Is Obsolescence Good Computer Security?

caesar-auf-nihil asks: "I was recently considering a switch from dial-up to something faster (either cable or DSL) but my friend recommended against it since he said I was more secure staying with Dial-Up. His argument was that my connection's slowness and 'not always on' connection gave me better security since I was less of a target for many security threats. Now, I have never gotten infected, nor do I believe my machine is infested with spyware and/or controlling programs as it runs fine, but I wonder if the obsolescence argument is really good or not. Does Dial-Up really protect you or is this a false sense of security and I should just go ahead and pick a faster service and make sure my firewall is a good one and my virus definitions are always up to date?"

Dial-up does not make you more secure

[darkpurpleblob]

It sounds like your friend is advocating a type of security through obscurity [wikipedia.org] to me. Being on dial-up won't protect you. You should be using a firewall and have up to date virus definitions regardless of your type of connection to the internet.

Re:Dial-up does not make you more secure

[stevey]

Being on dial-up won't protect you

Being on dial-up might even be worse for your security, since most people who have only dial-up will ignore security updates. (Predictably enough, downloading large patches is more troublesome when you have a slow and infrequent network connection)

Re:Dial-up does not make you more secure

[Glonoinha]

Not to mention you can't exactly throw a Linksys router (hardware firewall) inbetween you and the wall when you are on dialup.
This is about like having sex without a condom and thinking 'well she is a little slow, so she probably doesn't have any diseases.'

Re:Dial-up does not make you more secure

[Shakrai]

Not to mention you can't exactly throw a Linksys router (hardware firewall) inbetween you and the wall when you are on dialup.

Perhaps you've never seen one of these [multitech.com].

We used to sell them to customers too far out in the sticks to get anything but dialup but whom wanted extra security or the ability to network multiple machines. We even had an entire office once that did all of their billing to an AS/400 via a dialup. It was all terminal based so the dialup worked just fine. At peak hours they had 11 people all doing billing at the same time. And you know what's really sad? They could do it faster on that terminal system then any GUI that has come since.

Ditto when I worked in the insurance field. We absoletely hated the new version of our agency management system when they moved to Windows. When will interface designers learn that it's faster if you don't have to take your hands off the keyboard every three seconds?

Re:Dial-up does not make you more secure

[JeffSh]

i work for a software company that develops software for windows and the gui is tuned to people who only use the keyboard... and tabbing isn't necessary.

soo, windows software doesn't have to be that way; just bad windows software does.

English is still in beta jack-ass!

[cheekyboy]

English is more like an intel chip, bad design, but still chugs along and works. We all can still use the minium instruction sets badly and people still understand.

Well Linksys routers aren't the answer there...

[Svartalf]

However, there is an answer if you can scare up a 486 or better with 32Mb of RAM, 400Mb of HD, etc.

IPCop [ipcop.org] will do modem dialouts (manually initiated and on-demand) and provide firewalling, caching, etc. for the same with any hardware and many software Modems out there. In fact, when Verizon fubared my DSL pending my FiOS install, I had to resort to that by popping in a hardware PCI modem (yeah, they DO make 'em) into the box instead of my Red NIC and plugged in my road warrior ISP. While it was dialup (w

Very good point

[sterno]

Not only are they less likely to worry about security updates, but are you going to sit there and kill your bandwidth for days trying to download some major upgrade. For me I have DSL with 3Mbps downstream, so when new patches come out I can download them without skipping a beat.

Besides, the dialup doesn't really make you more secure. It's slower, so the amount of harm you can do to others by some worm is lower, but I can assure you, you can still get infected. I bought a new laptop while I was on a trip

Re:Dial-up does not make you more secure

[mkosmo]

Downloading the tools to correct a worm or virus you get also take longer, leaving your machine more vulnerable while you are online longer retrieving the tool to fix the worm. Also as mentioned, dial up users are natively discouraged from updating their systems since updates (win-doze, anti-virus, up2date, yum, etc..) are larger files designed for broadband users, meaning they are much wider open, and will be wider open for a longer period while they are online.

Re:Dial-up does not make you more secure

[eneville]

NAT is just a state table, a combination of [ external ip, a source ip and source port ] with [ destination ip, destination port and NAT IP ]. What makes circumventing this hard is that only in a few cases do all ports forward to the destiantion NAT IP. The moment you redirect a port to a NAT IP you're effectively putting that host on the internet with a firewall that has just that port open. It's a layer of security just like a firewall, but not to be seen as any increase when compared to a firewall becaus

Re:Dial-up does not make you more secure

[Chandon Seldon]

The trick is that consumer NAT boxes open zero incoming ports by default. That's a signficant security increase for any unpatched Windows boxes involved (i.e. a fresh Windows XP sp1 is likely to survive the automatic updates to current security patches unhacked if behind a NAT, whereas unpached sp1 tends to get cracked in less than 10 minutes when connected directly to the internet in a broadband IP range)

Re:Dial-up does not make you more secure

[rideaurocks]

You really have to think about the vectors of infection. With dial up you're less likely to be infected by a probe of your computer that's scanning for a vulnerability since, as you said, it's not an always-on connection.

