<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article10_03_12_1651253</id>
	<title>Security Industry Faces Attacks It Can't Stop</title>
	<author>kdawson</author>
	<datestamp>1268418180000</datestamp>
	<htmltext>itwbennett writes <i>"The takedown of the Mariposa botnet and so-called advanced persistent threat attacks, such as the one that compromised Google systems in early December, were hot topics at the RSA conference last week. What both Mariposa and the Google attacks illustrate, and what went largely unsaid at RSA, was that the <a href="http://www.itworld.com/security/100320/security-industry-faces-attacks-it-cannot-stop">security industry has failed to protect paying customers</a> from some of today's most pernicious threats, writes Robert McMillan. Traditional security products are simply not much help, said Alex Stamos, a partner with Isec Partners, one of the companies investigating the APT attacks. 'All of the victims we've worked with had perfectly installed antivirus,' he said. 'They all had intrusion detection systems and several had Web proxies scan content.'"</i></htmltext>
<tokenext>itwbennett writes " The takedown of the Mariposa botnet and so-called advanced persistent threat attacks , such as the one that compromised Google systems in early December , were hot topics at the RSA conference last week .
What both Mariposa and the Google attacks illustrate , and what went largely unsaid at RSA , was that the security industry has failed to protect paying customers from some of today 's most pernicious threats , writes Robert McMillan .
Traditional security products are simply not much help , said Alex Stamos , a partner with Isec Partners , one of the companies investigating the APT attacks .
'All of the victims we 've worked with had perfectly installed antivirus, ' he said .
'They all had intrusion detection systems and several had Web proxies scan content .
' "</tokentext>
<sentencetext>itwbennett writes "The takedown of the Mariposa botnet and so-called advanced persistent threat attacks, such as the one that compromised Google systems in early December, were hot topics at the RSA conference last week.
What both Mariposa and the Google attacks illustrate, and what went largely unsaid at RSA, was that the security industry has failed to protect paying customers from some of today's most pernicious threats, writes Robert McMillan.
Traditional security products are simply not much help, said Alex Stamos, a partner with Isec Partners, one of the companies investigating the APT attacks.
'All of the victims we've worked with had perfectly installed antivirus,' he said.
'They all had intrusion detection systems and several had Web proxies scan content.
'"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454612</id>
	<title>Re:First</title>
	<author>Anonymous</author>
	<datestamp>1268423580000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>How can a perfectly installed AV detect a new virus or malware that does not have a previously identified signature? Or is being implemented in an entirely new way which is not currently in the AV or security programs list of possible intrusion scenarios? Av and security programs are nothing more than window dressing allowing IT execs to say look we are doing all we can to prevent these problems what else can I do? Their bosses see the programs running and believe they are safe.</p><p>An AV program will never prevent new viruses, once a new virus is in the wild it will infect a certain amount of users, once it is recognized to be a new virus the AV companies will create a definition for it. There are always a few unlucky ones who will be infected, this is a given. But not something any AV company will admit too. At this point it is the responsibility of the IT staff to do the only guaranteed thing which will remove the virus, format the drive and reinstall the OS. Too many people feel they can remove the infection, and while this may be true in a very limited amount of cases, there is always the possibility that the virus your AV has recognized is a variant which is still unknown.</p><p>Let's face it, the only reason people realize they have a virus is because their computer starts acting "funny". A well written virus may never produce any indications of an issue and may go on working happily until either the usr renews their AV program or retires their computer.</p></htmltext>
<tokenext>How can a perfectly installed AV detect a new virus or malware that does not have a previously identified signature ?
Or is being implemented in an entirely new way which is not currently in the AV or security programs list of possible intrusion scenarios ?
Av and security programs are nothing more than window dressing allowing IT execs to say look we are doing all we can to prevent these problems what else can I do ?
Their bosses see the programs running and believe they are safe.An AV program will never prevent new viruses , once a new virus is in the wild it will infect a certain amount of users , once it is recognized to be a new virus the AV companies will create a definition for it .
There are always a few unlucky ones who will be infected , this is a given .
But not something any AV company will admit too .
At this point it is the responsibility of the IT staff to do the only guaranteed thing which will remove the virus , format the drive and reinstall the OS .
Too many people feel they can remove the infection , and while this may be true in a very limited amount of cases , there is always the possibility that the virus your AV has recognized is a variant which is still unknown.Let 's face it , the only reason people realize they have a virus is because their computer starts acting " funny " .
A well written virus may never produce any indications of an issue and may go on working happily until either the usr renews their AV program or retires their computer .</tokentext>
<sentencetext>How can a perfectly installed AV detect a new virus or malware that does not have a previously identified signature?
Or is being implemented in an entirely new way which is not currently in the AV or security programs list of possible intrusion scenarios?
Av and security programs are nothing more than window dressing allowing IT execs to say look we are doing all we can to prevent these problems what else can I do?
Their bosses see the programs running and believe they are safe.An AV program will never prevent new viruses, once a new virus is in the wild it will infect a certain amount of users, once it is recognized to be a new virus the AV companies will create a definition for it.
There are always a few unlucky ones who will be infected, this is a given.
But not something any AV company will admit too.
At this point it is the responsibility of the IT staff to do the only guaranteed thing which will remove the virus, format the drive and reinstall the OS.
Too many people feel they can remove the infection, and while this may be true in a very limited amount of cases, there is always the possibility that the virus your AV has recognized is a variant which is still unknown.Let's face it, the only reason people realize they have a virus is because their computer starts acting "funny".
A well written virus may never produce any indications of an issue and may go on working happily until either the usr renews their AV program or retires their computer.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31464718</id>
	<title>windoze patching=rootkit</title>
	<author>minstrelmike</author>
	<datestamp>1268503740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The way Windows is setup, they have a built-in rootkit path for applying patches (stuff that must be written to OS files). Those helpdesk apps that take over your computer or let someone else see your screen work off the same 'exploits.' Don't expect any of those capabilities to go away (and don't assume Linux, VMS, OSX and all other opsys's aren't equally as vulnerable).</htmltext>
<tokenext>The way Windows is setup , they have a built-in rootkit path for applying patches ( stuff that must be written to OS files ) .
Those helpdesk apps that take over your computer or let someone else see your screen work off the same 'exploits .
' Do n't expect any of those capabilities to go away ( and do n't assume Linux , VMS , OSX and all other opsys 's are n't equally as vulnerable ) .</tokentext>
<sentencetext>The way Windows is setup, they have a built-in rootkit path for applying patches (stuff that must be written to OS files).
Those helpdesk apps that take over your computer or let someone else see your screen work off the same 'exploits.
' Don't expect any of those capabilities to go away (and don't assume Linux, VMS, OSX and all other opsys's aren't equally as vulnerable).</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454698</id>
	<title>Re:I'll give you a clue...</title>
	<author>sabs</author>
	<datestamp>1268423940000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>Are you trying to say that Google uses MS Windows for it's websites and database servers?</p></htmltext>
<tokenext>Are you trying to say that Google uses MS Windows for it 's websites and database servers ?</tokentext>
<sentencetext>Are you trying to say that Google uses MS Windows for it's websites and database servers?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454380</id>
	<title>Re:I'll give you a clue...</title>
	<author>Often\_Censored</author>
	<datestamp>1268422560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>There are some problems that you have to pay money to have.</htmltext>
<tokenext>There are some problems that you have to pay money to have .</tokentext>
<sentencetext>There are some problems that you have to pay money to have.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456190</id>
	<title>Re:So why not change it?</title>
	<author>flatrock</author>
	<datestamp>1268387040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Operating systems already do try to block access to OS files.  However, administrators still have to be able to modify such files, and some services have to be able to modify such files.</p><p>So hackers find bugs in software that allow them to run code with administrator privlidges.</p><p>Once they find one, their actions appear ligitimate because the process has the appropriate privledges.</p><p>The kind of testing you have to do to write software that is nearly bug free, such as how control software for airplanes is developed is incredibly time and cost prohibitive.  You end up spending on the order of $1000 per line of code by the time you are done with the entire development and testing process in such systems.  Obviously that isn't practical for consumer operating systems and applications, and even then you only have such security and stability by stripping out any non-essential functionality.</p><p>If you want flexibility, extensibility, and variety, you are going to have to accept that you are going to have bugs and vulnerabilities.  Good design and development practices can help a lot, but the tradeoff still has to be made.</p></htmltext>
<tokenext>Operating systems already do try to block access to OS files .
However , administrators still have to be able to modify such files , and some services have to be able to modify such files.So hackers find bugs in software that allow them to run code with administrator privlidges.Once they find one , their actions appear ligitimate because the process has the appropriate privledges.The kind of testing you have to do to write software that is nearly bug free , such as how control software for airplanes is developed is incredibly time and cost prohibitive .
You end up spending on the order of $ 1000 per line of code by the time you are done with the entire development and testing process in such systems .
Obviously that is n't practical for consumer operating systems and applications , and even then you only have such security and stability by stripping out any non-essential functionality.If you want flexibility , extensibility , and variety , you are going to have to accept that you are going to have bugs and vulnerabilities .
Good design and development practices can help a lot , but the tradeoff still has to be made .</tokentext>
<sentencetext>Operating systems already do try to block access to OS files.
However, administrators still have to be able to modify such files, and some services have to be able to modify such files.So hackers find bugs in software that allow them to run code with administrator privlidges.Once they find one, their actions appear ligitimate because the process has the appropriate privledges.The kind of testing you have to do to write software that is nearly bug free, such as how control software for airplanes is developed is incredibly time and cost prohibitive.
You end up spending on the order of $1000 per line of code by the time you are done with the entire development and testing process in such systems.
Obviously that isn't practical for consumer operating systems and applications, and even then you only have such security and stability by stripping out any non-essential functionality.If you want flexibility, extensibility, and variety, you are going to have to accept that you are going to have bugs and vulnerabilities.
Good design and development practices can help a lot, but the tradeoff still has to be made.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456492</id>
	<title>Re:No. The core problem goes deeper.</title>
	<author>Lunix Nutcase</author>
	<datestamp>1268388240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Program writing to where it should not? Prompt user for administration password and ask if it's ok to do so. Seems to be that MOST people like it contrary to what you think.</p></div><p>Which is not the same as what was being asked for in what I responded to.  But Windows does the same thing since Vista.</p></div>
	</htmltext>
<tokenext>Program writing to where it should not ?
Prompt user for administration password and ask if it 's ok to do so .
Seems to be that MOST people like it contrary to what you think.Which is not the same as what was being asked for in what I responded to .
But Windows does the same thing since Vista .</tokentext>
<sentencetext>Program writing to where it should not?
Prompt user for administration password and ask if it's ok to do so.
Seems to be that MOST people like it contrary to what you think.Which is not the same as what was being asked for in what I responded to.
But Windows does the same thing since Vista.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455074</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454828</id>
	<title>Re:Stating the obvious</title>
	<author>owlstead</author>
	<datestamp>1268424480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>People modding this insightful should get a clue-stick. The best defense is relying on systems that have more security build in, not on the end user. The end user will always be clueless and rightfully so. The end user has stopped being computer fanatic for almost 2 decades. And there is a lot of things that can be improved. Buffer overruns should be a thing of the past, applications should not start out with permissions that lie outside their intended use (MS implemented that for IE, which was a seriously good move).</p><p>Of course, anyone should still have control over their computer and so there will be users that continue to be a thread. We should of course point out to the users that what they are doing is stupid. But we should also build systems that protect the users as much as possible, and (if that does not help) systems that protect against user stupidity.</p></htmltext>
<tokenext>People modding this insightful should get a clue-stick .
The best defense is relying on systems that have more security build in , not on the end user .
The end user will always be clueless and rightfully so .
The end user has stopped being computer fanatic for almost 2 decades .
And there is a lot of things that can be improved .
Buffer overruns should be a thing of the past , applications should not start out with permissions that lie outside their intended use ( MS implemented that for IE , which was a seriously good move ) .Of course , anyone should still have control over their computer and so there will be users that continue to be a thread .
We should of course point out to the users that what they are doing is stupid .
But we should also build systems that protect the users as much as possible , and ( if that does not help ) systems that protect against user stupidity .</tokentext>
<sentencetext>People modding this insightful should get a clue-stick.
The best defense is relying on systems that have more security build in, not on the end user.
The end user will always be clueless and rightfully so.
The end user has stopped being computer fanatic for almost 2 decades.
And there is a lot of things that can be improved.
Buffer overruns should be a thing of the past, applications should not start out with permissions that lie outside their intended use (MS implemented that for IE, which was a seriously good move).Of course, anyone should still have control over their computer and so there will be users that continue to be a thread.
We should of course point out to the users that what they are doing is stupid.
But we should also build systems that protect the users as much as possible, and (if that does not help) systems that protect against user stupidity.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468282</id>
	<title>*NIX variants allow javascript: They're no better</title>
	<author>Anonymous</author>
	<datestamp>1268487240000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>See the subject-line above, &amp; realize 1 thing: Since your *NIX variants allow javascript to run in webbrowsers or HTML-based emails, or other scriptable document types even (such as Adobe<nobr> <wbr></nobr>.pdf files that are malcripted), they're just as attackable... period.  The only reason your *NIX variants aren't attacked as much is that they don't represent enough of an "attack surface" to go after (they have the "advantage" of "security-by-obscurity"), &amp; since Windows represents a good 95\% or so of the actual user-base out there, it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Widnows, vs. other OS type variants (especially using attack mechanisms of the kind I noted above, which are just as useable on *NIX variants as they are on Windows).</p></htmltext>
<tokenext>See the subject-line above , &amp; realize 1 thing : Since your * NIX variants allow javascript to run in webbrowsers or HTML-based emails , or other scriptable document types even ( such as Adobe .pdf files that are malcripted ) , they 're just as attackable... period. The only reason your * NIX variants are n't attacked as much is that they do n't represent enough of an " attack surface " to go after ( they have the " advantage " of " security-by-obscurity " ) , &amp; since Windows represents a good 95 \ % or so of the actual user-base out there , it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Widnows , vs. other OS type variants ( especially using attack mechanisms of the kind I noted above , which are just as useable on * NIX variants as they are on Windows ) .</tokentext>
<sentencetext>See the subject-line above, &amp; realize 1 thing: Since your *NIX variants allow javascript to run in webbrowsers or HTML-based emails, or other scriptable document types even (such as Adobe .pdf files that are malcripted), they're just as attackable... period.  The only reason your *NIX variants aren't attacked as much is that they don't represent enough of an "attack surface" to go after (they have the "advantage" of "security-by-obscurity"), &amp; since Windows represents a good 95\% or so of the actual user-base out there, it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Widnows, vs. other OS type variants (especially using attack mechanisms of the kind I noted above, which are just as useable on *NIX variants as they are on Windows).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455024</id>
	<title>Re:No. The core problem goes deeper.</title>
	<author>Lumpy</author>
	<datestamp>1268425320000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>You mean like how OSX and Linux does WITHOUT Antivirus?</p><p>It's called permission.   yes you can still get past the user by confusing of tricking them.   but any OS that allows a user (not a superuser but a regular user) to run a program that silently infects a system file is a defective and poorly written system.</p><p>People claim that OSX has no viruses because it's a tiny target.   Most people that have a mac have a lot more money than a PC user, that makes them a juicy target for stealing info.  yet I still dont see the flood of problems under OSX. Why?  it's the underlying security model of the OS that BSD brought to the table and that Linux also has.   Your userland app CAN NOT WRITE TO OS FILES without permission.</p><p>To hell with telling good from bad, let's violently force all OS's to stop the poorly designed behavior of allowing ANY app to happily write to system files.  That mans getting rid of the security nightmare abortion that is the registry.</p></htmltext>
<tokenext>You mean like how OSX and Linux does WITHOUT Antivirus ? It 's called permission .
yes you can still get past the user by confusing of tricking them .
but any OS that allows a user ( not a superuser but a regular user ) to run a program that silently infects a system file is a defective and poorly written system.People claim that OSX has no viruses because it 's a tiny target .
Most people that have a mac have a lot more money than a PC user , that makes them a juicy target for stealing info .
yet I still dont see the flood of problems under OSX .
Why ? it 's the underlying security model of the OS that BSD brought to the table and that Linux also has .
Your userland app CAN NOT WRITE TO OS FILES without permission.To hell with telling good from bad , let 's violently force all OS 's to stop the poorly designed behavior of allowing ANY app to happily write to system files .
That mans getting rid of the security nightmare abortion that is the registry .</tokentext>
<sentencetext>You mean like how OSX and Linux does WITHOUT Antivirus?It's called permission.
yes you can still get past the user by confusing of tricking them.
but any OS that allows a user (not a superuser but a regular user) to run a program that silently infects a system file is a defective and poorly written system.People claim that OSX has no viruses because it's a tiny target.
Most people that have a mac have a lot more money than a PC user, that makes them a juicy target for stealing info.
yet I still dont see the flood of problems under OSX.
Why?  it's the underlying security model of the OS that BSD brought to the table and that Linux also has.
Your userland app CAN NOT WRITE TO OS FILES without permission.To hell with telling good from bad, let's violently force all OS's to stop the poorly designed behavior of allowing ANY app to happily write to system files.
That mans getting rid of the security nightmare abortion that is the registry.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456898</id>
	<title>Re:failed?</title>
	<author>bangwhistle</author>
	<datestamp>1268389860000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Indeed.  Risk can never be reduced to zero, and the closer you get the more you have to spend.  Analogies are a minefield on<nobr> <wbr></nobr>/. but here goes: we have laws and police forces, yet still people are murdered and robbed.  I don't think we can completely protect against security threats any more than we can block any other form of crime.  There's the old saw that says you can make your computer system safe by cutting it off from all networks, encasing it in cement and sinking it in the ocean.  But systems need to communicate, and people need to interact with each other.  Each presents an opportunity for misbehavior.  We do what we can with multiple forms of technical protection, user education, reliance on reputation and yes, cure when prevention doesn't work.  Saying "get rid of Windows" or "don't grant admin rights" only reduces, not eliminates, the risk.</htmltext>
<tokenext>Indeed .
Risk can never be reduced to zero , and the closer you get the more you have to spend .
Analogies are a minefield on / .
but here goes : we have laws and police forces , yet still people are murdered and robbed .
I do n't think we can completely protect against security threats any more than we can block any other form of crime .
There 's the old saw that says you can make your computer system safe by cutting it off from all networks , encasing it in cement and sinking it in the ocean .
But systems need to communicate , and people need to interact with each other .
Each presents an opportunity for misbehavior .
We do what we can with multiple forms of technical protection , user education , reliance on reputation and yes , cure when prevention does n't work .
Saying " get rid of Windows " or " do n't grant admin rights " only reduces , not eliminates , the risk .</tokentext>
<sentencetext>Indeed.
Risk can never be reduced to zero, and the closer you get the more you have to spend.
Analogies are a minefield on /.
but here goes: we have laws and police forces, yet still people are murdered and robbed.
I don't think we can completely protect against security threats any more than we can block any other form of crime.
There's the old saw that says you can make your computer system safe by cutting it off from all networks, encasing it in cement and sinking it in the ocean.
But systems need to communicate, and people need to interact with each other.
Each presents an opportunity for misbehavior.
We do what we can with multiple forms of technical protection, user education, reliance on reputation and yes, cure when prevention doesn't work.
Saying "get rid of Windows" or "don't grant admin rights" only reduces, not eliminates, the risk.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455108</id>
	<title>Re:In summary;</title>
	<author>Anonymous</author>
	<datestamp>1268425620000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>Your operating system has been, always will be insecure. No amount of anti this, anti that or how update date your system is; it is not safe to use for any kind of sensitive data if it is connected to a network.<br> <br>

Fixed that for you.</htmltext>
<tokenext>Your operating system has been , always will be insecure .
No amount of anti this , anti that or how update date your system is ; it is not safe to use for any kind of sensitive data if it is connected to a network .
Fixed that for you .</tokentext>
<sentencetext>Your operating system has been, always will be insecure.
No amount of anti this, anti that or how update date your system is; it is not safe to use for any kind of sensitive data if it is connected to a network.
