|
Title: TED talk on internet security. Post by: BitcoinLocator on July 21, 2011, 06:03:18 AM With all the talk of security this is an interesting video from TED, that may be of interest to the bitcoin community.
http://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net.html Title: Re: TED talk on internet security. Post by: BitcoinPorn on July 23, 2011, 10:51:44 AM Really good talk. GangstaBucks, never heard of that site, interesting. Overhead projector use was funny. Ended up watching the whole thing when I was just going to watch a little bit, thanks for sharing this link.
Title: Re: TED talk on internet security. Post by: Oldminer on July 23, 2011, 11:13:00 AM Great video - thanks
Title: Re: TED talk on internet security. Post by: m0w3r on July 23, 2011, 05:19:55 PM I'm worried more about the so-called authorities and governments than the online criminals.
He is calling for more global law enforcement, but the governments doing the law enforcing are the biggest criminals. Title: Re: TED talk on internet security. Post by: GoWest on July 23, 2011, 05:39:34 PM Hey at least we don't have to worry about keyloggers stealing our credit card numbers. We'll never have to type them again.
Title: Re: TED talk on internet security. Post by: BitcoinPorn on July 23, 2011, 05:41:34 PM I'm worried more about the so-called authorities and governments than the online criminals. He is calling for more global law enforcement, but the governments doing the law enforcing are the biggest criminals. I wish I could agree with this generic bold statement, but when involving internet security, I don't see the government as the black hat releasing all my information publicly or quietly making zombies out of all my computers. Title: Re: TED talk on internet security. Post by: error on July 23, 2011, 06:15:13 PM I'm worried more about the so-called authorities and governments than the online criminals. He is calling for more global law enforcement, but the governments doing the law enforcing are the biggest criminals. I wish I could agree with this generic bold statement, but when involving internet security, I don't see the government as the black hat releasing all my information publicly or quietly making zombies out of all my computers. The government isn't interested in the Internet in that way, since you can't shoot people over the Internet, and robbing them over the Internet is much harder than doing it in person. Title: Re: TED talk on internet security. Post by: ctoon6 on July 23, 2011, 07:51:26 PM i like
Title: Re: TED talk on internet security. Post by: BitOffer on July 23, 2011, 08:35:23 PM I don't care if i sound like a libertarian, we don't need the government involved in cyber security. The government laughs at us every time we call on their help for anything but the basic small governmental public needs. This is a problem that we the people need to combat, and it can be done with time, education, and resources. We are talking about code that we allow to be put on our computers, only because it's hidden. There has to be a way to lock down an operating system and limit the attackers' ammo piles. Then work from there locking it down further. Summary: I think security should be handled client side, but im no expert, just a security enthusiast(the subject is just getting more and more interesting, i love it).
Say for instance, i download an image and it has a virus that begins to do something other than what an image file should do. The image file should be quarantined by the OS, because images should only act a certain way. Another thing, antivirus software makers are looking to stay in business. If they stop being needed, they will create a need for themselves(much like politicians do). What did you say? We dont really need politicians and banks? Well they will show you who needs who with war and crisis. Title: Re: TED talk on internet security. Post by: ctoon6 on July 23, 2011, 11:29:15 PM I don't care if i sound like a libertarian, we don't need the government involved in cyber security. The government laughs at us every time we call on their help for anything but the basic small governmental public needs. This is a problem that we the people need to combat, and it can be done with time, education, and resources. We are talking about code that we allow to be put on our computers, only because it's hidden. There has to be a way to lock down an operating system and limit the attackers' ammo piles. Then work from there locking it down further. Summary: I think security should be handled client side, but im no expert, just a security enthusiast(the subject is just getting more and more interesting, i love it). Say for instance, i download an image and it has a virus that begins to do something other than what an image file should do. The image file should be quarantined by the OS, because images should only act a certain way. Another thing, antivirus software makers are looking to stay in business. If they stop being needed, they will create a need for themselves(much like politicians do). What did you say? We dont really need politicians and banks? Well they will show you who needs who with war and crisis. its called linux, that is what you are looking for. on most versions of linux a file can never execute unless the user explicitly tells it to. it also has safe guards like, most programs will never be able to read/write to certain directory unless the user specifically allows them to. so you could have files in a directory and be somewhat safe from viruses reading that directory. windows is slowly moving to this type of security, starting with the run/cancel dialogue box that comes up every time you click a .msi/.exe file. and later with the UAC. Microsoft will need to hit this a lot harder for it to be completely effective. But the only way to have any good defense would be to make custom computers with a help button directly on the computer that trains users on how to use a new program that should be on every new windows os. it would have a huge list of the most common programs run on the windows os. from there you simply click on the file and it downloads and installs. it would then tell the user that any programs not on the list may not be safe. this could be coupled with a whitelist browser, only websites confirmed to be safe would automatically load, any others will prompt the user that the website may or may not be safe. the user could also click a button that would add the site to a list of sites to be studied to confirm to or not to add to the whitelist. Another good suggestion would be fore Microsoft to buy out or rent sandboxie technology. every program run would be inside a separate sandbox with its own virtual hard drive space and keyboard. if a program wanted to see other parts of the disk then the user must specifically allow it. as it is now the 64bit version of sandboxie is not very secure, and it is mostly because of microsoft deciding that they are more than capable of securing the windows kernel(lol what?). this only makes problems worse for antivirus vendors that used 32 bit exploits to patch the kernel and lock it down better than Microsoft did. so yeah, if you read my ramblings have a cookie :) |