Disclaimer

The content of this blog is my personal opinion only. Although I am an employee - currently of Nvidia, in the past of other companies such as Iagination Technologies, MIPS, Intellectual Ventures, Intel, AMD, Motorola, and Gould - I reveal this only so that the reader may account for any possible bias I may have towards my employer's products. The statements I make here in no way represent my employer's position, nor am I authorized to speak on behalf of my employer. In fact, this posting may not even represent my personal opinion, since occasionally I play devil's advocate.

See http://docs.google.com/View?id=dcxddbtr_23cg5thdfj for photo credits.

Tuesday, May 27, 2008

Just because I am paranoid doesn't mean that they aren't out to get me

My system is dog slow.

Microsoft RootkitRevealer indicates suspicious stuff. (Hmm... maybe a good reason not to upgrade to a newer CPU with VT support.)

My system got slow all of a sudden, when an IP issue came up.

Part of me wonders if my employer is monitoring me. It is, after all, their legal right. (But if they are, I wish it didn't impact my productivity so much.)

Part of me wonders if other miscellaneous bad guys have taken over my PC.

Part of me wonders how embarassing it will be if my PC is infected. Since I work in security.

But I have never pretended to be an expert about the ecosystem of PC viruses, worms, and other malware. I have never pretended to be an expert in detecting malware on my PC.

I have reasonably good, standard, knowledge and practices for how to keep a PC clean of malware. Those rules begin "no active content". Unfortunately, the very fact that I am using a Windows PC means that much of such standard BKMs for security do not apply. E.g. I used the preview pane in Outlook, back when various preview pane related security holes became evident. E.g. I tried for years to send only plain text email, but eventually gave up because of the number of people I correspond with who complained.

Yes, I will be embarassed if my PC has been taken over. But not unduly so. The very fact that a reasonably conscientious and security aware guy like me has to worry about this highlights WHY I want to make security easier to use.

No comments: