All: When I said I am swamped, I MEAN IT! Five years ago the Microsoft Windows malware situation looked like this (the water is the malware):
http://www.SecureMecca.com/WallPaper/MonetPond.jpg Now it looks like this: http://www.SecureMecca.com/WallPaper/LoangoParkFlood.jpg The stick is a Macintosh on the left and Linux on the right. But I have found in my reading that approximately 90% of people using Mac OS-X at home are running their machines from their admin accounts. This is bad news! WE HAVE TO GET PEOPLE OFF OF MICROSOFT WINDOWS ONTO LINUX AND MACINTOSH! If somebody wants me to give a run-down on how bad it is in your monthly meetings let me know and I will oblige. I usually go through 6-12 Windows malware samples per day. When I submit then to ClamAV I chuckle when they pre-select Unix/Linux. WHAT LINUX MALWARE? It is there but I only have two, and only one is relevant. When I give new samples to VirusTotal to scan I usually get back only 6/40 detects if they perturb their binaries and 0/40 when they re-write their code every one to six weeks. Now you should understand those pictures are not an exaggeration. I have had two family members whose PCs running Windows got infected. The problem is getting worse, not better. HHH -------- Original Message -------- Subject: [Krebs on Security] New Comment On: Using Windows for a Day Cost Mac User $100,000 Date: Wed, 9 Jun 2010 16:16:17 -0400 From: Krebs.on.Security <dev-n...@krebsonsecurity.com> To: hhhob...@securemecca.com There is a new comment on the post "Using Windows for a Day Cost Mac User $100,000". http://krebsonsecurity.com/2010/06/using-windows-for-a-day-cost-mac-user-100000/ Author: Sean Comment: So, as a small business owner, I have taken Mr. Krebs advice very seriously, and I now do all of my business' online banking using a Linux LiveCD, on a second computer that resides right next to my main Windows machine on my desk. This works fine, generally, and although it is clunky and less convenient, it is still more convenient than mailing bills at the post office or getting in the car every day and driving to the bank to check up on my account balance. HOWEVER, even with all these steps, I have caught myself inadvertently trying to use my Windows machine to log into my bank account several times, simply because I was "not thinking" about what I was doing. Sort of like putting the milk back in the cupboard instead of the fridge. In my REAL-WORLD experience as a small business owner, even the dual machine / LiveCD solution is easily defeated by 10 seconds of doing "something stupid" accidentally. It's like keeping a loaded handgun on your desk with the hammer cocked. Call me stupid if you want - but I still think it is way too easy to screw yourself during a moment of not thinking straight. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
