Slashdot Mirror
The Cost of Computer Naivete
wiredog writes "What happens when you put an unprotected Windows 98 box on a broadband connection? Two perspectives from two reporters for the Washington Post (frr,yyy): The User's " an odyssey that has taken $800 and roughly 48 man-hours over nearly three weeks" and Digital Doctor's "Her PC was in such bad shape, it required 10 1/2 hours of surgery to restore it to working condition.""
Geez... it takes 10 1/2 hours to install Linux these days? Have all distributions gone the way of Gentoo?
(Yeah I know, fair to Microsoft... on Slashdot!)
Windows 98 is 6 years old and isn't sold with computers anymore. This test just shows remaining Windows 98 users they should keep up to date or upgrade to XP.
It is bad enough with 98, but what if the same experiment where conducted with XP, considering all the wild RPC attacks?
"Here's a spoiler: You're will die alone."-Triumph the Insult Comic Dog
Boxing Equipment Reviews
Anyone that takes that long to backup a hard disk, reinstall Windows 98, some office apps and maybe Quicken,and then copy the data back on should be fired. This is the work of "consultants".
"Her PC was in such bad shape, it required 10 1/2 hours of surgery to restore it to working condition."
It takes me a lot shorter to install Win98 on a box and that includes saving any or all documents.
1.5 hours tops.
This is the sig that says NI (again)
It's said "Washington Post (frr,yyy)" Free Registration Required, Yadda Yadda Yadda.
In Soviet Russia, the profit overlords welcome you!
Whatever happened to:
Format, fdisk, re-install do da, do da?
Pull all the useful data off onto a spare disk and clean the machine. Just don't be like my neighbor, and wipe, then install your new os on the spare disk.
=================
Unix is very user friendly, it's just picky about who its friends are.
Very few machines are worth 10.5 hours for me. Factoring in labor, I can save a lot of money by saving the data elsewhere then FDisking and reinstalling the OS. Even considering windows install time, program install time, and configuration, I don't have 10.5 hours in it and the user probably has a less glitchy machine for it.
How many roads must a man walk down? 42.
I wanted to take a 98(non-second edition) box, no patches, no firewall, and no updates and visit a frew pr0n sites with IE, and see how much I could get it to be 0wned with spyware, plugins, popups, etc before it was rendered unsuable. Make it a competition to see how quickly it would bring the system down.
The screenshots would have been hilarious. If I only had VMware.
I think someone thinks a little too highly about their profession.
I don't practice what I preach because I'm not the kind of person that I'm preaching to.
While Apple's track record on security isn't perfect, I hope she'll realize that she has these problems because she chooses to use Microsoft products. That it's a choice is debateable, given MSFT's documented predatory practices. However, it's ultimately up to her to stand up to the monopoly, since the government refused to.
If she buys an Apple Mac computer next time, she will have a computer that functions better, works better, and breaks much more rarely than her current Windows computer. It's simple, really.
(Me, I use Debian GNU/Linux because I value the freedom that is in Debian's goals. I recognize that Apple shares to some degree these goals, looking at its KHTML-based Safari goals.)
Flame me, since many of you will, but consider that whether you blame the creators of Gator, Microsoft, or worm writers, she would have a better experience on a Mac.
"choice"
|/usr/games/fortune
So are they naive because they let their computer get that bad or because they paid a ridiculous amount of money to fix it?
'Surgery' is a little misleading since it suggests hardware damage was incurred. If I was determined to use a metaphor, I'd go for 'therapy' :)
Prosperity is only an instrument to be used, not a deity to be worshipped. Calvin Coolidge
C'mon now! IF runing Spybot S&D and Microsoft's own repair process didn't fix it, you could have just reinstalled Win98.
Total time, 2 hours MAX!
Best Buy can have you arrested
I find it interesting (and a little frightening) how otherwise educated people (reporters, for instance) can be so clueless in critical areas. Is this inevitable for people?
And yes, I do consider basic computer literacy a critical skill; your computer is not just an appliance. Letting your computer get 0wned is much like letting your car run out of oil.
----
"Ours was a free culture. It is becoming much less so."-Lawrence Lessig
Consider a hypothetical Win98 user. For the sake of argument call her 'my mum'. She runs a Pentium II-450 and uses it for email, word processing, web browsing and very occasional other bits of office. The computer runs all these tasks fine, but it really isn't powerful enough to run XP. Windows 2000 would make life better, but it will go out of support soon and if you worry about getting legal copies, it's not available in a home edition so it's very expensive. Windows ME can hardly be called an improvement.
So you're saying people in this position need to spend money to upgrade their hardware despite the fact that the current computer runs all the software they want to run at a speed they find acceptable.
Yes I know; install Linux.
In soviet russia stale jokes recycle you!
I seem to get a call from some family member every few weeks where their computer is unusable due to viruses/spyware/adware...
Basically what happens is I spend at least an hour or two, (but not 10-1/2), removing programs, installing programs like Adaware, Spybot, ZoneAlarm (or make them buy a NAT device) and some decent Antivirus software.
What happens if you put a six year old piece of software that was never designed for always on networking on broadband?
Or an unpatched version of XP - which is now 3 years old?
What happens if you go on holidays and leave your all you doors and windows open, and you change your answering machine message to "Hi, we're out and we won't be back for ages. Help yourself to whatever you need!"?
