Is Obsolescence Good Computer Security?

caesar-auf-nihil asks: "I was recently considering a switch from dial-up to something faster (either cable or DSL) but my friend recommended against it since he said I was more secure staying with Dial-Up. His argument was that my connection's slowness and 'not always on' connection gave me better security since I was less of a target for many security threats. Now, I have never gotten infected, nor do I believe my machine is infested with spyware and/or controlling programs as it runs fine, but I wonder if the obsolescence argument is really good or not. Does Dial-Up really protect you or is this a false sense of security and I should just go ahead and pick a faster service and make sure my firewall is a good one and my virus definitions are always up to date?"

Not true

[republican gourd]

Its only true in the way that you will be mugged less if you walk naked down one back alley every night instead of twenty. Go ahead and get the faster connection, and get a hardware device (nat box at least, a real firewall would be better though) between you and your uplink line, and you'll be better off than you were before. You can't do that (using common hardware) with your modem in the first place.

Go with broadband.

[Slaytanic213]

Go with broadband.
You have a stupid friend.

If you want true security...

[Bin_jammin]

why not ditch your computer entirely, you can communicate via telegraph and morse code. Or better yet, do everyone a favor, and cease all communication altogether, and leave us the hell alone with this nonsense. My god, what the hell has happened to /.?

Simple answer, no

[jolyonr]

No, is the simple answer.

You could get hit by a worm just as easily - they attack by IP address and are indescriminate about where they attack - they don't care how fast your connection is.

As for spyware and the rest, if you're using a slower net then probability is that you'll browse less and be subjected to less risk, but in general the argument used is complete and utter rubbish - there's no additional security to be gained by dialup.

Jolyon

I think....

[fean]

That your friend is on the same cable node, and he wants all of the pr0n bandwidth for himself...

Buy a router, your computer will have the SAME security it would have through dialup....

you'll still have to deal with viruses and backdoors from emails, malware, etc,

Dial-up for security... don't count on it

[norminator]

I've had my computer get infected while downloading security updates over dial-up after a fresh installation of XP. I should have downloaded all the updates, or SP2 at the very least, from work and brought them home to install them.

One problem with dial-up is that you probably won't have a hardware firewall/router between your computer and the internet. Many folks with broadband access have some type of a router with a firewall/NAT built-in. Not everyone does, but some do, especially people with wireless setups, although that introduces its own security troubles.

The point is, if you think about security (which means you have to be aware of all the types of security threats to begin with, not just focusing on one or two that your friend told you about), you'll be able to take proactive steps to make your computer(s) more or less secure. Otherwise, you're leaving yourself open to becoming a zombie just as much as the other millions of computer users out there.

upgrade

[Janek Kozicki]

upgrade to faster connection, switch to kubuntu [kubuntu.org] (free AND secure), or anything else equally secure [distrowatch.com].

If you need (unsecure) windows for anything, use vmware player [vmware.com] (free), or wine [winehq.com] (free), or if you need to play games with 3D acceleration then cedega [transgaming.com] (nonfree).

Remember about http://www.openoffice.org/ [openoffice.org] for office work, http://www.gimp.org/ [gimp.org] for drawing, http://www.k3b.org/ [k3b.org] for burning DVDs... and the list goes on and on.

ps: I've got some karma to burn, so here I'm whoring ;)

Re:Yikes

[Stan Vassilev]

"Don't cruise the net as root, or the admin user on a windows box. If you have to use Windows as your OS get a real firewall product, hardware even better than software, don't run unnecessary services, don't use IE unless its for the MS site itself. Don't use Outlook. Keep your system patched. Avoid sites like the free game and pr0n sites that are forever infesting computers. Get a useful book on security. Keep proper backups so that you can recover if all else fails"

Dude, wow, wow, wow... Is all this supposed to make him switch to broadband with an easier mind?

You don't need to freak him out. All this can be said in a much simpler fashion:

- Leave autoupdates on your windows ON, it'll take care of itself
- Download and install : ZoneAlarm for your firewall, and AVG Free for antivirus. Both free, user friendly and do their job.
- Download and install Firefox for your browsing needs.

And dial-up is indeed fake sense of security, so there.

That's

Re:In other good advice ....

