The Home Machinist!

True Bandwidth
is the width of a marching band.
~RN

As a software developer, I don't disagree. I think most became used to this due to how software update distribution changed -- with security issues, it is now much easier to do "automatic updates" to avoid the liability of old buggy software. With automatic updates, you have odd background activity. For example, Microsoft Windows is quite good about detecting inactivity and will use that time to download updates. As will Apple OS X. As will quite a few Linux distributions. Most allow you to tweak the settings although only with Linux will you be able to fully control everything (although you might have to switch distributions if the more popular ones make it difficult).

But if these automatic updates were not done, then the same problem exists that the computer can be compromised for use by botnets and similar. I don't see a reasonable choice. You can argue for the freedom to not be updated however if you don't know any better, it's fairly clear it's best to update you against your wishes. At least that appears to be the popular thinking.

If you really want to learn more about security, I highly recommend reading this blog:

Krebs on Security

The difficult part can be recognizing if the background activity is for good or evil. None of the operating systems make it easy to observe that (although it is certainly possible to do so if you put some effort into figuring it out). It goes far away from the ease of use and the aim for simplicity however it seems like a reasonable thing to want to do.

Cymen wrote: ↑Mon Mar 26, 2018 2:56 pmThe difficult part can be recognizing if the background activity is for good or evil. None of the operating systems make it easy to observe that (although it is certainly possible to do so if you put some effort into figuring it out).

In UNIX-like operating systems, ps with suitable options will tell the tale. On Linux, examining the /proc pseudo-directory can also reveal a lot of information about what is going on.

No matter what, it's important that the administrator know which processes should be running on an uncompromised machine so s/he can identify those which are rogue. Log-in shells for pseudo-users should be set to /bin/false if possible to prevent an attempted log-in with such a username. Of course, unless a process is running as root its ability to do damage is generally quite small.

As for you Microsoft Windows users, good luck! Microsoft still hasn't got it right some 25 years after developing the (bug-ridden) NT kernel. With Windows, security was an afterthought. In the UNIX/Linux world in which I make my bread, security was designed in from the beginning.

Whenever any new technology comes upon the scene, there will always be someone who has a way to make money off of it. Think of some sand being poured onto a wooden floor. It will settle into every nook and cranny. Now the money seeker comes along and sweeps up all the sand, but some still remains. Another money seeker will now explore the cracks in the floor and find every last bit of sand, and still yet, someone else will look for any sand that may have been missed. Think of the sand as bits of our personal data and money. Someone make money by selling us a computer; then someone comes along and hacks our computer; then a company sells us a anti-hacking program and then someone finds a way to defeat that program and on and on. What happens in the long run is: We as consumers end up paying for everything. As our participation increases, the more expensive it gets. Getting rid of all that technology is certainly an option, but I doubt there are many who would give it up. We are caught up in a whirlpool that only gets bigger and sucking us down into further depths.