Seriously, has anybody ever seen a serious virus problem in Windowswhen using AV protection?

[Lusotec]

No, I'm just saying that using certain conventions found in .NET, such
as what they call Stored Procedures (from memory), you negate SQL
injection exploits.

Silly boy! Badly written stored procedures are just as vulnerable to SQL
injections as any other SQL code.

Also in ASP.NET you can set a switch in your XAML/
HTML file like "ValidateRequest="false" to allow (or deny) "<" ">"
characters.

Great, that will stop SQL injections ... NOT!

C++ used to be my favorite language but nobody save scientists code in
that anymore

Only scientists? Are you really this clueless?!

...no eye candy. Switch to C# and join the fun!

You switched to C# because C++ has no eye candy? LOL!

(..)
XAML in .NET allows you to break up (mostly) the art (front end GUI) from
the science (back end engine).

Separation of core logic and presentation is nothing new and definitely was
not pioneered in, or is exclusive to XAML.

Regards.

 

[Peter]

http://en.wikipedia.org/wiki/Windows_XP

And I quote: "
Product key testing

In addition to activation, Windows XP service packs will refuse to
install on Windows XP systems with product keys known to be widely used
in unauthorized installations.

Like I said in my previous response to you, I've been in the PC field for
a very long time. I was A+ certified when it was still a "cool" thing to
waste money on.

I used wikipedia for the first link convenience only. You can find the
same information on the laborinth of MS website. They're proud of that ..
ehh, feature actually.

Please provide a link other than Wikipedia. I've searched for this
activation issue with sp3 and can only find the Wikipedia link. Can't
find any mention of it on Microsoft Support or anywhere else. As Char
Jackson stated, updates are still allowed even if WGA fails and this is
the first I've heard of service packs not being allowed.

 

[Leythos]

Thinking about it, some of you folks out of the AV group are belligerent
little buggers aint'cha?

You seem to have perfectly described yourself.

 

[Leythos]

If you assume a power savings of 50 watts (low power state versus off
state) and a KWh cost of $.10, my back of the napkin calculation is
just under $15 a year in savings. Obviously, the actual numbers will
vary depending on the specific system and the local cost of power,
causing the result to vary.

Why would you make an "Assumption" instead of actually learning how much
your system is using?

 

[Peter]

Unless the suspect computer's hardware (firmware) is suspect, there is
no need (and complications can arise from hosting two versions of NTFS
on a system).

Of course I wouldn't be trying to boot the virus infected O/S in another
machine. I would just be wanting to get access to the HD.

Virii is the wrong term, and viruses can start when one of their hosts
is invoked.


Yes, it can be a waste of time trying to fight an active malware
infestation. Stop the process(es) - then remove the files and reverse
the data changes. In a sense, the difference between a worm and a virus
is that the worm instantiates its replicant. The virus *might* execute,
but the worm *will* execute. My point being that the virus need not make
any provision for its replicant to be executed in turn (no startup
mechanism other than the chance a host will be invoked).

That last line doesn't seem clear. You seem to be saying that a virus
can run without requiring any means to get it started other than the
host machine starting up. How can that be? Of course I'm aware of new
XP machines with no updates or service packs and open connections to the
internet getting infected within minutes/hours, but how does a machine
become infected if it's completely cut off and there is no obvious
connection to the virus to get it started? Despite the fact the virus
file(s) may well still be on the machine, but not yet located.

 

[FromTheRafters]

Of course I wouldn't be trying to boot the virus infected O/S in
another
machine. I would just be wanting to get access to the HD.

When the host machine sees the NTFS volume, it may revise it. Bringing
it back to its home system may create version soup problems where the
file system is a "newer" revision than the current OS supports.

[...]

That last line doesn't seem clear. You seem to be saying that a virus
can run without requiring any means to get it started other than the
host machine starting up.

No, viruses (in this vein) are hosted by "programs" not "machines". You
can start the machine, look at all known start methods (run keys, BHOs,
etc...), find no suspicious processes running. No active malware at all
(full scan by antimalware also finds no inactive malware). Yet, when
(for instance) an "infected" text editor is invoked, the virus becomes
resident.
,

How can that be? Of course I'm aware of new
XP machines with no updates or service packs and open connections to
the
internet getting infected within minutes/hours, but how does a machine
become infected if it's completely cut off and there is no obvious
connection to the virus to get it started? Despite the fact the virus
file(s) may well still be on the machine, but not yet located.

If self-replicating malware doesn't use a host "program", it will
probably have another way to start. These types are commonly termed
"worms".

A virus can hide in a program that you use every time you fire up the
computer, or in a program that you only use once in a blue moon. Viruses
don't "care" whether they run or not - they might not be interested in
anything (data, computing power, serving you advertisements) they may
just sit there until you fire up your tax program for the 2013 tax
season and activate a payload if the date is after dec 21st 2012.

(I do expect a rash of malware to have trigger dates in line with the
ending of the Mayan calendar)

People are so used to having malware that wants to *use* their computing
power that they forget that malware can also just be interested in
spoiling your day by ending their computing power - like the old days.