[icepick72]

BTW on the serious side, I've been sitting on an always-on DSL connection since 1999 (two computers on it). That's 2005 - 1999 = 6 years * 365 days = 2190 days (okay, maybe minus a day or two for accumulated brief power outages) and I have *never* had a problem with being infected or comprised. Yes, I have been attacked ... they just have never got in! The secret for me has been a hardware firewall/router in front of my computer + relatively long cryptic passwords on the router and Windwos + also keeping my Windows software firewall turned on + keeping updated automatically with latest patches. The math is simple. High speed is worth it. Do it and leave your dial-up friend in the dust.

Re:Dial-up does not make you more secure

[jacksonj04]

Generally speaking, sharing any connection is best achieved with an external router and not via a computer. That way if your Gentoo machine falls over or you need to reboot, it won't take out the connection for everyone else. YMMV.

You could just get Linux and DSL...

[voss]

That way you can keep a high speed connection and not have to worry about it.

Re:Dial-up does not make you more secure

[Shakrai]

Not to mention you can't exactly throw a Linksys router (hardware firewall) inbetween you and the wall when you are on dialup.

Perhaps you've never seen one of these [multitech.com].

We used to sell them to customers too far out in the sticks to get anything but dialup but whom wanted extra security or the ability to network multiple machines. We even had an entire office once that did all of their billing to an AS/400 via a dialup. It was all terminal based so the dialup worked just fine. At peak hours they had 11 people all doing billing at the same time. And you know what's really sad? They could do it faster on that terminal system then any GUI that has come since.

Ditto when I worked in the insurance field. We absoletely hated the new version of our agency management system when they moved to Windows. When will interface designers learn that it's faster if you don't have to take your hands off the keyboard every three seconds?

Re:Dial-up does not make you more secure

[Shakrai]

Generally speaking, sharing any connection is best achieved with an external router and not via a computer. That way if your Gentoo machine falls over or you need to reboot, it won't take out the connection for everyone else. YMMV.

Generally speaking, sharing a connection with Linux will give you useful hands on experience with iptables and it's a million times more flexable then any hardware router and about $60 cheaper.

Re:Yikes

[Hydroksyde]

You did omit some things there, the "not cruising the net as admin or root" is one important thing. In any unix-like operating system, people will point and laugh at you if you do this. This is a less viable option in windows, due to a lot of poorly written software, but what I suggest is:

• Avoid software that needs to be run with administrator privilages. It's obviously poorly written anyway, and let the developers know why you wont use their software too.
• If you absolutely must run such an application, rather than doing evrything as administrator, when you want to run the program, shift+right click the icon and click "run as". Then log in as a user with the required privilages.

Doing this will make your system much less vulnerable to nasty malware programs, as if you're running as an administrator, and you run them, they have complete access to your computer.

Re:Dial-up does not make you more secure

[innosent]

In a home environment, this is likely not a real problem. In a business environment, anything beyond about 15 active users is usually too much for a Linksys-type router, since the processor and memory capabilities of these are usually pretty low. I think Netgear has a few for small/medium businesses, but if all you want is a NAT box, Linux/*BSD work quite well on some pretty low-end hardware. 100 users on a DSL/Cable circuit could be handled by an old Pentium 133 picked up on eBay for $25. At work, we have a FreeBSD box (though on a much faster Opteron 244) doing NAT, firewalling, monitoring, load balancing, and intrusion detection for 2 Gigabit segments, 3 T1s, and a Frame Relay circuit. On average, this box is at 0.4% CPU utilization when you aren't actively monitoring something.

Re:Oh dear god what a stupid idea/concept

[Jezza]

I've heard this argument before (no really). On the face of it, it has something going for it - OK, now why is it wrong?

Well if the PC isn't connected, it can't download updates to Windows (patches) and its Anti-Virus/Firewall/Anti-Spam etc. So when it is connected it will probably be a poor position security wise. From a practical perspective has anyone tryed to keep a PC "all patched up" over dial-up? Takes forever to download the patches, it isn't actually practical. So no, getting proper security utilities in place (and setting them up correctly) then connecting via ADSL (or similar) will probably improve the security. One tip though - don't get your friend to set it up. ;-)

Very good point

[sterno]

Not only are they less likely to worry about security updates, but are you going to sit there and kill your bandwidth for days trying to download some major upgrade. For me I have DSL with 3Mbps downstream, so when new patches come out I can download them without skipping a beat.

Besides, the dialup doesn't really make you more secure. It's slower, so the amount of harm you can do to others by some worm is lower, but I can assure you, you can still get infected. I bought a new laptop while I was on a trip somewhere (long story), and while I was on the trip I used the dial-up modem on it for a couple days. During that short period of time it picked up a virus.

