Is It A Good Idea To Violate The Security Of Your Customers If They're Security Ignorant?

from the asking-for-serious-trouble dept

Rich Kulawiec writes in to point out that security expert Dan Geer is suggesting that merchants violate the security of customers they deem as security risks. His argument is, basically, that there are two types of users out there: those who respond "yes" to any request -- and therefore are likely to be infected by multiple types of malware doing all sorts of bad things -- and those who respond "no" to any request, who are more likely to be safe. Thus, Geer says merchants should ask users if they want to connect over an "extra special secure connection," and if they respond "yes," you assume that they respond yes to everything and therefore are probably unsafe. To deal with those people, Geer says, you should effectively hack their computer. It won't be hard, since they're clearly ignorant and open to vulnerabilities -- so you just install a rootkit and "0wn" their machine for the duration of the transaction.

As Kulawiec notes in submitting this: "Maybe he's just kidding, and the sarcasm went right over my (caffeine-starved) brain. I certainly hope so, because otherwise there are so many things wrong with this that I'm struggling to decide which to list first." Indeed. I'm not sure he's kidding either, but the unintended consequences of violating the security of someone's computer, just because you assume they've been violated previously are likely to make things a lot worse. This seems like a suggestion that could have the same sort of negative unintended consequences as the suggestion others have made about creating "good trojans" that go around automatically closing the security holes and stopping malware by using the same techniques employed by the malware. Both are based on the idea that people are too stupid to cure themselves, and somehow "white hat" hackers can help fix things. Now, obviously, plenty of people do get infected -- but using that as an excuse to infect them back, even for noble purposes, is only going to create more problems in the long run. Other vulnerabilities will be created and you're trusting these "good" hackers to do no harm on top of what's been done already, which is unlikely to always be the case. No, security will never be perfect and some people will always be more vulnerable -- but that shouldn't give you a right to violate their security, even if for a good reason.

Filed Under: botnets, computers, dan geer, rootkits, security, vulnerabilities

Acer, Gateway Continue To Roll Up Every Has-Been PC Maker

from the who-else-is-out-there...? dept

Anyone have a circa 1993 copy of Computer Shopper magazine/catalog out there? You might want to open to any random old page and see who Gateway is going to merge with next. Back in August, Acer announced plans to buy Gateway -- and while the announcement included some info about intentions to also roll Packard Bell into the deal, that part of the deal has only just been confirmed. Basically, Acer is giving Gateway the money to buy Packard Bell, which will then be included in the Acer acquisition. Of course, Gateway also bought eMachines a few years back, though that's one company that didn't exist back in the 1993 Computer Shopper era. However, if you do remember Computer Shopper in those days, it was dominated by ads from these companies, along with Dell and Micron. Are there still any other mostly forgotten also-ran PC makers from the early 90's that are available for the new Acer/Gateway/PackardBell to buy?

Filed Under: computers
Companies: acer, gateway, packard bell

Geek House Call Services: Expensive, Wrong And Could Be Stealing Your Data

from the the-used-car-salesmen-of-the-computer-world dept

As less tech savvy folks start having computer problems, if they don't have in-house tech support (i.e., kids living at home) they tend to call or visit one of the growing number of computer fixit services -- many of which advertise the fact that they'll come to your home and fix your computer. The problem, though, is that they're pretty expensive, have little training and quite often completely screw up the diagnosis. On top of that, they may snoop around your computer or even download your hard drive. Many people probably suspected this, but when a Canadian TV station put ten such companies to the test with an easy-to-diagnose computer problem only three out of the ten accurately diagnosed the problem -- and then all three charged huge markups on the replacement part to fix it. Six out of the ten got the diagnosis completely wrong and one just gave up (but didn't charge anything either). Many suggested expensive other alternatives -- with a few suggesting that the customer just buy a new computer, even though all the computer really needed was a replacement RAM chip. Then there was the one guy who showed up late, completely misdiagnosed the problem (before he'd even opened the case), told the customer she had to send the computer to a special clean room that would cost $2,000 and then (without getting permission) downloaded the contents of her hard drive to his laptop (which he didn't delete before leaving). The broadcast also interviewed some former technicians who noted that they rarely received much in the way of training, and were often encouraged to charge as much as possible and always be selling other products. The final recommendation from the TV program? Go online, do some research and try to fix things yourself.