But is that really how you get virii & spyware? I think not. The same access points are still there. A website that installs spyware thu activex doesn't care that you're on dial up. The trojan in the warez you (patiently) downloaded doesn't care either. Accessing the Internet puts you at risk. Thinking that a slow connection is the sole determinant of your value is naieve.

off-topic: 'security through obscurity'

[Animaether]

Isn't all computer security in essence a security through obscurity ?

Sure.. you can have a 256-bit key encrypted thingamabob - but the obscurity lays in the fact that you should be the only person with the key. If somebody else, in whatever way, gets at the key, they can get in just like you did.

It's just a -better- form of security than, say, putting a file on a server, not indexing it, and leaving it with a random name. Yes, if somebody were to try all possible filenames on your server, they'll hit it e

Re:Dial-up does not make you more secure

[CosmeticLobotamy]

It's not security through obscurity, it's security through inconsistent availability. But it only reduces your exposure to 20% or so, so it will just take you around 5 times longer to catch something, and we all know the stats on how long you can be connected with an unpatched system before you're screwed. 5 times that still ain't much.

So yes, it's a good idea to not be connected when you don't need to be connected, but it's a terrible idea to rely on it to protect you.

Security through lack of reward.

[RingDev]

Why do people rob banks and not homeless people? Because there is money in the bank, but the homeless person is likely broke.

A dial up connections obviously can't put out the same load that a broad band connection can. So it would stand to reason that a zombie net creater would be less interested in the computer. But most zombie net creater's are trying to get a huge number of PCs over a wide region, so while your PC isn't is sweet as a Win 98 box on a 5 meg DSL line, it is still another zombie. and it would likely be harder for the creators to make a filter to ignore your machine.

Same for spy/adware. Your machine isn't the best, but it is another machine.

so this is not obscurity he was preaching, it was desirablility he was preaching, albeit incorrectly.

-Rick

Re:Security through lack of reward.

[lobsterGun]

That is some dangerous and irresponsible advice. Do not allow yourself to believe for an instant that you are below the radar of a zombie master.

The zombie masters don't give two shits about the size of your connection. They do is to release their infections into the wild and will add any and all to their zombie horde. Whether you are blessed with a 5 meg DSL, or have the misfortune of sitting on a 26k dialup connction is unimportant to them. The infection of you machine will be accomplished through an automated process that doesn't care about how you are connected to the internet.

I speak from personal experience. I thought exactly as you did, and my box was infected within a week of getting a dialup connection. I didn't think I'd need that firewall for a piddly 28.8k dialup line that was only going to be used to check email until the broadband was installed. When I finally got the box cleaned and back on line with a firewall, I logged over 300 intrusion attempts in the first hour.

Obscurity through Wikipedia

[fm6]

Lately, we've seen a lot of people employing catch phrases and jargon incorrectly, and I'm convinced that these people base their misunderstanding on muddled explanations in Wikipedia. The article you point to is technically correct, but it's full of convoluted arguments and trivia. No wonder you got the concept wrong.

(The one I'm getting pretty tired of is "ad hominem", which many people seem to think is Latin for "You hurt my feelings!")

Briefly put, Security Through Obscurity is the assumption that your security holes will not be found because they're in a place few people will think to look. That strategy was never a good one, but it used to be more effective than it is now. Back in the 50s, when few computers were online the effectiveness of STO was merely unacceptable. Nowadays, the effectiveness of STO is pretty much non-existant — as long as the computer is online.

Now a computer using dialup is less hackable than one using DSL, because it's not always available, and because it's harder to probe when it is. The difference has nothing to do with "obscurity" — there's just less bandwidth for a hacker to play with.

Of course, a dialup connection when no security measures is still pretty fucking dangerous. But you're wrong to claim that there's no difference at all.

Re:Dial-up does not make you more secure

[Bradee-oh!]

Do you have two network adapters in the Gentoo box? If so, piece of cake [gentoo-wiki.com] (as far as all things Gentoo, go).

Re:Dial-up does not make you more secure

[jacksonj04]

Generally speaking, sharing any connection is best achieved with an external router and not via a computer. That way if your Gentoo machine falls over or you need to reboot, it won't take out the connection for everyone else. YMMV.

Re:Dial-up does not make you more secure

[Shakrai]

Generally speaking, sharing any connection is best achieved with an external router and not via a computer. That way if your Gentoo machine falls over or you need to reboot, it won't take out the connection for everyone else. YMMV.