This is all Microsoft's fault.
..of my initial days of tinkering around with RedHat 6.x.
My old office had two RH boxes on a static IP. There was no such thing as an administrator. As a programmer, I was supposed to install all applications, configure them and also *ensure* it was up and running.
Got a call from the ISP two days later. They had shut down the machine because of complaints from other users - apparently some application from these machines were flooding the network (I never did find out what they were doing though). Got the ISP to restart them. Frantic googling and few "security guide" downloads later, I started exploring what was wrong with them (incidentally, I was *still* accessing those machines remotely - my office wouldn't pay for me to go to the site to check the machines). Turned out there were THREE rootkits installed on one of thsoe machines. Found the traces of one of the possible three attackers - was some IP space in netherlands. Later found that that range of IP addresses was actually under contention and was thought to be not allocated and probably belonged to some malicious/rogue ISPs (I haven't understood this part yet).
Not knowing much, I got them to reinstall the OS. Of the three, two rootkits appeared within 2 days. Another re-install, this time with the Linux security guide implementations for securing the box. Things were ok for about 2 weeks or so. I then had yet another attack and someone was using my box as a IRC relay host (or something) and I was still in trouble.
Finally, after some RH updates and more tweaks (and ipchains and iptables install/config), I was able to have reasonably secure machines.
Trial by fire, but I learnt a lot!
*shiver. I hate to think how it would have been, had those been '98 machines
http://efil.blogspot.com/
My mother's machine was the same way. Win 98, no windows updates for nearly three years. On a cable broadband connection, no firewall. Anti-virus wasn't updated since 2000.
Between an updated McAfee, Ad-aware, and a few other spyware removal tools - I spent nearly eight hours on getting her machine back to a working condition. Once I was able to back up her data, I formatted and moved her to XP Pro.
She had enough trouble learning XP - I wouldn't dare put Linux in front of her.
Almost 20 viruses.
Over 150 spyware components, files, etc.
Three hours of Windows Updates to download over a broadband connection.
Don't clickety-click on everything on your screen. Some of those links are bad.
I bet he didn't check the hosts file. I bet that was null routing the liveupdate DNS records.
Once the infections were removed, LiveUpdate still could not retrieve the latest virus-targeting data. So I gave up on that and uninstalled and reinstalled the entire Norton AntiVirus program, hoping that its update system would work afterward -- but it did not. I again tried to access Microsoft's Windows Update Web site, but IE still failed to respond.
Suspecting a problem with Internet Explorer itself, I tried to repair IE using the Add/Remove Programs control panel. That didn't work either, producing an error message that indicated some file or files necessary for IE were damaged or inaccessible. Trying to restore the previous version of IE, 5.5, yielded no benefit, either.
Finally, I abandoned ship, reinstalling the entire Windows 98 operating system to repair the damage to Internet Explorer and allow Kathleen's computer to access the Internet and update the Norton AntiVirus definitions.
I always check that file. It always gets hijacked. I'd be willing to bet that was his problem.
connection: Cover your ethernet chord with a prophalctic(sp?). Of course, you block out all the interesting stuff on the internet along with the bad stuff, but that is the price one must pay to sleep with a dirty whore!
Sheesh, here at the office, if IT is called to disinfect a PC, we'll spend maybe an hour to twiddle with SpyBot, RegEdit, etc. If it isn't clean by then, we fdisk the beast, reinstall from master image, firewall, windows update. Way less than 10 hours.
Things were going pretty well, and we left the systems on overnight. When we signed back on in the morning, my machine was fine; his machine had been compromised -- in grand style. We found the following:
The main data on the system was not compromised and while there was a minor virus infection, for the most part things were not touched. I should say, "things were not touched that we could detect" -- they could have taken a full copy of his HD for all I know, not that anything important was on there (it was just a gaming box).
He probably wouldn't have noticed the attack itself except that his processor wasn't all that hot and he was on a 10M/sec network card; between the heavy compiling and the constant sending of virii system performance had dropped noticably.
The fix?
Unplug from the internet, make sure no data on the box is needed, and format it back to the stone age. It isn't like reinstalls take a long time. (Backups are your friends.
There are quicker methods.
Drive C: contains a valid NTFS partion, are you sure you wish to format (y/N) y.
The XP box, which caught Sasser, and probably a few other nasties, but I didn't bother looking, and just nuked the box.
The purpose of the exercise was to make a CD containing all the updates as of April, 2004 that a clean 98, 2000, or XP install required to be usable.
From the article:
"What a revelation: Four programs -- one a firewall and three to combat spyware -- I downloaded FREE worked better than one I paid through the nose for. Why would anyone create these terrific programs for free? Often, as in the case of ZoneAlarm, they hope people will like the product so much they will buy an upgrade or, in the case of the spyware, pay to subscribe for upgrades."
She was right in the middle of the trees, and couldn't see the forest... yes, free software, even WINDOWS free software, works better and does what it says it does.
Talk about leading horses to water...
I finally decided to install Apache. I had been running an ftpd for a long time to transfer files between home/work/family/friends but so many of them began asking for me to appeal to the least common denominator that I finally did the apt-get install apache. Honestly speaking it was the easiest fileserver I've ever set up. Granted I didn't look into authentication or restricting access yet. I simply wanted to install it and offer files. In terms of basic functionality apache was much easier to achieve liftoff than ftpd or samba.
