adir1

It is that time again – time to decide how much credit we should allot to our users, versus how much we should “protect the user from him/her self”. Ah, the eternal dilemma – but wait, Apple to the rescue? Didn’t they pioneer the “we know what you want better than you do” model?

Actually, today’s post is a bit more technical than that simple discussion, but stick around and join the discussion, you’re sure to learn something (and contribute!)

The latest news from our (recently) beloved Apple is that (amazing) Sandbox technology is on the horizon, which will run App Store apps inside their own Sandboxes. Here are few words about sandboxing – it is basically a mechanism for computer to protect itself (and the user) from (potentially) malicious or misbehaving application that user wants to use. As security experts will tell you, there are plenty of supposedly useful applications which are just a (shameless) wrapper around virus delivery mechanism or an even simpler system that quietly looks at what you browsing to and captures user/pass you put into your (financial) website and silently sends it via the Internet to the perpetrator. After reading some interesting discussion on the subject, I decided to weigh in here.

Granted – I am as paranoid as the next guy, and you should ALWAYS know the source of Any Application you download and (even try to) run. And the issue is complex, as so far all I have seen is that users become mostly victims of increased security – how often did you call your bank because you forgot your password?! In fact, I once left a financial institution because their login procedure became 5 screens long, with pictures, symbols, pins, sentences, etc…

The punch line: if Apple Approves an App and grants it Sandbox Permissions, but later we discover that App still had Malicious Password stealer hidden deep inside? I say – We Sue Them! They performed a Paid service — developers Pay to get into App store and share cut of profit. Given that the aforementioned paid service had Primary purpose of Vetting an app for our (naive) users’ consumption, I see door wide open for Class Action. Seriously, given the size of Fiasco (millions of accounts stolen?), no 100 page License agreements we all carelessly click through will protect them.

So, Apple – for your own good – let the users free! Or better yet – Respect that they (sometimes) know what they’re doing!

It is becoming increasingly clear to me that Cyber Terrorism has won. It has all of us running scared, increasingly not trusting our own PCs, we are afraid to visit even secure bank web sites, and overall don’t trust the Internet.

Today I was trying to get ToonTown going on an old laptop. Actually, it was the second PC where I had to struggle with the same fiasco. Internet Explorer 7 upgrade made ActiveX controls, even approved and signed ones, unusable! I knew enough to move toontown.com domain to trusted status, but that did not suffice! Apparently, even in Trusted domain, signed ActiveX controls aren’t simply ‘allowed’ any longer. I had to manually reconfigure IE security settings for trusted site to make ToonTown work.

How would your average joe user, trying to setup ToonTown for his impatient child, supposed to figure this out?!? The usual end result would be very annoyed parent, and traumatized child, left without a game and with agitated screaming/cursing parent.

Is this a technology issue? I don’t believe so, same technology worked just fine when I first installed ToonTown for my kids a year or so ago. And this isn’t just Microsoft and IE crazy security. The most popular Linux distribution today, Ubuntu, also uses similar UAC features.

And you think it’s just the Internet that has us running for hills? Endless productive corporate hours are lost waiting for PC to respond while it’s too busy trying to scan for "viruses", and "trojans" and other such pests. The Antivirus that is probably installed on your computer as you read this, isn’t keeping you safe as much as it’s there to kill the speed of your computer, in half, and sometimes more!!

Are there any good news?

I say we stop running and take charge. It is clear that security software is a necessity in these turbulent times, but lets be smart about it! As companies, don’t release Antivirus software to all your desktops that endlessly scans all file accesses. Scan once a week, or only overnight, and NEVER in real-time!

As home users, lets be smart about web sites we visit, software we and our kids download and what antivirus programs we use on our PCs. Turn off your real-time protection, most often it’s just there to kill your whole PC experience. If you are going to click on that urgent email from "PayPal" and give out your username/password to a phishing site, No Amount Of Real-Time Protection can help you!!! Configure your antivirus software Not to run all the time, and only scan on schedule, overnight or once a week is usually plenty! Really, the only thing you need in real-time is that built-in Windows Firewall, just make sure to REVIEW any prompts asking you to open it .

To summarize, I want to pimp Windows Vista a little. Even with it’s quirks, it is a more secure alternative to XP today. Furthermore, if you insist on running that Antivirus, Windows Vista introduces background priority scheduling for disk access. This feature should make your computer much more responsive, even as Antivirus is chopping away at it’s resources trying to "protect" you in real-time.

Let us prepare for round 2 of the cyber-wars, and let’s make sure we, the good guys Win this time!