 

[Char Jackson]

No, do you?

It's pretty easy to check with something like this:

P3 Kill A Watt Electricity Load Meter and Monitor
http://www.newegg.com/Product/Product.aspx?Item=N82E16882715001

 

[Char Jackson]

Why would you make an "Assumption" instead of actually learning how much
your system is using?

A better question would be why would you, or anyone else here, be the
least bit interested in what *my* system is all about? The only thing
that should be important to you is *your* system. I know about my
system(s), but I don't have any information about yours, so you'll
have to figure it out for yourself. My example should help get you
started.

 

[Char Jackson]

When your installing a service pack, haven't you noticed prior to
actually installing it checks the product key? What do you suppose it
does if that key doesn't checkout well? Would you like to take a guess?

I'm not sure why you're getting so upset. All I said was that I have
never run across a system that couldn't be updated to any Service Pack
level, nor have I run across a system that couldn't have security
updates applied, regardless of the illegitimacy of the license.

Does such a thing exist? Probably yes, if you say so, but I have not
seen it in the ~9 years that XP has been in the field. If I ever run
across it, I'll be sure to remember that you told me so.

 

[Dustin Cook]

Just curious, but what is your hourly rate or do you get paid by the
job?

I charge by the job. This allows me to be competitive with everyone else
and not overcharge people who really can't afford the repairs but need them
done anyhow.

And I'm sure you would be a perfect witness on the stand if I were
trying to prove that it's not Windows but the user who is at fault in
nearly any security breach. SAVE for Zero-Day attacks, which cannot

In many cases, it's the user yes.

 

[Dustin Cook]

Please provide a link other than Wikipedia. I've searched for this
activation issue with sp3 and can only find the Wikipedia link. Can't
find any mention of it on Microsoft Support or anywhere else. As Char
Jackson stated, updates are still allowed even if WGA fails and this
is the first I've heard of service packs not being allowed.

*sigh*. This is really easy, I've provided a primary google link; and
then I followed it up with the wikipedia link. I went so far as to
provide the first 5 characters of the infamous blacklisted key. I can do
no more homework for you or anyone else.

If you or anyone else here honestly didn't know about this problem, you
do now. If you still think it's untrue, go fetch the key FCKGW change one
of the VLK machines to this key and try loading a service pack...

 

[Dustin Cook]

Slower speed when you don't use a NIC card but use a USB makes sense.

USB for network traffic when a NIC card is present doesn't make *any*
sense to me. You only have so much bandwidth on the USB interface and
that's shared between everything plugged in.

Router would I think have a hardware firewall, but in theory a
software firewall should also do the trick, though I have both running
on my machines.

A software firewall is easier to compromise or just turn off. A hardware
state inspection firewall is much better.

Good war story, and it shows it's not Windows at fault, but the user.

Not a war story, pretty typical actually..

And the user is pretty dumb, though people like him keep you employed.

People like him and perhaps yourself as well.

 

[Leythos]

[snip]
If you assume a power savings of 50 watts (low power state versus off
state) and a KWh cost of $.10, my back of the napkin calculation is
just under $15 a year in savings. Obviously, the actual numbers will
vary depending on the specific system and the local cost of power,
causing the result to vary.

Why would you make an "Assumption" instead of actually learning how much
your system is using?

A better question would be why would you, or anyone else here, be the
least bit interested in what *my* system is all about? The only thing
that should be important to you is *your* system. I know about my
system(s), but I don't have any information about yours, so you'll
have to figure it out for yourself. My example should help get you
started.

Maybe, just, maybe, you replied with "If you assume..." as part of your
reply... So, it's not that we really give a rats butt about your system,
just wondering why you "assumed" instead of actually checking?

 

[Char Jackson]

[snip]
If you assume a power savings of 50 watts (low power state versus off
state) and a KWh cost of $.10, my back of the napkin calculation is
just under $15 a year in savings. Obviously, the actual numbers will
vary depending on the specific system and the local cost of power,
causing the result to vary.

Why would you make an "Assumption" instead of actually learning how much
your system is using?

A better question would be why would you, or anyone else here, be the
least bit interested in what *my* system is all about? The only thing
that should be important to you is *your* system. I know about my
system(s), but I don't have any information about yours, so you'll
have to figure it out for yourself. My example should help get you
started.

Maybe, just, maybe, you replied with "If you assume..." as part of your
reply... So, it's not that we really give a rats butt about your system,
just wondering why you "assumed" instead of actually checking?

I don't think that would have helped, but your point is taken.

 

[Leythos]

[snip]
If you assume a power savings of 50 watts (low power state versus off
state) and a KWh cost of $.10, my back of the napkin calculation is
just under $15 a year in savings. Obviously, the actual numbers will
vary depending on the specific system and the local cost of power,
causing the result to vary.

Why would you make an "Assumption" instead of actually learning how much
your system is using?