Fixed that for you.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454854</id>
	<title>Re:So why not change it?</title>
	<author>vadim\_t</author>
	<datestamp>1268424660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>Exactly. Which is why that needs to change. Instead of trying to chase the latest variant of a threat, why not save time and effort and identify the LEGITIMATE files? Then, if something is trying to write a file to the OS portion of your drive, and that file is not recognized, it should block it (and MAYBE allow the user to override it after a few hoops and maybe online comparisons with the latest threat databases).</p></div></blockquote><p>And just how is that going to work?</p><p>The main threat are executables. You could require signatures. However, not everything will be signed. Heck, many drivers still aren't. So inevitably the user will run into something unsigned they want to run. At that point they'll ignore/disable the signature warning, and happily install any trojan that comes along.</p><p>Or you could reverse the antivirus idea, and build a giant database of checksums. It'll need a checksum for every obscure software out there, in every possible version. WoW released an update today? You can't play until the DB gets updated. At that the user will ignore/disable the signature warning, and happily install any trojan that comes along. Add to that that no company will analyze every byte of every binary, and them listing a trojaned version as valid is quite possible.</p><p>Even if that somehow worked perfectly, you still have to deal with exploits, like images crafted to expoloit the decoder. You can't possibly whitelist every legitimate image.</p><p>Any signature based system only works well within tight constraints that are impractical on desktop computers. Time would be much better spent on creating sandboxes, tightening permissions and fixing ways to exploit a program, so that if something gets in, it can't do anything anyway. But there's little interest for antivirus vendors in that, as if we got there there wouldn't be improved versions or database updates to sell.</p></div>
	</htmltext>
<tokenext>Exactly .
Which is why that needs to change .
Instead of trying to chase the latest variant of a threat , why not save time and effort and identify the LEGITIMATE files ?
Then , if something is trying to write a file to the OS portion of your drive , and that file is not recognized , it should block it ( and MAYBE allow the user to override it after a few hoops and maybe online comparisons with the latest threat databases ) .And just how is that going to work ? The main threat are executables .
You could require signatures .
However , not everything will be signed .
Heck , many drivers still are n't .
So inevitably the user will run into something unsigned they want to run .
At that point they 'll ignore/disable the signature warning , and happily install any trojan that comes along.Or you could reverse the antivirus idea , and build a giant database of checksums .
It 'll need a checksum for every obscure software out there , in every possible version .
WoW released an update today ?
You ca n't play until the DB gets updated .
At that the user will ignore/disable the signature warning , and happily install any trojan that comes along .
Add to that that no company will analyze every byte of every binary , and them listing a trojaned version as valid is quite possible.Even if that somehow worked perfectly , you still have to deal with exploits , like images crafted to expoloit the decoder .
You ca n't possibly whitelist every legitimate image.Any signature based system only works well within tight constraints that are impractical on desktop computers .
Time would be much better spent on creating sandboxes , tightening permissions and fixing ways to exploit a program , so that if something gets in , it ca n't do anything anyway .
But there 's little interest for antivirus vendors in that , as if we got there there would n't be improved versions or database updates to sell .</tokentext>
<sentencetext>Exactly.
Which is why that needs to change.
Instead of trying to chase the latest variant of a threat, why not save time and effort and identify the LEGITIMATE files?
Then, if something is trying to write a file to the OS portion of your drive, and that file is not recognized, it should block it (and MAYBE allow the user to override it after a few hoops and maybe online comparisons with the latest threat databases).And just how is that going to work?The main threat are executables.
You could require signatures.
However, not everything will be signed.
Heck, many drivers still aren't.
So inevitably the user will run into something unsigned they want to run.
At that point they'll ignore/disable the signature warning, and happily install any trojan that comes along.Or you could reverse the antivirus idea, and build a giant database of checksums.
It'll need a checksum for every obscure software out there, in every possible version.
WoW released an update today?
You can't play until the DB gets updated.
At that the user will ignore/disable the signature warning, and happily install any trojan that comes along.
Add to that that no company will analyze every byte of every binary, and them listing a trojaned version as valid is quite possible.Even if that somehow worked perfectly, you still have to deal with exploits, like images crafted to expoloit the decoder.
You can't possibly whitelist every legitimate image.Any signature based system only works well within tight constraints that are impractical on desktop computers.
Time would be much better spent on creating sandboxes, tightening permissions and fixing ways to exploit a program, so that if something gets in, it can't do anything anyway.
But there's little interest for antivirus vendors in that, as if we got there there wouldn't be improved versions or database updates to sell.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31458886</id>
	<title>Re:Not that hard to believe...</title>
	<author>Anonymous</author>
	<datestamp>1268398440000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Perhaps, rather, a typical salary minus all the government imposed taxes and fees (both employer and employee?)</p></htmltext>
<tokenext>Perhaps , rather , a typical salary minus all the government imposed taxes and fees ( both employer and employee ?
)</tokentext>
<sentencetext>Perhaps, rather, a typical salary minus all the government imposed taxes and fees (both employer and employee?
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454434</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454450</id>
	<title>Multiple Anti-Virus Programs</title>
	<author>DIplomatic</author>
	<datestamp>1268422800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Another problem is that most companies only pay for 1 Anti-Virus Program but that leaves their computers vulnerable to anything that particular piece of software doesn't catch. <p>I work corporate IT and I periodically sit down at each machine and run 3 or 4 virus scans in addition to the one installed on every workstation, but this is a lot of effort. Infections slip by our real-time scan all the time.</p></htmltext>
<tokenext>Another problem is that most companies only pay for 1 Anti-Virus Program but that leaves their computers vulnerable to anything that particular piece of software does n't catch .
I work corporate IT and I periodically sit down at each machine and run 3 or 4 virus scans in addition to the one installed on every workstation , but this is a lot of effort .
Infections slip by our real-time scan all the time .</tokentext>
<sentencetext>Another problem is that most companies only pay for 1 Anti-Virus Program but that leaves their computers vulnerable to anything that particular piece of software doesn't catch.
I work corporate IT and I periodically sit down at each machine and run 3 or 4 virus scans in addition to the one installed on every workstation, but this is a lot of effort.
Infections slip by our real-time scan all the time.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454694</id>
	<title>Re:Stating the obvious</title>
	<author>mcgrew</author>
	<datestamp>1268423940000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><i>AntiVirus is imperfect as it relies on signatures and known processes</i></p><p>I wouldn't say "imperfect", I'd say "flawed". The industry needs to rethink its methodology and come up with something that actually works. User education would be a start, but even that's not enough.</p></htmltext>
<tokenext>AntiVirus is imperfect as it relies on signatures and known processesI would n't say " imperfect " , I 'd say " flawed " .
The industry needs to rethink its methodology and come up with something that actually works .
User education would be a start , but even that 's not enough .</tokentext>
<sentencetext>AntiVirus is imperfect as it relies on signatures and known processesI wouldn't say "imperfect", I'd say "flawed".
The industry needs to rethink its methodology and come up with something that actually works.
User education would be a start, but even that's not enough.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457136</id>
	<title>Re:In summary;</title>
	<author>jimicus</author>
	<datestamp>1268390700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>(Disclosure:  I am a Linux sysadmin and the company I work for has - right now - precisely zero backend infrastructure running Windows)</p><p>This is typical of the kind of comment which gets modded up to 5 almost immediately.</p><p>It's also utterly ignorant of current issues.</p><p>The traditional file infector virus where you have to run the infected application to get infected yourself is all but dead.  It's far more common for a modern virus to be spread by an infected email, a drive-by download exploiting either the browser or a plugin or worm-like techniques once behind the firewall. Frequently they are able to account for running under an account with reduced privileges and either use a local exploit to gain admin privs or simply live with reduced privileges - you don't need an enormous number of privileges to scan through a user's home directory and forward anything that looks interesting to a remote server.  And they don't take over the computer so obviously (eg.  slow it to a crawl and make attempts to browse to mcafee.com magically stop working) that any fool could see there is something wrong.</p><p>There is nothing intrinsic to Windows which makes client software more susceptible to these things - or, for that matter, that makes client software in Linux less susceptible.  About the only real difference is that Linux admins have known for years that the only way to trust a system that's been compromised is to wipe it and start again.</p></htmltext>
<tokenext>( Disclosure : I am a Linux sysadmin and the company I work for has - right now - precisely zero backend infrastructure running Windows ) This is typical of the kind of comment which gets modded up to 5 almost immediately.It 's also utterly ignorant of current issues.The traditional file infector virus where you have to run the infected application to get infected yourself is all but dead .
It 's far more common for a modern virus to be spread by an infected email , a drive-by download exploiting either the browser or a plugin or worm-like techniques once behind the firewall .
Frequently they are able to account for running under an account with reduced privileges and either use a local exploit to gain admin privs or simply live with reduced privileges - you do n't need an enormous number of privileges to scan through a user 's home directory and forward anything that looks interesting to a remote server .
And they do n't take over the computer so obviously ( eg .
slow it to a crawl and make attempts to browse to mcafee.com magically stop working ) that any fool could see there is something wrong.There is nothing intrinsic to Windows which makes client software more susceptible to these things - or , for that matter , that makes client software in Linux less susceptible .
About the only real difference is that Linux admins have known for years that the only way to trust a system that 's been compromised is to wipe it and start again .</tokentext>
<sentencetext>(Disclosure:  I am a Linux sysadmin and the company I work for has - right now - precisely zero backend infrastructure running Windows)This is typical of the kind of comment which gets modded up to 5 almost immediately.It's also utterly ignorant of current issues.The traditional file infector virus where you have to run the infected application to get infected yourself is all but dead.
It's far more common for a modern virus to be spread by an infected email, a drive-by download exploiting either the browser or a plugin or worm-like techniques once behind the firewall.
Frequently they are able to account for running under an account with reduced privileges and either use a local exploit to gain admin privs or simply live with reduced privileges - you don't need an enormous number of privileges to scan through a user's home directory and forward anything that looks interesting to a remote server.
And they don't take over the computer so obviously (eg.
slow it to a crawl and make attempts to browse to mcafee.com magically stop working) that any fool could see there is something wrong.There is nothing intrinsic to Windows which makes client software more susceptible to these things - or, for that matter, that makes client software in Linux less susceptible.
About the only real difference is that Linux admins have known for years that the only way to trust a system that's been compromised is to wipe it and start again.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454342</id>
	<title>The antivirus companies are the exploit writers</title>
	<author>Orga</author>
	<datestamp>1268422380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>All of the victims we've worked with had perfectly installed antivirus

We all know they're just drumming up business for themselves.</htmltext>
<tokenext>All of the victims we 've worked with had perfectly installed antivirus We all know they 're just drumming up business for themselves .</tokentext>
<sentencetext>All of the victims we've worked with had perfectly installed antivirus

We all know they're just drumming up business for themselves.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457776</id>
	<title>Feces Attacks</title>
	<author>brundlefly</author>
	<datestamp>1268393400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Here's a fun game: any time you see the word "faces" in a headline, substitute in your mind the word "feces".</p><p>Ah, good times....</p></htmltext>
<tokenext>Here 's a fun game : any time you see the word " faces " in a headline , substitute in your mind the word " feces " .Ah , good times... .</tokentext>
<sentencetext>Here's a fun game: any time you see the word "faces" in a headline, substitute in your mind the word "feces".Ah, good times....</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455078</id>
	<title>Re:failed?</title>
	<author>Anonymous</author>
	<datestamp>1268425500000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Isn't it really the problem that the best possible security available under doze, taking significant time, cost and effort, is still not as good as the security you can get from, er, not using Windows at all and switching to something free?</p></htmltext>
<tokenext>Is n't it really the problem that the best possible security available under doze , taking significant time , cost and effort , is still not as good as the security you can get from , er , not using Windows at all and switching to something free ?</tokentext>
<sentencetext>Isn't it really the problem that the best possible security available under doze, taking significant time, cost and effort, is still not as good as the security you can get from, er, not using Windows at all and switching to something free?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457848</id>
	<title>Re:Industry slow to respond to challenges</title>
	<author>Anonymous</author>
	<datestamp>1268393640000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I'm sure this is obvious but QuickBooks has been around *forever*. It's had a lot of time to mature and a lot of time to in the market for feedback for improvement. Also, what QuickBooks does is commodity -- accounting is well understood by people and has been for a long time. I don't know which industry-specific software you're speaking about but the stuff I've used is has neither of these categories. It's usually new software for an emerging market, new software in general, or the market is so specialized that few people understand it.</p></htmltext>
<tokenext>I 'm sure this is obvious but QuickBooks has been around * forever * .
It 's had a lot of time to mature and a lot of time to in the market for feedback for improvement .
Also , what QuickBooks does is commodity -- accounting is well understood by people and has been for a long time .
I do n't know which industry-specific software you 're speaking about but the stuff I 've used is has neither of these categories .
It 's usually new software for an emerging market , new software in general , or the market is so specialized that few people understand it .</tokentext>
<sentencetext>I'm sure this is obvious but QuickBooks has been around *forever*.
It's had a lot of time to mature and a lot of time to in the market for feedback for improvement.
Also, what QuickBooks does is commodity -- accounting is well understood by people and has been for a long time.
I don't know which industry-specific software you're speaking about but the stuff I've used is has neither of these categories.
It's usually new software for an emerging market, new software in general, or the market is so specialized that few people understand it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454472</id>
	<title>Re:Stating the obvious</title>
	<author>Anonymous</author>
	<datestamp>1268422920000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><i>The sooner all end users are clued-in instead of clueless, the sooner we may have a ray of hope.</i></p><p>What could the end-user have done in this situation that would have caused a different outcome?</p></htmltext>
<tokenext>The sooner all end users are clued-in instead of clueless , the sooner we may have a ray of hope.What could the end-user have done in this situation that would have caused a different outcome ?</tokentext>
<sentencetext>The sooner all end users are clued-in instead of clueless, the sooner we may have a ray of hope.What could the end-user have done in this situation that would have caused a different outcome?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455338</id>
	<title>Re:failed?</title>
	<author>gclef</author>
	<datestamp>1268426580000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>The problem is somewhat more complex than that.  It's really a problem of inflation: the risk of getting hacked is increasing each year as new attack surfaces are found and new methods are invented.  This requires an ever-increasing amount of money to be spent on security in order to keep the risk constant (or nearly so).  So, reducing risk to a fixed range is becoming progressively more expensive each year, but the consequences of failure and the likelihood of the occurrences don't change with the extra money spent.  This is unsustainable.</p><p>An example: a company without anti-virus, gets hacked twice in a year due to emailed trojans being opened by users.  So they spend a year rolling out anti-virus across all their desktops...in the meantime the attackers have moved on to something that the a/v can't stop.  The result: the company is still getting hacked 1-2 times per year, just from different emails.  Adding the anti-virus has improved their security by preventing the old attacks, but it has not materially effected the end result: they're still getting hacked, and they're getting hacked just as often as before.</p><p>At some point, companies are going to say "enough" and stop increasing IT security budgets.  Some thing's got to give here, as they can't keep spending bigger and bigger portions of their IT budget treading water.</p></htmltext>
<tokenext>The problem is somewhat more complex than that .
It 's really a problem of inflation : the risk of getting hacked is increasing each year as new attack surfaces are found and new methods are invented .
This requires an ever-increasing amount of money to be spent on security in order to keep the risk constant ( or nearly so ) .
So , reducing risk to a fixed range is becoming progressively more expensive each year , but the consequences of failure and the likelihood of the occurrences do n't change with the extra money spent .
This is unsustainable.An example : a company without anti-virus , gets hacked twice in a year due to emailed trojans being opened by users .
So they spend a year rolling out anti-virus across all their desktops...in the meantime the attackers have moved on to something that the a/v ca n't stop .
The result : the company is still getting hacked 1-2 times per year , just from different emails .
Adding the anti-virus has improved their security by preventing the old attacks , but it has not materially effected the end result : they 're still getting hacked , and they 're getting hacked just as often as before.At some point , companies are going to say " enough " and stop increasing IT security budgets .
Some thing 's got to give here , as they ca n't keep spending bigger and bigger portions of their IT budget treading water .</tokentext>
<sentencetext>The problem is somewhat more complex than that.
It's really a problem of inflation: the risk of getting hacked is increasing each year as new attack surfaces are found and new methods are invented.
This requires an ever-increasing amount of money to be spent on security in order to keep the risk constant (or nearly so).
So, reducing risk to a fixed range is becoming progressively more expensive each year, but the consequences of failure and the likelihood of the occurrences don't change with the extra money spent.
This is unsustainable.An example: a company without anti-virus, gets hacked twice in a year due to emailed trojans being opened by users.
So they spend a year rolling out anti-virus across all their desktops...in the meantime the attackers have moved on to something that the a/v can't stop.
The result: the company is still getting hacked 1-2 times per year, just from different emails.
Adding the anti-virus has improved their security by preventing the old attacks, but it has not materially effected the end result: they're still getting hacked, and they're getting hacked just as often as before.At some point, companies are going to say "enough" and stop increasing IT security budgets.
Some thing's got to give here, as they can't keep spending bigger and bigger portions of their IT budget treading water.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454956</id>
	<title>Re:I'll give you a clue...</title>
	<author>Eugene O'Neil</author>
	<datestamp>1268425020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Yes, you can't just assume from the correlation that people must get more viruses because they install windows. You have to also consider the alternative explanation... that people install more windows <i>because they get viruses!</i></htmltext>
<tokenext>Yes , you ca n't just assume from the correlation that people must get more viruses because they install windows .
You have to also consider the alternative explanation... that people install more windows because they get viruses !</tokentext>
<sentencetext>Yes, you can't just assume from the correlation that people must get more viruses because they install windows.
You have to also consider the alternative explanation... that people install more windows because they get viruses!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454374</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454308</id>
	<title>Re:First</title>
	<author>Anonymous</author>
	<datestamp>1268422140000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>Perfectly perfect installs of antivirus? As in, perfect enough to be NSA backdoors? Other articles mentioned that the exploits were there because of NSA mandates for data access that we can safely assume to include internet-facing Windows computers. If that's true, then the NSA are a helluva lot more stupid(or lazy) than they claim to be.</p></div><p>Yeah and then Schneiner stated in a retraction that that wasn't the case.</p></div>
	</htmltext>
<tokenext>Perfectly perfect installs of antivirus ?
As in , perfect enough to be NSA backdoors ?
Other articles mentioned that the exploits were there because of NSA mandates for data access that we can safely assume to include internet-facing Windows computers .
If that 's true , then the NSA are a helluva lot more stupid ( or lazy ) than they claim to be.Yeah and then Schneiner stated in a retraction that that was n't the case .</tokentext>
<sentencetext>Perfectly perfect installs of antivirus?
As in, perfect enough to be NSA backdoors?
Other articles mentioned that the exploits were there because of NSA mandates for data access that we can safely assume to include internet-facing Windows computers.
If that's true, then the NSA are a helluva lot more stupid(or lazy) than they claim to be.Yeah and then Schneiner stated in a retraction that that wasn't the case.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457320</id>
	<title>Re:No. The core problem goes deeper.</title>
	<author>harl</author>
	<datestamp>1268391420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>*shrug*  Just exploit the system that lists what good files are.</p><p>Or the standard social engineering that goes on.  Just pop up a window that says, "omg windows is trying to install an important update.  Your machine will detonate sending shrapnel into your face if you don't click here."  Then the user lets the trojan onto the "good" list.</p><p>The average user can't tell what is a good file and what isn't.</p></htmltext>
<tokenext>* shrug * Just exploit the system that lists what good files are.Or the standard social engineering that goes on .
Just pop up a window that says , " omg windows is trying to install an important update .
Your machine will detonate sending shrapnel into your face if you do n't click here .
" Then the user lets the trojan onto the " good " list.The average user ca n't tell what is a good file and what is n't .</tokentext>
<sentencetext>*shrug*  Just exploit the system that lists what good files are.Or the standard social engineering that goes on.
Just pop up a window that says, "omg windows is trying to install an important update.
Your machine will detonate sending shrapnel into your face if you don't click here.
"  Then the user lets the trojan onto the "good" list.The average user can't tell what is a good file and what isn't.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454374</id>
	<title>Re:I'll give you a clue...</title>
	<author>Anonymous</author>
	<datestamp>1268422500000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>1</modscore>
	<htmltext><p>Funny, when a statement like that concerning any other subject appears on the front page, it gets a "CorelationIsNotCausation" tag.  But since it's an easy shot at MS, it gets modded up here...</p></htmltext>
<tokenext>Funny , when a statement like that concerning any other subject appears on the front page , it gets a " CorelationIsNotCausation " tag .