/24, poking around for overflow vulnerabilities by sending SEARCH and GET requests with more than 8190 bytes.
Here's the rub that fits with this article: Apache was not up and running for more than 2 hours before I had 3 IP addresses, two of them on my own ISPs
Why can't these script kiddies be stopped? It is obvious what the intent was.
+++ATHZ 99:5:80
The user here was probably the type of person that would love to see pics from MyParty! (.zip file attached)
"...More important, everybody selling to home users -- Microsoft, hardware manufacturers, software developers and retailers -- needs to do a better job of informing customers of the risks and potential problems of Internet access."
I don't know why Apple doesn't pick up this ball and run like hell with it.
Most of the people I know that run 98, 2000 or XP just assume that ANY computer OS, Windows or Mac has the same internet "experience", but it just costs more to have the same crappy "experience" on a Mac.
I like microcars
I'm trying to recover a spyware ridden winME (shudder) system at the mo. Nice Co-incidence.
I've been told by the owner that I can't reload it.
Now this is gonna take a lot longer than zapping it with the restore disks but this is what they want.
The point is - reloading it is the sensible option but the computer owner doesn't want it reloaded and is prepared to wait a reasonable amount of time to have it repaired. It may well take 10+ hours but "the customer is always right"!
"goatse? What's that? Anyone have a link?" - AC
For example, a tax accountant would probably think you clueless if you ended up having a big tax bill on April 15. Paying your taxes properly is a critical skill, since everyone has to do it.
Or a doctor would think you clueless if your cholesterol was over 200. It's (usually) quite simple to keep your blood cholesterol low.
Unless it has happened to them or someone they know, most computer users are unaware of things like spyware, virii, etc.
bun-fhuinneog agam!
...they want their operating system back.
The ISPs are pushing broadband -- hard -- and should be responsible for either providing a HW firewall with their DSL/cable modem or at least educating their customers that they need to install one.
I felt the same way when the AOLers discovered Usenet years ago. AOL brought them here, so AOL should teach them netiquette.
Also, broadband ISPs should register their dynamic IPs at SORBS.
It's not a Windows problem, it's a PC enduser problem. The domain technical contact is ultimately responsible for his users.
and a switch is definitely in order. when you have blight, nematodes, and rot in a soybean field, you have to rotate out of soybeans and plant anything else unrelated for several years to clear the land.
in the MS software monoculture, we are also at that point. pick Mac OS or Linux, but switch. you can't grow anything in that MS patch any more.
if you can't/wont, I have had multiple update choke-n-hangs with norton antivirus in the last year plus. each has finally been resolved by switching that user to Grisoft's AVG program, www.grisoft.com... and using Zone Alarm and Ad-Aware to deal with the other types of threats.
if this is supposed to be a new economy, how come they still want my old fashioned money?
It's now a major pain to install a windows system from scratch, using the original CD.
You now have to
- think about getting the latest service pack first
- think about getting a firewall with its license key (love it when the firewalls ask to be registered before working, and need an internet connection to be registered!),
- think about getting an anti-virus (same story)
- then install the system (disconnected from the network, of course, so forget about "configuring an internet account" during the install)
- install the service pack
- install the firewall and the anti-virus and make sure that they're running
- go to windows-update and patch your system
- start to play.
This is an impossible task for 99% of the regular windows users, who don't even know what a firewall is and how to configure it. There have been improvements in the installation process of OSes and applications, in order to make it possible for reg. users, but all these efforts have been ruined by virus and worm writers.
And I'm not even talking about spyware, adware and spam...
Firstly, installing "everything" on a machine, including Office and other big application suites, on a 400MHz machine, with (very likely) a slow HDD, will take ages. Secondly, what if, for some reason, you can't just reinstall everything? In your case(s), you say you frequently just reformat and start from scratch, but do your customers provide you with the licensed software, or the CD keys of the software you need to install? And what if those are lost, and repairing is the only option?
-- Sig down
I don't think I'm alone here; problems like this (although not this exact one) were how I learned about computers. It's during these agonizing multi-hour sessions that you really get a glimpse of what goes on behind the curtains.
;-).
I learned how to build and modify my own box after many agonizing sessions installing new hardware, much like the doctor in the Post story who couldn't get her printer working for love or money. When you go through all the troubleshooting procedures for figuring out why your new RAM, hard drive, or video card doesn't work you learn very quickly how it all goes together. The second or third time you do it is much easier.
I was never really all that interested in computer security until my first Linux box got rooted. Luckily for me I had it configured for a graphical login where all accounts were listed as icons, or I might never have noticed that there was an extra account. After that I became a computer security nut, getting updates from 5 different sites and configuring multi-tier systems. Being interested in security is also what got me into OpenBSD. The experience I got with OpenBSD was extremely useful for me in getting one of my first IT jobs; I think my broad experience with multiple Unices is what got me that job and allowed me to be successful there.
Troubleshooting problems like these, annoying and frivolous as they may seem at the time, is a great way to become the guy that people go to for their problems. Now whether or not *that's* desireable I'll leave up to you
"He's more machine now than man, twisted and evil."
Realistically, I would anticipate a similar result if I were to directly connect an unpatched Red Hat 5.1 machine to the Internet. After all, Windows 98 and Red Hat Linux 5.1 are both technologically obsolete, having been released on June 25, 1998 and May 22, 1998, respectively. They are over six years old, and both were available for purchase. Why should Microsoft support Windows 98 if Red Hat doesn't support RHL 5.1?
