crashfourit wrote:
There's an old saying that goes like this: "It is better to be safe than sorry." I would like to have a superb firewall and virus scanner with the OS correctly configered. It just makes harder for something to go wrong.
In some cases, it's kind of like the concept of mating: If you don't do it, you can't have some of the risks that come with it. However, in all honesty and seriousness, there are only a few things that you must do to be absolutely safe, and they're easy, but they aren't something that someone in today's world would probably be willing to do:
* Don't use the Internet. Unplug entirely from phone lines and networks. * Don't insert any media into your workstation, whatsoever, including from "trusted" sources. See the Sony hooplah for example.
Otherwise, if you're going to use things, use them smartly. You cannot count on the "general" public doing that, however, which is part of the reason for virus-scanners and firewalls and the like. I hide my machine behind a firewalling NAT so that nobody can get into it, not because it isn't properly configured, but because I'm not going to give someone the chance to get in where there may be another exploit lurking. Think about how many lines of code are in Windows XP and its related services and applications. I'm willing to bet, with the steady stream of updates ever-flowing from Microsoft, that there are more exploits then what is known about, be they remote, local, DoS, bugs, whatever.
Regardless, no computer is truly safe: Even if the only network that touches it is SneakerNet, people can get at it and do nasty things to it. Precautions just make sense, and they should be available if it's possible, and ultimately, the end-user should be able to exercise their right to choose what firewall/anti-virus configuration suits them.
- Mike