Generally speaking, sharing a connection with Linux will give you useful hands on experience with iptables and it's a million times more flexable then any hardware router and about $60 cheaper.

Re:Dial-up does not make you more secure

[Shakrai]

Now THAT is good advice! Best buddy stole my router forcing me to turn my under used linux machine into a router/firewall.... I am twice the tech I was (now i canplay minesweeper AND manipulate text based routing tables)

Well, if you can play minesweeper you are well on your way to a MCSE certification :)

*duck*

Re:Dial-up does not make you more secure

[innosent]

In a home environment, this is likely not a real problem. In a business environment, anything beyond about 15 active users is usually too much for a Linksys-type router, since the processor and memory capabilities of these are usually pretty low. I think Netgear has a few for small/medium businesses, but if all you want is a NAT box, Linux/*BSD work quite well on some pretty low-end hardware. 100 users on a DSL/Cable circuit could be handled by an old Pentium 133 picked up on eBay for $25. At work, we have a FreeBSD box (though on a much faster Opteron 244) doing NAT, firewalling, monitoring, load balancing, and intrusion detection for 2 Gigabit segments, 3 T1s, and a Frame Relay circuit. On average, this box is at 0.4% CPU utilization when you aren't actively monitoring something.

Re:Dial-up does not make you more secure

[caluml]

No, it's your sly hinting that it's likely to be a box running Gentoo. What's that all about?

Yikes

[denissmith]

Not connecting to the Internet at all is even safer than dial up, and not even having a computer practically guarantees that you won't get spyware and malware. And what good is that? Your friend's advice is ludicrous. Use proper security. Don't cruise the net as root, or the admin user on a windows box. If you have to use Windows as your OS get a real firewall product, hardware even better than software, don't run unnecessary services, don't use IE unless its for the MS site itself. Don't use Outlook. Keep your system patched. Avoid sites like the free game and pr0n sites that are forever infesting computers. Get a useful book on security. Keep proper backups so that you can recover if all else fails, then relax and enjoy the experience. The time you'll save will pay for most of your outlays.

Re:Yikes

[Stan Vassilev]

"Don't cruise the net as root, or the admin user on a windows box. If you have to use Windows as your OS get a real firewall product, hardware even better than software, don't run unnecessary services, don't use IE unless its for the MS site itself. Don't use Outlook. Keep your system patched. Avoid sites like the free game and pr0n sites that are forever infesting computers. Get a useful book on security. Keep proper backups so that you can recover if all else fails"

Dude, wow, wow, wow... Is all this supposed to make him switch to broadband with an easier mind?

You don't need to freak him out. All this can be said in a much simpler fashion:

- Leave autoupdates on your windows ON, it'll take care of itself
- Download and install : ZoneAlarm for your firewall, and AVG Free for antivirus. Both free, user friendly and do their job.
- Download and install Firefox for your browsing needs.

And dial-up is indeed fake sense of security, so there.

That's

Re:Yikes

[BitterOak]

and not even having a computer practically guarantees that you won't get spyware and malware.

Would that were true, but unfortunately cell phones, pagers, and even cars are susceptible to malicious code, as I'm sure will the newer generation of high definition DVD players which need to fetch keys from the net every time a movie is played. I can envision the day when any appliance or device that is powered by electricity will capable of becoming infected.

Not true

[republican gourd]

Its only true in the way that you will be mugged less if you walk naked down one back alley every night instead of twenty. Go ahead and get the faster connection, and get a hardware device (nat box at least, a real firewall would be better though) between you and your uplink line, and you'll be better off than you were before. You can't do that (using common hardware) with your modem in the first place.

Re:Not true

[Planesdragon]

How exactly are you going ot be mugged if you're naked?

"Give me your wallet!"

"What wallet?"

Err..

[Nichotin]

Why would you be less secure with broadband? I mean, you typically get an external IP with dial up, and if you havent been infected yet, why would become infected if you get a broadband connection with NAT? You seem to have your client security sorted out, I'd say go for it.

Simple answer, no

[jolyonr]

No, is the simple answer.

You could get hit by a worm just as easily - they attack by IP address and are indescriminate about where they attack - they don't care how fast your connection is.

As for spyware and the rest, if you're using a slower net then probability is that you'll browse less and be subjected to less risk, but in general the argument used is complete and utter rubbish - there's no additional security to be gained by dialup.

Jolyon

You're not thinking big enough!

[hoggoth]

Why go for slightly better security when you can go all the way?!
Forget dial-up. Hand floppies to your friends with instructions on what web pages you'd like to browse. They will return the floppies to you with the pages. You will be extremely secure from viruses... much better than dial-up. Think of it like Netflix for the web.

network security

[EngMedic]

you should make sure you have a good firewall and your virus defs. are up to date simply as a Matter Of Course. That, or buy a Mac/install Linux. ( in which case you should still have a good firewall)

Wha?