On the other hand, Red Hat Linux is open source; thus, anybody is capable of backporting patches to their version of the operating system, whereas Windows users remain dependent on Microsoft. Additionally, the operating system still does possess a substantial user base, whereas users of RHL 5.1 are much more likely to have already updated their machine(s). Most importantly, Microsoft is probably financially capable of supporting Windows 98 indefinitely.
I ultimately believe that it is Microsoft's responsibility to provide support for Windows 98 unless they develop an alternative method for the end-user to properly secure it. Not everybody is willing to endure the inconvenience of installing a new operating system every two years, and the Internet certainly doesn't benefit from a prodigious cache of unsupported, vulnerable machines.
Do you like German cars?
So, you talk to someone who's having problems with her Win98 machine on a broadband connection.
#1. Advise her to go out and purchase an inexpensive hardware firewall.
#2. Advise her to go out and purchase a decent CD-rewritable burner and a few rewritable CD's.
#3. Backup all of her data.
#4. Wipe the drive and partition it into 3 segments. OS/swap-n-temp/data.
#5. Re-install the OS and apps. Patch. Configure. Google toolbar is she must use IE. etc. Anti-virus set to auto-update every hour and auto-delete infected files (see #7 before you start screaming).
#6. Copy her data back to the machine. Make sure it is in the data partition.
#7. Show her how to backup the data partition onto the rewritable CD's. Inform her that here hard drive WILL fail sometime in the future and that this is will keep her data safe from that.
These are the basic steps whenever I'm asked to fix someone's computer. And it does not take 10.5 hours. Like you said, 1.5 hours tops.
10.5hours?! Man oh man.. the way I look at it is like this:
.. Going back to sys admin 101, if a box is owned, you have to restore it from trusted media.
.. bwhahhahah.. I can't even type it with a straight face. :)
If spyware, viruses, etc get on a machine, it is effective "0wn3d"
Granted, since I can't make a distro of Win98 (with all the upgraded patches, Office, etc) and reduce the re-install time from the 3hrs+ of most-of-the-time sitting at the computer hitting "next" or rebooting (seriously, the time it takes to backup data, format, reinstall Windows, upgrade patches, install applications, reinstall virus/spyware scanned data, install additional protection measures and configure (spywareblaster, virus scanner, firewall, firefox, yada yada) then I tend to do the following:
Run spyware check & virus check (both run mostly unattended, can do other stuff) -- consider the box good. If there are outstanding issues, run a quick hardware diagnostic (unless symptoms make me believe it is the issue initially) and if it checks ok, then reinstall.
Microsoft could have made it a LOT easier if we as IT pros could make a reliable windows "distro" -- throw all the most-requested software on the disk, be able to install it virtually unattended and have it have an updated driver database so hardware installs, again, mostly unattended.
I do use ghosting/sysprep when possible, but there are some serious limitations that only make it feesible for certain situations (ie computer labs, standardized business desktops).
I suppose to an extent, it is job security, but I'd rather spend my time building solutions, than fixing Microsoft's issues. Oh wait, WinXP SP2 will fix all that
Windows 98 is 6 years old and isn't sold with computers anymore. This test just shows remaining Windows 98 users they should keep up to date or upgrade to XP.
First, no it doesn't - they didn't do the necessary control experiment, which would be leaving an unpatched, no-AV machine with XP hanging around on the broadband network. Do that and your box is fried a lot faster than 98.
...I have some Win 98 boxen around here, as well as some Win XP/2K. I have MANY more problems from the newer boxes, mainly because most of the newer worms are no longer "compatible" with the older machines.
Yes, it's security by obscurity, but that's good in addition to having current antivirus signatures! With the XP/2K machines, we can't patch them fast enough to keep them clean on our notoriously insecure university network. The 98 machines are dedicated to running some specific lab hardware, and are sufficient to the task. They aren't getting replaced, or upgraded. Well, I did upgrade them from 95, but even I'm not that crazy. ;)
-Looking for a job as a materials chemist or multivariat
I deal with these problems everyday and I can clean a computer that bad in about 2 hours. This is one subject all IT computer guys need to get on the band wagon. It is getting worse. The necessary tools to fix all these problems are these. (I'm sure there are some other tools as well.) 1) Spybot 1.3 2) Adware 6.0 3) HijackThis 4) CWShredder, Kill2Me, CWS Mini Removal tool. 5) VX2Finder 6) LSPFix or Winsock XP 7) Good virus scanner (AVG, Panda, Trend) 8) Learn how to identify registry entries for manual deletion. 9) Always clean out Temporary Internet Files and some Temp files and turn off Restore on XP/ME computers. 10) Repeat steps when necessary.
Techy Nerds generally have poor social, interpersonal skills. This is the largest factor causing the destruction of their IT industry through outsourcing.
:-)
Doctors have Unions, called the AMA. Unions provide "Congress" protection. Dentists have Unions, called the ADA. Their Unions protect their industry by limiting enrollment and limiting both OUTsourcing and INsourcing. There are plenty of willing foreign Doctors prevented to emigrate to the U.S. to alleviate the high costs of Medical.
