Is Obsolescence Good Computer Security? 490
caesar-auf-nihil asks: "I was recently considering a switch from dial-up to something faster (either cable or DSL) but my friend recommended against it since he said I was more secure staying with Dial-Up. His argument was that my connection's slowness and 'not always on' connection gave me better security since I was less of a target for many security threats. Now, I have never gotten infected, nor do I believe my machine is infested with spyware and/or controlling programs as it runs fine, but I wonder if the obsolescence argument is really good or not. Does Dial-Up really protect you or is this a false sense of security and I should just go ahead and pick a faster service and make sure my firewall is a good one and my virus definitions are always up to date?"
Odd Question (Score:5, Interesting)
In short, I suppose you would be more secure on dial-up. Less data moving around, less access to situations which may be a threat, less up-time, etc.
That being said, most of the world is already using an always-on connection, and the vast majority of them manage just fine. It's not a daunting task to configure a setup that will secure your home computer to a suitable degree. Just your ordinary broadband router should include a firewall that should be sufficient, and the Windows firewall is also likely sufficient.
If you aren't an expert on setting up your network, then just find one of your more tech-savvy friends (not the one that told you to stay on dialup!) and have them check your router/firewall configuration. There are also websites you can visit (Symantec?) that will perform a check on various ports for basic vulnerabilities.
You protect others (Score:2, Interesting)
Still at risk (Score:2, Interesting)
Low bandwidth denial of service attacks (Score:3, Interesting)
Re:Yikes (Score:3, Interesting)
Would that were true, but unfortunately cell phones, pagers, and even cars are susceptible to malicious code, as I'm sure will the newer generation of high definition DVD players which need to fetch keys from the net every time a movie is played. I can envision the day when any appliance or device that is powered by electricity will capable of becoming infected.
Re:Dial-up does not make you more secure (Score:3, Interesting)
Obscurity through Wikipedia (Score:4, Interesting)
(The one I'm getting pretty tired of is "ad hominem", which many people seem to think is Latin for "You hurt my feelings!")
Briefly put, Security Through Obscurity is the assumption that your security holes will not be found because they're in a place few people will think to look. That strategy was never a good one, but it used to be more effective than it is now. Back in the 50s, when few computers were online the effectiveness of STO was merely unacceptable. Nowadays, the effectiveness of STO is pretty much non-existant — as long as the computer is online.
Now a computer using dialup is less hackable than one using DSL, because it's not always available, and because it's harder to probe when it is. The difference has nothing to do with "obscurity" — there's just less bandwidth for a hacker to play with.
Of course, a dialup connection when no security measures is still pretty fucking dangerous. But you're wrong to claim that there's no difference at all.
Re:Yikes (Score:2, Interesting)
Well said. Knowledge, common sense, and being prepared is the majority of the battle.
Backups are not fun, but pay off sooo much in the long run! It's almost certain that sooner or later Some BAD Thing (tm) will happen: getting pwned, catching a bug, harddrive fail, etc. With a current backup....no worries, just a little lost time.
like many have said above- get some good documentation on your setup (related to security), keep patched, "broadband" with router (*nix box as router or hardware routert with NAT, etc.), good AV and anti-spy/malware software, backups, common sense, and as stated ENJOY.
Re:Dial-up does not make you more secure (Score:1, Interesting)
On a lot of these routers, the DHCP servers give out addresses from a pool of200+ addresses because they're preconfigured on 10.0.0.0/255.255.255.0 . Many people find it easier to allocate netmasks that only contain 255 and 0. My router would happily allocate DHCP from 10.0.0.3 up to 10.255.255.254. That doesn't mean that I can have 16,000,000+ machines connected to it.
Re:Oh dear god what a stupid idea/concept (Score:3, Interesting)
Re:Security through lack of reward. (Score:4, Interesting)
The zombie masters don't give two shits about the size of your connection. They do is to release their infections into the wild and will add any and all to their zombie horde. Whether you are blessed with a 5 meg DSL, or have the misfortune of sitting on a 26k dialup connction is unimportant to them. The infection of you machine will be accomplished through an automated process that doesn't care about how you are connected to the internet.
I speak from personal experience. I thought exactly as you did, and my box was infected within a week of getting a dialup connection. I didn't think I'd need that firewall for a piddly 28.8k dialup line that was only going to be used to check email until the broadband was installed. When I finally got the box cleaned and back on line with a firewall, I logged over 300 intrusion attempts in the first hour.
Well Linksys routers aren't the answer there... (Score:3, Interesting)
IPCop [ipcop.org] will do modem dialouts (manually initiated and on-demand) and provide firewalling, caching, etc. for the same with any hardware and many software Modems out there. In fact, when Verizon fubared my DSL pending my FiOS install, I had to resort to that by popping in a hardware PCI modem (yeah, they DO make 'em) into the box instead of my Red NIC and plugged in my road warrior ISP. While it was dialup (with all the concomittant slowness...), it DID work well with all the setup in the house (incl. my firewalled and VPNed wireless leg...).
Basic configurations will work, esp. with an external modem and are largely no-brainer setups.
However, having said all the above, the original article poster's "friend" wasn't doing him any favors by making very misleading statements like he did. Most of the malware flatly doesn't care if you're not always on and high-speed. It'll zap you even on dialup (Remember Blaster?) and it may zap you in such a way that you can't even get on (Remember Blaster?). If your OS is insecure, it matters little what bandwidth you have- it's still insecure. Just because you're not as useful for a botnet doesn't mean you won't get trojaned or zoomed by a worm/virus all the same. The exploits and their use don't discriminate in a manner like dialup versus broadband- they attempt to zap EVERYONE .
The original poster should just get broadband of some kind- a goodly portion of the Internet has become painful to use because developers are assuming broadband like access and do all kinds of stupid things to their bandwidth and latency from off of their sites.
English is still in beta jack-ass! (Score:3, Interesting)