Albert wrote:
> 1PW wrote:
>> <snip _top-post_>
>>> What if I wanted to allow malware to wreak havoc on my computer since
>>> there's nothing important there but _make sure_ I don't send out
>>> private, personal, important etc. information?
>> How would you answer your own question if someone asked you if it's OK
>> to provide a home for mailbots, spambots, Conficker, malware bots,
>> etc?
>
> I apologise for asking that question. I didn't think that malware went
> into one system and used _that_ system to spread to other systems. I
> hadn't realised that making one's system less secure can affect other
> people's security. Alright - so my new goal is to minimise the risk of
> getting malware on my laptop so that others have less of a chance of
> getting the same malware :)
>
>> What's the name of this newsgroup Albert?
>
> alt.computer.security
OK! You're back on track. You have quite a bit of work to do now.
The sooner, the safer.
Albert wrote:
> Albert wrote:
>> I've just installed XP and need to surf the web. Do I need to install
>> anything?
>
> Now let's stop thinking about this until notified otherwise.
>
> I also have a remaster of PCLinuxOS installed. If I plan to use this
> for anything related to the internet and XP for everything else, what
> do I need to install on the linux distro?
Although many hold that the world of malware is mostly confined to
Microsoft based systems, I would be most distressed if my Linux system
was passing malware my Windows user friends.
Every few months it seems as if the major antimalware players release
a Linux version of their wares. I've used freeware versions of F-Prot
& ClamAV for a long time. ClamAV has frequent virus signature updates
during the day. Better Linux AVs are on their way.
I see that PCLinuxOS has a Mozilla Firefox 3.5.3 which is good. Then
you can use the same plugins that were mentioned to you before. Add
to that, the latest version of Mozilla's Thunderbird.
PCLinuxOS is not super popular like Fedora and Ubuntu. If SELinux is
part of or can be made part of your distro, that would be excellent.
IF PCLinuxOS has an Intrusion Detection System (IDS) use it. Very
little is published about security hardening that particular distro.
Some folks will compile the latest kernel in an effort to keep up to
date. Many prefer to compile from trusted source repos, any new
applications they're interested in.
If you're really into Linux after running your PCLinuxOS for a while,
look into Fedora 11 (Leonidas). Virtualization may look attractive to
you if you've given any thought of running XP as a guest on a Linux
system.
In article <40c65861-fd07-4373-a249-8bac1461f0c4
@j9g2000prh.googlegroups.com>, albert.xtheunknown0@gmail.com says...
>
> Leythos wrote:
> > You need ALL Windows Updates, Antivirus software, the most current Java,
> > and I would suggest that you use FireFox, the latest version.
>
> If I choose to not visit any website requiring Java, do I still need
> the most current Java?
> I've got Firefox now - just need NOD32.
Not sure about the list in the other reply, but if you don't visit
questionable sites as a practice:
Quality Active Anti-Malware/Virus software
FireFox - latest version
Updated Sun Java
Adobe Flash, Shockwave, Reader
All Critical and most all Optional Windows Updates - do a custom update
to see the Optional ones
A simple NAT router to block unsolicited inbound traffic
Do not run as an Administrator level account.
--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself. spam999free@rrohio.com (remove 999 for proper email address)
as;dl@dasfkjl.com wrote in news:06l6b5p23jusmteo3cm3pf54edkblqol3m@
4ax.com:
> On Thu, 17 Sep 2009 21:11:44 -0500, comphelp@toddh.net (Todd H.)
> wrote:
>
>
>>
>>av-comparatives.org tests antivirus software. Eset's NOD32 is a
>>worthy combination of fast performance and strong signature based and
>>heuristic based malware detection.
>
> He can do better than NOD32.
>
> Here for his perusal is the latest Virus Bulletin AV tests.
>
> http://www.virusbtn.com/news/2008/09_02
>
It's worth looking at such guides when selecting an antivirus program but
one shouldn't get too caught up in it. Anything in the upper right
"cluster" on the graph at http://www.virusbtn.com/vb100/rap-index.xml
will do in terms of core functionality. Final selection requires broader
criteria.