[jfroot]

Let me get this straight; you read Slashdot, but are still on dial-up? That's unpossible.

Re:Wha?

[Crizp]

Lol, until I got DSL again three months ago, I browsed slashdot via cell-phone dial-up (9600 Kbps baby!) and later via GPRS on the same phone (38400 Kbps baby).

I thanked His Holyness The FSM that Slashdot is mostly text :)

Odd Question

[XMilkProject]

Not quite sure how this question made its way to slashdot, since it seems sort of self-explanatory, but I suppose we can elaborate.

In short, I suppose you would be more secure on dial-up. Less data moving around, less access to situations which may be a threat, less up-time, etc.

That being said, most of the world is already using an always-on connection, and the vast majority of them manage just fine. It's not a daunting task to configure a setup that will secure your home computer to a suitable degree. Just your ordinary broadband router should include a firewall that should be sufficient, and the Windows firewall is also likely sufficient.

If you aren't an expert on setting up your network, then just find one of your more tech-savvy friends (not the one that told you to stay on dialup!) and have them check your router/firewall configuration. There are also websites you can visit (Symantec?) that will perform a check on various ports for basic vulnerabilities.

I think....

[fean]

That your friend is on the same cable node, and he wants all of the pr0n bandwidth for himself...

Buy a router, your computer will have the SAME security it would have through dialup....

you'll still have to deal with viruses and backdoors from emails, malware, etc,

You protect others

[TheCarlMau]

In my opinion, the only thing that you are doing is protecting others. Your computer will probably not become a spam zombie, because transmitting outgoing data would be painfully slow (ie: spamming one address every 5 minutes). While you may be somewhat immune from other viruses, the trade-off of higher speeds is worth it.

BS

[dcapel]

That's equivalent to saying if you never leave your house you won't get mugged. Sure, its probably true, but if you take the proper cautions, you will probably avoid getting mugged, and, more importantly, you don't let fear control your life.

How can you not have spyware?

[mldkfa]

Do you know for a fact that you don't have spyware? I have seen many dialup connected computer with spyware and they didn't even know it. Broadband is better. Everyone can be secure if they just follow a few simple rules to surfing the web.

1) Don't download things unless you know what they do.
2) Get rid of IE
3) have a good virus scanner/spyware scanner

Staying on dialup is like saying that a bike is more reliable and therefore better than a car. Cars might break down every once in a while but if you need to get somewhere they're much better than bikes.

Re:How can you not have spyware?

[pyrotic]

A bike is "better" than a car. I'm not just counting reliability here, speed in my city for 4 wheeled traffic average is about 12 miles/hour, on a bike you can easily sustain 15, take shortcuts, etc. And don't get me started on parking, insurance and congestion charges in this crazy city (London). The one thing cars are good for is carrying heavy stuff. And navigating brain-dead highway interchanges. And running over pedestrians. And safe drink driving. OK, maybe cars are good for something.

Dial Up much more secure...

[MosesJones]

Its much more secure if you personally just dialup and squark and squeek at the handset processing all of the information yourself, you can't do this with DSL because its a digitial line so you can't hear what it is saying properly. Personally this form of internet communication, while a little slow (around 2 baud) has never resulted in any security problems.

In summary

Your friend is a muppet, probably Fozzy, potentially Gonzo.

Still at risk

[origin2k]

Just ask my neighbor who uses dial-up. I had to spend hours cleaning all the spyware and virus's on their computer system. If you are connected in any way you need to take the same precautions.

Broadband Plus OS X

[MadMacSkillz]

Broadband + OS X = Problem Solved. Oh NO, someone will mod my post DOWN and it will hurt my KARMA! Oh dear! Now I'll need to sleep with a nightlight.

Re:Broadband Plus OS X

[ninja_assault_kitten]

Broadband + = Problem Solved

Speaking as a Mac user and security researcher, your post is completely retarded.

1) OSX is no more or less inherently secure than Windows.
2) It's currently far more profitable for me to discover a flaw in MS than it is in OSX. Almost 10x more actually.

dial-up: the dry humping of internet connections?

[jazzman45]

I don't think so. You'd better slip a giant condom over your whole computer one way or the other. Sticking it in (to the wall) is going to put you at risk of infection either way. Only complete abstinance will work 100% of the time. Jusk ask ol' bushy.

Dial-up for security... don't count on it

[norminator]

I've had my computer get infected while downloading security updates over dial-up after a fresh installation of XP. I should have downloaded all the updates, or SP2 at the very least, from work and brought them home to install them.

One problem with dial-up is that you probably won't have a hardware firewall/router between your computer and the internet. Many folks with broadband access have some type of a router with a firewall/NAT built-in. Not everyone does, but some do, especially people with wireless setups, although that introduces its own security troubles.