Doctors and Dentists are smart. They have Congress protection. They have social skills.
Techies and Nerds are stupid. They have poor personal skills. They have poor Congress protection. Hence, Congress screws their IT industry because they can. No protection. No Union. No AMA or ADA for Techies.
This is the cost of Techy naivete. It's the systematic destruction of their industry and jobs through OUTsourcing and INsourcing and Mass Immigration.
Outsource Congress this November.
Score & Karma: SASA: Slashdot Approval Seekers Anonymous
They also get owned through dial up. Just as fast. Once again, the slowness of the connection itself masks the fact that the thing is broken. It makes the user think that dial up is unusable, when I've shared a dial up connection with my wife under Linux without problems. Dial up users are also targeted by a special class of worms, porn dialers, which can cost the user plenty. I've heard users tell me about their computers dialing on their own in the middle of the night. Nasty.
With all the broken Windoze boxes out there able to launch all manner of attacks, the web is a really ugly place right now.
Friends don't help friends install M$ junk.
I used a win98 box as my game machine for a good while. Just through normal use, the damn thing would degrade over the course of a year and become sluggish and erratic. Grant you, I'm using it like a 15 dollar ho, but that's not acceptable. (I've still got the comp, and its running RedHat8, and STILL getting slapped around, and it's got an uptime of 108 days (Power failure). Vive la differance.)
The secret is to keep a data drive and a OS drive, and when it ends up in the shitter (as it will, without a doubt), copy your data and reinstall. Sure, you can screw with the registry and a vast array of tools that claim they'll fix your computer...But trust me, they're a waste of time. A clean 98 install is good for 6 to 8 months of only minor suckitude.
Even better to make a ghost image of a good install, and then restore it whenever you need to.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Hours and days and weeks of work to "fix" her computer? I say fdisk and forget it.
Computer trashed with malware? fdisk
Computer owned by crackers (who I wish I could kill)? fdisk
Computer infected with viri and sending out penis-pill spam? fdisk
I get to fix infected systems at work all the time and I would NEVER spend weeks trying to fix a system instead of rebuilding it.
Lee
Muslim community leaders warn of backlash from tomorrow morning's terrorist attack.
- wuftpd
- sunrpc, portmapper
- imapd
- sendmail!!
- bind!!!
- openssh
- openssl
- apache
- php
- samba
I'm sure I forgot a dozen other common packages, but you get the idea. Any outdated, Internet-connected system is a disaster waiting to happen.I have a friend who recently had to take her computer in to Best Buy and spend $210 for them to diagnose, remove viruses/spyware, and install protection. It took them 2 days to do this. All of this because she is very computer illiterate (she uses it for email, visiting websites) and her mom is even morseo.
I tell them time and time again not to open strange email attachments and to keep automatic updates turned on. Still, even though neither of them will admit to ever clicking on "bad" emails or visiting spyware infested websites, the Best Buy techs managed to find over 30 different types of spyware installed.
I find it interesting (and a little frightening) how otherwise educated people (reporters, for instance) can be so clueless in critical areas.
I find it much more interesting how clueless the parent is. If he read the article he would have seen that the user did have computer literacy, with at least basic trouble shooting skills. The problem is that it is not easy to keep a windows box clean from any malware. MS (and others) need to be make it easier for users to protect their PCs (which, by the way, is the point of SP2). Computers should just work correctly, without users having to work very hard.
We in the computer industry need to all work toward this goal. Computers are tools to make things easier; they shouldn't make peoples' lives more difficult.
Long ago, an early Mac ad compared itself to the IBM PC by dropping the corresponding manuals next to each machine. The Mac manual was light as a feather, the PC manual pile was 2 feet high. It was of course an exaggeration, but the point was valid.
I don't see how Apple can afford to not take advantage of the current spyware/security craziness occurring in the Windows world, and put out a ballsy ad along the same lines. Perhaps show each computer out of the box being plugged into a broadband connection, and on the Windows box, instantly a dozen windows pop up advertising things. Something along those lines.
I use both Macs and Windows all the time. My mom has a Mac, because I don't have time for the "family tech support" that her having a PC would require. She does complain about occasional problems with the Mac, but I have no doubt it would be at least 3 times as bad if she was running Windows.
Why didn't they spend $50 on a wireless router that includes a firewall? I guess it sounds like no one in her house owns a laptop, but if they did and could thereby benefit from the wireless access, this would have been a simple way to protect everything on the broadband connection.
Like Digital Freedoms? Then donate to EFF before they're gone.
You don't need any stinking non-Free software to make ghost images.
/path/to/image.gz
/path/to/image.gz | dd of=/dev/hda bs=128K
Here's how you do it:
0. Set up a recipient (either a second hard disk, a machine on the network - whatever - I do it over the network)
1. Boot Knoppix on the machine you want to ghost.
2. Mount the destination.
3. dd if=/dev/hda bs=128K | gzip >
To restore:
0. Set up the source.
1. Boot Knoppix on the machine you want to install.
3. Mount the source.
4. gzip -dc
Tips: Overwrite any free space on the machine you want to ghost with a huge file filled with 0x00, then delete the file. The disk image will compress much better as you've scrubbed the deleted files.
I use a system like this to ghost many machines at a time (an image server can easily deal out 30+ images at once). It'd cost a fortune to license many copies of ghosting software - with Knoppix and a very small shell script, I've got an automated system which will do many machines at once. (A typical 40GB fresh WinXP install with our apps compresses to under 1GB with gzip).