In short, there are a dozen or so programs at the top level (Avira, AVG,
G-data, Webwasher, etc.) and quite commonly there are shifts in their
relative rankings. But there's a lot more to choosing a program than
just the rankings - Norton, for instance, despite being moderately good
functionally, is a bloated pig, has a well-deserved rep for interfering
with other programs, and puts down roots so deep that it is a bitch to
completely uninstall (Norton has a separate specialized program to help
deal with this). Avira on the other hand is quite lightweight and seldom
generates false positives (a huge problem especially for novices!) while
Kaspersky is superb at unravelling packing schemes to look inside packed
programs (very handy for warez downloaders), etc., etc.
Note also that there is a considerable difference between the malware and
spyware rankings in some cases (e.g., bitdefender) at http://www.virusbtn.com/news/2008/09_02.
Moreover, I am quite a proponent of - ahem! - "extended evaluation"
software - I don't think I have bought any software in at least 5 years
(more like 20 :-) Some programs (Nod32, kaspersky) are a pain to keep
thwarting their protections when updating, etc.; others, like Avira, are
easy and convenient to keep up to date (and there's even a free version
that's pretty good for the honest cheapskates).
Finally, one should keep in mind my previous post - antivirus programs
provide little protection against new (not variant) viruses and malware.
For instance, no program on the RAP index graph gets over 80% on
proactive detection - 20% missed is a huge hole!
In a similar vein, "elite evil hackers" now plan their month around
Microsoft's "second Tuesday" security releases. Hackers rush to reverse
engineer the security releases to discover the vulnerabilities and then
release malware to exploit them. Woe to him who is slow in upgrading! -
an example of my earlier "configuration point." The very process of
patching vulnerabilities has given hackers a highly convenient exploit
methodology.
| as;dl@dasfkjl.com wrote in news:06l6b5p23jusmteo3cm3pf54edkblqol3m@
< snip >
| In a similar vein, "elite evil hackers" now plan their month around
| Microsoft's "second Tuesday" security releases. Hackers rush to reverse
| engineer the security releases to discover the vulnerabilities and then
| release malware to exploit them. Woe to him who is slow in upgrading! -
| an example of my earlier "configuration point." The very process of
| patching vulnerabilities has given hackers a highly convenient exploit
| methodology.
| Regards,
An interesting observation that I had not considered.
1PW wrote:
> Although many hold that the world of malware is mostly confined to
> Microsoft based systems, I would be most distressed if my Linux system
> was passing malware my Windows user friends.
I think that I comprehend the meaning, but I don't know why you begin
with 'Although'...
> <snip>
>
> IF PCLinuxOS has an Intrusion Detection System (IDS) use it. Very
> little is published about security hardening that particular distro.
Albert wrote:
> 1PW wrote:
>> Although many hold that the world of malware is mostly confined to
>> Microsoft based systems, I would be most distressed if my Linux system
>> was passing malware my Windows user friends.
>
> I think that I comprehend the meaning, but I don't know why you begin
> with 'Although'...
The word was leftover in my left brain. Now it's not there. 8-O
>
>> <snip>
>>
>> IF PCLinuxOS has an Intrusion Detection System (IDS) use it. Very
>> little is published about security hardening that particular distro.
>
> What if I run Damn Small Linux from the RAM?
>
>> <snip>
Hello Albert:
The subject is "transmission of malware through Windows vs Linux based
systems". Our Linux systems enjoy some added security through
obscurity over Windows based systems. However, I might be storing
Windows executables on my Linux system in an effort to transmit them
innocently to relatives, friends or associates with whatever intent
you might imagine.
I feel an obligation to assure myself that I am not spreading malware.
I also need to keep my ISPs from disconnecting my service.
Therefore I run several feel good AV programs that check my Linux
systems. I also keep the AV applications current in case the bad
folks shift more effort in our *nix direction.
I believe you could take great comfort in knowing that your PCLinuxOS
or Damn Small Linux would probably keep you safe if you aren't moving
Windows executables in and out. However, repos' offer some security
enhancements that harden the Linux side of my systems nicely.
I wouldn't limit myself to any small Linux. Personally I'd like a
full service Linux that allows me to explore all manner of personal
computing. A few of the larger distros suit me fine.
Albert wrote:
> (Todd H.) wrote:
>> <snip intro>
>> ...there is no patch for human stupidity (i.e. you respond to
>> phishing emails, install a trojan), or fall victim to a 0day attack
>> via unpatched issues in your browser, IM program, media player, pdf
>> viewer, flash plugin, what have you.
>
> I don't respond to phising emails. I plan to install the bare minimum
> so I can scan exe files for being trojans. I don't use IM. My pdf
> viewer is portable and as long as I copy three files to a computer in
> the same directory it'll work - so I doubt malware would get through
> via this program. I don't need the flash _plugin_.
