CWShredder Creator Calls It Quits > Thank You....

reply to lilhurricane

Re: Thank You....

Sigh.

Would you folks get off it? Every thread I've read in the past week has had a smug one-line post that read..

"Just another reason to use [insert your alternative open source software here]"

Hey, sport, you're not being clever or witty, and you haven't stumbled upon some morsel of wisdom that everyone else is just too stupid to realize. Get over it.

Consider this.. if everyone started using Firefox, there would be Firefox exploits up the wazoo. In life, like in dodgeball, the guy that everyone loves to hate gets pelted. Unlike in middle school, however, in the Web world everyone loves to hate the most successful player. You know that.

There have been "alternative players" that have been better than the big boys or had a modicum of niche popularity for YEARS. They often do not succeed.

Ever hear of:

PC-DOS
OS/2
GEOS
WordPerfect
Lotus 123

..and many others..

All were serious contenders in their day; some were better than the counterpart that "won". We will always have to deal with software that isn't "perfect" being the most popular, because it's not quality that dictates popularity.

With that being said, however.. going to Firefox, Mozilla, Linux.. Dumping IE.. NONE of these things will stop malware. PLEASE GET THIS THROUGH YOUR THICK HEADS, BECAUSE IGNORING THIS FACT WILL DO A LOT OF DAMAGE IN THE LONG RUN!

I know a lot of folks who haven't been online long (and I mean us folks who first dialed in with a 300bps acoustic coupler; if your earliest internet experience has you lament on how NetZero used to be free, you haven't been online a "long time"!) think that the answer to stopping this stuff is as easy as switching over to the newest "bulletproof" open source alternative software...

I will tell you from experience.. Once software becomes popular, you will be quick to find your beloved Firefox or Mozilla is not so "bulletproof" after all.

There weren't (many - there were some!) Netscape exploits when Netscape was dominant (remember that?) because the Web was still fledgling and there was no way to make significant money off these things, and political lines weren't yet established for those writing malware for that purpose.

However, please, please mark my words!! Going to Mozilla or Firefox will gain you a temporary reprieve at best!.. The end result? If IE remains dominant, we'll still have problems with IE. If tons of people switch to Firefox, you will start to see malware being written that affects Firefox. NO software is unbreakable. Ask Larry Ellison!

So please, don't be naive. The only way to prevent malware is to practice "safe computing", be educated, and know what you're doing. The same old rules of computing still apply, even though people ignore them these days...

1) If you don't know what it is or what you're doing, don't mess with it. (Installing random crap)

2) If it sounds too good to be true, it probably is (Kwabe Mfume from Nigeria wants to send you $3mil.. He just needs your bank account number, since he can't mail you a money order.)

3) Don't just click like a blind idiot. Check out what you're doing and where you're going. (Phishing, activeX controls)

4) Run A/V software and other preventative measures, keep them updated.

5) Patch religiously and regularly

6) Encrypt your sensitive files

7) Backup, backup, backup!

Malware doesn't exist because Microsoft is a bunch of ninnies who enjoy watching their customers get ravaged by CoolWebSearch -- as much as a lot of the basement dwellers would like you to think that that's the case. It exists because n% of the population is cruel and heartless and p% of the population is naive and clueless. Just be glad that n+p != 100%, and make sure you're not part of n or p!

Geez...........did you get up on the wrong side of the bed this morning?

No, Mr. anonymous!

I don't think what I said is mean spirited, like you're implying! I'm just tired of people looking in the wrong places to try and solve this really lousy problem we've got.. And it is a big problem.

It's irresponsible to tell everyone that simply switching to some new alternative software will cure all the world's ills. That IS the way Firefox and Mozilla has been touted on DSLR as of late -- that it's just plop, plop, fizz fizz -- and with the installation of Mozilla away goes all your cares about security, viruses, worms and malware.

It just ain't so, and it's a BAD THING to make it out like it is.

There's no quick fix, there's no simple answer. If we try and go for the easiest solution of "Just stop using IE", we'll be back at square one in a couple of years -- with twice as many malevolent crapware authors with two more years of experience under their belts.

Internet users, as a whole, do not understand security. They'll shy away from sharing floppy disks and downoading legitimate shareware -- thinking that's what spreads worms and viruses (it does not), while they go a year between patches and run AV software from 1999.

Then, when their machine gets infected and they lose everything, they blame Microsoft. After that, someone chimes in "Well, if you had just used Firefox.." and I just smack my head in disbelief.

GENERALLY, worms and viruses do not just jump onto your machine unannounced. Despite what was said in initial reports, patched machines were NOT susceptible to this latest worm outbreak (Which really did turn out to be underwhelming, didn't it?). As a matter of fact, it's been surmised now that this worm was installed on servers by means of -physical access- in some cases. HUH!?

I saw the arguments last week about how the problem wasn't the fact that admins were lazy about patching their servers or had no idea what theye were doing -- but that "IIS was crap, you shouldn't use it."

Ok, fine. Apache, in general, may be more secure than IIS 4. IIS 5+ is nowhere near as bad. And I can guarantee you that if Apache was created by a huge company that everyone loved to hate, there'd be plenty of exploits as well. (That, and if people were running Apache/Win32, which is nowhere near as stable as the Unix version of Apache.)