If you're doing WinXP, remember to either make a Sysprep build or use something like System Internals free (open source but not truly free) tool to change the SID and hostname of the machine when it's booted the first time. (This is the approach we use due to the limitations of sysprep).
Oolite: Elite-like game. For Mac, Linux and Windows
I saw this in the Washington Post yesterday and thought it interesting enough to send the reporter (Kathleen Day) a note, which follows, summing up my thoughts on the matter. I haven't heard anything back yet (and I don't necessarily expect to).
-Phil
Ms. Day:
I find it absolutely fascinating that problems such as the one you encountered are treated primarily as a user education issue. It's true that there are some things that everyone needs to know in order to use a computer. It's also true that savvy users can often avoid security mistakes. But one wonders, "Why is it that users *have* to be security-savvy in order to effectively use their computers?" I'd submit that the problems you wrote about are mostly the result of design flaws and not naivete. In many ways, I think the computer industry has set the bar far too low by blaming users for problems it has created. Put another way: what would you think if you had a car that would sometimes break down without warning if you drove it on the highway without first buying additional parts?
As I see it, there are two design weaknesses that contributed to the problems that you wrote about. First, basically anything you do on a machine running Windows is done with full administrative privileges. In one way, this makes sense: you own the machine, so you should be able to do anything you want with it. The problem, however, is that this blind trust allows malicious software to do pretty well whatever it wants. Most other operating systems (Mac OS X, Linux, and Unix) require you to take some special action (usually typing a password) in order to install software or alter the operating system. While this can't prevent you from choosing to install malicious software, it makes it quite difficult to do so unknowingly. To stretch the car analogy a little further: people can't modify your car's engine without your knowing about it because you have to open to hood in order to reach it. Computers should work the same way.
The second problem is that Windows doesn't make a strong distinction between programs (the applications that you run) and data (documents and the like). This makes several attacks a lot easier, as malicious programs can sneak onto your machine by masquerading as data when you are browsing the Internet. For most non-Windows operating systems, there's something that you have to do explicitly to say, "This is a program and it's OK to run it." If Windows has these protections, there still wouldn't be anything to stop someone from maliciously sending you data you didn't want--but your computer wouldn't be able to then run that data as if it were one of your programs.
It's a mistake to say that anything is totally secure. There have been (and will continue to be) successful attacks on operating systems other than Windows, of course. But I think it's a mistake to think that Windows has so many (and such severe) attacks just because of its dominant market position. True, it's low-hanging fruit for those with a malicious bent. But it's also so much easier to attack Windows because of the way it's been designed.
The very concept of a computer virus depends on both of these two factors. Take away the administrative powers, and the virus has little if anything to infect. Remove the confusion between programs and data, and it becomes much more difficult for malicious software to spread. Many regard it as unnecessary to run antivirus software at all on non-Windows systems. While I'm personally not sure that's a good idea, it does give one an idea of the relative security levels involved.
I think these security problems may ultimately threaten Microsoft's market position. The bad design decisions that are part of Windows weren't made because Microsoft is dumb (quite the contrary: they employ a lot of very smart developers and architects). They were made for market-driven reasons. Lots of old software (dating back to old versions of Windows and the even older days of MS-DOS) simply won't run in a more secure environment. As
I do this for a living. I work a regular job trading futures, but I've been playing with computers since I was 6 or so. It is the easiest money to make. I could charge tons, but I just charge around $100 bucks for 1-6 hours of work and usually people are so happy I make everything work that they give me food and beer.
It boils down to having a USB key with 5 programs. They all fit on a 16MB key. Sometimes if I know my client has a virus program ahead of time I will download the definitions, but not that often.
People's problems are always the same. Virus and spyware. I don't recommend that most people use a software firewall since everyone just gets click happy. I usually tell them to just get a router. I have yet to get a call back from any of my clients and each time I do see them they say they never have any problems. They also like the fact that the router is just a one time buy rather than constantly buying new software and upgrading. I know there are free programs out there, but most people just don't trust them (beats me why).
In his case, he needed
- a CD with all of the relevent tools and updates
- a windows boot disk with CD support
- an understanding of the windows command line in order to copy a subset of these tools to a convenient folder on the hard drive from the CD
- The knowledge to run these tools from Safe mode, and how to get there in the first place
- Include in the subset of tools one that can fix the broken LSP setup.
tips - I deal with this stuff all of the time. The best data on this stuff can be found in articles at spywareinfo.net - the forums are not bad either, although spywarewarrior.com also has good forums. also good to have is this list of known rogue spyware cleaners, along with this list of Anti-Spyware Orphans & Outcasts[LSP or Layered Service Provider is a piece of software that can be inserted into the Windows TCP/IP handler like a link in a chain. However, due to bugs in the LSP software or deletion of the software, this chain can get broken, rendering the user unable to access the Internet. Spyware is good at this, and some cleaners leave a broken LSP behind.
With the correct tool, the fix takes seconds. Without the tool, you need to uninstall and re-install the winsocket, or else the same with the entire network support. Otherwise you fall into the trap this poor bloke got into.]
My current recommended free antivirus is Avast! Home Edition, which is very low maintenance for the home user, and requires registration for the free license. It also protect a number of common Instant Messenger clients, as well as several common P2P clients. It is better than AVG in my opinion, and detects many trojans as well as spyware.