The point is, if you think about security (which means you have to be aware of all the types of security threats to begin with, not just focusing on one or two that your friend told you about), you'll be able to take proactive steps to make your computer(s) more or less secure. Otherwise, you're leaving yourself open to becoming a zombie just as much as the other millions of computer users out there.

No, with a but.

[irc.goatse.cx troll]

Everyones covered the no aspect, but there is one thing I miss about dialup: I could see if my connection was being accessed, and if my RX or TX light went solid and I wasn't using my connection, I could just flip a switch and stop whatever was happening.

Really though, broadband is worth far more than that minor feature, even if now all I have is a useless 'data' light thats constantly lit or blinking.

Re:No, with a but.

[Servo]

A lot of cable/dsl modems have regular RX/TX lights, so that's pretty much a moot point.

Buy a Mac

[MBCook]

Buy a Macintosh. You won't be a target for most of the threats out there, but you can still have dial-up. Same logic.

I agree with everyone else here. That may be technically true, but it's stupid. All you need is a firewall and a little common sense and you are practically invulnerable to most of the attacks out there.

Get broadband. Get a firewall. Enjoy.

Bin the dial-up

[Jaknet]

I fully agree with all the above advice and my 2p's (uk) worth is that at times you can be safer on broadband instead of dial-up. For example if you have a cable modem (dont know how it works on adsl so keeping quiet)then you have NO risk of some dodgy dialler software getting in and changing your dial-up number to a premium rate number because it's not connected to the phone line at all !!!

Enjoy the speed and "almost" always on. broadband

Re:Bin the dial-up

[techno-vampire]

ADSL is an "always on" connection and doesn't dial. For most if not all purposes consider it as being about the same as cable. As you say, a dialer won't be able to do anything unless you have the regular modem connected on either dsl or cable.

Re:Bin the dial-up

[topham]

ADSL isn't 'always on' for everyone. A lot of people have to run PPPOE clients, and since they don't use routers they are effectively disconnected when they aren't running it.

Not that I think this is really any form of security. It isn't. It is a nuisance and a great way to slow a computer down as most of the pppoe clients are poorly written.

Wrong type of obscurity

[Jeremi]

All those viruses and exploits use OS-specific techniques. So if you want real security through obscurity, get it by browsing the web using an OS no virus-writer has ever heard of, let alone would be tempted to spend time writing a virus for. I might have a copy of BeOS 4.5 around still if you'd like to use it... ;^)

Re:Wrong type of obscurity

[undeadly]

All those viruses and exploits use OS-specific techniques. So if you want real security through obscurity, get it by browsing the web using an OS no virus-writer has ever heard of, let alone would be tempted to spend time writing a virus for. I might have a copy of BeOS 4.5 around still if you'd like to use it... ;^)

Yeah, try Plan9 [bell-labs.com], though it has no full-featured web browser ;-) A non-x86 CPU would help as well. Or one could just use OpenBSD [openbsd.org].

But some exploits are targetted at applications (say Firefox

upgrade

[Janek Kozicki]

upgrade to faster connection, switch to kubuntu [kubuntu.org] (free AND secure), or anything else equally secure [distrowatch.com].

If you need (unsecure) windows for anything, use vmware player [vmware.com] (free), or wine [winehq.com] (free), or if you need to play games with 3D acceleration then cedega [transgaming.com] (nonfree).

Remember about http://www.openoffice.org/ [openoffice.org] for office work, http://www.gimp.org/ [gimp.org] for drawing, http://www.k3b.org/ [k3b.org] for burning DVDs... and the list goes on and on.

ps: I've got some karma to burn, so here I'm whoring ;)

AOL and MSN

[WindBourne]

After all these years of AOL and MSN dial-up users infecting and spamming all over the web, and ppl are even wondering about this? I think that is plain scarey the lack of logic and history that we seem to have.

Absurd suggestion...

[httpamphibio.us]

I currently own a large army tank. I want to buy a fast car to race. I mention this to a friend, and he says, "why would you want to get a fast car to race? Don't you know fast race cars are dangerous? You'd be much better off sticking with your tank, it's slow, but it's safe!"

While this *might* be true, it does nothing to solve my desire to drive a fast race car.

I would assume the reason you'd go with broadband is because you want a FASTER connection. It can be argued that it's less safe, but it's und

Pretty dumb infosec tips, time for a list?

[twigles]

Ok, I'm sick of seeing crappy advice confusing newcomers and normies. Here are some stupid tips to avoid taking seriously. I'll start it with this one.

1 - dumb. Use dial-up instead of Cable or DSL because being connected to the internet all the time is a security risk.
1 - smart. Go get Cable or DSL, your life will improve (barring bad service). If you want to nullify the increased threat from being constantly online, buy a router that does NAT for you. Now you aren't always connected, your router is, and it's providing statefull firewalling for you.

