Posted on 08/23/2022 11:12:33 AM PDT by Brian Griffin
On Saturday, my Windows PC went hog wild trying to update itself again. In doing so, it refused to respond promptly. On Sunday, my PC ran hot probably trying to seek out another viral infection. I'm really upset with this Microsoft update nonsense. Today, I noticed that a small dictionary I was keeping by my PC was very warm. The hypocrisy of Bill Gates babbling about global warming while Microsoft PCs waste vast amounts of electricity is truly galling.
In my opinion, Microsoft needs to force credit card (and other financial) account information off Windows PCs so Windows PCs are not an attractive target for thieves and hackers. It also needs to close off all security loopholes, even if that forces many other organizations to have to rewrite software.
I propose that credit card information and processing not be done on Windows PC or a seller's computer equipment. Instead, a mobile phone app would handle payment information processing. Neither Microsoft nor sellers would have internal financial software security worries. Instead, Google via Android and Apple via iPhones (and as usual, the banks) would have the security worries, and software security expenses.
Consumers would no longer enter their credit card information into their Windows PCs. If they tried, they might get a pop-up warning such as "4149 represents the first four digits of a VISA debit card. Do not ever enter financial account information into a Windows PC...."
Instead, Internet purchasers would see a box with say:
BIG RIVER BOOKS on the first line,
the purchase ID on the second line,
the name of the seller's bank (say CHASE) and the bank's ABA routing number on the third line,
and the seller's bank account number & the purchase amount on the fourth.
These seller bank accounts would typically be deposit only, except to the bank and the seller. A large company might utilize several bank accounts to cut its security risk.
If would-be puchasers don't recognize the bank name, they will probably not make the purchase.
The box would get scanned in sort of like a QR code. However, plain text would be used instead for security.
The app (and app maker) would then check the bank name and ABA routing number. An old bank name such as BBT would get blocked by the app, generating say BBT: obsolete bank name, with flags & asterisks, on the mobile phone.
A Northeast regional bank name might cause the app to place:
NY MA VT NH ME on one line and
PA NJ CT RI on the second line
to indicate the bank has branches in such states and that the seller should probably be from one of those states.
The app would then query the bank itself and ask about the account. The bank would provide the app with a response that might include:
the date the account was opened,
the name on the account,
the account type, and
the average 24-hour deposit amounts for certain time periods chosen by the bank, say for last 24 hours and the day a year ago and the day two years ago.
For large sellers, percentages of the last 24 hours might be provided instead.
On say a Black Friday, the bank might use the volume information from the two previous Black Fridays.
The app would display seller bank & bank account related text in various colors such as green, lime green, yellow, orange or red based on perceived security risk.
The would be-purchaser can then decide to pay or abandon the transaction. Internet purchaser payment account information might be set previously on the app or entered on a one-time use basis.
The bank would notify the seller of the payment and purchase ID by at least one means, other means being used to provide security check means. The seller can then ship the item or mark the service or hotel room paid for.
It's ordinary PC buyers like me that spend big money (indirectly) on Microsoft PC software, not Internet sellers of hotel rooms and Jeff Bezos. Microsoft needs to make Windows work well for PC buyers and users again, as its foremost priority. Microsoft needs to fully understand that its PC operating system business is highly endangered. I use my PC to get things done, every day that Microsoft lets me. I use more secure office grade Windows machines (or a Chromebook) to buy about one or two items a year.
“Anything that can be done legitimately
can be done illegitimately”
In theory, yes.
In the real world, you would want to shrink the possibility to as close to zero as you practically can.
In absolute reality. Not theory. The simple fact is all the OS security in the world means nothing once you let users install applications. Because that application could be bad. The way you shrink possibilities is good software practices, which I already talked about, and you ignored.
The basic problem with ms-windows, are things that are the results of design decisions made many, many years ago. One of the reasons you have to reboot so often during the update process is that MS is incapable of updating a dll file that programs have open, so what they do is something similar to this: if the file is called foobar.dll, they flag the file, copy in a foobar-updated1.dll, then during the reboot process, the foobar-updated.dll file replaces foobar.dll, which is then loaded from apps. It's a clunky process, and to date microsloth hasn't wanted to fix it. It's gotten to the point that people =expect= to reboot when updating. On my linux boxes, the only time I reboot is when I do a kernel upgrade. These days, there are even ways around that. You can acually live-splice in changes to a running kernel. The OS basically marks the sections of code as having been updated, then watches for processes to stop using the code. Any new process that makes a call to the code will use the newer code rather than the old. This will happen over time, and eventually nothing is using the old code, so everything is using the new.
