Slashdot Mirror
Open Letter to a Digital World
jg21 writes "Exasperated after spending 5 hours removing spyware and trojans from his wife's Windows PC, sysadmin Chris Spencer has written an impassioned Open Letter to a Digital World. In the letter he reviews the 'elephants in the closet' - i.e. unfixed bugs and glaring security vulnerabilities - that Microsoft in his view hopes ordinary users will ignore, including some discussed in previous Slashdot stories."
He has a CS degree, runs Linux himself and still let his wife surfing the web with IE? What went wrong? We all now that alternatives exist.
Well, this is a nice letter and all, but I have a feeling the only people with the patience to read through the whole thing are already convinced of its content...
Obviously not a very good one.
...not to mention regular maint. and system hygene. tsk, tsk.
He gives good sysadmins a bad name in regard to preemtive security measures for all fresh os installs....
Yet another fear monger out to scare the sheep.
Must be saddening to have a wife that lies about the sites she visits.
All the spywared boxes we fix at work, NONE of the customers know how that porno dialer got on their system. etc etc
.e. unfixed bugs and glaring security vulnerabilities - that Microsoft in his view hopes ordinary users will ignore,
The bugs he describes have already been fixed in Windows.
In other words, he's STILL using an unpatched system, and complains of unfixed bugs? Come off it. MS bashing might be a worthy cause, but this is like blaming Clinton for the war in Iraq.
To ask why companies get away with producing such spyware. It is illegal in most countries.
..why?
All this time, with all the antitrust lawsuits, and it turns out all Microsoft needed was a stern talking to. Man, wish I could think outside the box like that...
Dear Sir, We have already addressed your issues. Buy a Macintosh. Love, The Digital World.
There is a rage in me to defy the order of the stars, despite their pretty patterns.
Not down under, theyve just legalised it for their mugs (eh, cops) to use
Very funny, this is the same post as yesterday! Maybe you should change your text once... that's pathetic.
I've found a quicker way to get rid of those files, identify the executables through task manager and the "run" keys in the registry, then change filepermissions to block the system and user accounts on those files and/or directories, kill processes, remove registry entries, reboot, delete files. No more respawning webrebates etc..
And if you haven't set the filesystem to NTFS, you need to be slapped silly.
home
I was going to seriously reply, but this is a troll. He refers to Linux as if it were a type of computer, not a peice of software. Pure nonsense.
Sleep is futile.
Not by letting her run IE, but by letting her run IE on a Windows box as full admin.
"... despite the anti-virus, regular Windows updates, having the good sense not to open attachments, using a firewall, and avoiding any type of seedy activities online..."
Let's see, it's 2004, XP is two years old, 2K is four years old, and your wife got spyware for one of two reasons:
* You let her run too old a version of Windows (98/ME) with no built in security, (Melissa got past anti-virus software remember) or
* You let her run 2K or XP with full admin or "power user" access.
You two only have yourselves to blame for choosing to run a machine insecurely. Yes, you. You could've stopped all of this before the fact if you ran a modern version of Windows as limited users, if you used a mail program Designed for XP and kept that up to date as well as the OS, if you treated the 'net like any other public place instead of trusting everyone by default.
You chose Windows, and you chose to run it insecurely. If you think running Linux is the cure, go right ahead. But if you run it as root, you don't deserve any sympathy from me. And if you run XP as a full admin, you deserve even less sympathy.
Take charge of your own computer security already, however you do it. Don't whine at Microsoft because you let it happen.
And damn my slashdot karma to Hell anyway. I'm sick of this whining: "Microsoft (this), Microsoft (that), Microsoft (whatever)." Lazy bastards. How come MY MOTHER doesn't get spyware or viruses or whatever when she's running only XP Service Pack 1? Without any AV software? Explain that.
Use Evolution instead of Outlook? Bewa
Your average joe is never going to switch to Linux until it is made easy to use. I tried mandrake 10 - apparently one of the better and more user-friendly distros, tried to install drivers for my graphics card and I was led on a wild goose chase of download libraries, command line installing, compiling from source etc. On windows, I just download, install through the wizard, and reboot - done. When Linux is made user-friendly enough to allow me to never use the command line, never have to compile, never have to worry about whether my new graphics card is going to be supported etc., then I will switch. Not before.
The article truly sucks. The spyware angle is nothing more than a hook to get to some unimaginative "switch to Linux" stuff. On a site named Linuxworld that will really convince some people.
Going more into detail about his 5 hours and what exactly is bad about windos and better on Linux would've been a much better article.
Assorted stuff I do sometimes: Lemuria.org
Do it like Cato: Always end your emails, ims, faxes etc. with:
Think. Don't use Windows.