But since it 's an easy shot at MS , it gets modded up here.. .</tokentext>
<sentencetext>Funny, when a statement like that concerning any other subject appears on the front page, it gets a "CorelationIsNotCausation" tag.
But since it's an easy shot at MS, it gets modded up here...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457970</id>
	<title>Antivirus testing</title>
	<author>MillionthMonkey</author>
	<datestamp>1268394360000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>The problem is that the bad guys can buy this technology too, and test and re-test their attacks until they slip through. "Anybody can download and try every single antivirus engine against their malware before they ship it," Stamos said.</p></div><p>Ah, I have the solution. Antivirus software should keep the crap it finds a secret, in case bad guys are running it. That way, they'll never know!</p></div>
	</htmltext>
<tokenext>The problem is that the bad guys can buy this technology too , and test and re-test their attacks until they slip through .
" Anybody can download and try every single antivirus engine against their malware before they ship it , " Stamos said.Ah , I have the solution .
Antivirus software should keep the crap it finds a secret , in case bad guys are running it .
That way , they 'll never know !</tokentext>
<sentencetext>The problem is that the bad guys can buy this technology too, and test and re-test their attacks until they slip through.
"Anybody can download and try every single antivirus engine against their malware before they ship it," Stamos said.Ah, I have the solution.
Antivirus software should keep the crap it finds a secret, in case bad guys are running it.
That way, they'll never know!
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454546</id>
	<title>Re:No. The core problem goes deeper.</title>
	<author>Anonymous</author>
	<datestamp>1268423280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Here's a radical new concept. How about an antivirus program that BLOCKS file writes to the operating system UNLESS that file can be confirmed to be "good"?</p></div><p>And how do you think this is going to happen?  If it's manual then most users are going to just click through saying it's good all the time or when they get fed up by this behavior they'll just uninstall it.  If automatic, how exactly do you expect something to perfectly determine whether something is good or bad?  Because if it can't do it with 100\% accuracy, then you're going to get lots of complaints about bad files being thought of as good or good files being shitcanned as being bad.</p></div>
	</htmltext>
<tokenext>Here 's a radical new concept .
How about an antivirus program that BLOCKS file writes to the operating system UNLESS that file can be confirmed to be " good " ? And how do you think this is going to happen ?
If it 's manual then most users are going to just click through saying it 's good all the time or when they get fed up by this behavior they 'll just uninstall it .
If automatic , how exactly do you expect something to perfectly determine whether something is good or bad ?
Because if it ca n't do it with 100 \ % accuracy , then you 're going to get lots of complaints about bad files being thought of as good or good files being shitcanned as being bad .</tokentext>
<sentencetext>Here's a radical new concept.
How about an antivirus program that BLOCKS file writes to the operating system UNLESS that file can be confirmed to be "good"?And how do you think this is going to happen?
If it's manual then most users are going to just click through saying it's good all the time or when they get fed up by this behavior they'll just uninstall it.
If automatic, how exactly do you expect something to perfectly determine whether something is good or bad?
Because if it can't do it with 100\% accuracy, then you're going to get lots of complaints about bad files being thought of as good or good files being shitcanned as being bad.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31464370</id>
	<title>Re:So why not change it?</title>
	<author>Anonymous</author>
	<datestamp>1268500020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p> Instead of trying to chase the latest variant of a threat, why not save time and effort and identify the LEGITIMATE files?</p><p>There is a product commercially available that does this today. It is called McAfee Application Control (formerly Solidcore). This notion of application whitelisting is the only proactive measure against the increasingly daunting world of malware and variants.</p></htmltext>
<tokenext>Instead of trying to chase the latest variant of a threat , why not save time and effort and identify the LEGITIMATE files ? There is a product commercially available that does this today .
It is called McAfee Application Control ( formerly Solidcore ) .
This notion of application whitelisting is the only proactive measure against the increasingly daunting world of malware and variants .</tokentext>
<sentencetext> Instead of trying to chase the latest variant of a threat, why not save time and effort and identify the LEGITIMATE files?There is a product commercially available that does this today.
It is called McAfee Application Control (formerly Solidcore).
This notion of application whitelisting is the only proactive measure against the increasingly daunting world of malware and variants.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454712</id>
	<title>Re:Stating the obvious</title>
	<author>pastafazou</author>
	<datestamp>1268424000000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><i>In my opinion, as long as the security industry, and end-users as a whole, continue with the thought that end-user basic security ignorance is OK, things will never get better.</i> <br>
Just wait until YOU have kids.  You'll go off to work, secure in the fact that you're an enlightened end-user as far as security goes, and when you get home from work, you'll see how much damage kids can cause in the 2 hours between the end of their school day and the end of your work day.  <br>
And, when that happens, just let me say in advance:  HA HAH!<nobr> <wbr></nobr>/nelson voice</htmltext>
<tokenext>In my opinion , as long as the security industry , and end-users as a whole , continue with the thought that end-user basic security ignorance is OK , things will never get better .
Just wait until YOU have kids .
You 'll go off to work , secure in the fact that you 're an enlightened end-user as far as security goes , and when you get home from work , you 'll see how much damage kids can cause in the 2 hours between the end of their school day and the end of your work day .
And , when that happens , just let me say in advance : HA HAH !
/nelson voice</tokentext>
<sentencetext>In my opinion, as long as the security industry, and end-users as a whole, continue with the thought that end-user basic security ignorance is OK, things will never get better.
Just wait until YOU have kids.
You'll go off to work, secure in the fact that you're an enlightened end-user as far as security goes, and when you get home from work, you'll see how much damage kids can cause in the 2 hours between the end of their school day and the end of your work day.
And, when that happens, just let me say in advance:  HA HAH!
/nelson voice</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454286</id>
	<title>Security theater</title>
	<author>Anonymous</author>
	<datestamp>1268422020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>A lot of security theater is out there, but one thing is for certain:  you can dramatically lower your risk just by thinking for a minute before you click on some link/email/app/etc.</p></htmltext>
<tokenext>A lot of security theater is out there , but one thing is for certain : you can dramatically lower your risk just by thinking for a minute before you click on some link/email/app/etc .</tokentext>
<sentencetext>A lot of security theater is out there, but one thing is for certain:  you can dramatically lower your risk just by thinking for a minute before you click on some link/email/app/etc.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31464314</id>
	<title>we can stop these attacks</title>
	<author>Anonymous</author>
	<datestamp>1268499540000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I do agree that traditional security measures are insufficient to stop these attacks. The IT security landscape is an arms race right now, and if you are only using antivirus then you are bringing a knife to a gun fight. For example, McAfee offers an application whitelisting product that stopped the "google hack" from running on hosts: http://www.youtube.com/watch?v=LeYgq27zPw4</p><p>Also, McAfee has network products (like their web gateway http://www.youtube.com/mcafeetechnical#p/c/F7284D8F9389F0F0/9/rsg0KlCHZgk) that detected the attack at the perimeter and blocked it.</p><p>In my opinion, consumers and organizations are not taking the threats seriously enough. There are products on the market that could protect them, but they chose not to use them. Or, worse, they have bought them and have them woefully misconfigured.</p><p>There needs to be a shift from reactive measure like antivirus to pro-active measures like application whitelisting. Also, the ability to automatically write antivirus signatures is pretty cool (http://www.mcafee.com/us/enterprise/products/artemis\_technology/index.html) but not as effective as whitelisting.</p></htmltext>
<tokenext>I do agree that traditional security measures are insufficient to stop these attacks .
The IT security landscape is an arms race right now , and if you are only using antivirus then you are bringing a knife to a gun fight .
For example , McAfee offers an application whitelisting product that stopped the " google hack " from running on hosts : http : //www.youtube.com/watch ? v = LeYgq27zPw4Also , McAfee has network products ( like their web gateway http : //www.youtube.com/mcafeetechnical # p/c/F7284D8F9389F0F0/9/rsg0KlCHZgk ) that detected the attack at the perimeter and blocked it.In my opinion , consumers and organizations are not taking the threats seriously enough .
There are products on the market that could protect them , but they chose not to use them .
Or , worse , they have bought them and have them woefully misconfigured.There needs to be a shift from reactive measure like antivirus to pro-active measures like application whitelisting .
Also , the ability to automatically write antivirus signatures is pretty cool ( http : //www.mcafee.com/us/enterprise/products/artemis \ _technology/index.html ) but not as effective as whitelisting .</tokentext>
<sentencetext>I do agree that traditional security measures are insufficient to stop these attacks.
The IT security landscape is an arms race right now, and if you are only using antivirus then you are bringing a knife to a gun fight.
For example, McAfee offers an application whitelisting product that stopped the "google hack" from running on hosts: http://www.youtube.com/watch?v=LeYgq27zPw4Also, McAfee has network products (like their web gateway http://www.youtube.com/mcafeetechnical#p/c/F7284D8F9389F0F0/9/rsg0KlCHZgk) that detected the attack at the perimeter and blocked it.In my opinion, consumers and organizations are not taking the threats seriously enough.
There are products on the market that could protect them, but they chose not to use them.
Or, worse, they have bought them and have them woefully misconfigured.There needs to be a shift from reactive measure like antivirus to pro-active measures like application whitelisting.
Also, the ability to automatically write antivirus signatures is pretty cool (http://www.mcafee.com/us/enterprise/products/artemis\_technology/index.html) but not as effective as whitelisting.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454726</id>
	<title>Re:No. The core problem goes deeper.</title>
	<author>spinkham</author>
	<datestamp>1268424060000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>These exist, bit9 has one of the better ones out there. Also, the Unix package management system functions as a defacto whitelist approach.  The problem is whitelisting limits what you can install.  Adding programs to the whitelist is time intensive, and the major benefit of Windows is the fact that there's so much stuff out there you can run on it..</p><p>Whitelisting is a good approach for certain locked down, single purpose terminals, but for general computing you might just as well deploy Ubuntu to your users instead...</p></htmltext>
<tokenext>These exist , bit9 has one of the better ones out there .
Also , the Unix package management system functions as a defacto whitelist approach .
The problem is whitelisting limits what you can install .
Adding programs to the whitelist is time intensive , and the major benefit of Windows is the fact that there 's so much stuff out there you can run on it..Whitelisting is a good approach for certain locked down , single purpose terminals , but for general computing you might just as well deploy Ubuntu to your users instead.. .</tokentext>
<sentencetext>These exist, bit9 has one of the better ones out there.
Also, the Unix package management system functions as a defacto whitelist approach.
The problem is whitelisting limits what you can install.
Adding programs to the whitelist is time intensive, and the major benefit of Windows is the fact that there's so much stuff out there you can run on it..Whitelisting is a good approach for certain locked down, single purpose terminals, but for general computing you might just as well deploy Ubuntu to your users instead...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455134</id>
	<title>im glad i published my NNP.</title>
	<author>Anonymous</author>
	<datestamp>1268425680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>and im not posting the white paper here, but i will give it to hackers.</p></htmltext>
<tokenext>and im not posting the white paper here , but i will give it to hackers .</tokentext>
<sentencetext>and im not posting the white paper here, but i will give it to hackers.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</id>
	<title>Stating the obvious</title>
	<author>al0ha</author>
	<datestamp>1268422440000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>The security industry will always be unable to protect everyone 100\% of the time.  It is impossible to protect the clueless from anything.
<br>
<br>
AntiVirus is imperfect as it relies on signatures and known processes, and will always be imperfect.  Same with IDS and the lot of it.
<br>
<br>
In my opinion, as long as the security industry, and end-users as a whole, continue with the thought that end-user basic security ignorance is OK, things will never get better.  The sooner all end users are clued-in instead of clueless, the sooner we may have a ray of hope.</htmltext>
<tokenext>The security industry will always be unable to protect everyone 100 \ % of the time .
It is impossible to protect the clueless from anything .
AntiVirus is imperfect as it relies on signatures and known processes , and will always be imperfect .
Same with IDS and the lot of it .
In my opinion , as long as the security industry , and end-users as a whole , continue with the thought that end-user basic security ignorance is OK , things will never get better .
The sooner all end users are clued-in instead of clueless , the sooner we may have a ray of hope .</tokentext>
<sentencetext>The security industry will always be unable to protect everyone 100\% of the time.
It is impossible to protect the clueless from anything.
AntiVirus is imperfect as it relies on signatures and known processes, and will always be imperfect.
Same with IDS and the lot of it.
In my opinion, as long as the security industry, and end-users as a whole, continue with the thought that end-user basic security ignorance is OK, things will never get better.
The sooner all end users are clued-in instead of clueless, the sooner we may have a ray of hope.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455052</id>
	<title>Re:Not that hard to believe...</title>
	<author>Gerafix</author>
	<datestamp>1268425440000</datestamp>
	<modclass>Flamebait</modclass>
	<modscore>0</modscore>
	<htmltext>Ethical conflict? Jesus what are you, Canadian? Christ, man up will you? Be All That You Can Be. Go American on their ass. If it pays well DO IT, morality is cheap, cash gets you ass, gas, and grass.</htmltext>
<tokenext>Ethical conflict ?
Jesus what are you , Canadian ?
Christ , man up will you ?
Be All That You Can Be .
Go American on their ass .
If it pays well DO IT , morality is cheap , cash gets you ass , gas , and grass .</tokentext>
<sentencetext>Ethical conflict?
Jesus what are you, Canadian?
Christ, man up will you?
Be All That You Can Be.
Go American on their ass.
If it pays well DO IT, morality is cheap, cash gets you ass, gas, and grass.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454434</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454578</id>
	<title>Re:Stating the obvious</title>
	<author>nine-times</author>
	<datestamp>1268423400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>The security industry will always be unable to protect everyone 100\% of the time. It is impossible to protect the clueless from anything.</p></div><p>There's definitely some truth to that.  However, I think the security industry is still open to criticism specifically because they're telling the clueless, "Without us you're screwed, but if you buy our product, then you don't need to worry.  We have you covered."
</p><p>The problem is, if you're careful and know what you're doing, you don't really need all of these products on your computer.  If you're careless and don't know what you're doing, then this products don't quite solve the problem.  In most cases, it's a nugget of real product being sold in a 10 gallon drum of snake oil.</p></div>
	</htmltext>
<tokenext>The security industry will always be unable to protect everyone 100 \ % of the time .
It is impossible to protect the clueless from anything.There 's definitely some truth to that .
However , I think the security industry is still open to criticism specifically because they 're telling the clueless , " Without us you 're screwed , but if you buy our product , then you do n't need to worry .
We have you covered .
" The problem is , if you 're careful and know what you 're doing , you do n't really need all of these products on your computer .
If you 're careless and do n't know what you 're doing , then this products do n't quite solve the problem .
In most cases , it 's a nugget of real product being sold in a 10 gallon drum of snake oil .</tokentext>
<sentencetext>The security industry will always be unable to protect everyone 100\% of the time.
It is impossible to protect the clueless from anything.There's definitely some truth to that.
However, I think the security industry is still open to criticism specifically because they're telling the clueless, "Without us you're screwed, but if you buy our product, then you don't need to worry.
We have you covered.
"
The problem is, if you're careful and know what you're doing, you don't really need all of these products on your computer.
If you're careless and don't know what you're doing, then this products don't quite solve the problem.
In most cases, it's a nugget of real product being sold in a 10 gallon drum of snake oil.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456526</id>
	<title>Re:No. The core problem goes deeper.</title>
	<author>Lunix Nutcase</author>
	<datestamp>1268388420000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p><div class="quote"><p>You mean like how OSX and Linux does WITHOUT Antivirus?</p></div><p>And you mean like Windows has done since Vista also without antivirus?  Or do you think UAC doesn't exist?</p></div>
	</htmltext>
<tokenext>You mean like how OSX and Linux does WITHOUT Antivirus ? And you mean like Windows has done since Vista also without antivirus ?
Or do you think UAC does n't exist ?</tokentext>
<sentencetext>You mean like how OSX and Linux does WITHOUT Antivirus?And you mean like Windows has done since Vista also without antivirus?
Or do you think UAC doesn't exist?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455024</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</id>
	<title>I'll give you a clue...</title>
	<author>advocate\_one</author>
	<datestamp>1268421900000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><blockquote><div><p>Traditional security products are simply not much help, said Alex Stamos, a partner with Isec Partners, one of the companies investigating the APT attacks. 'All of the victims we've worked with had perfectly installed antivirus,' he said. 'They all had intrusion detection systems and several had Web proxies scan content.'"</p></div></blockquote><p>the "victims" were all running MS Windows...</p></div>
	</htmltext>
<tokenext>Traditional security products are simply not much help , said Alex Stamos , a partner with Isec Partners , one of the companies investigating the APT attacks .
'All of the victims we 've worked with had perfectly installed antivirus, ' he said .
'They all had intrusion detection systems and several had Web proxies scan content .
' " the " victims " were all running MS Windows.. .</tokentext>
<sentencetext>Traditional security products are simply not much help, said Alex Stamos, a partner with Isec Partners, one of the companies investigating the APT attacks.
'All of the victims we've worked with had perfectly installed antivirus,' he said.
'They all had intrusion detection systems and several had Web proxies scan content.
'"the "victims" were all running MS Windows...
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455042</id>
	<title>Re:Well duh</title>
	<author>CorporateSuit</author>
	<datestamp>1268425380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>That's fine... until you visit a random forum to ask a random question and some idiot has an avatar.gif with an embedded trojan that has just now found its way into your harddrive's temp file.  The only warning you get is when you see that Java is running in the system tray for a split second.  Then kiss your afternoon's productivity goodbye.</htmltext>
<tokenext>That 's fine... until you visit a random forum to ask a random question and some idiot has an avatar.gif with an embedded trojan that has just now found its way into your harddrive 's temp file .
The only warning you get is when you see that Java is running in the system tray for a split second .
Then kiss your afternoon 's productivity goodbye .</tokentext>
<sentencetext>That's fine... until you visit a random forum to ask a random question and some idiot has an avatar.gif with an embedded trojan that has just now found its way into your harddrive's temp file.
The only warning you get is when you see that Java is running in the system tray for a split second.
Then kiss your afternoon's productivity goodbye.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454354</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454428</id>
	<title>Be specific when you say Security Industry</title>
	<author>Anonymous</author>
	<datestamp>1268422740000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Don't blame the security industry; blame the application developers. Adobe has a new input validation vulnerability every day; browsers fail to properly sandbox these crappy plugins; the OS fails to properly sandbox the browser. Virus scanners address the symtoms of the problem but ignore the cause which is that secure coding practices simply aren't followed.</p></htmltext>
<tokenext>Do n't blame the security industry ; blame the application developers .
Adobe has a new input validation vulnerability every day ; browsers fail to properly sandbox these crappy plugins ; the OS fails to properly sandbox the browser .
Virus scanners address the symtoms of the problem but ignore the cause which is that secure coding practices simply are n't followed .</tokentext>
<sentencetext>Don't blame the security industry; blame the application developers.
Adobe has a new input validation vulnerability every day; browsers fail to properly sandbox these crappy plugins; the OS fails to properly sandbox the browser.
Virus scanners address the symtoms of the problem but ignore the cause which is that secure coding practices simply aren't followed.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455422</id>
	<title>Re:So why not change it?</title>
	<author>Anonymous</author>
	<datestamp>1268426880000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Damn. I think you may be onto something.  Screw blacklists and identifying a constantly changing virus signature.  Whitelists!  There can be a million version of a file a virus uses, but the 'valid' version of that file will just have 1.</p><p>Course, the problem with a whitelist is that soon enough, virus makers will slide programs into there with a hidden backdoor, and it'll start all over again.</p><p>Still... whitelist might be the way to go.  On the internet, it's generally better to assume guilty until proven innocent.</p></htmltext>
<tokenext>Damn .
I think you may be onto something .
Screw blacklists and identifying a constantly changing virus signature .
Whitelists ! There can be a million version of a file a virus uses , but the 'valid ' version of that file will just have 1.Course , the problem with a whitelist is that soon enough , virus makers will slide programs into there with a hidden backdoor , and it 'll start all over again.Still... whitelist might be the way to go .
On the internet , it 's generally better to assume guilty until proven innocent .</tokentext>
<sentencetext>Damn.
I think you may be onto something.
Screw blacklists and identifying a constantly changing virus signature.