>
> So if I install NOD32 and don't do anything stupid, I can't get malare?
Nobody and nothing on the planet can make that promise, friend... but,
methinks the appropriate response here is SHINEY!!!@! <you are just
trolling, right?>
On Sep 19, 3:37*pm, "Kyle T. Jones" <KBf...@realdomain.net> wrote:
> Albert wrote:
> > <snip _top_post>
> > So if I install NOD32 and don't do anything stupid, I can't get malare?
>
> Nobody and nothing on the planet can make that promise, friend... but,
> methinks the appropriate response here is SHINEY!!!@! <you are just
> trolling, right?>
No.
Is it possible on a Windows system to find all the exe's that are
accessing the internet? Can you provide an example?
On Sat, 19 Sep 2009 15:37:13 -0500, "Kyle T. Jones"
<KBfoMe@realdomain.net> wrote:
>Albert wrote:
>> (Todd H.) wrote:
>>> <snip intro>
>>> ...there is no patch for human stupidity (i.e. you respond to
>>> phishing emails, install a trojan), or fall victim to a 0day attack
>>> via unpatched issues in your browser, IM program, media player, pdf
>>> viewer, flash plugin, what have you.
>>
>> I don't respond to phising emails. I plan to install the bare minimum
>> so I can scan exe files for being trojans. I don't use IM. My pdf
>> viewer is portable and as long as I copy three files to a computer in
>> the same directory it'll work - so I doubt malware would get through
>> via this program. I don't need the flash _plugin_.
>>
>> So if I install NOD32 and don't do anything stupid, I can't get malare?
>
>Nobody and nothing on the planet can make that promise, friend... but,
>methinks the appropriate response here is SHINEY!!!@! <you are just
>trolling, right?>
>
>Cheers.
I kind of figured that out when the jerk said he had dual partitions,
one with Linux on it. How can someone be so ignorant as his original
question portended and then know enough to have dual OSs on his
machine?
He has no life and no power in his real life, so he comes here to
manipulate people who are rather gullible because they go to great
lenghts to help the naive. It shows what a pathetic jerk he is.
>On Sat, 19 Sep 2009 15:37:13 -0500, "Kyle T. Jones"
><KBfoMe@realdomain.net> wrote:
>
>>Albert wrote:
>>> (Todd H.) wrote:
>>>> <snip intro>
>>>> ...there is no patch for human stupidity (i.e. you respond to
>>>> phishing emails, install a trojan), or fall victim to a 0day attack
>>>> via unpatched issues in your browser, IM program, media player, pdf
>>>> viewer, flash plugin, what have you.
>>>
>>> I don't respond to phising emails. I plan to install the bare minimum
>>> so I can scan exe files for being trojans. I don't use IM. My pdf
>>> viewer is portable and as long as I copy three files to a computer in
>>> the same directory it'll work - so I doubt malware would get through
>>> via this program. I don't need the flash _plugin_.
>>>
>>> So if I install NOD32 and don't do anything stupid, I can't get malare?
>>
>>Nobody and nothing on the planet can make that promise, friend... but,
>>methinks the appropriate response here is SHINEY!!!@! <you are just
>>trolling, right?>
>>
>>Cheers.
>
>I kind of figured that out when the jerk said he had dual partitions,
>one with Linux on it. How can someone be so ignorant as his original
>question portended and then know enough to have dual OSs on his
>machine?
>
>He has no life and no power in his real life, so he comes here to
>manipulate people who are rather gullible because they go to great
>lenghts to help the naive. It shows what a pathetic jerk he is.
Sorry, forgot to munge to the handle I originally had used for the
posts. (I'm using it this time.)
m...@here.and.there wrote:
> <snip _top-post_>
> I kind of figured that out when the jerk said he had dual partitions,
> one with Linux on it. How can someone be so ignorant as his original
> question portended and then know enough to have dual OSs on his
> machine?
I am an example, am I not?
Couple years back all I did was install AVG Free and TweakXP to get
rid of processes I didn't need, switch to Mozilla and then said I was
secure.
> He has no life and no power in his real life,
You are correct in saying that I have no power in my real life - I am
16 years old.
> ...so he comes here to
> manipulate people who are rather gullible because they go to great
> lenghts to help the naive.
Because I wanted to get _an_ insight into how security freaks secure
computers from scratch.
> It shows what a pathetic jerk he is.
Even if the relative clause in the above sentence can be proven true
with a watertight argument, there's nothing wrong with its effects.
_Some_ of the questions I've asked could have been avoided had I
thought about it for another half hour and I may have written false
statements in earlier posts, but I haven't done anything wrong.
I have wanted to learn about securing a computer from the ground-up.
On Sat, 19 Sep 2009 18:49:42 -0700 (PDT), Albert
<albert.xtheunknown0@gmail.com> wrote:
>m...@here.and.there wrote:
>> <snip _top-post_>
>> I kind of figured that out when the jerk said he had dual partitions,
>> one with Linux on it. How can someone be so ignorant as his original
>> question portended and then know enough to have dual OSs on his
>> machine?
>
>I am an example, am I not?
>Couple years back all I did was install AVG Free and TweakXP to get
>rid of processes I didn't need, switch to Mozilla and then said I was
>secure.
>
>> He has no life and no power in his real life,
>
>You are correct in saying that I have no power in my real life - I am
>16 years old.
>
>> ...so he comes here to
>> manipulate people who are rather gullible because they go to great
>> lenghts to help the naive.
>
>Because I wanted to get _an_ insight into how security freaks secure
>computers from scratch.
>
>> It shows what a pathetic jerk he is.
>
>Even if the relative clause in the above sentence can be proven true
>with a watertight argument, there's nothing wrong with its effects.
>_Some_ of the questions I've asked could have been avoided had I
>thought about it for another half hour and I may have written false
>statements in earlier posts, but I haven't done anything wrong.
>
>I have wanted to learn about securing a computer from the ground-up.
Don't answer this shit-for-brains troll. His "I am 16 years old"
(sic) is just more troll bait.
(If you wish to speak of things such as a 'relative clause', I'd first
tell you to learn how to spell. It's 16-year-old, not 16 years old.)
Bye-bye. (Others may wish to continue with you, but I won't.)
Todd H. wrote:
> <snip>
> I'm afraid no product will prevent you entirely from getting malware.
> Antivirus is not terribly hard for custom malware to avoid
Alright - I have two goals:
1. to have no personal information stolen
2. to make sure my machine doesn't spread malware to other machines
I'll have the latest Firefox. PC Tools Internet Security will be
updated ASAP.
Any files I wish to personally edit are on an external USB stick ie
none will be on the hard drive.
No backup software whatsover - if PC Tools Internet Security does not
fix any software / OS issues, I'll reformat my hard drive and
reinstall necessary OS's.
Albert wrote:
> Todd H. wrote:
>> <snip>
>> I'm afraid no product will prevent you entirely from getting malware.
>> Antivirus is not terribly hard for custom malware to avoid
>
> Alright - I have two goals:
> 1. to have no personal information stolen
> 2. to make sure my machine doesn't spread malware to other machines
>
> I'll have the latest Firefox. PC Tools Internet Security will be
> updated ASAP.
PCTools? Now It's plain. You're not for real.
> Any files I wish to personally edit are on an external USB stick ie
> none will be on the hard drive.
>
> No backup software whatsoever - if PC Tools Internet Security does not
> fix any software / OS issues, I'll reformat my hard drive and
> reinstall necessary OS's.
>
> Will my plan bring success to my goals?
1PW wrote:
> Albert wrote:
> > Alright - I have two goals:
> > 1. to have no personal information stolen
> > 2. to make sure my machine doesn't spread malware to other machines
>
> > I'll have the latest Firefox. PC Tools Internet Security will be
> > updated ASAP.
>
> <snip>
> > Any files I wish to personally edit are on an external USB stick ie
> > none will be on the hard drive.
>
> > No backup software whatsoever - if PC Tools Internet Security does not
> > fix any software / OS issues, I'll reformat my hard drive and
> > reinstall necessary OS's.
>
> > Will my plan bring success to my goals?
>
> What do you think?
I think so until notified otherwise. The fulfills 3 of the 4 points
mentioned in nemo_outis' basic kit (2nd post in this discussion). I
doubt I'll get a NAT router this Christmas, though.
Albert wrote:
> 1PW wrote:
>> Albert wrote:
>>> Alright - I have two goals:
>>> 1. to have no personal information stolen
>>> 2. to make sure my machine doesn't spread malware to other machines
>>> I'll have the latest Firefox. PC Tools Internet Security will be
>>> updated ASAP.