I actually have exactly the opposite scenario. At my work, we have a fileserver running MS Windows 2000 Advanced Server, with a 2.4 TiB RAID NTFS filesystem. At home I run Gentoo on my box, w/ UATA/133 IDE drives using ext3fs. It takes slightly less time to _delete_ a 4 GiB file on the fileserver at work, than it took me to _move_ about 5.5 GiB from one drive to another in my box at home. The MFT for the NTFS filesystem on the fileserver at work is very very badly fragmented, drastically killing performance. Now, this is our fault for not keeping it defragmented (well, not mine, as it was already like this when I transferred to this department ;), but I've never defragged my box at home either, so...
Join moola.com, play games to earn money.
So, you mean a Unix guru can have a wife ?
Why didn't he setup a non-root account for his wife on the windows box? Why didn't he install THE browser, Firefox, on his wife computer? Why didn't he enable excessive auditing so he could track down which app installed what and when?
Oh, that's too hard? If that's too hard, you're not a sysadmin.
True, spyware can be almost viral these days, but there is one factor which enables it in the first place: the user. "Oh, this nice free tool from www.[the tool's name].com is so handy!", should ring a bell, a lot of bells, alarmbells to be exact. NO search bar comes for free, unless it's open source, to name an example.
First I thought, hmm could be a great article, but after a few paragraphs it was clear this article is not great, it's the frustration of a person who doesn't WANT to understand windows and blames the consequences of that to the OS. I mean, blaming IE and not having firefox installed should be enough to categorize this article as "ordinairy propaganda".
Never underestimate the relief of true separation of Religion and State.
I don't run anti-virus. I don't have a firewall. I don't run spyware-removals under normal circumstances. If I feel the computer is feeling odd I download and run F-Prot's free DOS version followed by running Adaware 6. On some single occasion I've run Norton Anti-virus just to be on the safe side
I'm not alone in using this computer, my not quite so computer-literate girlfriend does too. I often download shareware games and freeware programes, not to mention warez every now and then.
Despite all this - I have never (*knock on wood*) been virus-infected. I have never gotten any spyware.
So I have to ask myself, what to do all these people do to get their computers so messed up? Why isn't it happening to me, when I run the same Windows without any protection? Is it really Windows fault?
Well, I'm not too impressed.
. htm - puts in a big Hosts Deny file and a few other dodges. Firefox browser and Mailwasher + Thunderbird for email. No problems - ever!
Tho I run SuSe Linux 9.2 on my main box, my kid and my wife run XP Pro SP2 on another box (gotta have the games d'ye see) and don't end up like this.
M$ may be as full of holes as a Gruyere, but sensible precautions can keep you pretty clear.
Firstly everything runs behind a Freesco firewall on a retired PII box. Then Norton looks after the viruses and updates regularly. SpyBot and AdAware run as cronjobs twice a week. The excellent Supertrick XG - http://www.filesharingplace.com/supertrickxg/main
We all know Windows is insecure and that there's a lot of crap about - if a sysadmin can't take the obvious precautions then he's only got himself to blame.
Jeez...
It seems that many are quick to jump on this guys back about the lousy job of administering his wifes computer he was doing. How the heck do any of you know he was responsible for her computer before he decided to get down and dirty and clean it up?
Anyways, just because you can nitpick the article to death (oh this bug was patched already nanana booboo), doesn't change the validity of his point. Please, lets look past the little bs and address the article as a whole.
The best protection linux has agains spyware, is that you have to use a console to install it:)
Maybe he sat at the display for 24 hours 20 minutes now and can't realise the passing of a day. I feel sorry if it is that slow and suspect he may have hardware problems as well as social and psychological problems. (No one has talked to him in the last 24 hours for him to realise a day has passed, and he is so obsessed with this computer that he doesn't like that a day has passed and he hasn't noticed.)
So we should all be nice to this person.
Remember don't make fun of those with special needs.
I was thinking of the immortal words of Socrates, who said: "I drank what?" - Chris Knight (Val Kilmer)- Real Genius
Telling all the stories you like about how your (or your mothers/wives/SO's) machine has never had a virus/spyware attack even though you never run anti-virus software nor a spyware detection suite isn't going to mnean a lot.
The simple fact is that many of the people on this board have to work with windows (from 95 to 2003) everyday and can tell you horror stories about machines that have been secured, reside behind a natting firewall, etc etc but still they get slapped down by the newest virus which has snuck in through a vulnerability which was patched three months ago.
The other area you seem to be missing is the inate ability of users to fuck things up, no matter how secure you make it. All it takes is one innocent click on a link and all of a sudden you have spyware coming out your nose.
If they guy had asked his wife to do all her browsing through Sandboxie, he could have removed even a hundred spyware infections in just one minute. Why don't you give it a try, Chris.
Some MS fanboi or shill got some mod points. Would someone please be so kind as to correct the injustice done to the parent poster?
Thanks.
I read a number of people who indicate one should run Windows XP in user mode, but have they actually tried it? Unless you wish to simple browse the Internet, you are pretty restricted and unlike Linux, a myriad of programs require "root access" and cannot be installed locally.
The first thing one should do before connecting Windows to the Internet is simply install a firewall, then run Windows Update, then install Firefox -- sites exclusively reserved to Internet Explorer users are becoming decreasingly common, it should not be a problem anymore.
" Above all he believes that open source software will cure the piracy problem. (more) " Well duh, if all programs are free then of course no body would be able to pirate something that is in itself free. I'm sure there'll be no problems convincing all the programmers out there to work for free.
You know, that's pretty funny if you ask me, because I can usually do it in about 30-60 minutes or less (give or take), and with no degrees and no professional training whatsoever.
Here's how you do it....
1. Run msconfig
2. Uncheck all startup entries that look suspicious
3. reboot
4. Update and run Lavasoft AdAware
5. Update and run Spybot Search and Destroy
6. If you have them, and you should, update and run your favorite antivirus scanner.
7. Make sure all the spyware leftovers and their folders, if any, are deleted.
8. Run msconfig again and reenable anything legitimate that you might have disabled
9. reboot
Now, why do you want to disable the suspicious shit with msconfig first? If you ever get really 'stubborn to remove' shit like Ebates Moe Money Maker and friends, they're practically impossible to remove just by spyware scanning alone. You have to stop them from loading in the first place before you can get rid of them.
Well, other than the fact that he's laughably inept at cleaning spyware, he's still got a very valid point about just how utterly shitty and insecure the Windows platform is. It's been woefully insecure for years, it's woefully insecure now, and it will be woefully insecure for the unforseeable future. That's not just my opinion, it's a well known fact that Windows has been full of holes since at least since Windows 95, and likely earlier.
So, here we have a company that doesn't give a shit about it's product, doesn't give a shit about it's customers, doesn't give a shit about the law, and still it abuses its monopoly after being convicted of such in court. And as much as I blame Micro$oft for all the ills of the computer world, I'm a lot more pissed off at the consuming public for being the lazy, complacent sheep that they are for tolerating this abuse upon society for as long as they have, and instead of sitting on their fat asses allicted with "Homer Simpson Syndrome", they ought to be complaining to their government enmass and threatening to vote out the whole of Congress itself if that's what it takes to get them to do something about Microsoft. Damn! It's almost like walking into a run down crime ridden neighborhood, and looking at the people in it acting as though it's all normal that the neighborhood is all run down, vagrants and junkies sprawled out on the streets, drug pushers on every block, and hearing the sounds of gunshots, security alarms, and police sirens all the time.
Total batshit insanity, man! Just total batshit! But I guess it's what the people want. They don't really want freedom or justice, they just want to sit on their ass, watch that braindead 'Survivor' or 'American Idol' bullshit and wait for the TV to reprogram them into wanting the latest 'excercise in a bottle' weight loss fad or the latest $50,000 SUV that gets 3 mpg, has a DVD, and increases your penis size a whole 5 inches! What an utter travestry!
Well, that's my rant. Probably won't do anything to change the world no more than that 'Open Letter to a Digital World' will, but who knows? It only takes a few angry and motivated people to get the ball rolling.
I teach school and our administration has chosen to do all communication to us through Lotus Notes. I have four choices: (1) Read mail without the ability to delete or respond to it on Linux running Firefox; (2) Not read mail from the administrators (my personal favorite choice); (3) Get any of the information I need from the secretary who checks her mail twenty times each day; (4) Have full access to mail functions by running Windows and using IE.
So far I'm doing a mixture of choices 1-3 (4 is just too ridiculous for me), but I don't have full functionality or even sufficient functionality. I can get by, mostly because our administrators almost never have anything of import or intelligence to say, but some people can't.
Until things online are platform independent, some folks are stuck with Windows and IE which means they will have to have their computers serviced or replaced annually. And isn't that the real goal here? I think that this behavior is accepted because people then upgrade lots of hardware and software often. Maybe I'm just paranoid.
Yeah, I'm as old as my UID would suggest.
As Linux continues to grow in popularity, won't the spyware creeps be more likely to make spyware that works on Linux? I know what many of you are thinking, permissions, don't log in as Root, Root is god, blah blah blah... But as history has shown, spyware writers are very creative and just plain unethical. Just a thought people.
Thank you.
Great people don't need people to complete them, great people complete other people. -- Matthew Pawlikowski.
'cos it sure reads like one
But ofcourse.
/pro
Moving 5.5Gb from one harddrive to another = 5.5Gb read ops + 5.5Gb write ops + 5.5Gb delete ops.
Deleting 4Gb on a network drive = 4Gb delete ops.
and in any decent system, a file delete op (even network drive) would be 1 syscall (unlink).
no wonder deleting 4Gb on NTFS is "slightly" faster than moving 5.5Gb on ext3.
He kind of lost me when it took this super trained sysadmin 5 hours to sort out his squeeze's PC.
I've just been through this with teenage bimbo from hell's laptop, which was chocka with kazaa and other such crap.
a) download firewall: agnitum outpost
b) download antivirus : AVG
c) download some XP fixes
d) d/l S&D
that did not take 5 hours. It took about as long as her mum took to cook a nice spag bol, as it turned out.
she tried to help Mariam Abacha, the widow of the now deceased General Sanni Abacha, move $80 million from Nigeria to the U.S. (God willing).
Sorry, but all my relatives who I have switched over to Firefox or Mozilla do not have ANY spyware. Nada. Nothing. I showed them a list of spyware apps, in other words what not to install and they have healthy and happy PCs.
Claiming switching to linux is the only solution is a huge admission of ignorance of how the spyware problem stems almost exclusively from one piece of software, namely Internet Explorer.
Windows, even as admin, can be safe for the technophobe. I've seen it and I continue to see it. The problem is IE. I don't care how savvy you are, if you're using IE to access the WAN (perhaps SP2 is an exception) you will get spyware and other nasties.
So many "linux advocates" are so ready to throw out the baby with the bathwater, its absurd and makes the zealots, well, look like the zealots they truly are. Not to mention, if Linux hits critical mass on the desktop (yeah Im not holding my breath either, OSX has a much beter chance of toppling Windows) then spyware developers will target it also. Grandma will still get emails like "Funnyshit.rpm" and the browser will ask if you want to install "super-search.xpi." These apps will hide themselves anywhere they can, just like they do in windows.
Better browsers and more informed users is the solution, not advocating one's pet OS.
Seriously! They don't even give u a compiler so you can build your kernel! And they call this an operating system?
Instead of writing a rant about his 5 hours of cleansing he should have done what I did (if he hasn't).
I got spyware that my favorite program wouldnt remove, so I manually went in and disabbled it and removed it, I noted the Registry settings, file locations and directories of anything they had stashed (like hiding in temp dir's) and sent it in to the company so they can add it to their removal for the next update.
5 hours is a long time for a person with a degree to remove spyware when I am just a geek/user and it only took me 30 minutes to remove 117 Registry settings, 12 bookmarks and 13 files that got slapped on to my drive and wouldnt remove themselves by normal means (anti-spyware programs, anti-virus etc)
It would be great if everyone switched to Linux, sure. But lets face it - it won't happen in the foreseeable future.
It would be better for people to limit their exposure to the internet by using safer alternatives to IE and MSN messenger like Firefox and GAIM.
....uh-huh.... you sure will teach us with your flailing spaghetti arms of fury
Well I don't have to deal with IE only websites.
My previous bank had an IE only website. I switched banks.
My previous electricity provider had an IE only wbsite. I switched providers.
If you're IE only you don't get my business. Full fucking stop.
So no sir, I DO NOT have to deal with IE only websites.
Sky subscribers are morons. They pay to be advertised at !
I have worked on over 200 heavily virus ridden - spyware infected boxen in the last several years. YES it can take 5 hours, it can take more. If you haven't seen it then you just haven't been around enough.
He also never mentioned how slow(Mhz) the machine was. There sure are a lot of experts on here that can't think out of the box to consider some basics, quit jumping to conclusions and assuming things ( I know you have heard ASS-U-ME before, it applies here).
My wife also uses XP with IE (Ivil Explorer), serveral of the foreign sites she goes to still don't work in Mozilla. I did put her behind a separate firewall though 8).
All I can say is open your mind and think as much as you do to type your snippy comeback.
Who is "we"?
;)
Mind you, Linux didn't originate in the US
I think we can keep recursing like this until someone returns 1
1) No
2) No.
3) Sorry, no can do.
4) Because.
If you yield on any of these things, then just make it abundantly clear that you will never ever help fix that computer again. Works for me.
What if it's 2K and she wants to burn CDs?
I am trolling
Yep.
/home/luser/ - > /home/locked/luser.tar.gz /home/luser/* /home/luser/README /home/luser/Desktop/ /home/luser/README /home/luser/Desktop/README.txt
In linux cleaning out spyware is very simple.
tar zcsp
rm -rf
echo "We need to talk" >
mkdir
cp
The whole ordeal taken care of, thankyou very much.
There is a advantage to having primitive and coarse permissions setup and have a history of applications that are designed since before Win95 to operate properly in a locked down enviroment.
It's all part of the legacy of Unix being a multiuser enviroment for high-end machines for critical data infrastucture and NT designed for a simple file server that was combined with a single user operating system (Win9x) to make WinXP. (and be backward compatable with Win9x)
Linux and Windows are not equal. Hackers are a problem with Linux, but malware isn't. Different OSes, different issues. Linux is difficult for many people to install, Windows is difficult for many people to operate in a safe and secure manner.
Which do you suppose is a worse trait?
No Linux viruses in 2005. Not one.
How many has Windows have? Maybe a thousand? 2 thousand variants?
1 hour: Drive over to estranged wife's house
1 hour: Plead with her to get back with you because you promise not to let being a geek come between you
30 minutes: Fix computer (it doesn't take 5 hours, numbnuts)
1 hour: Ask for cup of coffee, use toilet, etc. to make any excuse just to spend more time with her, then burst into tears as a last resort
90 minutes: Drive home the long way because you're contemplating driving into oncoming traffic to end your sorry life (but of course you don't have the guts)
Then once you get home, take it out on Microsoft!