Whitelists!  There can be a million version of a file a virus uses, but the 'valid' version of that file will just have 1.Course, the problem with a whitelist is that soon enough, virus makers will slide programs into there with a hidden backdoor, and it'll start all over again.Still... whitelist might be the way to go.
On the internet, it's generally better to assume guilty until proven innocent.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396</id>
	<title>In summary;</title>
	<author>Anonymous</author>
	<datestamp>1268422560000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext>The Microsoft operating system has been, always will be insecure. No amount of anti this, anti that or how update date your windows box is; it is not safe to use for any kind of sensitive data.</htmltext>
<tokenext>The Microsoft operating system has been , always will be insecure .
No amount of anti this , anti that or how update date your windows box is ; it is not safe to use for any kind of sensitive data .</tokentext>
<sentencetext>The Microsoft operating system has been, always will be insecure.
No amount of anti this, anti that or how update date your windows box is; it is not safe to use for any kind of sensitive data.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454306</id>
	<title>Surely we've seen this before...</title>
	<author>Anonymous</author>
	<datestamp>1268422140000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>1</modscore>
	<htmltext><p>Oh... like  how the police can't prevent crime?</p></htmltext>
<tokenext>Oh... like how the police ca n't prevent crime ?</tokentext>
<sentencetext>Oh... like  how the police can't prevent crime?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456600</id>
	<title>Re:Virus</title>
	<author>stillnotelf</author>
	<datestamp>1268388720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>All viruses are methicillin-resistant...</htmltext>
<tokenext>All viruses are methicillin-resistant.. .</tokentext>
<sentencetext>All viruses are methicillin-resistant...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454368</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454404</id>
	<title>I know how this is going to end</title>
	<author>Anonymous</author>
	<datestamp>1268422620000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>We'll soon see sanctions against the "evil" countries.</p></htmltext>
<tokenext>We 'll soon see sanctions against the " evil " countries .</tokentext>
<sentencetext>We'll soon see sanctions against the "evil" countries.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544</id>
	<title>So why not change it?</title>
	<author>khasim</author>
	<datestamp>1268423220000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><blockquote><div><p>The security industry will always be unable to protect everyone 100\% of the time.</p></div></blockquote><p>The problem is that they haven't even hit the 50\% mark. They cannot even, reliably, detect threats that are over a year old.</p><blockquote><div><p>AntiVirus is imperfect as it relies on signatures and known processes, and will always be imperfect.</p></div></blockquote><p>Exactly. Which is why that needs to change. Instead of trying to chase the latest variant of a threat, why not save time and effort and identify the LEGITIMATE files? Then, if something is trying to write a file to the OS portion of your drive, and that file is not recognized, it should block it (and MAYBE allow the user to override it after a few hoops and maybe online comparisons with the latest threat databases).</p><blockquote><div><p>In my opinion, as long as the security industry, and end-users as a whole, continue with the thought that end-user basic security ignorance is OK, things will never get better.</p></div></blockquote><p>I think it is different. The "security industry" depends upon the ignorance of users and the continuation of those users being infected.</p><p>It is not in the "security industry"'s best interest to commit to real improvements in security.</p></div>
	</htmltext>
<tokenext>The security industry will always be unable to protect everyone 100 \ % of the time.The problem is that they have n't even hit the 50 \ % mark .
They can not even , reliably , detect threats that are over a year old.AntiVirus is imperfect as it relies on signatures and known processes , and will always be imperfect.Exactly .
Which is why that needs to change .
Instead of trying to chase the latest variant of a threat , why not save time and effort and identify the LEGITIMATE files ?
Then , if something is trying to write a file to the OS portion of your drive , and that file is not recognized , it should block it ( and MAYBE allow the user to override it after a few hoops and maybe online comparisons with the latest threat databases ) .In my opinion , as long as the security industry , and end-users as a whole , continue with the thought that end-user basic security ignorance is OK , things will never get better.I think it is different .
The " security industry " depends upon the ignorance of users and the continuation of those users being infected.It is not in the " security industry " 's best interest to commit to real improvements in security .</tokentext>
<sentencetext>The security industry will always be unable to protect everyone 100\% of the time.The problem is that they haven't even hit the 50\% mark.
They cannot even, reliably, detect threats that are over a year old.AntiVirus is imperfect as it relies on signatures and known processes, and will always be imperfect.Exactly.
Which is why that needs to change.
Instead of trying to chase the latest variant of a threat, why not save time and effort and identify the LEGITIMATE files?
Then, if something is trying to write a file to the OS portion of your drive, and that file is not recognized, it should block it (and MAYBE allow the user to override it after a few hoops and maybe online comparisons with the latest threat databases).In my opinion, as long as the security industry, and end-users as a whole, continue with the thought that end-user basic security ignorance is OK, things will never get better.I think it is different.
The "security industry" depends upon the ignorance of users and the continuation of those users being infected.It is not in the "security industry"'s best interest to commit to real improvements in security.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468346</id>
	<title>Re:I'll give you a clue... No, You need "a clue"</title>
	<author>Anonymous</author>
	<datestamp>1268487600000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>"the "victims" were all running MS Windows.." - by advocate\_one (662832) on Friday March 12, @01:25PM (#31454260)</p></div><p>See the subject-line above, &amp; realize 1 thing: Since your *NIX variants allow javascript to run in webbrowsers or HTML-based emails, or other scriptable document types even (such as Adobe<nobr> <wbr></nobr>.pdf files that are malcripted), they're just as attackable... period.  The only reason your *NIX variants aren't attacked as much is that they don't represent enough of an "attack surface" for malware makers/hacker-crackers to go after (they have the "advantage" of "security-by-obscurity"), &amp; since Windows represents a good 95\% or so of the actual user-base out there, it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Widnows, vs. other OS type variants (especially using attack mechanisms of the kind I noted above, which are just as useable on *NIX variants as they are on Windows).</p></div>
	</htmltext>
<tokenext>" the " victims " were all running MS Windows.. " - by advocate \ _one ( 662832 ) on Friday March 12 , @ 01 : 25PM ( # 31454260 ) See the subject-line above , &amp; realize 1 thing : Since your * NIX variants allow javascript to run in webbrowsers or HTML-based emails , or other scriptable document types even ( such as Adobe .pdf files that are malcripted ) , they 're just as attackable... period. The only reason your * NIX variants are n't attacked as much is that they do n't represent enough of an " attack surface " for malware makers/hacker-crackers to go after ( they have the " advantage " of " security-by-obscurity " ) , &amp; since Windows represents a good 95 \ % or so of the actual user-base out there , it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Widnows , vs. other OS type variants ( especially using attack mechanisms of the kind I noted above , which are just as useable on * NIX variants as they are on Windows ) .</tokentext>
<sentencetext>"the "victims" were all running MS Windows.." - by advocate\_one (662832) on Friday March 12, @01:25PM (#31454260)See the subject-line above, &amp; realize 1 thing: Since your *NIX variants allow javascript to run in webbrowsers or HTML-based emails, or other scriptable document types even (such as Adobe .pdf files that are malcripted), they're just as attackable... period.  The only reason your *NIX variants aren't attacked as much is that they don't represent enough of an "attack surface" for malware makers/hacker-crackers to go after (they have the "advantage" of "security-by-obscurity"), &amp; since Windows represents a good 95\% or so of the actual user-base out there, it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Widnows, vs. other OS type variants (especially using attack mechanisms of the kind I noted above, which are just as useable on *NIX variants as they are on Windows).
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455492</id>
	<title>Re:So why not change it?</title>
	<author>denbesten</author>
	<datestamp>1268427240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Whitelisting executables has been around for a long time.  There is general agreement that white listing is far superior to black listing.  The problem is that to effectively use a white list, you need to become much more knowledgeable about your environment than is required with a blacklist.

Back in the dark ages when I managed a bunch of Unix servers (of the million-dollar variety) at a university, we routinely used tricks such as mounting<nobr> <wbr></nobr>/tmp "nodev,noexec,nosuid" and using tripwire on system directories.  This worked well because the manufacturer supported the configuration and anticipated that it would be used this way.

This is difficult on Windows for two reasons.  First, single person machines are not typically run with restricted accounts (Ignoring, for the moment UAC). Secondly, the filesystem layout was not designed from the start with a strict separation of data verses executable content.  Adding either of these characteristics without hurting backwards compatibility (and therefore your happy customers) is nearly impossible. Here is a link to a fairly knowledgeable guy's experience with a few of the Windows tools a few years ago.  <a href="http://www.ranum.com/security/computer\_security/editorials/antivirus/index.html" title="ranum.com" rel="nofollow">http://www.ranum.com/security/computer\_security/editorials/antivirus/index.html</a> [ranum.com]</htmltext>
<tokenext>Whitelisting executables has been around for a long time .
There is general agreement that white listing is far superior to black listing .
The problem is that to effectively use a white list , you need to become much more knowledgeable about your environment than is required with a blacklist .
Back in the dark ages when I managed a bunch of Unix servers ( of the million-dollar variety ) at a university , we routinely used tricks such as mounting /tmp " nodev,noexec,nosuid " and using tripwire on system directories .
This worked well because the manufacturer supported the configuration and anticipated that it would be used this way .
This is difficult on Windows for two reasons .
First , single person machines are not typically run with restricted accounts ( Ignoring , for the moment UAC ) .
Secondly , the filesystem layout was not designed from the start with a strict separation of data verses executable content .
Adding either of these characteristics without hurting backwards compatibility ( and therefore your happy customers ) is nearly impossible .
Here is a link to a fairly knowledgeable guy 's experience with a few of the Windows tools a few years ago .
http : //www.ranum.com/security/computer \ _security/editorials/antivirus/index.html [ ranum.com ]</tokentext>
<sentencetext>Whitelisting executables has been around for a long time.
There is general agreement that white listing is far superior to black listing.
The problem is that to effectively use a white list, you need to become much more knowledgeable about your environment than is required with a blacklist.
Back in the dark ages when I managed a bunch of Unix servers (of the million-dollar variety) at a university, we routinely used tricks such as mounting /tmp "nodev,noexec,nosuid" and using tripwire on system directories.
This worked well because the manufacturer supported the configuration and anticipated that it would be used this way.
This is difficult on Windows for two reasons.
First, single person machines are not typically run with restricted accounts (Ignoring, for the moment UAC).
Secondly, the filesystem layout was not designed from the start with a strict separation of data verses executable content.
Adding either of these characteristics without hurting backwards compatibility (and therefore your happy customers) is nearly impossible.
Here is a link to a fairly knowledgeable guy's experience with a few of the Windows tools a few years ago.
http://www.ranum.com/security/computer\_security/editorials/antivirus/index.html [ranum.com]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31463080</id>
	<title>Re:Kill the zombies.</title>
	<author>vadim\_t</author>
	<datestamp>1268484300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>Hold that right there.<br>You left of "legitimate, non-malware app".</p></div></blockquote><p>No, I didn't. The user doesn't know if the application is legitimate, that's the entire point of antivirus-like systems.</p><blockquote><div><p>Is this stops the user from installing a virus or whatever, that is good. Even if the user THOUGHT that s/he wanted to install it.</p></div></blockquote><p>You've not dealt with the "normal user" enough, I see. There are few users with the mindset of "This is probably not safe, I'd better not do it" in situations like this. Most have the "damn computer getting into my way when I want to run this cute game I found", at which point it's very likely that the security system gets uninstalled.</p><p>Most people will happily override whatever they have to install Bonzi Buddy, because it's cute or something, then complain the antivirus isn't working because all this weird stuff is happening.</p><blockquote><div><p>See above. You would spend your money with the more responsive vendor. Or you'd go through the hoops.</p></div></blockquote><p>If you go through the hoops you're not protected anymore. It's like ignoring a certificate error when doing banking online. It might be that the bank has a moron administrating certificates. But that could be a man in the middle as well, in which case you're out of your money. The user, from their computer can't tell which it is.</p><blockquote><div><p>Why would you need to? If the hashes and signatures and so forth aren't enough to show that that file came from that vendor, oh, wait, they would be.</p></div></blockquote><p>You're not understanding. A hash certifies that foo.exe is the same file they got from Yoyodyne. Okay. But the AV company can't be completely certain that they're signing the right thing. Maybe somebody broke in and replaced the file Yoyodyne sent, or they downloaded it from the wrong server, or the application from the start had hidden malicious functionality.</p><p>At best, a signature certifies "this is the exact file $company ships". It doesn't certify however that the file isn't going to do anything harmful, as that would require examining the code.</p><p>For instance, Microsoft has in the past released buggy updates that caused the computer to crash (I think even fail to boot in at least one case). This update of course had Microsoft's signature on it.</p><blockquote><div><p>That's because the anti-virus vendors don't have the LEGAL RIGHTS to do that.</p></div></blockquote><p>Eh? That makes no sense. Antiviruses already hook deep enough in Windows that they could enforce pretty much any security model they wanted. I also don't see what would be illegal about releasing some sort of VM that wraps a single application in a sandbox.</p></div>
	</htmltext>
<tokenext>Hold that right there.You left of " legitimate , non-malware app " .No , I did n't .
The user does n't know if the application is legitimate , that 's the entire point of antivirus-like systems.Is this stops the user from installing a virus or whatever , that is good .
Even if the user THOUGHT that s/he wanted to install it.You 've not dealt with the " normal user " enough , I see .
There are few users with the mindset of " This is probably not safe , I 'd better not do it " in situations like this .
Most have the " damn computer getting into my way when I want to run this cute game I found " , at which point it 's very likely that the security system gets uninstalled.Most people will happily override whatever they have to install Bonzi Buddy , because it 's cute or something , then complain the antivirus is n't working because all this weird stuff is happening.See above .
You would spend your money with the more responsive vendor .
Or you 'd go through the hoops.If you go through the hoops you 're not protected anymore .
It 's like ignoring a certificate error when doing banking online .
It might be that the bank has a moron administrating certificates .
But that could be a man in the middle as well , in which case you 're out of your money .
The user , from their computer ca n't tell which it is.Why would you need to ?
If the hashes and signatures and so forth are n't enough to show that that file came from that vendor , oh , wait , they would be.You 're not understanding .
A hash certifies that foo.exe is the same file they got from Yoyodyne .
Okay. But the AV company ca n't be completely certain that they 're signing the right thing .
Maybe somebody broke in and replaced the file Yoyodyne sent , or they downloaded it from the wrong server , or the application from the start had hidden malicious functionality.At best , a signature certifies " this is the exact file $ company ships " .
It does n't certify however that the file is n't going to do anything harmful , as that would require examining the code.For instance , Microsoft has in the past released buggy updates that caused the computer to crash ( I think even fail to boot in at least one case ) .
This update of course had Microsoft 's signature on it.That 's because the anti-virus vendors do n't have the LEGAL RIGHTS to do that.Eh ?
That makes no sense .
Antiviruses already hook deep enough in Windows that they could enforce pretty much any security model they wanted .
I also do n't see what would be illegal about releasing some sort of VM that wraps a single application in a sandbox .</tokentext>
<sentencetext>Hold that right there.You left of "legitimate, non-malware app".No, I didn't.
The user doesn't know if the application is legitimate, that's the entire point of antivirus-like systems.Is this stops the user from installing a virus or whatever, that is good.
Even if the user THOUGHT that s/he wanted to install it.You've not dealt with the "normal user" enough, I see.
There are few users with the mindset of "This is probably not safe, I'd better not do it" in situations like this.
Most have the "damn computer getting into my way when I want to run this cute game I found", at which point it's very likely that the security system gets uninstalled.Most people will happily override whatever they have to install Bonzi Buddy, because it's cute or something, then complain the antivirus isn't working because all this weird stuff is happening.See above.
You would spend your money with the more responsive vendor.
Or you'd go through the hoops.If you go through the hoops you're not protected anymore.
It's like ignoring a certificate error when doing banking online.
It might be that the bank has a moron administrating certificates.
But that could be a man in the middle as well, in which case you're out of your money.
The user, from their computer can't tell which it is.Why would you need to?
If the hashes and signatures and so forth aren't enough to show that that file came from that vendor, oh, wait, they would be.You're not understanding.
A hash certifies that foo.exe is the same file they got from Yoyodyne.
Okay. But the AV company can't be completely certain that they're signing the right thing.
Maybe somebody broke in and replaced the file Yoyodyne sent, or they downloaded it from the wrong server, or the application from the start had hidden malicious functionality.At best, a signature certifies "this is the exact file $company ships".
It doesn't certify however that the file isn't going to do anything harmful, as that would require examining the code.For instance, Microsoft has in the past released buggy updates that caused the computer to crash (I think even fail to boot in at least one case).
This update of course had Microsoft's signature on it.That's because the anti-virus vendors don't have the LEGAL RIGHTS to do that.Eh?
That makes no sense.
Antiviruses already hook deep enough in Windows that they could enforce pretty much any security model they wanted.
I also don't see what would be illegal about releasing some sort of VM that wraps a single application in a sandbox.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455702</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456400</id>
	<title>Re:So why not change it?</title>
	<author>david\_thornley</author>
	<datestamp>1268387880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>
Asking "Are you sure?" is a great thing if the user understands the question.  The average user does not understand computer systems well enough to make intelligent security systems, and never will.  I do, but I've found I have difficulty with "Are you sure?" for most medical questions, and I rely on the doctor's recommendation.  There's a lot of complicated systems in the world, and we're never going to get most of the population to understand one specific one.</p></htmltext>
<tokenext>Asking " Are you sure ?
" is a great thing if the user understands the question .
The average user does not understand computer systems well enough to make intelligent security systems , and never will .
I do , but I 've found I have difficulty with " Are you sure ?
" for most medical questions , and I rely on the doctor 's recommendation .
There 's a lot of complicated systems in the world , and we 're never going to get most of the population to understand one specific one .</tokentext>
<sentencetext>
Asking "Are you sure?
" is a great thing if the user understands the question.
The average user does not understand computer systems well enough to make intelligent security systems, and never will.
I do, but I've found I have difficulty with "Are you sure?
" for most medical questions, and I rely on the doctor's recommendation.
There's a lot of complicated systems in the world, and we're never going to get most of the population to understand one specific one.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454808</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31458134</id>
	<title>Re:Well duh</title>
	<author>EnglishTim</author>
	<datestamp>1268395260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Do you ever open<nobr> <wbr></nobr>.pdf files?</p></htmltext>
<tokenext>Do you ever open .pdf files ?</tokentext>
<sentencetext>Do you ever open .pdf files?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454354</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455074</id>
	<title>Re:No. The core problem goes deeper.</title>
	<author>Lumpy</author>
	<datestamp>1268425440000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>Really?  so all mac users hate their mac and wish they had a Windows PC?  Because that exact behavior is what OSX on it's own does.</p><p>Program writing to where it should not?  Prompt user for administration password and ask if it's ok to do so.  Seems to be that MOST people like it contrary to what you think.</p></htmltext>
<tokenext>Really ?
so all mac users hate their mac and wish they had a Windows PC ?
Because that exact behavior is what OSX on it 's own does.Program writing to where it should not ?
Prompt user for administration password and ask if it 's ok to do so .
Seems to be that MOST people like it contrary to what you think .</tokentext>
<sentencetext>Really?
so all mac users hate their mac and wish they had a Windows PC?
Because that exact behavior is what OSX on it's own does.Program writing to where it should not?
Prompt user for administration password and ask if it's ok to do so.
Seems to be that MOST people like it contrary to what you think.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454546</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356</id>
	<title>No. The core problem goes deeper.</title>
	<author>khasim</author>
	<datestamp>1268422440000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>The "security industry" is NOT interested in putting itself out of business by selling WORKING products.</p><p>That's why the "perfectly installed antivirus" gets daily updates and STILL CANNOT TELL A GOOD FILE FROM A BAD FILE.</p><p>Here's a radical new concept. How about an antivirus program that BLOCKS file writes to the operating system UNLESS that file can be confirmed to be "good"?</p><p>It's far easier to identify the files that SHOULD be allowed than it is to identify a possible threat.</p></htmltext>
<tokenext>The " security industry " is NOT interested in putting itself out of business by selling WORKING products.That 's why the " perfectly installed antivirus " gets daily updates and STILL CAN NOT TELL A GOOD FILE FROM A BAD FILE.Here 's a radical new concept .