This is NOT THE ANSWER! The answer is more diligence, education, and responsibility. That's my point, and I don't see what's so bad about it!

reply to tcp1
Wow, just what I've been waiting to read, a truly intelligent post! I absolutely concur with everything you said. I too have been around long enough to hear of such things as PC DOS etc. Pay attention, young bloods, he speaketh the truth!

reply to tcp1
I wasn't telling other people to use Firefox. I was just saying that this article reinforces my personal decision to switch. If you love IE and want to continue using it then by all means do just that.
--
Digitally Imported Radio. The real reason the Internet was invented. Just ask Al Gore.

reply to tcp1
You Said: "Internet users, as a whole, do not understand security. They'll shy away from sharing floppy disks and downoading legitimate shareware -- thinking that's what spreads worms and viruses (it does not), while they go a year between patches and run AV software from 1999.

Then, when their machine gets infected and they lose everything, they blame Microsoft. After that, someone chimes in "Well, if you had just used Firefox.." and I just smack my head in disbelief.

GENERALLY, worms and viruses do not just jump onto your machine unannounced."

I have a very well protected system, with the latest virus/firewall updates and have updated all the Microsoft patches, etc. OK, I agree about Firefox, but I do blame Microsoft for some of the problems.

I recently went to a previously, but not recently, visited freeware website! I was immediately attacked. The only thing that couldn't be resolved was my browser being hijacked! I did everything that was recommended to get rid of the hijacker, and nothing worked! CWShredder is what got rid of it, in a blink of an eye! I do not go to questionable sites, but as you know more and more legit sites are being hacked, and that is how a lot of us are being attacked.

In other words, I did all I could to protect my system, therefore I have to blame Microsoft for a 'hole' in their software.

And, in other words, my system WAS invaded unannounced!

BTW, my reference to you getting up on the wrong side of the bed was not because of what you said... but HOW you said it.

Cheers

reply to tcp1
Sure there are no 100% secure solutions that don't involve turning your computer off and leaving it that way or pulling the plug to the internet and stop installing or using other software than what you already have on your computer...

BUT that doesn't mean that switching to more secure software won't help - It will .. A LOT.

While switching to an alternative browser (It doesn't have to be Firefox, just because many people prefer that, it doesn't necessarily mean you will) won't end all malware it will make your internet use WAY more safe.

My cousin and brother are part of the %p group .. the naive and clueless (at least when it comes to computers) and I have had to clean their PCs of hundreds of malware programs.
.. That is until I one year ago installed Firefox on both their computers.
My cousin took to it immediately liking it from the start .. my brother was more stubborn and believed that I couldn't possibly know better than a huge international company like Microsoft - If there really was something better , then everybody would be using it, and since "everybody" was using IE then I had to be wrong.
Still after using it for about a month he came to love using Firefox.

And my life wasn't invaded anymore by family members crying to me, that their PCs was doing weird things they didn't tell it to do and that it was generally extremely slow.
They haven't had a single piece of malware since that time one year ago.

Now sure if they had not been %p's I wouldn't have had to do anything , but not everybody are computer wiz's and even if they were using more secure software would be a barrier for malware to workaround.

Other browsers don't support ActiveX so they are 100% to all the many ActiveX exploits.

And they are also less likely to be attacked because they are underdogs and malware programmers do not target them .. as you point out this won't keep them safe for all time if they gain popularity , but even then then market would be more diverse consisting of not just one major browser but more .. and whatever malware specifically target one browser won't harm the rest .. there is strength in numbers .. even when you're hiding in the minority.

But the biggest reason that browsers that are not IE are more secure is that they are constantly being developed on.
IE is dead in the water .. it's not being actively developed on.

That is why the need for CWShredder and programs like it exist, because microsoft is not doing enough to provide a safe computer-experience for users of their software.

Meanwhile malware programmers are ever busy ..
Use browsers whose developers are busy preventing the success of the malware programmers !
Don't choose a browser whose development team have fallen asleep on the job or have been assigned to other projects.

I can only so well understand why Merijn Bellekom is calling it quits .. it's hard standing up to malware as an individual programmer , especially when the company that should be helping, isn't.

Its wrong saying the saying that switching your browser away from IE is a cure-all solution , but it's equally wrong to give the impression that it wont matter ..

I recommend that people try out an alternative browser like Firefox , Opera , Safari , Shiira , K-Meleon , Camino , etc .. just for a month or two .. If you don't like it you can always change back.

reply to IMHO
No - they got up on the right said side of the bed, And had the guts to state the truth when it isn't popular to do so. That said Microsoft does need to tighten things down. I think they are trying with SP2. Holes / exploits what ever name you want to give them need to be addressed. Hardening your software against attack these days. Isn't as easy as some would like to make you think.
--
Test Your Security Team Z Member Cable Modem Diagnostics

reply to tcp1
Yes. Everyone switching en masse to Firefox or Mozilla or Opera or [insert browser here] will not solve the problem. Any single browser that gains the same market dominance IE has will surely be subject to the same problems. However, if some of the competing browsers begin to gain a foothold, and gain users, then we might see improvements.

First, it will dilute the numbers of IE users, and result in smaller numbers of problems. The reason I say this is, while there very well may prove to be as many flaws in the alternative browsers (nobody shoot me, I don't honestly believe this to be the case!), the resources of the people authoring these exploits will be strained, as there will be more code to examine, more languages to learn, etc.

Second, the effect of exploits that ARE written will be mitigated by the fact that it is fairly unlikely that any two products will be vulnerable to the the same exploit.

Third, Open Source groups are proven to be much more responsive with regards to publishing patches than Microsoft. IE vulnerabilities have gone for months after publishing before a patch is released.

Furthermore, given a real competitive threat, Microsoft might actually DO something with IE..like make it more secure, patch it more quickly...um, actively develop it (imagine that, right?). We might wind up with a more secure IE than the one which exists now.

Merely the act of switching to an alternative browser won't fix the problem. The market forces created by more people switching away from IE might.