As for EAC... I dunno man, just get yourself a working CDROM drive. IMHO EAC is totally unnecessary. Try ripping a track with it, and with cdparanoia, and compare.
I really dislike his tossup of comparing XP home and then server 2003== which is it.. I think it sucks that he changes argument mid story to work better for his objective (and I think if he is in fact talking about home or pro- then it's both unclear and inaccurate)
Microsoft Windows is but one component in a much larger Windows platform. What good is the operating system without remembering productivity software, anti-virus software, instant messengers, media players, software to burn CD and DVDs, and the list goes on and on? These are all things that Red Hat and every other Linux distribution includes as part of the package. Usually they go so far as to include multiple applications for each function. It would be, therefore, completely unfair if we didn't compare a comparably equipped Windows platform to a comparable Linux platform. How do you add it up though? Whose products do you pick and whose products do you ignore? It's a horrible can of worms. I tried to do it. To build the comprehensive list so that we could compare a Microsoft Windows that's fully equipped like a Linux distribution and I was able to exceed the number of advisories. I just felt dirty doing it and in the process of doing it. Besides, I came to the realization that the bug count isn't what really mattered.
See, part of my dislike for this is the defacto slashdot argument, is that this crap DOES NOT BELONG as part of an OS, a common enough complaint against windows XP home & pro.. and part is that because this list of items is in fact INCLUDED in the home operating system., and do not belong on server software.-- so he derides microsoft for not including items, THAT THEY DO INCLUDE WHERE APPROPRIATE, and where slashdotters think are not appropriate ever.
as an aside, is it true as claimed that the standard linux distribution includes DVD burning software?
every day http://en.wikipedia.org/wiki/Special:Random
to all the fucking hackers to quit doing what they're doing?
A lot of this blame of Microsoft is Bullshit.
Why aren't the asshole hackers being blamed?
Look, our community of asshole elitist MS haters is more to blame for the problem than MS is. It is this community that pulls this bullshit.
Do we go around blaming all the housing contractors in the world for putting in first story windows that allow criminals to break in? No.
Do we blame lock companies because some asshole with tools can break into a house through a lock and steal, rape or kill the people in it? No.
Do we blame garage door makers because someone might leave their garage door unsecured thus allowing someone to break into a house? No.
Then why do we fucking blame MS for every fucking thing that happens? This is bullshit. It's time for the community to wake up and take some fucking responsibility because ultimately, that's who the problem is. Not MS.
..that the people with most malware never need to deal with it themselves (ie they have techie friends/husband who cleans up their computers).
Yeah, that's right. Buy your wife a farking Macintosh or rip Windows/IE off her computer and replace it with some combination of Firefox and or Linux. If your wife is such a power user that she absolutely MUST, MUST, MUST have Windows, then she's enough of a power user to keep her own damn machine clean. Personally, I and most of the rest of the non-clueless world are fed up hearing people's lamentations on the insecurity of the dominant platform. The alternatives are out there. You and wifey-poo ignore them at your own frustration and risk.
Wait til you get married. I set up a machine for my wife. She knows enough not to click on attachments, but otherwise, when plugin windows show up on a page she wants to view, she tends to click OK. I spent several minutes explaining exactly what happens with some of those plugins, cleaned the machine, and she's been fine for several years. No viruses, no spyware.
Personally, I run Firefox. The Adblock extension alone makes me smile every time I think of all the poor suckers still running IE and watching all those ads and Flash banners.
If you've not made the switch and still need to run a Windoze box, Firefox is the answer. Get Adblock. Spend a few careful moments creating some blocks, test them, and you'll see pages loading faster and without any trouble. Very nice.
-- No sig for you!
I'd mod you up if I had points - your rant is spot on. Unfortunately nothing is going to change any time soon.
One suggestion though. I have found in practice that running the scan in Safe Mode is better than using msconfig (because there is a possibility of a program in memory rewriting the registry before you reboot and because Win2k does not have msconfig).
HTH
...break.
/. article about MS buying up a spyware removal company.... but heres the deal. MS sees things from a commercial basic limited view money making perspective and as such they understand the value of spyware and such... so of course they support it. They will never really work to remove it, but rather use it.
There are several people whom I have cleaned their system from running IE on the internet. If its bad enough, where I have to do a fresh install, I set it up with a Linux partition, but in any case I install firefox as a default browser, etc...
90% of the time they go back to polluting their system.
Its frustrating, considering I'm doing the cleaning as a friend. But as soon as I find out they are contridicting my efforts, I tell them it up to them to clean it from now on.
Recent
If this dumbass isn't intelligent enough to install his wife's PC properly then he shouldn't call himself a "sysadmin" - he seems to be more a Anti-MS moron than somebody whose job it is to install machines properly.