How about an antivirus program that BLOCKS file writes to the operating system UNLESS that file can be confirmed to be " good " ? It 's far easier to identify the files that SHOULD be allowed than it is to identify a possible threat .</tokentext>
<sentencetext>The "security industry" is NOT interested in putting itself out of business by selling WORKING products.That's why the "perfectly installed antivirus" gets daily updates and STILL CANNOT TELL A GOOD FILE FROM A BAD FILE.Here's a radical new concept.
How about an antivirus program that BLOCKS file writes to the operating system UNLESS that file can be confirmed to be "good"?It's far easier to identify the files that SHOULD be allowed than it is to identify a possible threat.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455878</id>
	<title>Re:I'll give you a clue...</title>
	<author>Cyberllama</author>
	<datestamp>1268385660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>And what, Dear Genius, would you have us switch to?</p><p>OS X?  It's *less* secure by most estimations -- it derives security primarily through obscurity.  We all switch to Macs and rest assured, the problem follows.</p><p>Linux? I'm sure that'd work out great!</p></htmltext>
<tokenext>And what , Dear Genius , would you have us switch to ? OS X ?
It 's * less * secure by most estimations -- it derives security primarily through obscurity .
We all switch to Macs and rest assured , the problem follows.Linux ?
I 'm sure that 'd work out great !</tokentext>
<sentencetext>And what, Dear Genius, would you have us switch to?OS X?
It's *less* secure by most estimations -- it derives security primarily through obscurity.
We all switch to Macs and rest assured, the problem follows.Linux?
I'm sure that'd work out great!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457406</id>
	<title>One word</title>
	<author>QuoteMstr</author>
	<datestamp>1268391780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Specifics?</p><p>The things that made Windows intrinsically insecure have been gone for a decade.</p></htmltext>
<tokenext>Specifics ? The things that made Windows intrinsically insecure have been gone for a decade .</tokentext>
<sentencetext>Specifics?The things that made Windows intrinsically insecure have been gone for a decade.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454636</id>
	<title>Re:Industry slow to respond to challenges</title>
	<author>Mashdar</author>
	<datestamp>1268423700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The small business I work for pays six figures annually for three keys for software with no competitors in AC interference modeling. It seems shocking to me, because for that, we could hire a great software guy, or two fresh college coders, and write our own program. The software we use is absolutely awful. It is riddled with bugs (which I frequently have to call them about to get resolved), a terrible UI (which is <i>extremely</i> conducive to user error), and poor I/O options. Despite the fact that I am an electrical engineering grad having only taken two non-assembly programming courses, I have totally changed where all of our time goes by not using their stupid interface for UI (and instead writing a GUI with Python that lets you use KML files to specify paths and to do various tedious model modifications). Worst software ever. Most expensive I've ever heard of.<nobr> <wbr></nobr>/rant</htmltext>
<tokenext>The small business I work for pays six figures annually for three keys for software with no competitors in AC interference modeling .
It seems shocking to me , because for that , we could hire a great software guy , or two fresh college coders , and write our own program .
The software we use is absolutely awful .
It is riddled with bugs ( which I frequently have to call them about to get resolved ) , a terrible UI ( which is extremely conducive to user error ) , and poor I/O options .
Despite the fact that I am an electrical engineering grad having only taken two non-assembly programming courses , I have totally changed where all of our time goes by not using their stupid interface for UI ( and instead writing a GUI with Python that lets you use KML files to specify paths and to do various tedious model modifications ) .
Worst software ever .
Most expensive I 've ever heard of .
/rant</tokentext>
<sentencetext>The small business I work for pays six figures annually for three keys for software with no competitors in AC interference modeling.
It seems shocking to me, because for that, we could hire a great software guy, or two fresh college coders, and write our own program.
The software we use is absolutely awful.
It is riddled with bugs (which I frequently have to call them about to get resolved), a terrible UI (which is extremely conducive to user error), and poor I/O options.
Despite the fact that I am an electrical engineering grad having only taken two non-assembly programming courses, I have totally changed where all of our time goes by not using their stupid interface for UI (and instead writing a GUI with Python that lets you use KML files to specify paths and to do various tedious model modifications).
Worst software ever.
Most expensive I've ever heard of.
/rant</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454786</id>
	<title>Re:I'll give you a clue...</title>
	<author>moderatorrater</author>
	<datestamp>1268424300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>While I think them running Windows helped, can you honestly tell me that the attackers couldn't have gotten in through a hole in Linux, Firefox, Flash, or any of the other openings that every usable computer has? With highly targeted attacks like this there's almost nothing that can fully secure the computer, and those things which could fully secure Linux would fully secure Windows as well.<br> <br>

For instance, sandboxing the entire OS. Make them use a separate computer when interacting with the internet as a whole and when interacting with the internal network and not allowing direct connections between the two. But what company's going to be willing to put their employees through that level of hassle, much less the expense of the hardware?</htmltext>
<tokenext>While I think them running Windows helped , can you honestly tell me that the attackers could n't have gotten in through a hole in Linux , Firefox , Flash , or any of the other openings that every usable computer has ?
With highly targeted attacks like this there 's almost nothing that can fully secure the computer , and those things which could fully secure Linux would fully secure Windows as well .
For instance , sandboxing the entire OS .
Make them use a separate computer when interacting with the internet as a whole and when interacting with the internal network and not allowing direct connections between the two .
But what company 's going to be willing to put their employees through that level of hassle , much less the expense of the hardware ?</tokentext>
<sentencetext>While I think them running Windows helped, can you honestly tell me that the attackers couldn't have gotten in through a hole in Linux, Firefox, Flash, or any of the other openings that every usable computer has?
With highly targeted attacks like this there's almost nothing that can fully secure the computer, and those things which could fully secure Linux would fully secure Windows as well.
For instance, sandboxing the entire OS.
Make them use a separate computer when interacting with the internet as a whole and when interacting with the internal network and not allowing direct connections between the two.
But what company's going to be willing to put their employees through that level of hassle, much less the expense of the hardware?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456856</id>
	<title>Re:Not that hard to believe...</title>
	<author>Anonymous</author>
	<datestamp>1268389680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Why is this voted "informative"? We have no proof its true (if it were, the poster would likely be dead).</p><p>Let people provide some useful information before accepting a post as "informative". This post is likely all BS.</p></htmltext>
<tokenext>Why is this voted " informative " ?
We have no proof its true ( if it were , the poster would likely be dead ) .Let people provide some useful information before accepting a post as " informative " .
This post is likely all BS .</tokentext>
<sentencetext>Why is this voted "informative"?
We have no proof its true (if it were, the poster would likely be dead).Let people provide some useful information before accepting a post as "informative".
This post is likely all BS.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454434</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31459682</id>
	<title>Re:In summary;</title>
	<author>Anonymous</author>
	<datestamp>1268401980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Not just Microsoft. Most operating systems still design their security around protecting users from each other. Applications run with all the privileges of a user. Clearly this is not a good idea. Malware and Vulnerabilities give attackers control over a program running with a users identity. Application-oriented access controls exist which restrict the actions of programs (such as AppArmor, SELinux, Systrace); however, they are difficult to use, as policy can be extremely complex.</p><p>I developed FBAC-LSM, a security system for Linux which restricts programs based on the functionalities they provide (eg Web Browser, Email Client, etc). Programs restricted by FBAC-LSM can only act within the privileges required to carry out legitimate features.<br><a href="http://schreuders.org/FBAC-LSM" title="schreuders.org" rel="nofollow">http://schreuders.org/FBAC-LSM</a> [schreuders.org]</p></htmltext>
<tokenext>Not just Microsoft .
Most operating systems still design their security around protecting users from each other .
Applications run with all the privileges of a user .
Clearly this is not a good idea .
Malware and Vulnerabilities give attackers control over a program running with a users identity .
Application-oriented access controls exist which restrict the actions of programs ( such as AppArmor , SELinux , Systrace ) ; however , they are difficult to use , as policy can be extremely complex.I developed FBAC-LSM , a security system for Linux which restricts programs based on the functionalities they provide ( eg Web Browser , Email Client , etc ) .
Programs restricted by FBAC-LSM can only act within the privileges required to carry out legitimate features.http : //schreuders.org/FBAC-LSM [ schreuders.org ]</tokentext>
<sentencetext>Not just Microsoft.
Most operating systems still design their security around protecting users from each other.
Applications run with all the privileges of a user.
Clearly this is not a good idea.
Malware and Vulnerabilities give attackers control over a program running with a users identity.
Application-oriented access controls exist which restrict the actions of programs (such as AppArmor, SELinux, Systrace); however, they are difficult to use, as policy can be extremely complex.I developed FBAC-LSM, a security system for Linux which restricts programs based on the functionalities they provide (eg Web Browser, Email Client, etc).
Programs restricted by FBAC-LSM can only act within the privileges required to carry out legitimate features.http://schreuders.org/FBAC-LSM [schreuders.org]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454394</id>
	<title>you can lead a horse to water....</title>
	<author>Em Emalb</author>
	<datestamp>1268422560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>but you can't stop him from clicking on a link to beat the crap out of a monkey.</p></htmltext>
<tokenext>but you ca n't stop him from clicking on a link to beat the crap out of a monkey .</tokentext>
<sentencetext>but you can't stop him from clicking on a link to beat the crap out of a monkey.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454688</id>
	<title>Re:I'll give you a clue... just use virtuals!</title>
	<author>Anonymous</author>
	<datestamp>1268423880000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Just run internet-faced programs like browser and email client in separate virtual instances, preferably with more secure OS underneath. Reboot those instances hourly (or whatever) and apply latest patches at reboot. Sharing data between apps could be a little bit pain, but copy&amp;paste works and shared folders with host can be implemented in secure way.</p></htmltext>
<tokenext>Just run internet-faced programs like browser and email client in separate virtual instances , preferably with more secure OS underneath .
Reboot those instances hourly ( or whatever ) and apply latest patches at reboot .
Sharing data between apps could be a little bit pain , but copy&amp;paste works and shared folders with host can be implemented in secure way .</tokentext>
<sentencetext>Just run internet-faced programs like browser and email client in separate virtual instances, preferably with more secure OS underneath.
Reboot those instances hourly (or whatever) and apply latest patches at reboot.
Sharing data between apps could be a little bit pain, but copy&amp;paste works and shared folders with host can be implemented in secure way.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454616</id>
	<title>Re:Security theater</title>
	<author>Anonymous</author>
	<datestamp>1268423640000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext>you don't need to click any more.  Most of the malware I'm cleaning up these days is delivered via Flash, and distributed by advertisement servers that have been hacked.  All you have to do is visit a site that gets paid to serve random ads, and you can get infected.</htmltext>
<tokenext>you do n't need to click any more .
Most of the malware I 'm cleaning up these days is delivered via Flash , and distributed by advertisement servers that have been hacked .
All you have to do is visit a site that gets paid to serve random ads , and you can get infected .</tokentext>
<sentencetext>you don't need to click any more.
Most of the malware I'm cleaning up these days is delivered via Flash, and distributed by advertisement servers that have been hacked.
All you have to do is visit a site that gets paid to serve random ads, and you can get infected.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454286</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248</id>
	<title>First</title>
	<author>Anonymous</author>
	<datestamp>1268421840000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><blockquote><div><p>'<b>All</b> of the victims we've worked with had <b>perfectly installed antivirus</b>,' he said.</p></div> </blockquote><p>

<i>Perfectly perfect</i> installs of antivirus? As in, perfect enough to be NSA backdoors? Other articles mentioned that the exploits were there because of NSA mandates for data access that we can safely assume to include internet-facing Windows computers. If that's true, then the NSA are a helluva lot more stupid(or lazy) than they claim to be.</p><blockquote><div><p>'They all had intrusion detection systems and several had Web proxies scan content.'"</p></div></blockquote><p>

You can't hack <i>us</i>, we're hiding behind <i>seven</i> proxies! What's this? Oh, nevermind, ignore it. It's just the NSA snooping around our systems again. Warrants? Nah, we know they're looking for bad guys. See, they're looking up data on Chinese people! They're probably going after cyber-warriors! Ooooh, how exciting!</p></div>
	</htmltext>
<tokenext>'All of the victims we 've worked with had perfectly installed antivirus, ' he said .
Perfectly perfect installs of antivirus ?
As in , perfect enough to be NSA backdoors ?
Other articles mentioned that the exploits were there because of NSA mandates for data access that we can safely assume to include internet-facing Windows computers .
If that 's true , then the NSA are a helluva lot more stupid ( or lazy ) than they claim to be .
'They all had intrusion detection systems and several had Web proxies scan content .
' " You ca n't hack us , we 're hiding behind seven proxies !
What 's this ?
Oh , nevermind , ignore it .
It 's just the NSA snooping around our systems again .
Warrants ? Nah , we know they 're looking for bad guys .
See , they 're looking up data on Chinese people !
They 're probably going after cyber-warriors !
Ooooh , how exciting !</tokentext>
<sentencetext>'All of the victims we've worked with had perfectly installed antivirus,' he said.
Perfectly perfect installs of antivirus?
As in, perfect enough to be NSA backdoors?
Other articles mentioned that the exploits were there because of NSA mandates for data access that we can safely assume to include internet-facing Windows computers.
If that's true, then the NSA are a helluva lot more stupid(or lazy) than they claim to be.
'They all had intrusion detection systems and several had Web proxies scan content.
'"

You can't hack us, we're hiding behind seven proxies!
What's this?
Oh, nevermind, ignore it.
It's just the NSA snooping around our systems again.
Warrants? Nah, we know they're looking for bad guys.
See, they're looking up data on Chinese people!
They're probably going after cyber-warriors!
Ooooh, how exciting!
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454402</id>
	<title>Re:Security theater</title>
	<author>pz</author>
	<datestamp>1268422620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>A lot of security theater is out there, but one thing is for certain:  you can dramatically lower your risk just by thinking for a minute before you click on some link/email/app/etc.</p></div><p>Yes, true, but the article is about <i>corporate</i> IT security, where it must be assumed that employees will not be circumspect as you suggest, and the network protected nevertheless.</p></div>
	</htmltext>
<tokenext>A lot of security theater is out there , but one thing is for certain : you can dramatically lower your risk just by thinking for a minute before you click on some link/email/app/etc.Yes , true , but the article is about corporate IT security , where it must be assumed that employees will not be circumspect as you suggest , and the network protected nevertheless .</tokentext>
<sentencetext>A lot of security theater is out there, but one thing is for certain:  you can dramatically lower your risk just by thinking for a minute before you click on some link/email/app/etc.Yes, true, but the article is about corporate IT security, where it must be assumed that employees will not be circumspect as you suggest, and the network protected nevertheless.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454286</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31465084</id>
	<title>Re:Industry slow to respond to challenges</title>
	<author>QuantumRiff</author>
	<datestamp>1268506800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I agree with you, but as an IT guy, I would argue that Quickbooks is one of the worst pieces of crap.  Sure, it looks nice, and has lots of features, but when you work in accounting, and dozens of copies, and have to keep track of the licenses, (along with phone numbers and zip codes and such for ordering, and the original purchasers name, which sucks when people leave) then it quickly becomes one of the most hated programs...</p></htmltext>
<tokenext>I agree with you , but as an IT guy , I would argue that Quickbooks is one of the worst pieces of crap .
Sure , it looks nice , and has lots of features , but when you work in accounting , and dozens of copies , and have to keep track of the licenses , ( along with phone numbers and zip codes and such for ordering , and the original purchasers name , which sucks when people leave ) then it quickly becomes one of the most hated programs.. .</tokentext>
<sentencetext>I agree with you, but as an IT guy, I would argue that Quickbooks is one of the worst pieces of crap.
Sure, it looks nice, and has lots of features, but when you work in accounting, and dozens of copies, and have to keep track of the licenses, (along with phone numbers and zip codes and such for ordering, and the original purchasers name, which sucks when people leave) then it quickly becomes one of the most hated programs...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455092</id>
	<title>I'd support that.</title>
	<author>khasim</author>
	<datestamp>1268425560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>The problem is whitelisting limits what you can install.</p></div></blockquote><p>Yep! And then we'd FINALLY see some improvement in anti-virus competition. Which company has the more complete whitelists? Or which company has the whitelists that work for YOU?</p><blockquote><div><p>Adding programs to the whitelist is time intensive, and the major benefit of Windows is the fact that there's so much stuff out there you can run on it.</p></div></blockquote><p>Two points there:<br>1. adding programs is time intensive - which is why you'd rely upon the anti-virus updates. It is time intensive for one person<nobr> <wbr></nobr>... but an anti-virus company should be able to handle it easier than making signature files for potential threats.</p><p>2. Windows has a lot of stuff that will run on it - which is (one of the reasons) why viruses (and such) spread so easily on it. But at least this way, the user will have a real option instead of the current situation.</p></div>
	</htmltext>
<tokenext>The problem is whitelisting limits what you can install.Yep !
And then we 'd FINALLY see some improvement in anti-virus competition .
Which company has the more complete whitelists ?
Or which company has the whitelists that work for YOU ? Adding programs to the whitelist is time intensive , and the major benefit of Windows is the fact that there 's so much stuff out there you can run on it.Two points there : 1. adding programs is time intensive - which is why you 'd rely upon the anti-virus updates .
It is time intensive for one person ... but an anti-virus company should be able to handle it easier than making signature files for potential threats.2 .
Windows has a lot of stuff that will run on it - which is ( one of the reasons ) why viruses ( and such ) spread so easily on it .
But at least this way , the user will have a real option instead of the current situation .</tokentext>
<sentencetext>The problem is whitelisting limits what you can install.Yep!
And then we'd FINALLY see some improvement in anti-virus competition.
Which company has the more complete whitelists?
Or which company has the whitelists that work for YOU?Adding programs to the whitelist is time intensive, and the major benefit of Windows is the fact that there's so much stuff out there you can run on it.Two points there:1. adding programs is time intensive - which is why you'd rely upon the anti-virus updates.
It is time intensive for one person ... but an anti-virus company should be able to handle it easier than making signature files for potential threats.2.
Windows has a lot of stuff that will run on it - which is (one of the reasons) why viruses (and such) spread so easily on it.
But at least this way, the user will have a real option instead of the current situation.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454726</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31461382</id>
	<title>Nothing intrinsic to Windows? Let's count.</title>
	<author>Anonymous</author>
	<datestamp>1268414160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>&gt;There is nothing intrinsic to Windows which makes client software more susceptible to these things</p><p>Let's look at your own points.</p><p>&gt;It's far more common for a modern virus to be spread by an infected email</p><p>Infected email. There is no such thing at my Mac. One can send some bad thing to me by email, but then what? What do you mean "infected"? Looks pretty much Windows-intrinsic to me.</p><p>&gt;drive-by download exploiting either the browser or a plugin</p><p>Again no such thing exists on my Mac. Well, probably Safari can be tricked to download an app or a disk image. But then what? It will not be started automatically and it can't do much without my explicit permission anyway. Windows-intrinsic No 2.</p><p>&gt;to account for running under an account with reduced privileges</p><p>There is no such thing as "reduced privileges" in MacOS. There are "normal privileges". Everyone even an admin account runs with normal privileges. To do something dangerous even an admin account needs to ask for permission. Windows-intrinsic No 3. No, I am not nit-picking here. One thing is to recommend to "reduce privileges" for the enhanced security, the other - is to not having an easy way to run an account without these "reduced privileges".</p><p>&gt;you don't need an enormous number of privileges to scan through a user's home directory and forward anything that looks interesting to a remote server</p><p>Anything interesting? Like passwords? Passwords are in the Keychain. You can't access the Keychain from an application that is not authorized to access the Keychain. The concept that you can harvest "many interesting things" just by scanning a home dir is definetely a Windows-intrinsic. No 4.</p><p>Have I missed something?</p></htmltext>
<tokenext>&gt; There is nothing intrinsic to Windows which makes client software more susceptible to these thingsLet 's look at your own points. &gt; It 's far more common for a modern virus to be spread by an infected emailInfected email .
There is no such thing at my Mac .
One can send some bad thing to me by email , but then what ?
What do you mean " infected " ?
Looks pretty much Windows-intrinsic to me. &gt; drive-by download exploiting either the browser or a pluginAgain no such thing exists on my Mac .
Well , probably Safari can be tricked to download an app or a disk image .
But then what ?