>> <snip>
>>> Any files I wish to personally edit are on an external USB stick ie
>>> none will be on the hard drive.
>>> No backup software whatsoever - if PC Tools Internet Security does not
>>> fix any software / OS issues, I'll reformat my hard drive and
>>> reinstall necessary OS's.
>>> Will my plan bring success to my goals?
>> What do you think?
>
> I think so until notified otherwise. The fulfills 3 of the 4 points
> mentioned in nemo_outis' basic kit (2nd post in this discussion). I
> doubt I'll get a NAT router this Christmas, though.
> Todd H. wrote:
>> <snip>
>> I'm afraid no product will prevent you entirely from getting malware.
>> Antivirus is not terribly hard for custom malware to avoid
>
> Alright - I have two goals:
> 1. to have no personal information stolen
> 2. to make sure my machine doesn't spread malware to other machines
>
> I'll have the latest Firefox.
Who knows how many 0 days it has. It hasn't had a great track record
the past year.
> PC Tools Internet Security will be updated ASAP.
PC Tools eh?
> Any files I wish to personally edit are on an external USB stick ie
> none will be on the hard drive.
Doesn't matter to malware.
> No backup software whatsover - if PC Tools Internet Security does not
> fix any software / OS issues, I'll reformat my hard drive and
> reinstall necessary OS's.
>
> Will my plan bring success to my goals?
I'm afraid no product will prevent you entirely from getting malware.
Antivirus is not terribly hard for custom malware to avoid.
All you can do is take steps to minimize risk. Web surfing is best
done in a throw away virtual machine (using vmware, vmware player or
the like) that gets refreshed at regular intervals back to a known
clean state. This presents a pretty significant barrier to the
infection of your host operating system and storage media from the
threats you're concerned about. If they infect the virtual machine,
it's blown away and refreshed regularly, and you're in better shape.
> On Sep 19, 3:37*pm, "Kyle T. Jones" <KBf...@realdomain.net> wrote:
>> Albert wrote:
>> > <snip _top_post>
>> > So if I install NOD32 and don't do anything stupid, I can't get malare?
>>
>> Nobody and nothing on the planet can make that promise, friend... but,
>> methinks the appropriate response here is SHINEY!!!@! <you are just
>> trolling, right?>
>
> No.
>
> Is it possible on a Windows system to find all the exe's that are
> accessing the internet? Can you provide an example?
Assuming there's not a kernel mode rootkit involved, Microsoft
SysInternals tcpview program (free from Microsoft if you can believe
it) will tell ya.
Todd H. wrote:
> <snip>
>
> All you can do is take steps to minimize risk. *Web surfing is best
> done in a throw away virtual machine (using vmware, vmware player or
> the like) that gets refreshed at regular intervals back to a known
> clean state. *This presents a pretty significant barrier to the
> infection of your host operating system and storage media from the
> threats you're concerned about. * If they infect the virtual machine,
> it's blown away and refreshed regularly, and you're in better shape.
So if they infect the virtual machine which was in a "clean state" a
few seconds ago, but the virtual machine has no access to hardware
(except for the mouse and keyboard on the host), then malware is
restricted to the virtual machine, right? All that's left is to detect
this malware before I allow the guest access to hardware that stores
data, right?
> Todd H. wrote:
>> <snip>
>>
>> All you can do is take steps to minimize risk. *Web surfing is best
>> done in a throw away virtual machine (using vmware, vmware player or
>> the like) that gets refreshed at regular intervals back to a known
>> clean state. *This presents a pretty significant barrier to the
>> infection of your host operating system and storage media from the
>> threats you're concerned about. * If they infect the virtual machine,
>> it's blown away and refreshed regularly, and you're in better shape.
>
> So if they infect the virtual machine which was in a "clean state" a
> few seconds ago, but the virtual machine has no access to hardware
> (except for the mouse and keyboard on the host), then malware is
> restricted to the virtual machine, right?
Yup. This is how malware analysts take apart malicious or potentially
malicious code (though malware can detect when its being run in a
virtual machine and do something different, and there are hardware
virtualization techniques that are more transparent).
> All that's left is to detect this malware before I allow the guest
> access to hardware that stores data, right?
No need to both with detection. Assume it's infected to high heaven.
Just roll back the VM to a clean state ever 30 minutes or so.
Todd H. wrote:
> <snip>
> Yup. *This is how malware analysts take apart malicious or potentially
> malicious code (though malware can detect when its being run in a
> virtual machine and do something different, and there are hardware
> virtualization techniques that are more transparent).