The only reason spyware, or other malicious software is targeted at windows machines is because 99% of the computing world uses them unfortunately. I use mozilla but I test my webpages in IE because at least 95% of traffic is from IE/Windows users. As soon as Linux takes off expect malicious code to surface as well, what make you so certain Linux is that much more secure? Perhaps its open source nature makes it less secure, unfortunately its unpopularity does allow us to test this hypothesis? I to have a comsci degree, and say this . . How on this earth are people that aren't trained in Information Technology going to install programs in Linux using the command line? I to this day have issues with command line compiling and installation procedures . . ? Never once has the windows setup.exe failed for me? Every platform has its issues, which is why I like to keep several computers with one or two OS's on them. Computers are so cheap now its easy to get the best of both windows and linux worlds.
Here's a 4 page PDF of the open letter that can be printed out for distribution.
.sig)
Does anyone feel like packing it up in to a brochure dispensible format?
(There is no
An open letter! Why didn't I think of that?
Spyware doesn't stand a chance now.
-- haha i know it's not funny but i said it so i'm gonna pretend it's funny --
Now my family uses Linux to surf the web and download MP3s. My wife copies selected files (over our LAN) over to Windows. My daughter continues to use Macromedia Dreamweaver and FlahsMX on Windows.
No more spyware, no more time wasted keeping virus definitions up to date. Ahhhhh! peace.
Slashdot entertains. Windows pays the mortgage.
go grab the latest version of Knoppix.
And I shall.
I have gas, but my car uses petrol.
*sigh* let me guess: using Debian or Gentoo without knowing how to turn HD optimizations on? I do not have the same problem.
"That's right - a system administrator for 10 years with a degree in computer science and a RHCE CAN clean up a single spyware infection in 5 hours."
A system administrator who understand windows a little better, and understands the available tools, and probably has them handy already, can fix this up even massive spyware infections in a much shorter time, the only real delays being one or two reboots and/or a system scan or two.
A CS degree and RHCE don't make you a good windows administrator by any means.
Now I am a heavy Linux user on the server side. I have 20+ years of experience in software development, and a master degree in CS. My girlfriend convinced me that I should stop using Windows on my laptop PC, and I decided it was worth a try. But I failed, I'm sorry to say. And this convinced me that the Linux desktop dream is still some years off. Unfortunately.
All the main components are there: A nice OS, decent graphical environments, good web, mail and office applications. (In my case, Fedora 3/KDE/Firefox/Thunderbird/OOo). But when it comes down to all the nitty gritty details, my Linux desktop had so many quirks and oddities that I found it would take significantly longer to fix them than to reinstall w2k.
The worst examples:
- It took me a full day of work to get the WiFi/WEP connection up (finally had to download and build latest unreleased orinoco drivers)
- ACPI: The monitor backlight wasn't getting shut of, the harddisk didn't spin down on timeout. After shutting the laptop lid, the machine hibernated, but when I opened the lid I had to press the power switch to get out of hibernation, and then to OS immediately halted!
- Getting the GPRS modem on my cellphone connected over IR seemd to much of a task to even start...
All in all I had a basically usable computer with way too many annoying quirks. Plus it was noticeably slower than before. It was a useful learning experience, but absolutly not something I would recommend to the average windows user.
The problematic areas are mostly hardware related, which is why I guess it will be a while before they are solved. It's the old "Too few users -> no vendor support" vicious circle...
I guess he means "we linuxers", not "we (north) americans".
Considering a lot/most of slashdotters are (at least part-time) linuxers...
Setting aside the 'foaming at mouth' nature of the rant that Chris goes on the farther into his open letter he gets, there is one thing that I don't think gets addressed a lot in the inevitable 'Linux vs. Windows' Geek Debates that we all manage to get ourselves into. The thing is that it's really the Achilles heel in most of the 'alternative' (to Windows) platforms that are around, or have been around over the previous 20 years- availability of applications.
Fact is that with the company I work for I am using anywhere from 5 to 15 software packages in a given week that are not available for Linux. If all I wanted to do was surf the web, or word process then Linux would probably do just fine, but when my option is to run the Windows software I need through an Windows emulator that will 'probably work, most of the time,' then I have a problem because I'm paid to do my job, not spend hours trying to figure out how to tweak my OS to make my critical business apps work for me instead of against me.
I definitely agree that Linux is a more secure platform. A faster platform. A more flexible platform. A better platform. But until there is a groundswell of companies which choose to release their software packages for Linux, I don't think the critical mass of users is going to be there to unseat Windows. This was, and continues to be, the biggest problem with the Mac platform. A problem which all the snazzy looking computers and 'Think Different' marketing cannot overcome. Linux should take heed as well- critical mass is not gained through security, or speed, or even in being 'better' than the other guy- it's gained by the quality and variety of applications that can be run on a platform.
---As my daddy used to tell me: "You gotta be smart before you can be a smartass."
Call me crazy but I am having a hard time finding any truth in the "facts" as reported by Microsoft.
