how to secure simple operation when so many advanced features build in vulnerability?
Posted on 2011-09-22
apart from my business concerns which provide a wealth of unanswered and maddening questions and the associated need for a security audit as advised on here......
ive another equally aggravating question. This is about my home setup, which i long suspected some malicious ghost in the machine. It was running XPPro SP2, then SP3; but just recently I decided to upgrade?.. toi win7pro. Now, upon install, from the clean sweep option offered on the install discs, initially all seemed well, however with days, everything... programs, symtoms, users, groups, firewall rules and other 'opendoors' just were there??
in addition to the pleasure of something new and unfamiliar to me suddenly present with each fresh starting of the computer, it seems to now becoming more apparent and many property pages, folders, options /selections for various items all show 'empty', or 'unknown'.. are shaded out and not available, and overall more and more I am being denied citing administrator level required, despite having such permission per user lists. As disturbing is the ever growing lists of users, groups, permissions, security groups, GPO's, firewall configs and or services that balloon with changes and additions that I have not done, and the machine is not touched physically by anyone else. Ive installed the AV, essentials, ect... turned on the firewall... yet nothing seems to do much for any reasonable length of time.
This leads me to think that whatever is behind these phenomenons has unfettered control of everything, including protections, os, firewall, and even i suspect my own ability to do anything effective and substantial about it.
Worse, when investigating the issue, (any given one), largely the information oiffered or available is either pathetic as in returns like 'unknown', 'not found', or just blanks where I should think something wouold be. I see this with logs, events, properties, attributes, and more. So it begs the question what cannot be overtaken and manipulated? Can the protections themselves be comprimised? If so, how can this merry go round of frustration and exposure to all manner of dangers be stopped or avoided? Or can it be? Some agrue that unknown users, ect.. processes or other should be deleted and countermeasures , step by step must then be deployed to expose the sources of each problem.
Aside from the obvious question of where the hell do you start with something like this.... but more, how can one be certain of what canb be deleted or disabled or otherwise when the function or the prurpose is either unknown, unexplained, cant be determined?.. Even more complex is the notion that even legit processes and functions, services and programs both in the OS and outside, in programs installed or addin manufacturer programs can be overtaken. Cloaked, piggy backed, hidden or hacked, in these cases, how the hell can one, whether novice or expert ever stay on top of it, much less GET ontop of it?!
I just want a computer that works for simple home use.... but even default settings for most functions are such that out of the box, you are vulnerable. With no mention, instruction or direction of this, or of how to configure a system based on your specific need.
I dont know much but I assume to know that everyone cant be myred in the disfuntion that plauges my operating... yet equally, surely there are many suffering just as I am.
Any ideas?.. suggestions.... instructions.... ?
even tales of the pleasure felt upon smashing the damn thing against something, or stoimping with vigor on /off the thing untill out of breath... anything.
" I'd pee on a spark plug if I thought it'd do any good"... - can any name this movie quote? :)