2 - dumb. Never run anything you want secure on Windows. Use Linux, or even better OpenBSD.
2 - smart. OpenBSD rocks on security, but if you have no bloody idea how to use it you'll do something dumb that will compromise security or, more likely, uptime. Use the OS you know how to configure, and learn how to configure is securely and properly. You can research new OSs from your now-secure platform.

Please, kind readers, add to this list.

Re:Pretty dumb infosec tips, time for a list?

[Cytlid]

3 - dumb. I'm totally secure because I have the latest patches, a firewall (two even!) and updated antivirus. And instead of using [IE|Windows], I use [Mac|Linux|*BSD|Firefox]
3 - smart. Modifying your habits, educating and empowering yourself (even just a little) will help. Having the right tools is only half of it.

I've seen all too often people get confused by the fact they have tons of spyware/viruses/trojans on their system, yet have *no idea* how they got there. Yet when you dig deepe

Your answer is No.

[Cytlid]

No, you're not safer on dialup just because it's slow. Your friend's logic is marred. Now one could argue, if I was a bad guy and wanted to hack you, (because I wanted your resources), I might swear a bit if I was successful and found out you were on dialup. There goes one resource I wanted (bandwidth) and lack of others (static IP, always on connection) is detrimental. But most (or at least many) threats nowawdays are automatic. And they don't care what type of connection you are on.

I work for

Broadband 1 / Dial-up 5

[yotto]

In my moderately limited experience ridding computers of spyware, adware, viruses, etc, I have had to work on 1 machine hooked to a broadband internet connection, and 5 without. So, really, you should get broadband, it's MORE safe!

Seriously, if my data proves anything, it's that it's not the connection, but the connector. If you haven't gotten viruses on dialup, you'll likely not get them on broadband.

No Offense

[Jozer99]

No offense, but your friend is stupid. Hackers don't check to see how long you are on when they try and get into your system, the only security that Dialup provides is that hackers can't hack into your system when you are not connected. A good hardware firewall and a software firewall, along with good security practices will MORE than makeup for the security of dialup (mostly a false security). Plus, you get blazing internet transfer speedsa and much lower latency than dialup.

Conditional.

[Irvu]

I would argue that your friend might be right, sometimes. It seems to me that sticking with old hardware, connections, etc. can work if a) the tool works for you, and b) the tool didn't become obsolete due to some inherent security flaw.

IMHO the argument should really be phrased as: If you don't need it, don't open yourself to security holes. If you run a PC don't run servers (or an OS that runs them without your consent) unless you need to. If you don't need always-on connections then don't get it. I

Does this person drive a car?

[holden caufield]

Do they think driving their car dramatically slower than the average driver is safer? Do they think that driving less will prevent them from being hit when pulling out of the driveway? Do they know enough to open the garage door when the car is running so they won't die of CO poisoning?

I think your friend considers ignorance to be a security shield. Unfortunately it's not.

Malware not connection aware

[shoolz]

The baddies on the net are not aware of your connection speed; malware does not discriminate nor does it 'prefer' faster connections. Besides, only a few bad K need to break in and you're finished.

So considering the above, no, being on a slower connection effectively profides no extra protection. So continue your good security habits, get broadband, and buy router.

I'd say you're less protected

[batkiwi]

For one thing, you'll likely have a "first line" of defence in a NAT router if you go broadband.

Pre SP2, I ran kerio firewall. The few times I had to connect to dialup (traveling for work, no hotel broadband) I got hundreds of "pokes" each hour for various exploits. I was suprised as, being used to being behind NAT, I hadn't even SEEN the "incoming bad connection" popup box for kerio before!

Dial up hijacking

[Mr.Ziggy]

You do have a risk that none of us on broadband have: Dial-up Hijacking. Malware on your computer changes your dial-up settings in Windows, and you end up dialing to a pay number in another country, and VERY expensive. Many people don't notice it, until you get your phone bill. You don't hear about dialers as much now, but they're still out there. Am I just showing my age? http://www.internetbasedmoms.com/articles2/modem-h ijacking.htm [internetbasedmoms.com]

WRONG, WRONG, WRONG!!

[Shawn Parr]

Bzzz. Sorry he/she fails.

The type of problem that having a not always on connection would help with is a remote attack.

A Broadband connection with a hardware router/firewall is much more secure against this type of attack. You are basically hoping that you win a Russian Roulette if you are hoping not to catch a worm by using dial up.

With a few of the more recent worms I have known more people with dial up to catch them then broadband users due to the fact that the broadband users had a hardware firewall (

Not at all..

[the_rajah]

Some of the worst malware cleanup jobs I've had were machines that connected via dialup. As others have already pointed out, if you have a broadband connection via a router, you at least have an incoming firewall. I'd never put a Windows machine on a dialup connection without a software firewall. Viruses, trojans, worms and adware will get you via stupidity whether you have a firewall or not.