It will not be started automatically and it ca n't do much without my explicit permission anyway .
Windows-intrinsic No 2. &gt; to account for running under an account with reduced privilegesThere is no such thing as " reduced privileges " in MacOS .
There are " normal privileges " .
Everyone even an admin account runs with normal privileges .
To do something dangerous even an admin account needs to ask for permission .
Windows-intrinsic No 3 .
No , I am not nit-picking here .
One thing is to recommend to " reduce privileges " for the enhanced security , the other - is to not having an easy way to run an account without these " reduced privileges " . &gt; you do n't need an enormous number of privileges to scan through a user 's home directory and forward anything that looks interesting to a remote serverAnything interesting ?
Like passwords ?
Passwords are in the Keychain .
You ca n't access the Keychain from an application that is not authorized to access the Keychain .
The concept that you can harvest " many interesting things " just by scanning a home dir is definetely a Windows-intrinsic .
No 4.Have I missed something ?</tokentext>
<sentencetext>&gt;There is nothing intrinsic to Windows which makes client software more susceptible to these thingsLet's look at your own points.&gt;It's far more common for a modern virus to be spread by an infected emailInfected email.
There is no such thing at my Mac.
One can send some bad thing to me by email, but then what?
What do you mean "infected"?
Looks pretty much Windows-intrinsic to me.&gt;drive-by download exploiting either the browser or a pluginAgain no such thing exists on my Mac.
Well, probably Safari can be tricked to download an app or a disk image.
But then what?
It will not be started automatically and it can't do much without my explicit permission anyway.
Windows-intrinsic No 2.&gt;to account for running under an account with reduced privilegesThere is no such thing as "reduced privileges" in MacOS.
There are "normal privileges".
Everyone even an admin account runs with normal privileges.
To do something dangerous even an admin account needs to ask for permission.
Windows-intrinsic No 3.
No, I am not nit-picking here.
One thing is to recommend to "reduce privileges" for the enhanced security, the other - is to not having an easy way to run an account without these "reduced privileges".&gt;you don't need an enormous number of privileges to scan through a user's home directory and forward anything that looks interesting to a remote serverAnything interesting?
Like passwords?
Passwords are in the Keychain.
You can't access the Keychain from an application that is not authorized to access the Keychain.
The concept that you can harvest "many interesting things" just by scanning a home dir is definetely a Windows-intrinsic.
No 4.Have I missed something?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457136</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454808</id>
	<title>Re:So why not change it?</title>
	<author>localman57</author>
	<datestamp>1268424420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p> Then, if something is trying to write a file to the OS portion of your drive, and that file is not recognized, it should block it (and MAYBE allow the user to override it after a few hoops and maybe online comparisons with the latest threat databases).</p></div><p>Microsoft more or less tried something like this with UAC on Vista, didn't they?  Granted, it doesn't matter that much unitl you fix all the other security holes, but the point is that average joe users don't want it, and they make up the majority of the (non-open source) users.  It seems to me that asking "Are you sure" before installing software is a good thing, but the marketplace apparently disagreed.<br> <br>And the fact is, you can say "They'll learn their lesson after they get infected," but the truth is very few people will fess up to the fact that they are partially responsible for their computer getting infected.</p></div>
	</htmltext>
<tokenext>Then , if something is trying to write a file to the OS portion of your drive , and that file is not recognized , it should block it ( and MAYBE allow the user to override it after a few hoops and maybe online comparisons with the latest threat databases ) .Microsoft more or less tried something like this with UAC on Vista , did n't they ?
Granted , it does n't matter that much unitl you fix all the other security holes , but the point is that average joe users do n't want it , and they make up the majority of the ( non-open source ) users .
It seems to me that asking " Are you sure " before installing software is a good thing , but the marketplace apparently disagreed .
And the fact is , you can say " They 'll learn their lesson after they get infected , " but the truth is very few people will fess up to the fact that they are partially responsible for their computer getting infected .</tokentext>
<sentencetext> Then, if something is trying to write a file to the OS portion of your drive, and that file is not recognized, it should block it (and MAYBE allow the user to override it after a few hoops and maybe online comparisons with the latest threat databases).Microsoft more or less tried something like this with UAC on Vista, didn't they?
Granted, it doesn't matter that much unitl you fix all the other security holes, but the point is that average joe users don't want it, and they make up the majority of the (non-open source) users.
It seems to me that asking "Are you sure" before installing software is a good thing, but the marketplace apparently disagreed.
And the fact is, you can say "They'll learn their lesson after they get infected," but the truth is very few people will fess up to the fact that they are partially responsible for their computer getting infected.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456072</id>
	<title>Re:I'll give you a clue...</title>
	<author>pgmrdlm</author>
	<datestamp>1268386560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I thought Google used nothing but open source? Sense when was open source Microsoft???</p></htmltext>
<tokenext>I thought Google used nothing but open source ?
Sense when was open source Microsoft ? ?
?</tokentext>
<sentencetext>I thought Google used nothing but open source?
Sense when was open source Microsoft??
?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468380</id>
	<title>*NIX variants run script in browsers, email, Adobe</title>
	<author>Anonymous</author>
	<datestamp>1268487960000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>"You mean like how OSX and Linux does WITHOUT Antivirus?" - by Lumpy (12016) on Friday March 12, @02:22PM (#31455024) Homepage</p></div><p>See the subject-line above, &amp; realize 1 thing: Since your *NIX variants allow javascript to run in webbrowsers or HTML-based emails, or other scriptable document types even (such as Adobe<nobr> <wbr></nobr>.pdf files that are malcripted), they're just as attackable... period.</p><p>The only reason your *NIX variants aren't attacked as much is that they don't represent enough of an "attack surface" for malware makers/hacker-crackers to go after (they have the "advantage" of "security-by-obscurity"), &amp; since Windows represents a good 95\% or so of the actual user-base out there, it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Windows, vs. other OS type variants (especially using attack mechanisms of the kind I noted above, which are just as useable on *NIX variants as they are on Windows).</p></div>
	</htmltext>
<tokenext>" You mean like how OSX and Linux does WITHOUT Antivirus ?
" - by Lumpy ( 12016 ) on Friday March 12 , @ 02 : 22PM ( # 31455024 ) HomepageSee the subject-line above , &amp; realize 1 thing : Since your * NIX variants allow javascript to run in webbrowsers or HTML-based emails , or other scriptable document types even ( such as Adobe .pdf files that are malcripted ) , they 're just as attackable... period.The only reason your * NIX variants are n't attacked as much is that they do n't represent enough of an " attack surface " for malware makers/hacker-crackers to go after ( they have the " advantage " of " security-by-obscurity " ) , &amp; since Windows represents a good 95 \ % or so of the actual user-base out there , it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Windows , vs. other OS type variants ( especially using attack mechanisms of the kind I noted above , which are just as useable on * NIX variants as they are on Windows ) .</tokentext>
<sentencetext>"You mean like how OSX and Linux does WITHOUT Antivirus?
" - by Lumpy (12016) on Friday March 12, @02:22PM (#31455024) HomepageSee the subject-line above, &amp; realize 1 thing: Since your *NIX variants allow javascript to run in webbrowsers or HTML-based emails, or other scriptable document types even (such as Adobe .pdf files that are malcripted), they're just as attackable... period.The only reason your *NIX variants aren't attacked as much is that they don't represent enough of an "attack surface" for malware makers/hacker-crackers to go after (they have the "advantage" of "security-by-obscurity"), &amp; since Windows represents a good 95\% or so of the actual user-base out there, it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Windows, vs. other OS type variants (especially using attack mechanisms of the kind I noted above, which are just as useable on *NIX variants as they are on Windows).
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455024</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456766</id>
	<title>Re:I'll give you a clue...</title>
	<author>Hurricane78</author>
	<datestamp>1268389380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I&rsquo;ll give you another clue: PEBKAC!</p></htmltext>
<tokenext>I    ll give you another clue : PEBKAC !</tokentext>
<sentencetext>I’ll give you another clue: PEBKAC!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456062</id>
	<title>Re:Stating the obvious</title>
	<author>hot soldering iron</author>
	<datestamp>1268386500000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I don't think luck (bad or otherwise) was involved in the Google hacking. It was more along the lines of industrial espionage.</p><p>Looking out for road hazards is one thing, avoiding the psycho with the rocket launcher looking for you requires a whole 'nother level of protection. (There's my car analogy for the day.)</p><p>Industrial espionage is much harder to defeat, when it can escalate up to the use of mercenaries and machine guns. Happened in Wichita, KS a couple of years ago, at NCR research center.</p></htmltext>
<tokenext>I do n't think luck ( bad or otherwise ) was involved in the Google hacking .
It was more along the lines of industrial espionage.Looking out for road hazards is one thing , avoiding the psycho with the rocket launcher looking for you requires a whole 'nother level of protection .
( There 's my car analogy for the day .
) Industrial espionage is much harder to defeat , when it can escalate up to the use of mercenaries and machine guns .
Happened in Wichita , KS a couple of years ago , at NCR research center .</tokentext>
<sentencetext>I don't think luck (bad or otherwise) was involved in the Google hacking.
It was more along the lines of industrial espionage.Looking out for road hazards is one thing, avoiding the psycho with the rocket launcher looking for you requires a whole 'nother level of protection.
(There's my car analogy for the day.
)Industrial espionage is much harder to defeat, when it can escalate up to the use of mercenaries and machine guns.
Happened in Wichita, KS a couple of years ago, at NCR research center.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454466</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454464</id>
	<title>Re:Stating the obvious</title>
	<author>Anonymous</author>
	<datestamp>1268422860000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Antivirus is imperfect because it makes people think that they're immune from anything/everything that can go wrong.  You tell them that an antivirus program is good and most users will go out of their way to prove you wrong.</p></htmltext>
<tokenext>Antivirus is imperfect because it makes people think that they 're immune from anything/everything that can go wrong .
You tell them that an antivirus program is good and most users will go out of their way to prove you wrong .</tokentext>
<sentencetext>Antivirus is imperfect because it makes people think that they're immune from anything/everything that can go wrong.
You tell them that an antivirus program is good and most users will go out of their way to prove you wrong.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378</id>
	<title>failed?</title>
	<author>Lord Ender</author>
	<datestamp>1268422500000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><blockquote><div><p>the security industry has failed to protect paying customers from some of today's most pernicious threats</p></div></blockquote><p>This is a terribly ignorant statement. The security has actually <i>succeeded</i> in protecting paying customers from all but the most pernicious threats. IT security is about reducing risk, and that's what it does--successfully.</p></div>
	</htmltext>
<tokenext>the security industry has failed to protect paying customers from some of today 's most pernicious threatsThis is a terribly ignorant statement .
The security has actually succeeded in protecting paying customers from all but the most pernicious threats .
IT security is about reducing risk , and that 's what it does--successfully .</tokentext>
<sentencetext>the security industry has failed to protect paying customers from some of today's most pernicious threatsThis is a terribly ignorant statement.
The security has actually succeeded in protecting paying customers from all but the most pernicious threats.
IT security is about reducing risk, and that's what it does--successfully.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468358</id>
	<title>*NIX is NOT invulnerable to script based attacks</title>
	<author>Anonymous</author>
	<datestamp>1268487780000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>"The Microsoft operating system has been, always will be insecure. No amount of anti this, anti that or how update date your windows box is; it is not safe to use for any kind of sensitive data." - by Stumbles (602007) on Friday March 12, @01:36PM (#31454396)</p></div><p>See the subject-line above, &amp; realize 1 thing: Since your *NIX variants allow javascript to run in webbrowsers or HTML-based emails, or other scriptable document types even (such as Adobe<nobr> <wbr></nobr>.pdf files that are malcripted), they're just as attackable... period.  The only reason your *NIX variants aren't attacked as much is that they don't represent enough of an "attack surface" for malware makers/hacker-crackers to go after (they have the "advantage" of "security-by-obscurity"), &amp; since Windows represents a good 95\% or so of the actual user-base out there, it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Windows, vs. other OS type variants (especially using attack mechanisms of the kind I noted above, which are just as useable on *NIX variants as they are on Windows).</p></div>
	</htmltext>
<tokenext>" The Microsoft operating system has been , always will be insecure .
No amount of anti this , anti that or how update date your windows box is ; it is not safe to use for any kind of sensitive data .
" - by Stumbles ( 602007 ) on Friday March 12 , @ 01 : 36PM ( # 31454396 ) See the subject-line above , &amp; realize 1 thing : Since your * NIX variants allow javascript to run in webbrowsers or HTML-based emails , or other scriptable document types even ( such as Adobe .pdf files that are malcripted ) , they 're just as attackable... period. The only reason your * NIX variants are n't attacked as much is that they do n't represent enough of an " attack surface " for malware makers/hacker-crackers to go after ( they have the " advantage " of " security-by-obscurity " ) , &amp; since Windows represents a good 95 \ % or so of the actual user-base out there , it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Windows , vs. other OS type variants ( especially using attack mechanisms of the kind I noted above , which are just as useable on * NIX variants as they are on Windows ) .</tokentext>
<sentencetext>"The Microsoft operating system has been, always will be insecure.
No amount of anti this, anti that or how update date your windows box is; it is not safe to use for any kind of sensitive data.
" - by Stumbles (602007) on Friday March 12, @01:36PM (#31454396)See the subject-line above, &amp; realize 1 thing: Since your *NIX variants allow javascript to run in webbrowsers or HTML-based emails, or other scriptable document types even (such as Adobe .pdf files that are malcripted), they're just as attackable... period.  The only reason your *NIX variants aren't attacked as much is that they don't represent enough of an "attack surface" for malware makers/hacker-crackers to go after (they have the "advantage" of "security-by-obscurity"), &amp; since Windows represents a good 95\% or so of the actual user-base out there, it only makes sense for malware makers/hackers-crackers &amp; the like to target attacks towards Windows, vs. other OS type variants (especially using attack mechanisms of the kind I noted above, which are just as useable on *NIX variants as they are on Windows).
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432</id>
	<title>Industry slow to respond to challenges</title>
	<author>jollyreaper</author>
	<datestamp>1268422740000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>Film at 11.</p><p>One thing that shouldn't surprise me anymore but keeps surprising me is that it seems like the more money you pay for software, the more half-assed it is. You get an off-the-shelf product like Quickbooks, it's impressive. You look at stuff that's industry-specific, specialized software that doesn't have a lot of competition, it costs thousands and feels primitive in comparison. It must be the lack of competition means there's no real reason to improve the product beyond what it already does.</p><p>I'm sure there are some exceptions to my experience, naturally. But these niche applications generally seem to be very expensive and primitive.</p></htmltext>
<tokenext>Film at 11.One thing that should n't surprise me anymore but keeps surprising me is that it seems like the more money you pay for software , the more half-assed it is .
You get an off-the-shelf product like Quickbooks , it 's impressive .
You look at stuff that 's industry-specific , specialized software that does n't have a lot of competition , it costs thousands and feels primitive in comparison .
It must be the lack of competition means there 's no real reason to improve the product beyond what it already does.I 'm sure there are some exceptions to my experience , naturally .
But these niche applications generally seem to be very expensive and primitive .</tokentext>
<sentencetext>Film at 11.One thing that shouldn't surprise me anymore but keeps surprising me is that it seems like the more money you pay for software, the more half-assed it is.
You get an off-the-shelf product like Quickbooks, it's impressive.
You look at stuff that's industry-specific, specialized software that doesn't have a lot of competition, it costs thousands and feels primitive in comparison.
It must be the lack of competition means there's no real reason to improve the product beyond what it already does.I'm sure there are some exceptions to my experience, naturally.
But these niche applications generally seem to be very expensive and primitive.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457196</id>
	<title>Re:failed?</title>
	<author>ceoyoyo</author>
	<datestamp>1268390940000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Your statement and the statement you quoted have identical meanings.</p><p>You're not even arguing semantics. You're arguing connotations. Less kindly, spin.</p></htmltext>
<tokenext>Your statement and the statement you quoted have identical meanings.You 're not even arguing semantics .
You 're arguing connotations .
Less kindly , spin .</tokentext>
<sentencetext>Your statement and the statement you quoted have identical meanings.You're not even arguing semantics.
You're arguing connotations.
Less kindly, spin.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454620</id>
	<title>Re:I'll give you a clue...</title>
	<author>Anonymous</author>
	<datestamp>1268423640000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.</p></div><p>Hell, Matt Murphy could do that on his own, hardly needed the rest of the band.</p></div>
	</htmltext>
<tokenext>Donald 'Duck ' Dunn : We had a band powerful enough to turn goat piss into gasoline.Hell , Matt Murphy could do that on his own , hardly needed the rest of the band .</tokentext>
<sentencetext>Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.Hell, Matt Murphy could do that on his own, hardly needed the rest of the band.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454368</id>
	<title>Virus</title>
	<author>mcgrew</author>
	<datestamp>1268422440000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>If the "M" virus hits the RSA conference, it it the MSRA virus?</p></htmltext>
<tokenext>If the " M " virus hits the RSA conference , it it the MSRA virus ?</tokentext>
<sentencetext>If the "M" virus hits the RSA conference, it it the MSRA virus?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454466</id>
	<title>Re:Stating the obvious</title>
	<author>Anonymous</author>
	<datestamp>1268422920000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>The security industry will always be unable to protect everyone 100\% of the time. It is impossible to protect the clueless from anything.<nobr> <wbr></nobr>...</p><p>The sooner all end users are clued-in instead of clueless, the sooner we may have a ray of hope.</p></div></blockquote><p>Did you miss the bit in the summary where they mentioned Google? Now it is possible that Google had no anti-virus, no IDS and doesn't monitor in and outbound web traffic for potential threats, but I think it unlikely.</p><p>I find it hard to imagine that a firm which can to all intents and purposes hire the very brightest and smartest has a whole lot of clueless users. I doubt the Google end-users were doing anything stupid anyway.</p><p>For others, especially those with less resources, life is harder still. A zero day exploit doesn't need a user to be stupid, only to open a web page, through trickery, coercion or plain old bad luck.</p></div>
	</htmltext>
<tokenext>The security industry will always be unable to protect everyone 100 \ % of the time .
It is impossible to protect the clueless from anything .
...The sooner all end users are clued-in instead of clueless , the sooner we may have a ray of hope.Did you miss the bit in the summary where they mentioned Google ?
Now it is possible that Google had no anti-virus , no IDS and does n't monitor in and outbound web traffic for potential threats , but I think it unlikely.I find it hard to imagine that a firm which can to all intents and purposes hire the very brightest and smartest has a whole lot of clueless users .
I doubt the Google end-users were doing anything stupid anyway.For others , especially those with less resources , life is harder still .
A zero day exploit does n't need a user to be stupid , only to open a web page , through trickery , coercion or plain old bad luck .</tokentext>
<sentencetext>The security industry will always be unable to protect everyone 100\% of the time.
It is impossible to protect the clueless from anything.
...The sooner all end users are clued-in instead of clueless, the sooner we may have a ray of hope.Did you miss the bit in the summary where they mentioned Google?
Now it is possible that Google had no anti-virus, no IDS and doesn't monitor in and outbound web traffic for potential threats, but I think it unlikely.I find it hard to imagine that a firm which can to all intents and purposes hire the very brightest and smartest has a whole lot of clueless users.
I doubt the Google end-users were doing anything stupid anyway.For others, especially those with less resources, life is harder still.
A zero day exploit doesn't need a user to be stupid, only to open a web page, through trickery, coercion or plain old bad luck.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454434</id>
	<title>Not that hard to believe...</title>
	<author>Anonymous</author>
	<datestamp>1268422740000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>The dark side of computer "security" pays far better than the good side. I was contracted to setup a number of servers for a company, and as it turned out, they were part of this "dark side." I told them I had an ethical conflict, and decided to remove myself from the situation about 2 hours into it.</p><p>The problem is, other than the coders and the boss, many people do not know they are working for these companies. This particular company had about 15 people. 3 were in the know, the other 12 were support for shipping, gathering information, making contacts, and advertising, etc. When dealing with spyware/malware, there is a lot of butt covering, and evasion.</p><p>The programmers in particular were amazing coders, some of the best that graduated at the same university I went to. This is how I got contacted to help. Only after we started talking did I realize what they were all about. The pay was almost double what they would have made at a legitimate company.</p></htmltext>
<tokenext>The dark side of computer " security " pays far better than the good side .
