.

Not always. There was a known PDF exploit that apparently existed in iOS for years. So bad that some foreign governments banned Apple mobile devices from being used by employees. But, overall, I would agree that Apple does a good job patching most vulnerabilities in a reasonable time period.

Martyn wrote:

SCVJeff wrote:

wa8yxm wrote:
There is (Far as I know) no company by this name but I believe in Onion Security

Layer upon layer upon layer.

What name?

Onion Security :S

read it again....

There's plenty of blame to go around - and Microsoft is far from innocent. While Apple may top someone's list of "vulnerability counts" what matters to hackers is the probability of a successful exploit.

1) There are far more Windows machines than Apple based ones.
2) There are still many unpatched Windows machines
3) There are still many holes left unpactched with new holes coming every day to Windows
4) It's not just the OS anymore but applications like Flash


Why did Willie Sutton rob banks? "Because that's where the money is."
Why do hackers target Windows machines? "Because that's where the holes are." 🙂


I've been running a Linux based desktop for a long time.
And - when possible - I make my kids do the same. 🙂

SCVJeff wrote:

wa8yxm wrote:
There is (Far as I know) no company by this name but I believe in Onion Security

Layer upon layer upon layer.

What name?

Onion Security :S

Campfire Time wrote:
Good article. Additionally you're mistaken if you think all you need is anti-malware software. You need another layer of some sort of web filtering system. I use both Open DNS (on my router) and Bluecoat K9 (on my PCs). Both are free to home users. Both block known malware and phishing sites, blacklists which are updated via their payed corporate customers. Both work on MAC, Windows, and Android.

Bluecoat was in it's prime in 2012 or so. Today, forget it. Not current so leaves you with iffy filtering, etc. As for Open DNS... aok.

strollin wrote:
Which OS is most secure?

No, you are almost certainly wrong if you tried to guess. ...

This line from the article speaks volumes: "Also remember that your own behavior affects security more than your choice of device, and that you never are 100% safe no matter what you do."

The study that the article links to doesn't even list Android which seems very odd. While iOS has more vulnerabilities disclosed at least the fixes reach the customers in a reasonable timeframe. Android fixes very often don't get to the consumer for a year or more if at all. Even though the article is skewed toward making Apple seem insecure, I think iOS is considerably more secure (esp. iOS 😎 than Android.

A more valuable study would be mean time to fix for each vulnerability. A fixed vulnerability that gets patched within a few weeks is far more relatively secure than one that goes unpatched for months or years.

This study isn't that useful to show which OS is "safest" because it's not as simple as the one with the least security holes. It also is just a listing of CVEs recorded in 2014 so lumping everything under Apple iOS could show items exclusive to iOS 7 or iOS 8 which means nothing if you're not on that version. Or Windows 7 only versus Windows 8 - I wouldn't gauge my security on the number of vulnerabilities in an OS flavor that I'm not currently running.

Got my firewall running, check. Got the strongest anti-virus I could find running and constantly scanning, check. surf on a NON-administrator account, check. Use long, random-character passwords everywhere, check. Been on a Mac for years, check. And with all that, I'm still paying close attention to security issues. No, I've NEVER thought I was invulnerable because I was a Mac user. I've always known that the lack of viruses was probably largely due to the low returns on writing Mac-specific viruses, and sure enough, the nogoodniks are on Apple's case now.

Knock on wood, I've managed to miss all the malware thrown my way. So far.

But I still laugh when, from time to time, I stumble upon a web site that does things like throw up a screen warning me that "we have detected that your PC is infected with multiple viruses" and a voice comes across claiming to be from Microsoft Security Essentials demanding I call this phone number to get the malware removed from my computer. (It is usually clear that the phone number is one of those pay-to-call sites, so if you fall victim, they already gotcha.

Like Microsoft Security can scan your computer that way. As if Microsoft gave fig about a Mac. And I was dumb enough to bite.

But I'm keeping on top of it as best I can.