No

[Phroggy]

This is a stupid idea. If you're running Windows, you should be using XPSP2 with the firewall turned on and all critical updates installed; if you're running something else, make sure you know exactly which services are open to the outside world, and keep on top of the security updates however that's normally done for your OS/distro.

If you're on DSL or cable, you may also want to use a router that does NAT.

In other good advice ....

[icepick72]

Tell your friend to buy a Sherman Tank and drive it to work so he'll be less affected by traffic accidents. It goes slower, is harder to dent so has great security. All other things aside, this is the ultimate way to get to work.

Re:In other good advice ....

[icepick72]

BTW on the serious side, I've been sitting on an always-on DSL connection since 1999 (two computers on it). That's 2005 - 1999 = 6 years * 365 days = 2190 days (okay, maybe minus a day or two for accumulated brief power outages) and I have *never* had a problem with being infected or comprised. Yes, I have been attacked ... they just have never got in! The secret for me has been a hardware firewall/router in front of my computer + relatively long cryptic passwords on the router and Windwos + also keeping my

Yeah it totally works

[Feanturi]

But you can't stop with just dialup. You have to use MSDOS 2.0, and get yourself a good ansi term program to connect to a dialup that gives you telnet, ftp, nn, lynx, pine, etc. Use a 300 baud modem for maximum attack-throttling also.

Hard to download patches

[Jimmy_B]

It's hard to download security patches on a slow connection. So you'll be less secure with dial-up.

lol, i fixt my share of dial-up boxes

[Britz]

i had to deal with many malware cleanups
dialup and cable
why is cable always on? never switch off computers? electricity? energy? aaahh, i get it -> iraq

Oh for pity's sake

[blair1q]

Get a cable modem and put a router on the inner link set up to do NAT (they come that way out of the box usually, with a 192.* or 10.* network on the inner side).

Anyone sniffing will get nowhere, and you can get out to the internet without any hassle.

I've always had this setup and never once had any of the problems my neighbors get.

Serious point...

[Angostura]

Some of the worst security I have seen is with computers that only have dial-up.

Why? It take the users much much much too much time to download the security patches the need. Grabbing something like XP SP 2 is going to take goodness knows how many hours.

So they don't bother. So they get compromised.

Sure it does...

[thomasa]

Sure it does. My word processor has never had a virus:
Never! [tinyurl.com]

Dialup is NOT safer

[SecureTheNet]

I'll chime in here along with everyone else. Dialup is definetly not safer. I've diagnosed and removed malware off numerous friends and family computers, and two of the worst I've seen were using dialup. One of them was a pentium 4 2ghz and it just CRAWLED like a pentium or something. It would take forever to boot, and once it did you couldn't even access the start menu. It would pop up but you couldn't choose anything off it, and if you clicked on the desktop, the start menu would still be on the scre

Nonsense

[Tom]

No being "always on" isn't security it's just reducing your chances of being hit. Not to mention lots of malware comes by mail or when you visit a questionable website.

Your friend's advise is nonsense.

If your system is secure, you won't get anything bad, no matter how long you are online. If your system is insecure, you'll sooner or later get it, and the only thing you do by not being "always on" is pushing it towards later.

That's a flawed argument

[DavidinAla]

That's like saying that if you don't drive a car, you won't have as many accidents as you would if you just ride a horse-drawn wagon and stay off of any road where cars might be. It's true that you're much less likely to be hurt that way, but you miss out on the benefits that make having a car (or some form of faster transportation) worthwhile. In the same way, you might not be "always on" to be attacked through your broadband connection, but you lose all of the benefits that come with having a high-speed connection. So unless you do nothing except text e-mail, the benefits of broadband should outweigh the risks, especially if you're smart enough to take simple precautions. Just nothing except my Mac's built-in firewall, I've never had any issues, and I've been on broadband for years.

David

Crack my CPC-464!

[ettlz]

No-one's gonna be able to hack into my old Amstrad, ha-ha-ha! Stick that in your pipe and smoke it, you OpenBSD pretenders!

Re:Crack my CPC-464!

[ettlz]

Ah 64k of RAM (48k of which was available to the user), that takes me back.

Remember Spindizzy, that isometric 3D game with all the different screens to explore? The whole map fit in 11 kiB.

They don't make them like they used to.

Low bandwidth denial of service attacks

[Gary Destruction]

Low Bandwidth Denial of Service attacks do exist. They've been mentioned on slashdot [slashdot.org] before. That link mentions a new type of attack. I'm not sure of its effectiveness now.

Re:

[account_deleted]

Comment removed based on user account deletion

Grammar Nazi

[StarvingSE]

Does Dial-Up really protect you or is this a false sense of security and I should just go ahead and pick a faster service and make sure my firewall is a good one and my virus definitions are always up to date?