I was contracted to setup a number of servers for a company , and as it turned out , they were part of this " dark side .
" I told them I had an ethical conflict , and decided to remove myself from the situation about 2 hours into it.The problem is , other than the coders and the boss , many people do not know they are working for these companies .
This particular company had about 15 people .
3 were in the know , the other 12 were support for shipping , gathering information , making contacts , and advertising , etc .
When dealing with spyware/malware , there is a lot of butt covering , and evasion.The programmers in particular were amazing coders , some of the best that graduated at the same university I went to .
This is how I got contacted to help .
Only after we started talking did I realize what they were all about .
The pay was almost double what they would have made at a legitimate company .</tokentext>
<sentencetext>The dark side of computer "security" pays far better than the good side.
I was contracted to setup a number of servers for a company, and as it turned out, they were part of this "dark side.
" I told them I had an ethical conflict, and decided to remove myself from the situation about 2 hours into it.The problem is, other than the coders and the boss, many people do not know they are working for these companies.
This particular company had about 15 people.
3 were in the know, the other 12 were support for shipping, gathering information, making contacts, and advertising, etc.
When dealing with spyware/malware, there is a lot of butt covering, and evasion.The programmers in particular were amazing coders, some of the best that graduated at the same university I went to.
This is how I got contacted to help.
Only after we started talking did I realize what they were all about.
The pay was almost double what they would have made at a legitimate company.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457654</id>
	<title>1990 protection for 2010 threats.</title>
	<author>swschrad</author>
	<datestamp>1268392860000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>there are three problems here.</p><p>one is, the bad social engineers are winning because the customers are dumber than rocks on click-here installs.</p><p>second, anything can run on your computer because we have defined all content good until proven otherwise -- but we can only stop entire sites or entire classes of content based on how it runs if we prove otherwise.  custs then work around the controls, see #1 above.</p><p>lastly, nobody has even tried to stop embedded crap like loaders in jpg files or poison flash.</p><p>we need to start thinking of security as if we were warlords.  your crap can't modify OS files -- and the OS can't modify OS files -- without going into a strictly protected mode, a ring-zero concept.  and a lot of slop in standards that allows runtime stuff in ostensibly banal purty pictures has to be cleaned up on both the creation and execution sides.</p></htmltext>
<tokenext>there are three problems here.one is , the bad social engineers are winning because the customers are dumber than rocks on click-here installs.second , anything can run on your computer because we have defined all content good until proven otherwise -- but we can only stop entire sites or entire classes of content based on how it runs if we prove otherwise .
custs then work around the controls , see # 1 above.lastly , nobody has even tried to stop embedded crap like loaders in jpg files or poison flash.we need to start thinking of security as if we were warlords .
your crap ca n't modify OS files -- and the OS ca n't modify OS files -- without going into a strictly protected mode , a ring-zero concept .
and a lot of slop in standards that allows runtime stuff in ostensibly banal purty pictures has to be cleaned up on both the creation and execution sides .</tokentext>
<sentencetext>there are three problems here.one is, the bad social engineers are winning because the customers are dumber than rocks on click-here installs.second, anything can run on your computer because we have defined all content good until proven otherwise -- but we can only stop entire sites or entire classes of content based on how it runs if we prove otherwise.
custs then work around the controls, see #1 above.lastly, nobody has even tried to stop embedded crap like loaders in jpg files or poison flash.we need to start thinking of security as if we were warlords.
your crap can't modify OS files -- and the OS can't modify OS files -- without going into a strictly protected mode, a ring-zero concept.
and a lot of slop in standards that allows runtime stuff in ostensibly banal purty pictures has to be cleaned up on both the creation and execution sides.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454674</id>
	<title>Re:Industry slow to respond to challenges</title>
	<author>Jah-Wren Ryel</author>
	<datestamp>1268423820000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>I'm sure there are some exceptions to my experience, naturally. But these niche applications generally seem to be very expensive and primitive.</p></div><p>Back before beowulf clusters were common and most all supercomputers were priced in the 9 digits there was a phrase well known in the community - "Supercomputing is a synonym for unreliable computing."</p><p>In other words, if the market is small you suffer from all kinds of problems because there aren't enough users to generate enough bug reports and despite the high per unit pricing, volume is so low that there isn't enough money to pay for all the Q&amp;A beyond the core functionality.</p></div>
	</htmltext>
<tokenext>I 'm sure there are some exceptions to my experience , naturally .
But these niche applications generally seem to be very expensive and primitive.Back before beowulf clusters were common and most all supercomputers were priced in the 9 digits there was a phrase well known in the community - " Supercomputing is a synonym for unreliable computing .
" In other words , if the market is small you suffer from all kinds of problems because there are n't enough users to generate enough bug reports and despite the high per unit pricing , volume is so low that there is n't enough money to pay for all the Q&amp;A beyond the core functionality .</tokentext>
<sentencetext>I'm sure there are some exceptions to my experience, naturally.
But these niche applications generally seem to be very expensive and primitive.Back before beowulf clusters were common and most all supercomputers were priced in the 9 digits there was a phrase well known in the community - "Supercomputing is a synonym for unreliable computing.
"In other words, if the market is small you suffer from all kinds of problems because there aren't enough users to generate enough bug reports and despite the high per unit pricing, volume is so low that there isn't enough money to pay for all the Q&amp;A beyond the core functionality.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455688</id>
	<title>UAC Car Analogy</title>
	<author>Anonymous</author>
	<datestamp>1268384820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>UAC's issue was that it was TOO thorough. If a user, using the mouse, manually clicks start, control panel, security center, and windows firewall, it will UAC prompt for that. It UAC prompt for running MSCONFIG. It prompts for running under alternate credentials when those credentials are manually typed in. Some applications triggered a UAC prompt every time they ran.</p><p>After a while, UAC just became like a car alarm. What was the last time you heard a car alarm activate and you thought to yourself "oh snap! someone's car is getting stolen!"? I can't even remember. If I were walking through a parking lot at the mall and I saw somebody with a coat hangar down the window and an alarm going off, my reaction would be to look at that guy and say "lock your keys in the car, buddy? need to call AAA?" Car alarms go off so frequently that by time there is an actual robbery in progress, we're conditioned to simply ignore it.</p><p>Similarly, UAC was so obnoxiously prevalent in Vista that people don't even stop to think about it anymore. It's just an extra step to see the dancing bunnies, nothing more. If it were designed to more correctly respond to attack vectors, I think it'd be more useful. If UAC were limited to software installations (complete with some "disable until next reboot since I'm performing lots of installations since I just bought this computer" mode), scripted/command line changes to control panel options, registry changes independent of a software install, and unsigned ActiveX applets, that would cover the overwhelming majority of ways that things happen without user consent that UAC notifications would actually be noteworthy enough to users that it would cause them to stop and think about what is happening.</p><p>Security software has this tendency as well. It nags so much that many users almost have the mindeset of "an invisible virus is less aggrevating than my security suite". Like UAC and car alarms, security suites that flag things like tracking cookies as infections are disengenuous and instill more negative conditioning than positive.</p></htmltext>
<tokenext>UAC 's issue was that it was TOO thorough .
If a user , using the mouse , manually clicks start , control panel , security center , and windows firewall , it will UAC prompt for that .
It UAC prompt for running MSCONFIG .
It prompts for running under alternate credentials when those credentials are manually typed in .
Some applications triggered a UAC prompt every time they ran.After a while , UAC just became like a car alarm .
What was the last time you heard a car alarm activate and you thought to yourself " oh snap !
someone 's car is getting stolen ! " ?
I ca n't even remember .
If I were walking through a parking lot at the mall and I saw somebody with a coat hangar down the window and an alarm going off , my reaction would be to look at that guy and say " lock your keys in the car , buddy ?
need to call AAA ?
" Car alarms go off so frequently that by time there is an actual robbery in progress , we 're conditioned to simply ignore it.Similarly , UAC was so obnoxiously prevalent in Vista that people do n't even stop to think about it anymore .
It 's just an extra step to see the dancing bunnies , nothing more .
If it were designed to more correctly respond to attack vectors , I think it 'd be more useful .
If UAC were limited to software installations ( complete with some " disable until next reboot since I 'm performing lots of installations since I just bought this computer " mode ) , scripted/command line changes to control panel options , registry changes independent of a software install , and unsigned ActiveX applets , that would cover the overwhelming majority of ways that things happen without user consent that UAC notifications would actually be noteworthy enough to users that it would cause them to stop and think about what is happening.Security software has this tendency as well .
It nags so much that many users almost have the mindeset of " an invisible virus is less aggrevating than my security suite " .
Like UAC and car alarms , security suites that flag things like tracking cookies as infections are disengenuous and instill more negative conditioning than positive .</tokentext>
<sentencetext>UAC's issue was that it was TOO thorough.
If a user, using the mouse, manually clicks start, control panel, security center, and windows firewall, it will UAC prompt for that.
It UAC prompt for running MSCONFIG.
It prompts for running under alternate credentials when those credentials are manually typed in.
Some applications triggered a UAC prompt every time they ran.After a while, UAC just became like a car alarm.
What was the last time you heard a car alarm activate and you thought to yourself "oh snap!
someone's car is getting stolen!"?
I can't even remember.
If I were walking through a parking lot at the mall and I saw somebody with a coat hangar down the window and an alarm going off, my reaction would be to look at that guy and say "lock your keys in the car, buddy?
need to call AAA?
" Car alarms go off so frequently that by time there is an actual robbery in progress, we're conditioned to simply ignore it.Similarly, UAC was so obnoxiously prevalent in Vista that people don't even stop to think about it anymore.
It's just an extra step to see the dancing bunnies, nothing more.
If it were designed to more correctly respond to attack vectors, I think it'd be more useful.
If UAC were limited to software installations (complete with some "disable until next reboot since I'm performing lots of installations since I just bought this computer" mode), scripted/command line changes to control panel options, registry changes independent of a software install, and unsigned ActiveX applets, that would cover the overwhelming majority of ways that things happen without user consent that UAC notifications would actually be noteworthy enough to users that it would cause them to stop and think about what is happening.Security software has this tendency as well.
It nags so much that many users almost have the mindeset of "an invisible virus is less aggrevating than my security suite".
Like UAC and car alarms, security suites that flag things like tracking cookies as infections are disengenuous and instill more negative conditioning than positive.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454808</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456658</id>
	<title>Re:Virus</title>
	<author>Atomm</author>
	<datestamp>1268388960000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Those of you marking this funny should be ashamed of yourself.</p><p>It's ok Stuttering Dyslexia guy, I won't laugh at you.....</p></htmltext>
<tokenext>Those of you marking this funny should be ashamed of yourself.It 's ok Stuttering Dyslexia guy , I wo n't laugh at you.... .</tokentext>
<sentencetext>Those of you marking this funny should be ashamed of yourself.It's ok Stuttering Dyslexia guy, I won't laugh at you.....</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454368</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454886</id>
	<title>Correlation can imply causation.</title>
	<author>Anonymous</author>
	<datestamp>1268424780000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>1</modscore>
	<htmltext>Too many people here don't understand basic logic. That's surprising, given the demographics here. I would've thought that programmers would have a better-than-average grasp of that topic.
<br> <br>
Correlation can very well imply causation. Let me prove it to you:<blockquote><div><p>        Let o be a True correlation.<br>
        Let a be a True causation.
        <br> <br>
        Problem: Prove that o -&gt; a. That is, prove that correlation implies causation.
<br> <br>
        Proof: See an <a href="http://en.wikipedia.org/wiki/Truth\_tables#Logical\_implication" title="wikipedia.org" rel="nofollow">implication truth table</a> [wikipedia.org]. Like in this case, we have a True correlation and a True causation. Thus we have a True implication. Hence, we have proven that correlation can imply causation.
<br> <br>
        Q.E.D.</p></div>
</blockquote></div>
	</htmltext>
<tokenext>Too many people here do n't understand basic logic .
That 's surprising , given the demographics here .
I would 've thought that programmers would have a better-than-average grasp of that topic .
Correlation can very well imply causation .
Let me prove it to you : Let o be a True correlation .
Let a be a True causation .
Problem : Prove that o - &gt; a. That is , prove that correlation implies causation .
Proof : See an implication truth table [ wikipedia.org ] .
Like in this case , we have a True correlation and a True causation .
Thus we have a True implication .
Hence , we have proven that correlation can imply causation .
Q.E.D .</tokentext>
<sentencetext>Too many people here don't understand basic logic.
That's surprising, given the demographics here.
I would've thought that programmers would have a better-than-average grasp of that topic.
Correlation can very well imply causation.
Let me prove it to you:        Let o be a True correlation.
Let a be a True causation.
Problem: Prove that o -&gt; a. That is, prove that correlation implies causation.
Proof: See an implication truth table [wikipedia.org].
Like in this case, we have a True correlation and a True causation.
Thus we have a True implication.
Hence, we have proven that correlation can imply causation.
Q.E.D.

	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454374</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454518</id>
	<title>Re:I'll give you a clue...</title>
	<author>Anonymous</author>
	<datestamp>1268423100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Good point. Just because all the idiots use Windows doesn't mean Windows causes one to be an idiot. &lt;/joke&gt;</htmltext>
<tokenext>Good point .
Just because all the idiots use Windows does n't mean Windows causes one to be an idiot .</tokentext>
<sentencetext>Good point.
Just because all the idiots use Windows doesn't mean Windows causes one to be an idiot. </sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454374</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454486</id>
	<title>No perfect security.</title>
	<author>spinkham</author>
	<datestamp>1268422980000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>There is no perfect security, offline or online.<br>I like to say there are 3 main types of attacks:</p><ul><li>Bots, worms, and other randomly spewed attacks.</li><li>Industry targeted attacks.  An attacker wants to compromise a bank, any bank, and will go for the easiest target</li><li>Comany or resource targeted attack. An attacker wants access to you specifically.</li></ul><p>We have mechanisms that are pretty good at class 1.  We can shore up our defenses enough to not be the low hanging fruit to get some protection  against level 2.</p><p>Level 3 is only starting to enter the public eye.  There is no defense that will withstand a well funded targeted attack.  The best you can do is make it too difficult for most attackers, and monitor and clean up after the really good ones.</p><p>This is true for airline security, concert security, bank security, web site security, and network security.  There is no impenetrable defense for any of these.  You minimize the risk as much as you can, then build your systems so they can be effectively monitored and rebuilt/restored in case of attack.</p></htmltext>
<tokenext>There is no perfect security , offline or online.I like to say there are 3 main types of attacks : Bots , worms , and other randomly spewed attacks.Industry targeted attacks .
An attacker wants to compromise a bank , any bank , and will go for the easiest targetComany or resource targeted attack .
An attacker wants access to you specifically.We have mechanisms that are pretty good at class 1 .
We can shore up our defenses enough to not be the low hanging fruit to get some protection against level 2.Level 3 is only starting to enter the public eye .
There is no defense that will withstand a well funded targeted attack .
The best you can do is make it too difficult for most attackers , and monitor and clean up after the really good ones.This is true for airline security , concert security , bank security , web site security , and network security .
There is no impenetrable defense for any of these .
You minimize the risk as much as you can , then build your systems so they can be effectively monitored and rebuilt/restored in case of attack .</tokentext>
<sentencetext>There is no perfect security, offline or online.I like to say there are 3 main types of attacks:Bots, worms, and other randomly spewed attacks.Industry targeted attacks.
An attacker wants to compromise a bank, any bank, and will go for the easiest targetComany or resource targeted attack.
An attacker wants access to you specifically.We have mechanisms that are pretty good at class 1.
We can shore up our defenses enough to not be the low hanging fruit to get some protection  against level 2.Level 3 is only starting to enter the public eye.
There is no defense that will withstand a well funded targeted attack.
The best you can do is make it too difficult for most attackers, and monitor and clean up after the really good ones.This is true for airline security, concert security, bank security, web site security, and network security.
There is no impenetrable defense for any of these.
You minimize the risk as much as you can, then build your systems so they can be effectively monitored and rebuilt/restored in case of attack.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455334</id>
	<title>Re:In summary;</title>
	<author>Anonymous</author>
	<datestamp>1268426580000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><i>"The Microsoft operating system has been, always will be insecure"</i>. You forgot to add "because I'm a psychic and now how secure future versions of Windows will be".</p></htmltext>
<tokenext>" The Microsoft operating system has been , always will be insecure " .
You forgot to add " because I 'm a psychic and now how secure future versions of Windows will be " .</tokentext>
<sentencetext>"The Microsoft operating system has been, always will be insecure".
You forgot to add "because I'm a psychic and now how secure future versions of Windows will be".</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455702</id>
	<title>Kill the zombies.</title>
	<author>khasim</author>
	<datestamp>1268384880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>Or you could reverse the antivirus idea, and build a giant database of checksums.</p></div></blockquote><p>Yes. And not only checksums, but hashes and signatures and so forth. The more ways to verify a file is from a KNOW vendor, the better.</p><blockquote><div><p>So inevitably the user will run into something unsigned they want to run.</p></div></blockquote><p>Hold that right there.</p><p>You left of "legitimate, non-malware app".</p><p>Is this stops the user from installing a virus or whatever, that is good. Even if the user THOUGHT that s/he wanted to install it.</p><blockquote><div><p>It'll need a checksum for every obscure software out there, in every possible version.</p></div></blockquote><p>Why? Wouldn't that be a way to differentiate between the various anti-virus companies? As long as the vendor you went with supported all the software that you wanted<nobr> <wbr></nobr>... you'd be happy. Or you could go through the hoops and install it anyway.</p><blockquote><div><p>WoW released an update today? You can't play until the DB gets updated.</p></div></blockquote><p>See above. You would spend your money with the more responsive vendor. Or you'd go through the hoops.</p><blockquote><div><p>Add to that that no company will analyze every byte of every binary, and them listing a trojaned version as valid is quite possible.</p></div></blockquote><p>Why would you need to? If the hashes and signatures and so forth aren't enough to show that that file came from that vendor, oh, wait, they would be.</p><blockquote><div><p>You can't possibly whitelist every legitimate image.</p></div></blockquote><p>Again, you wouldn't need to.</p><p>We're talking about zombie networks that have MILLIONS of infected machines.</p><p>If you are the vendor of an app that has MILLIONS of installs, wouldn't you be able to sign your own work? And coordinate with the anti-virus vendors to list your app?</p><p>And if you aren't talking about MILLIONS of installs then you admit that this approach solves the biggest problem with such malware.</p><blockquote><div><p>But there's little interest for antivirus vendors in that, as if we got there there wouldn't be improved versions or database updates to sell.</p></div></blockquote><p>That's because the anti-virus vendors don't have the LEGAL RIGHTS to do that.</p><p>The BEST that they could do would be to alert the end-user that application X has KNOWN VULNERABILITIES and needs to be REMOVED OR UPGRADED as soon as possible.</p></div>
	</htmltext>
<tokenext>Or you could reverse the antivirus idea , and build a giant database of checksums.Yes .
And not only checksums , but hashes and signatures and so forth .
The more ways to verify a file is from a KNOW vendor , the better.So inevitably the user will run into something unsigned they want to run.Hold that right there.You left of " legitimate , non-malware app " .Is this stops the user from installing a virus or whatever , that is good .
Even if the user THOUGHT that s/he wanted to install it.It 'll need a checksum for every obscure software out there , in every possible version.Why ?
Would n't that be a way to differentiate between the various anti-virus companies ?
As long as the vendor you went with supported all the software that you wanted ... you 'd be happy .
Or you could go through the hoops and install it anyway.WoW released an update today ?
You ca n't play until the DB gets updated.See above .
You would spend your money with the more responsive vendor .
Or you 'd go through the hoops.Add to that that no company will analyze every byte of every binary , and them listing a trojaned version as valid is quite possible.Why would you need to ?
If the hashes and signatures and so forth are n't enough to show that that file came from that vendor , oh , wait , they would be.You ca n't possibly whitelist every legitimate image.Again , you would n't need to.We 're talking about zombie networks that have MILLIONS of infected machines.If you are the vendor of an app that has MILLIONS of installs , would n't you be able to sign your own work ?