Damned karma whore!
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
There are more people trying to hack windows. This whole linux/windows security debate is theoretical and academic untill the linux hacker base = windows hacker base, and that won't happen untill the linux users = windows users.
You can cite all the stanford studies on bugs/line of code you want, but untill linux is out in the real world, on hundreds of millions of pcs run by "ordinary" people, doing what ordinary people do - surf the web and download wierd stuff - no one can state iwth confidence that linux is more secure. Or, no one buys a computer for an OS - you buy a computer to do things, and the OS is irrelevant.
(all u bsd flamers)
The old guy boasts to the young man, I dont drink smoke or fool around, and I'm celebratin gmy 80th birthday tomorrow...
Young man: how
The point is, hacks only occur when you do fun stuff like surf the net and download screen savers..
How could it take 5 hours to clean an infestation? Just umount /home and reinstall - it'll only take 20 minutes or so.
Did I miss something?
I'm probably on thin ice saying this here, but oh well.
I run three OSs at home: OS X, Fedora Core 3, and Xp Pro. At work, I admin XP Pro and Red Hat.
My company has about 150 PCs running some form of Windows. In the last year, we've had one infection. One.
At home, I've never had any. Ever.
While I totally support GNU/Linux (including monetary donations and buying distros like SuSE at retail price), I also pay for and use XP Pro for various reasons. I agree that Windows is deficient in many ways, and I agree that Microsoft could do things differently and be better for it in the long run.
However, I find it very difficult to understand how so many people's computers get infected. Windows or not. I do nothing special at home...the only thing I've done is use a broadband router from Netgear (because I have more than one computer), make sure I keep my XP Pro machine updated, install anti-virus and keep it updated (automatic) and use Firefox.
This guy is a sys-admin, and his wife's computer gets infected? How? If it is "his wife's" computer, that implies he has multiple computers at home. This implies some sort of router...even a $20 router uses NAT and has basic firewalling built in.
Either this guy is a poor sys-admin, or his wife did something with the computer to get it infected. So, Windows and Microsoft flaws aside, what we're really talking about here is a user education issue. I, as a user, at home, am educated about security issues on my PC. The people at work are educated. I don't have problems at home, and neither do we have problems at work.
So, while his open letter is all well and good, maybe in his case he should focus on better education at home and spend the $50 required to get a decent NAT router with firewalling, instead of bleating about Windows.
Don't know how things work in your home but in my home, I have a computer (Mandrake) and my wife has a computer (XP home). I don't 'let' her do anything with her pc, she does what she damn well wants thank you very much and god help me if I start screwing with her setup and make something burp... and yes, I do have to clean up the mess when things go bad.
the good news is that her system is well patched, runs zone alarm, avg, mozilla, and I just switched her from aim to gaim. Step by step the migration to FLOSS goes forward.
Keep in mind that 'her' computer is for more than home and has to work at her place of employ (Windows and apple shop) so some of the 'hands off' has to do with not screwing up use of the system at work.
Anyway - bottom line, at home you are NOT a sys admin, you're a spouse with special skills.
dogu
It's a great letter but is he preaching to the choir? I didn't read this in my daily newspaper nor do I recall seeing it at news.google.com. How do we get this message out to the mainstream? /. readers already know this. How do we educate the rest of the world without becoming zealots?
You're either lying or you're an idiot. I just timed it at 0.442 seconds on my box (an Athlon 1800+). What you could possibly be doing that takes 20 minutes is anybody's guess, but it's no surprise that you're a Windows fan...
That's the quick and easy way. :) While you're at it, install Mandrake or Fedora.
One word: root
Windows users and developers should start using a packet managing systems like most of the UNIX distributions (apt, ports, emerge, ...). It would solve many administration problems: security updates and application installations. Windows updates only handle only a small set of components. A symmetric package system for all parties, both operating system components and applications, would make it possible for all parties to provide updates. As a positive side effect worm and cracker damage would decrease. I'm not a Windows administrator, but I would guess it would ease and improve the job significantly. Of course this must be a global collaborative effort - most of the software suppliers should support the system, so it's not easy to implement it.
Use the "DropMyRights" app from here: http://blogs.msdn.com/michael_howard/archive/2004/ 11/18/266033.aspx/ to run internet apps as "normal user".
(If possible, compile your own version from the source a user posted in the comments; you'll get a little 1.5k app that supports arguments, instead of the bloated half-broken app the Microserf made available...)
It's not perfect, but I've seen a net drop of spyware and crapware on machines where I've installed it to launch everything that connects to the net.
Make sure to replace the direct access icon to MSIE on the desktop with a DropMyRights-ed ordinary shortcut. Only "Windows Updates" needs MSIE with admin rights. Also remember to modify whatever launches at Windows startup to run with reduced rights.
Final tip: rename it to something short (I use "safe.exe" and place it in the path, it makes modifying shortcuts a whole lot easier.
