[LUAU] Does this shock you?

Vince Hoang vince.hoang at gmail.com
Thu Jul 8 14:22:04 PDT 2004


No, this does not shock me. :)

On Thu, 08 Jul 2004 10:17:19 -1000, R. Scott Belford <scott at belford.net> wrote:
> Tim Newsham wrote:
> 
>  > the URL descriptions dont match these programs.  They're standard
>  > windows services (registry, security subsystem, win32 subsystem,
>  > session manager).
> 
> Thanks.  You are correct.  My claim was premature.  Two of the four you
> mentioned, though, could be hijacked and still require more examination
> to be certain.  See their descriptions below.

Is your research is still based on finding programs running in the
Task Manager? If so, that is not enough.
Fortunately, most of the software that detects the problems can help
remove the issues as well.

You can use ad-aware, spybot, and stinger to verify, and remove a good
number spyware and viruses. To innoculate the systems against popups,
install the Google Toolbar in IE and make Firefox the default browser.
Evaluate antivirus products like antivir and AVG if the mainstream
products are not available. (Bill, do you have any spare licences to
give away? :)

> Most true and very well worth pointing out.  Yes, the architecture of
> OSS like Linux, if properly operated, is inherently more safe and of
> course the same security is easily achievable by responsible MGMT of
> one's Windows computer.  Problem is, unprivileged accounts are not the
> default choice in Windows, and since most people expect to be able to
> download and install their stuff, the majority of labs I have seen give
> everyone this power.

I fault that with whomever made the initial installation, but can
attribute the reason to be simply ignorance. The risks can be
minimized, even on Windows.

Educate them on how it is not safe to download random software.
Show them how to find a problem with the system themselves.
Demonstrate how to remove the problems and reduce the chances of reoccurance.

-Vince



More information about the LUAU mailing list