You can get a system that is so hosed that it will not boot, not even into safe mode, even under XP. The solution there to remove the hard drive, drop it into an external drive enclosure, and hook it up to another system where you can use scanning software to do a basic clean so you can boot in the original configuration. Once it boots you can install cleaners from safe mode, and then run cleaners from inside every user account.
"It is a greater offense to steal men's labor, than their clothes"
Besides, the typical "mod parent up" post, can I recommend creating a BartPE boot CD with those tools you mention on it. Then you can skip the step of mounting the hosed drive in another machine.
I used a generic BartPE disk this last weekend to copy a friend's data off a system that was so badly hosed it wouldn't let me log in.
Nice stuff.
And i'll say it agian..
t s.zip
1. Run Spybot.
2. Run Ad-Aware to clean up what Spybot missed. (which is not much)
3. Load a Hosts file filled with nearly all of the nasty URLS in which the 'wares originate.
Were do you get his hosts file, you might ask?
http://www.pelicancoast.net/~nighthawke/hos
Do a file search for hosts and replace it with this one and enjoy your sparkling-clean system as it roars off the blocks at boot and purrs all day long.
First rule of holes; When in one, stop digging.
My girlfriend's aunt's computer was acting up, and they asked if I could fix it. They complained about pop-ups mainly. When I sat down at the computer, it was just excruciatingly slow. After I finally got the hardware properties to display, I saw that they were running a 2.6 GHz P4 with 512 MB of RAM and a Radeon 9800 Pro. But spyware alone had brought that computer to its knees. It was a mess.
I installed Ad-Aware and Spybot and let both of them run, and just got rid of everything. I removed a ton of crap with Add/Remove Programs, as well (lots of online casino shit and other useless garbage). I then removed those irritating TVMedia pop-ups by booting into Safe Mode and removing the necessary programs and running Hijack This.
I explained to them that, by running Spybot and Ad-Aware regularly, as well as keeping Windows up to date with Windows Update, they could keep their computer mostly clean. But one point I made very clear to them was never to use Internet Explorer unless absolutely necessary. I downloaded Firefox for them and set it as the default browser. I explained that Internet Explorer was probably the cause of 90% of their problems, because it's possible for websites to install things silently by using it or any number of other undesirable things. So I made it very clear that they should stick with Firefox. I also uninstalled Kazaa and installed Kazaa Lite for the kids.
Now their computer is running as it should. No more pop-ups or any shit like that. It took about 3 hours, but I did a damn fine job with that box, and they were grateful. All throughout that ordeal, I was thinking, "God I'm so glad I'm a Mac user."
What happens when you put an unprotected Windows 98 box on a broadband connection?
If you went back in time (say 1950's) and were able to peer into the future to 2004 and saw how users had to be "educated" in computer usage (install anti-virus, anti-spyware, OS fixes AND having to keep the whole mess updated), I would think the first thing that people would ask is "Can't the computer do it?"
Patching, fixing, protecting: it's a computer for crying out loud! Why shouldn't users be naive? Why should people be wasting their time learning how to fix something that shouldn't be broken in the first place?
Take a step back, and it seems totally absurd that people need to learn to protect an operating system so bad that it can't protect itself. I call that "sickly".
Ruby on Rails Screencast
Why would a computer technician spend that much time trying to bring a box with windows 98 back from the dead? 1. Find out what applications they use and make sure you have all cds and cd-keys. 2. Make note of all hardware (especially ethernet card drivers) for driver purposes. 3. Find out what email they use (all users) and all passwords and settings for all. 4. Find their documents, images, mp3s, etc. 5. Buy a new HUGE hard drive for $70.00. 6. Partition new drive so the 2nd partition is big enough to hold all the data from the old HD. 7. Copy data from old drive to new drive's 2nd partition using the image tools that came with the HD. 8. Install a fresh copy of windows 98 on the new HD's 1st partition. Install firewall and antivirus software. Get updates. Install all the apps. 9. Set up email, copy documents, images, etc. 10. I would probably then try to make a copy of the new first partition to the old hard drive after wiping it first. Working your ass off to remove spyware that it takes 3 programs to "mostly" uninstall is a losing battle. This crap is insidious. Especially when you are dealing with a win 98 install that is older than 6 months or so. The spyware folks are well aware of ad aware et all and are making serious efforts to not be detected, etc. Final notes. Several years ago I used to work for a company as a pc tech. We charged $79.00 an hour and the average virus call would take at least 2 hours. I hated taking money from little old ladies and family's with teenagers. The REALLY depressing thing is that I spend a few hours fixing my friend's computers. Come back in a few months and they have crap on them again. Un-fing-believable. Are these @$$holes actually making ANY money from all this? Are they really going to benefit from observing my slashdot and p0rn habits? Or popping up vi@g@r@ ads for a healthy 29 year old? It just seems so pointless.
I was shocked that a search fo Mozilla came up empty. Simply switching to Firefox and making some descent security choices prevents all sorts of spyware. This is something that our reporter can actually do proactively, if only she gets the word. The other useful tool is the Thunderbird Email client. Remove MSIE and Outlook (Express or regular) and you stop all sorts of spyware and virii. Thow in a cheap router with firewall (as others have stated) and some antivirus software and you will have a reasonable chance of being able to use high speed Internet with a Win98 box.