And coordinate with the anti-virus vendors to list your app ? And if you are n't talking about MILLIONS of installs then you admit that this approach solves the biggest problem with such malware.But there 's little interest for antivirus vendors in that , as if we got there there would n't be improved versions or database updates to sell.That 's because the anti-virus vendors do n't have the LEGAL RIGHTS to do that.The BEST that they could do would be to alert the end-user that application X has KNOWN VULNERABILITIES and needs to be REMOVED OR UPGRADED as soon as possible .</tokentext>
<sentencetext>Or you could reverse the antivirus idea, and build a giant database of checksums.Yes.
And not only checksums, but hashes and signatures and so forth.
The more ways to verify a file is from a KNOW vendor, the better.So inevitably the user will run into something unsigned they want to run.Hold that right there.You left of "legitimate, non-malware app".Is this stops the user from installing a virus or whatever, that is good.
Even if the user THOUGHT that s/he wanted to install it.It'll need a checksum for every obscure software out there, in every possible version.Why?
Wouldn't that be a way to differentiate between the various anti-virus companies?
As long as the vendor you went with supported all the software that you wanted ... you'd be happy.
Or you could go through the hoops and install it anyway.WoW released an update today?
You can't play until the DB gets updated.See above.
You would spend your money with the more responsive vendor.
Or you'd go through the hoops.Add to that that no company will analyze every byte of every binary, and them listing a trojaned version as valid is quite possible.Why would you need to?
If the hashes and signatures and so forth aren't enough to show that that file came from that vendor, oh, wait, they would be.You can't possibly whitelist every legitimate image.Again, you wouldn't need to.We're talking about zombie networks that have MILLIONS of infected machines.If you are the vendor of an app that has MILLIONS of installs, wouldn't you be able to sign your own work?
And coordinate with the anti-virus vendors to list your app?And if you aren't talking about MILLIONS of installs then you admit that this approach solves the biggest problem with such malware.But there's little interest for antivirus vendors in that, as if we got there there wouldn't be improved versions or database updates to sell.That's because the anti-virus vendors don't have the LEGAL RIGHTS to do that.The BEST that they could do would be to alert the end-user that application X has KNOWN VULNERABILITIES and needs to be REMOVED OR UPGRADED as soon as possible.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454854</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455478</id>
	<title>Re:No. The core problem goes deeper.</title>
	<author>Rantastic</author>
	<datestamp>1268427180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>How about an antivirus program that BLOCKS file writes to the operating system UNLESS that file can be confirmed to be "good"?It's far easier to identify the files that SHOULD be allowed than it is to identify a possible threat.</p></div><p>Us on the linux side of the house have had that for years. It's called SELinux.</p></div>
	</htmltext>
<tokenext>How about an antivirus program that BLOCKS file writes to the operating system UNLESS that file can be confirmed to be " good " ? It 's far easier to identify the files that SHOULD be allowed than it is to identify a possible threat.Us on the linux side of the house have had that for years .
It 's called SELinux .</tokentext>
<sentencetext>How about an antivirus program that BLOCKS file writes to the operating system UNLESS that file can be confirmed to be "good"?It's far easier to identify the files that SHOULD be allowed than it is to identify a possible threat.Us on the linux side of the house have had that for years.
It's called SELinux.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455070</id>
	<title>Chicken little</title>
	<author>TiggertheMad</author>
	<datestamp>1268425440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><i>The security industry will always be unable to protect everyone 100\% of the time.</i>
<br> <br><nobr> <wbr></nobr>...sort of like how the TSA and the government cannot provide 100\% security from gangsters/drugdealers/terrorists/. I think that the posted topic reads like the common hysterical notion of, 'Why can't X protect me from dangerous stuff all of the time?'
<br> <br>
To address the main topic: How have security firms 'failed'? Billions of dollars flow about the internet on a daily basis without a hitch. Huge amounts of data is seen by the people that need to see it and isn't seen by those who don't. Sure, stuff like Google's break in looks spectacular, but really? You are calling security firms impotent when it they cannot stop a HUGE FRIGGEN COUNTRY with vast resources at its disposal from breaching security here and there?</htmltext>
<tokenext>The security industry will always be unable to protect everyone 100 \ % of the time .
...sort of like how the TSA and the government can not provide 100 \ % security from gangsters/drugdealers/terrorists/ .
I think that the posted topic reads like the common hysterical notion of , 'Why ca n't X protect me from dangerous stuff all of the time ?
' To address the main topic : How have security firms 'failed ' ?
Billions of dollars flow about the internet on a daily basis without a hitch .
Huge amounts of data is seen by the people that need to see it and is n't seen by those who do n't .
Sure , stuff like Google 's break in looks spectacular , but really ?
You are calling security firms impotent when it they can not stop a HUGE FRIGGEN COUNTRY with vast resources at its disposal from breaching security here and there ?</tokentext>
<sentencetext>The security industry will always be unable to protect everyone 100\% of the time.
...sort of like how the TSA and the government cannot provide 100\% security from gangsters/drugdealers/terrorists/.
I think that the posted topic reads like the common hysterical notion of, 'Why can't X protect me from dangerous stuff all of the time?
'
 
To address the main topic: How have security firms 'failed'?
Billions of dollars flow about the internet on a daily basis without a hitch.
Huge amounts of data is seen by the people that need to see it and isn't seen by those who don't.
Sure, stuff like Google's break in looks spectacular, but really?
You are calling security firms impotent when it they cannot stop a HUGE FRIGGEN COUNTRY with vast resources at its disposal from breaching security here and there?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31463344</id>
	<title>Re:No. The core problem goes deeper.</title>
	<author>BoppreH</author>
	<datestamp>1268488860000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Hanlon's razor man. Hanlon's razor.<br> <br> <br>And in your system, what happens if a virus compromises a white-listed application?<br> <br>And how are you going to distinguish between the program firefox.exe and a virus named firefox.exe? If you go with checksums, all software companies on the world would have to ask permission for the anti-virus companies before updating their application, which certainly wouldn't make them happy and would only increase the time gap between exploit detection and patching, making the system not only annoying but also less secure.</htmltext>
<tokenext>Hanlon 's razor man .
Hanlon 's razor .
And in your system , what happens if a virus compromises a white-listed application ?
And how are you going to distinguish between the program firefox.exe and a virus named firefox.exe ?
If you go with checksums , all software companies on the world would have to ask permission for the anti-virus companies before updating their application , which certainly would n't make them happy and would only increase the time gap between exploit detection and patching , making the system not only annoying but also less secure .</tokentext>
<sentencetext>Hanlon's razor man.
Hanlon's razor.
And in your system, what happens if a virus compromises a white-listed application?
And how are you going to distinguish between the program firefox.exe and a virus named firefox.exe?
If you go with checksums, all software companies on the world would have to ask permission for the anti-virus companies before updating their application, which certainly wouldn't make them happy and would only increase the time gap between exploit detection and patching, making the system not only annoying but also less secure.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454266</id>
	<title>In one word:</title>
	<author>Xamusk</author>
	<datestamp>1268421960000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>FAIL!</htmltext>
<tokenext>FAIL !</tokentext>
<sentencetext>FAIL!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455232</id>
	<title>Re:Industry slow to respond to challenges</title>
	<author>maxume</author>
	<datestamp>1268426220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I'm now tempted to try to become a software inspector.</p><p>People don't know what a house is supposed to look like (beyond the generalities), so when they purchase one, they hire a home inspector to make sure that it isn't shit. It seems like there is room to fill a similar function in the software universe (and it really isn't that hard to go way past what the typical person would evaluate when checking out software, dependency trees, installation behavior, openness of data formats (or completeness of conversion), etc.).</p></htmltext>
<tokenext>I 'm now tempted to try to become a software inspector.People do n't know what a house is supposed to look like ( beyond the generalities ) , so when they purchase one , they hire a home inspector to make sure that it is n't shit .
It seems like there is room to fill a similar function in the software universe ( and it really is n't that hard to go way past what the typical person would evaluate when checking out software , dependency trees , installation behavior , openness of data formats ( or completeness of conversion ) , etc .
) .</tokentext>
<sentencetext>I'm now tempted to try to become a software inspector.People don't know what a house is supposed to look like (beyond the generalities), so when they purchase one, they hire a home inspector to make sure that it isn't shit.
It seems like there is room to fill a similar function in the software universe (and it really isn't that hard to go way past what the typical person would evaluate when checking out software, dependency trees, installation behavior, openness of data formats (or completeness of conversion), etc.
).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455084</id>
	<title>Re:So why not change it?</title>
	<author>Anonymous</author>
	<datestamp>1268425500000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Security attacks are not the responsibility of the "security industry", they are just trying to assist. It is like saying it is the fault of the police if people commit crimes. The company that makes the OS knows more about the OS than anyone, and they alone have the power to do something about it. It is no surprise at all that third-party security software fails big time. They probably have no first hand knowledge of the sys internals. Probably some day soon, MS is going to declare that these third party programs are causing problems with the OS and should not be used.</p></htmltext>
<tokenext>Security attacks are not the responsibility of the " security industry " , they are just trying to assist .
It is like saying it is the fault of the police if people commit crimes .
The company that makes the OS knows more about the OS than anyone , and they alone have the power to do something about it .
It is no surprise at all that third-party security software fails big time .
They probably have no first hand knowledge of the sys internals .
Probably some day soon , MS is going to declare that these third party programs are causing problems with the OS and should not be used .</tokentext>
<sentencetext>Security attacks are not the responsibility of the "security industry", they are just trying to assist.
It is like saying it is the fault of the police if people commit crimes.
The company that makes the OS knows more about the OS than anyone, and they alone have the power to do something about it.
It is no surprise at all that third-party security software fails big time.
They probably have no first hand knowledge of the sys internals.
Probably some day soon, MS is going to declare that these third party programs are causing problems with the OS and should not be used.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454928</id>
	<title>Re:Industry slow to respond to challenges</title>
	<author>ehud42</author>
	<datestamp>1268424960000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><i>You get a <b> consumer car like a Honda Insight</b>, it's impressive. You look at <b>[race cars]</b> that's industry-specific, specialized <b>hardware and</b> software that doesn't have a lot of competition, it costs thousands and feels primitive in comparison. It must be the lack of competition means there's no real reason to improve the product beyond what it already does.</i>

Fixed that for you.

When Quickbooks can handle the multi-million transaction ledger of an publicly traded enterprise come back and try again.</htmltext>
<tokenext>You get a consumer car like a Honda Insight , it 's impressive .
You look at [ race cars ] that 's industry-specific , specialized hardware and software that does n't have a lot of competition , it costs thousands and feels primitive in comparison .
It must be the lack of competition means there 's no real reason to improve the product beyond what it already does .
Fixed that for you .
When Quickbooks can handle the multi-million transaction ledger of an publicly traded enterprise come back and try again .</tokentext>
<sentencetext>You get a  consumer car like a Honda Insight, it's impressive.
You look at [race cars] that's industry-specific, specialized hardware and software that doesn't have a lot of competition, it costs thousands and feels primitive in comparison.
It must be the lack of competition means there's no real reason to improve the product beyond what it already does.
Fixed that for you.
When Quickbooks can handle the multi-million transaction ledger of an publicly traded enterprise come back and try again.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455258</id>
	<title>Re:Industry slow to respond to challenges</title>
	<author>Anonymous</author>
	<datestamp>1268426280000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>You get an off-the-shelf product like Quickbooks, it's impressive. You look at stuff that's industry-specific, specialized software that doesn't have a lot of competition, it costs thousands and feels primitive in comparison</p></div><p>Competition has less to do with it than economies of scale.  If you can sell 1,000,000 copies of Quickbooks then you can afford to invest a lot of effort into the quality of the product and still offer the product at low cost.  But for specialized, industry-specific software, the costs of development are spread over a much smaller customer base.  If you have only 100 customers, or a couple dozen, the software development costs which must be passed on to the customer are more substantial.</p></div>
	</htmltext>
<tokenext>You get an off-the-shelf product like Quickbooks , it 's impressive .
You look at stuff that 's industry-specific , specialized software that does n't have a lot of competition , it costs thousands and feels primitive in comparisonCompetition has less to do with it than economies of scale .
If you can sell 1,000,000 copies of Quickbooks then you can afford to invest a lot of effort into the quality of the product and still offer the product at low cost .
But for specialized , industry-specific software , the costs of development are spread over a much smaller customer base .
If you have only 100 customers , or a couple dozen , the software development costs which must be passed on to the customer are more substantial .</tokentext>
<sentencetext>You get an off-the-shelf product like Quickbooks, it's impressive.
You look at stuff that's industry-specific, specialized software that doesn't have a lot of competition, it costs thousands and feels primitive in comparisonCompetition has less to do with it than economies of scale.
If you can sell 1,000,000 copies of Quickbooks then you can afford to invest a lot of effort into the quality of the product and still offer the product at low cost.
But for specialized, industry-specific software, the costs of development are spread over a much smaller customer base.
If you have only 100 customers, or a couple dozen, the software development costs which must be passed on to the customer are more substantial.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31459230</id>
	<title>Re:So why not change it?</title>
	<author>\_Sprocket\_</author>
	<datestamp>1268399880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><blockquote><div><p>In my opinion, as long as the security industry, and end-users as a whole, continue with the thought that end-user basic security ignorance is OK, things will never get better.</p></div> </blockquote><p>I think it is different. The "security industry" depends upon the ignorance of users and the continuation of those users being infected.</p><p>It is not in the "security industry"'s best interest to commit to real improvements in security.</p></div><p>I've seen lots of snakeoil.  I've seen sales teams trying to convince folks that they have a problem so that they can then sell the solution.  I've seen products fail to deliver on promises.  I've seen folks ignore real issues and pursue non-issues.  But I have yet to see or hear someone say "you know - if we could just maintain this status quo, we'd all be set."</p><p>There is no conflict of interest for the Industry "to commit to real improvements in security."  There will never be a point where "security" is achieved and an Industry finds themselves out of work.</p><p>Security is a complex set of problems.  Threats change (in multiple ways).  People rarely change.  And so the "security industry" will always have plenty of opportunity whether they tackle today's problems or not.</p></div>
	</htmltext>
<tokenext>In my opinion , as long as the security industry , and end-users as a whole , continue with the thought that end-user basic security ignorance is OK , things will never get better .
I think it is different .
The " security industry " depends upon the ignorance of users and the continuation of those users being infected.It is not in the " security industry " 's best interest to commit to real improvements in security.I 've seen lots of snakeoil .
I 've seen sales teams trying to convince folks that they have a problem so that they can then sell the solution .
I 've seen products fail to deliver on promises .
I 've seen folks ignore real issues and pursue non-issues .
But I have yet to see or hear someone say " you know - if we could just maintain this status quo , we 'd all be set .
" There is no conflict of interest for the Industry " to commit to real improvements in security .
" There will never be a point where " security " is achieved and an Industry finds themselves out of work.Security is a complex set of problems .
Threats change ( in multiple ways ) .
People rarely change .
And so the " security industry " will always have plenty of opportunity whether they tackle today 's problems or not .</tokentext>
<sentencetext>In my opinion, as long as the security industry, and end-users as a whole, continue with the thought that end-user basic security ignorance is OK, things will never get better.
I think it is different.
The "security industry" depends upon the ignorance of users and the continuation of those users being infected.It is not in the "security industry"'s best interest to commit to real improvements in security.I've seen lots of snakeoil.
I've seen sales teams trying to convince folks that they have a problem so that they can then sell the solution.
I've seen products fail to deliver on promises.
I've seen folks ignore real issues and pursue non-issues.
But I have yet to see or hear someone say "you know - if we could just maintain this status quo, we'd all be set.
"There is no conflict of interest for the Industry "to commit to real improvements in security.
"  There will never be a point where "security" is achieved and an Industry finds themselves out of work.Security is a complex set of problems.
Threats change (in multiple ways).
People rarely change.
And so the "security industry" will always have plenty of opportunity whether they tackle today's problems or not.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454478</id>
	<title>Re:Stating the obvious</title>
	<author>Anonymous</author>
	<datestamp>1268422980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Besides, no anti-virus company wants to make a product that blocks all known and unknown viruses anyway. What would they sell the customer next year? Face it: security software is a racket. It will never be perfect even if it could, because (much like with human diseases) there's no money in a cure. There's a lot of money in treatment though!</p></htmltext>
<tokenext>Besides , no anti-virus company wants to make a product that blocks all known and unknown viruses anyway .
What would they sell the customer next year ?
Face it : security software is a racket .
It will never be perfect even if it could , because ( much like with human diseases ) there 's no money in a cure .
There 's a lot of money in treatment though !</tokentext>
<sentencetext>Besides, no anti-virus company wants to make a product that blocks all known and unknown viruses anyway.
What would they sell the customer next year?
Face it: security software is a racket.
It will never be perfect even if it could, because (much like with human diseases) there's no money in a cure.
There's a lot of money in treatment though!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454354</id>
	<title>Well duh</title>
	<author>Anonymous</author>
	<datestamp>1268422380000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>1</modscore>
	<htmltext><p>Antivirus is a joke, and always has been.</p><p>You don't fix a software problem with more software.
You fix the software.</p><p>If you can't fix the software, you do your best
to avoid situations where it will be attacked.  In other
words, don't punch the monkey.</p><p>I don't run AV, I do run XP, I don't punch the monkey,
and I don't get viruses.</p><p>Training users at some megacorp to not PTM
is a lost cause.  Fix your s***, and forget AV.</p></htmltext>
<tokenext>Antivirus is a joke , and always has been.You do n't fix a software problem with more software .
You fix the software.If you ca n't fix the software , you do your best to avoid situations where it will be attacked .
In other words , do n't punch the monkey.I do n't run AV , I do run XP , I do n't punch the monkey , and I do n't get viruses.Training users at some megacorp to not PTM is a lost cause .
Fix your s * * * , and forget AV .</tokentext>
<sentencetext>Antivirus is a joke, and always has been.You don't fix a software problem with more software.
You fix the software.If you can't fix the software, you do your best
to avoid situations where it will be attacked.
In other
words, don't punch the monkey.I don't run AV, I do run XP, I don't punch the monkey,
and I don't get viruses.Training users at some megacorp to not PTM
is a lost cause.
Fix your s***, and forget AV.</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_39</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457406
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_52</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454636
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454808
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455688
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_43</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454712
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454308
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455070
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454688
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454434
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455052
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_44</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454828
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_58</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468358
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_51</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457196
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_37</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455232
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_65</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454808
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456400
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454674
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_41</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454928
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455024
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456526
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455258
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_32</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455024
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468380
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456190
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_66</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454546
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455074
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456492
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_57</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454286
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454402
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_60</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454286
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454616
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_56</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456658
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_47</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454434
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31458886
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_63</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454786
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454854
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455702
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31463080
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455108
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456600
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455134
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454612
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454374
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454518
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454478
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468282
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455084
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_55</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454694
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_45</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455334
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454380
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457848
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_50</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455878
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455478
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_36</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457136
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31461382
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31465084
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_38</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454374
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454956
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455492
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455422
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_42</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468346
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_61</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455078
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_35</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457320
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31464370
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454354
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455042
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_34</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454466
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456062
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456898
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31459230
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_59</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454620
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_64</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454354
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31458134
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_49</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31459682
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_40</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454434
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456856
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_54</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454578
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454726
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455092
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_33</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454464
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454472
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454698
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_46</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456072
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454374
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454886
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_48</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456766
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_62</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31463344
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_12_1651253_53</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455338
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454306
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454396
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31459682
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455334
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468358
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455108
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457136
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31461382
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457406
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468282
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454432
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454674
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31465084
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454636
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457848
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455232
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454928
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455258
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454486
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454378
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455078
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456898
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457196
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455338
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454354
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455042
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31458134
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454286
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454402
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454616
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454248
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454356
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31463344
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454546
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455074
----http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456492
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454726
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455092
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455024
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468380
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456526
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455478
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31457320
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454612
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454308
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454368
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456600
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456658
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454260
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454380
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454620
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454374
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454956
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454518
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454886
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456072
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456766
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454688
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31468346
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454698
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455134
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454786
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455878
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454434
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456856
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455052
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31458886
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454342
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_12_1651253.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454358
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454478
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454694
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454472
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454466
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456062
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454578
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454464
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454712
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454828
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455070
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454544
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455422
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455492
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456190
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454808
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31456400
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455688
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31459230
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31454854
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455702
----http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31463080
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31455084
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_12_1651253.31464370
</commentlist>
</conversation>