Holy run-on sentence batman!

seriously, editors??

time is of the essence

[jdkane]

With dial-up you won't get the updates in time before they attach you! Get broadband. Play it safe.

You could just get Linux and DSL...

[voss]

That way you can keep a high speed connection and not have to worry about it.

Not any safer

[sqlrob]

After I switched my father to Linux, I kept an eye on the logs.

Time from dial up connection to blaster hit: 8 seconds
Time from dial up connection to Nimda Hit: Two and a half minutes

So no, it's not safer.

This is the dumbest thing evar

[gothzilla]

What kind of idiot thinks connection type has anything to do with infectability? A virus doesn't give a crap if it's traveling over fiber, dsl, cable, or phone lines. With broadband you can get 10 or 15 spyware programs and viruses and not see much of a dent in your overall speed. With dialup, just one or two infections will bring you down completely. If anything you'll be more likely to get infected since dialers can't affect broadband, only dialup. A nice $2,000 phone bill should be enough to convince anyone that dialup is not safer.
Maybe he thinks using dialup will protect him from cookies too.

Nothing about dialup is safer

[stuartkahler]

It's more difficult to get a hardware NAT router/firewall for your connection.
You're less likely to download the large security updates because of time it takes.
'Always on' isn't a requirement. You can turn off the router or modem just like you can disconnect on dialup. I know people who do this.
Most exploits are quite small, and won't take long at all to install on your machine, even on dialup.

I've had 3 machines on cable behind a $25 belkin NAT firewall/router for over 5 years. I run zone alarm on the machines while I'm web surfing. I use mozilla because they seem to be more responsive to security issues than microsoft. I'm pretty lazy about patching, and I still haven't gotten any viruses, worms or trojans.

That aint friendly advice

[mnmn]

Hope your friend is not your dial-up vendor too. If malware connections attempt to connect to your machine, your dial-up might be saturated with the crap being downloaded, while personal info is being uploaded. Dial-up does not make you secure simply because on the network level, its just machines with IPs out there, regardless of connection. I havent heard of a virus that depends on layer 1 or 2 vulnerabilities.

Don't Drive

[clambake]

If you drive a car, instead of walking, the chance of getting into a major road accident increases, and you'll never get carjacked when walking.

Basically, his advice is simply to stay behind, because these new-fangled new technologies require you to actually increase your realm of understanding to use properly. If you are on a high-speed line, you actually have to care a little bit more about security, oh my! By by that same token, if you just stuck with a manual typewriter, you could avoid the threat of viruses altogether.

Re:Oh dear god what a stupid idea/concept

[heavy snowfall]

Let's take the question seriously for a moment, for fun.

Is there an argument for this? No.

You can simply unplug your net cable at night. So why be stuck with an expensive slow connection?

I think this ask slashdot question was a trolling experiment. :)

Re:Oh dear god what a stupid idea/concept

[pablodiazgutierrez]

What happened to that good old technique I like to call "turning your computer off when not in use" (TM)? It surprising has some side benefits, like lowering your energy bill!!!

Re:Oh dear god what a stupid idea/concept

[Heembo]

Even better, use the Kerio Personal Firewall (windows xp), it's free, and there is a button to completely disable the net to that machine. I use it and turn the net off at night before I crash because I prefer to keep my machine running at all times.

Re:Oh dear god what a stupid idea/concept

[Anonymous Coward]

So you're the fucker who turned the net off last night.

Re:Oh dear god what a stupid idea/concept

[Jezza]

I've heard this argument before (no really). On the face of it, it has something going for it - OK, now why is it wrong?

Well if the PC isn't connected, it can't download updates to Windows (patches) and its Anti-Virus/Firewall/Anti-Spam etc. So when it is connected it will probably be a poor position security wise. From a practical perspective has anyone tryed to keep a PC "all patched up" over dial-up? Takes forever to download the patches, it isn't actually practical. So no, getting proper security utilities in place (and setting them up correctly) then connecting via ADSL (or similar) will probably improve the security. One tip though - don't get your friend to set it up. ;-)

Re:Oh dear god what a stupid idea/concept

[jeremyp]

From a practical perspective has anyone tryed to keep a PC "all patched up" over dial-up?

Yes, my parents until DSL arrived in their village last year. It was so hard to do that they mostly didn't bother and they used to get all kinds of vruses and worms. Now they are on ADSL, their Windows OS is right up to date and their AV is right up to date and they have a firewall in the router and they have had no security issues at all since they got ADSL.

Re:Oh dear god what a stupid idea/concept

[generic-man]

I think those AOL commercials have really been sinking in.

"Did you know that with a high speed connection, you're more vulnerable to attacks? Get AOL Broadband to keep yourself safe! Just $15 on top of your DSL fee per month."