Filed Under: computers
Companies: geek squad

Computer Component Prices Flipping Around Again

from the back-and-forth-and-back-again dept

The market for PCs and PC components continues to give off mixed signals. Earlier this month, there were reports that the PC makers would enjoy comfortable profits, as component prices were looking soft. Then, barely a week later, the opposite view came to prominence, as analysts and chipmakers alike called for good times. Now things are flipping once again, as DRAM prices are expected to collapse, with weakness continuing through the end of the year. Meanwhile, hard drive maker Seagate is upping its forecast, citing strong PC and mobile volumes. With all of these markets flipping around on a week-to-week basis, it should be pretty clear that there are very few significant trends here. In the long term, you can predict that component prices will continue to decline in price, just as all technology does, but it's not particularly worthwhile to read deeply into short term price and volume changes.

Filed Under: chips, computers, pcs

For Now, Big PC Makers May Benefit From Lower Costs

from the fleeting-profits dept

Commoditization is always a threat to PC manufacturers like HP and Dell, although by most accounts HP has done a better job of differentiating its products than the competition. But there's also an upside to commodization for these companies: cheaper components. A new research note from a Wall Street analyst argues that both HP and Dell will realize meaningful benefits from cheaper components when they report their coming quarterly earnings. In addition to lower DRAM and LCD prices, the ongoing price war between Intel and AMD will prove particularly beneficial. Whether these companies are actually taking advantage of these savings or whether they've been forced to completely pass them on to consumers depends on the market dynamics. Between Dell and HP, they may have enough of a grip on the market to avoid an all-out price war themselves, but such a situation can only be temporary as they'll be forced to cut their own prices eventually.

Filed Under: chips, computers
Companies: amd, dell, hp, intel

Congressional Computer Crashes: Congressional Reps Too Confused To Vote

from the oh-no! dept

It's no secret that many members of Congress seem to not understand technology issues, but they sure don't seem to like it when their own technology malfunctions. The Raw Feed points us to the news that the Congressional computer that shows vote tallies in the House of Representatives went on the fritz Friday afternoon, leaving those poor Congressional Representatives with no large monitor to tell them how their colleagues were voting. Apparently, without having this information being prominently displayed, some were concerned that they wouldn't know if their votes were being accurately counted (they were), and therefore began debating whether voting should cease until the computer was fixed. Rep. Joe Barton pointed out that each side had their own computers with tallies, and if those tallies matched up, it seemed silly to delay the voting, but eventually the Representatives decided it was just too difficult and recessed while the machines were fixed. What ever did they do before computers?

Filed Under: computers, congress
Companies: congress

Taiwanese Contract Manufacturers Set Sights On Brand-Name Prize

from the store-brand-soda dept

Despite manufacturing plenty of the most recognizable electronics products in the world, and making plenty of money, the names of most Taiwanese contract manufacturers aren't familiar to consumers. For instance, Hon Hai Precision Industry generated revenues of more than $26 billion last year by making products for Apple, Dell, HP and other companies. But the Taiwanese firms are increasingly trying to leverage their experience and expertise by establishing their own consumer brands and using them to boost their product margins. Contract manufacturing is a low-margin, volume based business: for instance, one analyst says contract manufacturers of laptops have 3-5% margins; compare that to the 40% or more Apple enjoys on iPods. But growing the brands can be a tricky proposition, and not just because the companies are looking to enter new and unfamiliar consumer markets. The problem is that these companies are looking to become competitors to their biggest customers: for instance High Tech Computer, which makes mobile phones for a variety of companies, is building up its HTC consumer brand, and competing with clients like HP and Palm in the process. Some are trying to get around this by splitting off their consumer operations from their contract-manufacturing businesses, such as Acer did successfully several years ago. Still, that's not the only obstacle. Getting the consumer marketing right remains a big issue -- particularly when the new consumer brands are competing against companies for which marketing, not manufacturing, is a specialty.

Filed Under: computers, contract manufacturing, electronics
Companies: apple, dell, hon hai, hp, htc, palm