So get DSL and get a firewall. Firewalls will kill the vast majority of attacks. Sure you can still get crap through e-mail and websites, but then at least you're at the controls and can avoid screwing up too much.

Not any safer

[sqlrob]

After I switched my father to Linux, I kept an eye on the logs.

Time from dial up connection to blaster hit: 8 seconds
Time from dial up connection to Nimda Hit: Two and a half minutes

So no, it's not safer.

Re:Broadband Plus OS X

[Anonymous Coward]

>>The simple fact is far, FAR more research has gone into identifying and exploiting flaws in Microsoft products.

Because Microsoft makes it easy, and possible. A computer is not a living organism. It should not be any more susceptable to a virus than your toaster. Microsoft put the ability to execute code into their applications and file formats where that kind of thing doesn't belong, and they did it on purpose. In 1995 Bill Gates even bragged in The Road Ahead that other software vendors thought they were crazy when they were talking about building a programming environment into Word and were talking about every program having its own built-in programming environment that users could use to extend the functionality of the software. (See the recent WMF vulnerability for another example of this. "Hey, let's make it so that a picture file can execute code!" was not an accident, it was a Microsoft design decision, a philosophy which has guided their software development as long as they have been a company.)

Yes, more research has gone into exploiting Outlook than Notes or Eudora. Why? Because Microsoft made Outlook so that it could arbitrarily execute code! This was not an accident, is was an intentional decision. Same for the way they designed Office, Windows Media Player, Internet Explorer, Windows Picture and Fax Viewer, IIS 5.0, etc etc etc. They build programs that scream "hey! Give me your code and I'll run it! Any arbitrary code, I'll take it!", what do you think is going to happen in a world where computers are all networked together?

Your pedantic bullshit about "technically macro viruses are not Windows problems because they run on Office" is no more well reasoned. By that logic IIS worms, Outlook worms, Messenger worms, WMF vulnerabilities, etc., are not Windows problems either, since they all need another piece of Microsoft software to be running in order to do their dirty work.

Do you see the common thread here? Pick up The Road Ahead and read about Bill Gates's software design philosophy in his own words, about building all of their programs so that they can accept and run code, building all of their file formats so that they can contain embedded scripts, and then tell me again that that design philosophy has nothing to do with the virus problems in Microsoft software.

Dailup comparatively worse.

[sailent]

Dialup is in essence more secure because of speed you can visit websites, and the lack of not being connected 24/7 which isn't a problem with broadband if you have your firewall on. But comparitively the crap you can get into on dialup is worse. For example you can get a virus or spyware dialer on your machine. One of these over the christmas holidays racked up $600 dollars for my mama and papi who no matter how hard you lock there system down still get into trouble. At least for broadband they shut down your connection for a month if something happens. That alone would get me thousands of miles away from ever buying dialup again.(but when you can never really switch back after :) ) Oh yeah and your alternatives to getting around the dialup charges in canada are that you pay the phone company to password your long distance. They did the first time this happened offered a blocking solution. But it didn't include the long distance.

Re:Dial-up does not make you more secure

[mkosmo]

Downloading the tools to correct a worm or virus you get also take longer, leaving your machine more vulnerable while you are online longer retrieving the tool to fix the worm. Also as mentioned, dial up users are natively discouraged from updating their systems since updates (win-doze, anti-virus, up2date, yum, etc..) are larger files designed for broadband users, meaning they are much wider open, and will be wider open for a longer period while they are online.

Re:Dial-up does not make you more secure

[eta526]

Security Through Obscurity means that the method that makes you more secure is hidden in secrecy.

You've just described Obscurity OF Security or Security WITH Obscurity, not Security THROUGH Obscurity. The parent was correct. You are not. I will not bother explaining the difference since you are an anonymous coward, but if you compare the two descriptions, you will see.

Re:Odd Question

[Woy]

Well any operating system will look good in a port scan if it is sitting behind a NAT.

Re:Dial-up does not make you more secure

[TurboStar]

"then any hardware router and about $60 cheaper."

I paid $60 for my router. I got 802.11g and four ethernet ports on it. How is a PC with a wired card, wireless card, and an external switch to be had for free? I'm also quite certain my dedicated router uses a lot less power than running a PC all the time. Especially if you're talking about an old junker PC you had laying around or got for free.

No, sir, Linux on your old junker is rarely cheaper than a budget router.