Think global, act loco
Is it me, or is anybody who doesn't install a basic hardware firewall crazy??? (Or at least foolhardy.)
I've setup DSL and T1s for lots of small companies and friends, and I always install a seperate firewall unit. Post-rebate, these things are sometimes $10 or less. (I wouldn't use one of the $10 units for a business, but it works great for Aunt Petunia.)
With a hardware firewall, you don't need to jump onto WindowsUpdate immediately. And you can get to WindowsUpdate and update the system before your system gets compromised.
Sure, your system is still vulnerable to viruses (via email) and spyware (via stupid user clicking and IE vulnerabilties), but you are very unlikely to get rooted or infected for simply existing on the Internet.
(Firewalls can have security holes too, but they usually aren't so gaping.)
And here's another vote for Avast antivirus (www.avast.com). Great program and free (for home use). Better than some pay programs.
No it goes like this:
Tech: Where's your backup?
Client: Back what?
Tech: Backup.
Client:What up?
Tech: Backup.
Client What what?
Tech: Never mind.
12:50 - press return.
Q: What's the difference between a used-car salesman and a computer salesman?
A: The used-car salesman knows when he's lying.
John
So yeah blow away her software and replace her OS with Linux and then spend HOW much time installing products that might do what she needs? Then teaching her how to use them? Remember - this was someone who wasn't bright enough to know how to stop this crap in the first place.
:-)
Reinstalling the OS is also not always an option. Computers are much like people's homes in that they become heavily customized over time. Do you level your home and start over everytime the faucet leaks? Does everyone keep track of ALL of their registration keys? All of their passwords stored in cookies? All those tweaks to the interface and 3rd party products that do little things? All those funky drivers for oddball hardware from manufacturers no longer in business? From what I've seen hell NO they don't. Telling someone you have to trash their machine and that they have to reinstall from scratch will put many users in tears. I try VERY hard not to do it unless I absolutely have to. Besides, it's a challenge not to do it
I am now cleaning up machines just like the machines described several times a month. It takes me, on average, about 4-10 hours per machine and I'm pretty experienced at it too. Much of this time is spent kicking off automated programs, interpeting the output, and then cleaning out the crap. I have to do this with a second machine connected to the 'net just to research all of the TRASH I find on machines and sometimes to DL updates to USB fobs. There is even spyware out there that will disable virus scanners, disable Windows Update, and shut down many of the anti-spyware tools. It also doesn't help that these jerks have gone out and put up Web sites that look like they supply spyware cleaners that in reality install *drum roll* MORE SPYWARE! Some of this stuff even redirects searches for these products to bogus pages or to 404 errors. The scum of the Earth builds this stuff, how they actually make any money doing it is beyond me. The last machine I worked on had it's home page directed to an IP address that when visited actively ATTACKED the user's machine. It's tons of fun to finally get a machine back to working, hit MS Update, and find out that there are 35+ "critical" updates out there missed because a piece of crap turned off their update mechanism.
The folks getting hit with this are much like the article's author. They don't understand security, they run sub optimal machines, they refuse to update their AV products when they expire (MicroTrend's Housecall is a godsend as an initial check), and they let their kids download and install anything they want. When I get my hands on them they are fairly glowing chock full of nasty crap. I clean them and I don't charge but it sure as hell takes up alot of my time. I learn something just about each and every time though so I DO get something out of it...
Build it, Drive it, Improve it! Hybridz.org
Yeah, yeah, firewall, toolkit CD, spare hard drive, blah blah blah. How far do you want to take that? "What kind of half-assed tech doesn't carry around the kit to build a complete multi-tier corporate network from scratch?"
The bottom line is no one should ever have to reinstall the OS just to get rid of malware. Right, wish in one hand, etc.
When I went home for my sister's graduation last June, my parents were in a similar situation to this reporter. They had Windows XP and had never downloaded a Windows Update. Ever. There was too much stuff on the computer (financial records, etc.) to just blow it away and format from scratch.
After about 6-7 hours of actual work and about 36 hours of downloading (yes, dialup, in a rural area to boot), I had the system back to what appeared to be normal. They haven't reported difficulties since then, so I assume it's more or less stayed that way. Ad-Aware, Spybot, Norton Antivirus, mostly judicious and occasional heavy-handed use of regedit, and several boots into Safe Mode were the key. It's tedious, but it can be done, and sometimes should be done.
A lot of times reinstalling from scratch is somewhere between a false economy and a disaster waiting to happen.
-- Old Man Kensey
Well done Phil this is spot on.
Back in the 60's the American car industry peddled out a similiar line of "product before safety" . The book, Unsafe at any speed [Ralph Nader, 1965] ...
In the case of the Chev Corvairs even when parked. (you can read such stories from the reader testimonials at amazon. Better still read the book at your local library). As a result of the book and the following movement, the mantra of "Engineering, Enforcement, Education". The legacy that is still applied to Engineering practice today.
It's a sad day for journalists (let alone Journo's from the Washington Post [think Woodward and Burnstein]) that fail to understand Naders legacy and see it's relevence to todays computer software industry.
The lefty ratbag John Pilger's creed should be repeated here to see where this journalist has failed the Posts readers ....
peterrenshaw ~ Another Scrappy Startup