What do people mean when they describe something as 'transparent' in
this context? I'm not sure what the last phrase means...
| Todd H. wrote:
>> <snip>
>> Yup. This is how malware analysts take apart malicious or potentially
>> malicious code (though malware can detect when its being run in a
>> virtual machine and do something different, and there are hardware
>> virtualization techniques that are more transparent).
| What do people mean when they describe something as 'transparent' in
| this context? I'm not sure what the last phrase means...
You can see right through their malcious nature and actions bypassing obfuscation
attempts.
> Todd H. wrote:
>> <snip>
>> Yup. *This is how malware analysts take apart malicious or potentially
>> malicious code (though malware can detect when its being run in a
>> virtual machine and do something different, and there are hardware
>> virtualization techniques that are more transparent).
>
> What do people mean when they describe something as 'transparent' in
> this context? I'm not sure what the last phrase means...
i.e. there are far fewer clues inside the virtual machine to let a
program be able to detect that it's inside a virtual machine.
> Yup. This is how malware analysts take apart malicious or potentially
> malicious code (though malware can detect when its being run in a
> virtual machine and do something different, and there are hardware
> virtualization techniques that are more transparent).
I wonder if you can install a virtual machine under a virtual machine?
A la "Thirteenth Floor"? If so, could it be somehow leveraged to
this problem?
--
Randy Yates % "Watching all the days go by...
Digital Signal Labs % Who are you and who am I?"
mailto://yates@ieee.org % 'Mission (A World Record)', http://www.digitalsignallabs.com % *A New World Record*, ELO
Randy Yates <yates@ieee.org> writes:
> I wonder if you can install a virtual machine under a virtual machine?
> A la "Thirteenth Floor"? If so, could it be somehow leveraged to
> this problem?
before 370 was announced (or even built) there was project at the
science center to simulate the 370 architecture (in cp67) (which was
somewhat different than the 360 architecture, some new instructions,
virtual memory hardware tables had different format, etc).
the problem was that the science center cp67 time-sharing service also
had numerous (non-employee) users (students and others) from various
educational institutions (harvard, mit, bu, etc) in the boston/cambridge
area. as a result, there was lots of security concerns that the effort
would leak (confidential) information about unannounced products.
so the decision was made that the modifications (for 370 virtual
machines) were made to version of cp67 system that ran in a 360/67
virtual machine (kept isolated from what the non-employees had access
to).
then a different cp67 was modified to run on 370 machine (using the new
instructions and building the 370 virtual memory tables ... rather than
the 360 virtual memory tables). the result was:
360/67 hardware
-> cp/67 running on real 360/67 providing 360 virtual machines
-> cp/67 running in 360 virtual machine providing 370 virtual machines
-> cp/67 running in 370 virtual machine providing 370 virtual machine
-> cms running in 370 virtual machine
all of this was operational and in regular use a year before there was
engineering 370s with virtual memory hardware support (circa 1970)
.... and while non-employees also had online access to the same,
underlying (unmodified) cp67 virtual machine system (running on the real
360/67 hardware).
"real" virtual machine implementations are recursive.
there was an incident where information about 370 virtual memory was
leaked ... but it didn't involve the above effort. an internal
confidential document was copied and made it into the hands of somebody
from the press. there was an investigation attempting to identify who
leaked the information. one of the results were that all the corporate
copying machines were modified so that they left (unique) identifiable
mark on paper copies (indicating which machine made the copy).
--
40+yrs virtualization experience (since Jan68), online at home since Mar1970
1. Can a computer get malware if all it does is get AV and SAS updates?
2. When I installed SAS Pro I accidentally selected the option for
allowing just the admin to run it; how do I enable it for all users?
> 1. Can a computer get malware if all it does is get AV and SAS
> updates?
Certainly. But how likely? That depends.
How is the machine physically secured? Who can, say, get at its USB
ports? CD drive? Console? What OS is it? What else is on the LAN
with that computer? What else can initiate any sort of network
connection to the computer? What services are running on the
computer? Have they been kept up to date? Do they have unpatched
vulnerabilities? How is it known that the computer only does those 2
things? Do administrators ever do anything else with the machine?
> 2. When I installed SAS Pro I accidentally selected the option for
> allowing just the admin to run it; how do I enable it for all users?
Re: Security 
Linear Mode