A better question would be why would you, or anyone else here, be the
least bit interested in what *my* system is all about? The only thing
that should be important to you is *your* system. I know about my
system(s), but I don't have any information about yours, so you'll
have to figure it out for yourself. My example should help get you
started.

Maybe, just, maybe, you replied with "If you assume..." as part of your
reply... So, it's not that we really give a rats butt about your system,
just wondering why you "assumed" instead of actually checking?

I don't think that would have helped, but your point is taken.

I think it would have helped you to really assess your actual savings,
if you used real data.

My electric cost averages $0.16, but my power differential is so low
during off periods, like in your example, that the cost savings is
worthless to me - I waste more than $15/month on food I should not be
eating

 

[Char Jackson]

[snip]
If you assume a power savings of 50 watts (low power state versus
off
state) and a KWh cost of $.10, my back of the napkin calculation is
just under $15 a year in savings. Obviously, the actual numbers will
vary depending on the specific system and the local cost of power,
causing the result to vary.

Why would you make an "Assumption" instead of actually learning how much
your system is using?

A better question would be why would you, or anyone else here, be the
least bit interested in what *my* system is all about? The only thing
that should be important to you is *your* system. I know about my
system(s), but I don't have any information about yours, so you'll
have to figure it out for yourself. My example should help get you
started.

Maybe, just, maybe, you replied with "If you assume..." as part of your
reply... So, it's not that we really give a rats butt about your system,
just wondering why you "assumed" instead of actually checking?

I don't think that would have helped, but your point is taken.

I think it would have helped you to really assess your actual savings,
if you used real data.

I didn't feel it was necessary to populate the example with my own
actual savings. That's why I used such round numbers. In my own case,
I know what my usage, costs, and savings are, but again, I didn't
think it would be interesting to anyone else.

Besides, it wasn't my example to begin with. Wasn't it you who set the
initial parameters of "off 8 hours a day versus on 24/7"? I was just
putting sample numbers to that scenario.

My electric cost averages $0.16, but my power differential is so low
during off periods, like in your example, that the cost savings is
worthless to me - I waste more than $15/month on food I should not be
eating

$15/month would be significant to some, but I only calculated
$15/year, so it really falls into the weeds. And yes, I too waste
money on stuff that isn't good for me.

 

[The Central Scrutinizer]

Seriously, has anybody seen--or even heard--of a serious virus
(including rootkit or malware) problem in Windows when using
commercial antivirus protection?

Of course.

One of the claims of the Linux crowd is that such problems are
legion. But talking so some of the people at alt.comp.anti-virus I
get the impression such problems are rare.

Who is more right?

BTW, check out this PDF on AV software:
http://www.google.com/url?sa=D&q=ht...22.pdf&usg=AFQjCNEDInyvV2WgWDzeAWeAjzJKLymkDA

It compares 16 commercial programs, and finds Microsoft at #2,
catching 60% of all viruses (Avanti is #1 at 70%). And we're taking
about all viruses, some of which as so obscure I'm sure you'll never
seen one in the wild...

As I recall the comparatives example was for home solutions only. The
Corporate solutions may
be better namely as the configurations and options may be locked down (which
you do not have
for the average home user). The #1 concern causing problems either way is
users running with
local admin privs. AV does not do much good in those cases. Also the baddies
are creating new
versions of virus types and other malware that the companies can barely keep
up with.

 

[Dustin Cook]

I'm not sure why you're getting so upset. All I said was that I have
never run across a system that couldn't be updated to any Service Pack
level, nor have I run across a system that couldn't have security
updates applied, regardless of the illegitimacy of the license.

I'm not upset. You claimed you doubted the problem with a licensing issue
and implied it was probably something I didn't clear up. As we both do this
professionally, I'm sure the remark was towards my skillset; naturally when
someone less professient (sp?) than you, your going to take offense, as I
clearly did. It's a well documented fact sir that some VLK keys are
blacklisted and the servicepacks will refuse to load on those keys.

I find the claim that you've been doing this for 9 years and haven't heard
of this or run into it to be slightly suspect at this point.

Does such a thing exist? Probably yes, if you say so, but I have not
seen it in the ~9 years that XP has been in the field. If I ever run
across it, I'll be sure to remember that you told me so.

It does exist, and it's not because *I* said so. MS developed it, MS is
responsible for it. You must have a very small circle of clients for whom
you do work if you haven't seen it in 9 years...

 

[Dustin Cook]

Here's an example of how code could get on a normal user (who is logged in
with administrator rights) without the user actually being responsible for
it.

http://www.mozilla.org/security/announce/2010/mfsa2010-08.html

Btw, All firefox users should probably go ahead and update if you haven't
already.

 

[Dustin Cook]

From: "Char Jackson" <[email protected]>



I hear you, but I just don't buy that it's a significant issue. In
fact, I don't think it's an issue at all.

So you've never heard of chip creep either then..

Are you actually fixing stuff professionally and charging money for your
services or just some dude helping his neighbors out?