Microsoft needed to make some very fundamental changes to their OS when they went multi-user, but doing so would break a lot of things, so instead, they stay with old and kludgy stuff.
Apple, on the other hand has actually completely changed its OS from the early days. It is now an actual Unix OS, which is inherently multiuser with their own extensions on top of it.
“No it can’t. AGAIN, YOUR WORDS:
Microsoft needs to force credit card (and other financial) account information off Windows PCs”
As a practical matter, probably yes, IMO.
Which makes the computer useless for every business.
Face it dude. You’re full of crap. Man up, admit it was a silly rant with no thinking behind and move on.
“The simple fact is all the OS security in the world means nothing once you let users install applications.”
I’m aware of Play Store and Apple Store and Windows 10S.
“Which makes the computer useless for every business.”
I have described a complete purchase transaction.
And you should be aware those aren’t the only ways to install software.
No, you made crap up and completely ignored what a business has to do. Your system won’t work. Your system is stupid. Your defense of your system is pathetic. You should feel shame.
At this point what we know for sure is you don’t know what you’re talking about and your ego won’t let you admit it. Thankfully no business in the world would listen to your dumb idea. I’m done, enjoy waving around your dumb flag.
Huh?
Look through your browser’s settings. It seems you are preloading sites you have visited in the past. Turn pre-caching off.
F-O. My PC IS my “mobile phone”, sine I don have, nor want one of the damned pocket-spies, even if I did get reception.
You don’t like it, don’t use Win-PSs.
We don’t need you as another nanny; we already (over)pay the government to perform that job.
I thought I was fairly clear. If you’re using windoze, you’re funding gates and his cronies. The fact that he resigned as chair quite some time ago doesn’t change the fact that as as someone with major holdings in the company, he’s making money from everyone dumb enough to send microsoft money.
Ah, so using Google and apple the same thing applies. Got it.
FTA: Instead, a mobile phone app would handle payment information processing.
The cell phone has all kinds of apps trying to record your bank and credit card account information.
This is the part you are misunderstanding. It doesn't matter how computer manufacturers configure their hardware or software; hackers will invent new ways to hack in — continually. It's what they do.
There is no way to build, for instance, a house at a price for the wide middle of the market that will always be invulnerable to rain at all times in all nooks and crannies. Water is the enemy of houses. Hackers are the enemies of computer systems. They don't stop trying because of new innovations. In fact, they love a new challenge.
Furthermore, they aren't just hacking your particular type of device. They go after every type of device, every router, every ISP, every point along the internet pipeline, every developer, every program. There are trillions of entry points worldwide, and billions of hackers, also worldwide. Be grateful that digital developers are as good as they are in watching out for new viruses and worms continually.
Ongoing maintenance and security of your device is as normal a routine task as putting gas in your car or checking your tires. It's part of the price of enjoying the benefits of computing.
While you're at it, complain to God because of all the sinners in the world.
Seriously, friend, a computer is an artificial intelligence machine. It's not a toaster with one job. It's complex—halfway between human and inert, just like a pet dog has intelligence, but not as much as a human.
Updates are necessary, and so is regular system maintenance and keeping your device's system architecture clean. It's your responsibility, same as having to feed your dog, if you want your dog to keep on living.
I only bought an existing windows machine as it is a cheap laptop. If I were going for a desktop I’d just build it from components.
Just ask Microsoft to do it for you
There is practically no way to "close off all security loopholes." First off, it's simply not possible to know every exploit for people to come up with in the future.
I used to believe that the only truly secure computer was one that had never been plugged in and turned on by the owner, but then, back in the early 90s, there was the time that Apple shipped computers with a virus installed.
Many of Windows vulnerabilities are directly related to network protocol vulnerabilities.
And if you trust either Android or IOS, you've got a screw loose. BTW, these mobile OSs also need regular updates for SECURITY!
Mark
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.