Show the user how to modify his own shortcuts so that he can reduce the rights of whatever he downloads before launching it for the first time...
But is there any reason to believe that if Linux had been the dominant OS over the last 10+ years that there wouldn't be as much spyware, trojans, viruses, and spam written for it?
If you could reason with religious people, there would be no religious people
...does he take the spyware distributors and virus writers to task. Yes, MS could and should make Windows more secure. But the chuckleheads create all this spyware and virus crap are at least as much to blame for the problem.
A stern talking to by enough people will certainly get Microsoft to change their practices. As soon as the market share starts switching to Mac or Linux they'll be running to fix all the holes. Every extra letter like this just gets us one step closer to better software all-round.
I count eight different software products you have to use to keep Windows relatively uninfected. I'm glad you're knowledgable enough to do that at home, but the average user can barely find the power switch.
The only safe copy of Windows is the copy not connected to the internet.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
And the other 20% are unplugged.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Someone at work had the same problem. Wife's machine got infected with spyware, and it was a real pain to clean it out. Turned out to be some kind of rogue toolbar that registered itself with IE, and as soon as you load IE, the thing starts downloading spyware. The anti-spyware folks haven't adapted to detect and quarantine this rascal yet.
Yet another reason for Firefox..
Laptops are known to be a bit of a bitch with Linux due to hardware support issues and proprietary related crap, but I've put Slackware 10 on my desktop dual booting with XP Home, and all the hardware I've got on it works like a charm - including my Haupauge WinTV-GO FM card. I simply snarfed and installed the Nvidia accelerated driver and changed my xorg.conf to suit - instead of using the vesa driver. KDE's great, everything's smooth and responsive, but GNOME? Well, I found that somewhat lacking like 'having a jigsaw puzzle with missing pieces' lacking. And, I know my way around the CLI enough to get around when I'm sick of GUIs, but I can always take more suggestions.
I cannot believe how much play this still gets.
Dear Chris Spencer,
If you can make Linux as easy to use as Windows, including doing all configuration from easy-to-click dialogue boxes, and make it compatable with all the hardware, games and other Windows software found in mainstream retail stores without having to run them in wrappers or emulators, we'll be more than happy to switch.
In the meantime, we'd rather not undergo the hassles of Linux and just use Firefox on our Windows machines.
Sincerely,
The Digital World
Up, Up, Down, Down, Left, Right, Left, Right, B, A, START
It will take a distro out of the basket or it will get the hose again....
I don't want knowledge. I want certainty. - Law, David Bowie
because the problems will be fixed in the next version of Windows or the next service pack. They need more and more incentive for people to buy Windows. Their strategy won't work though. It's just turning people away from it :) ...it's what poeple have been saying all along... microsoft is their own demise, hehe :D
I'm not anti-microsoft. I'm anti-bullshit. Which means I'm anti-microsoft.
I don't know why I remain amazed that so many think the out-of-the-box look is so important to acceptance. But I continue to see screenshot reviews where reviewers whine about the drab look of the more-capable product.
Bullshit (and I don't mean opinions but facts) are rated +5 informative just because it is pro-Linux and/or anti-MS, while facts correcting this are modded down.
:)
You wanna know something not terribly interesting?
Every Slashdot story that even touches the Windows/Linux debate contains many pro-Linux comments modded up, and many pro-Windows comments modded up. More on the pro-Linux side, of course, because most people here are a) geeks, b) more informed, and c) somewhat zealous. This is nothing new, nothing surprising, cetainly nothing that hasn't been the norm since I started reading Slashdot in the late 90s.
But lately, there is/are always a comment(s) such as yours, which implies that *all* pro-Linux comments are modded up, and *all* pro-MS comments are modded down (which is factually incorrect in and of itself).
The interesting part is that almost without exception, a comment such as yours is modded to +5, and stays that way. I imagine it's because your comment is well-written and actually thoughtful. About the only pro-Windows comments I see being modded down consistently are the "Windows is just as secure/stable/better/pretty/doesthedishes as Linux, you're just a bunch of zealots!!!". (I always picture these posters pronouncing it as zeee-lots for some reason
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
Exasperated after spending 5 hours wincing with pain afer repeatedly slamming his nuts in his wife's fridge door, kitchen installer Chris Spencer has written an impassioned Open Letter to a fitted kitchen industry.
"None are more hopelessly enslaved than those who falsely believe they are free." -- Goethe
Instead of writing "open letters," (also known as "pompous soliloquies") maybe he could try interacting with his wife once in a while to find out what the fuck she's up to. If she's really so clueless, he should configure the computer as a kiosk suited to whatever her normal tasks are. And pad the sharp corners of the monitor and case.
I have to wonder, are the OS and apps really at fault here? I know people who've run Windows OSes for a decade without once getting spyware, virii, trojans etc. on their machines. Therefore there must be some other element at work here. If you outfitted the reetee in question's computer with, say, Mandrake, and with no more information or interaction than you provided before, do you really think that she wouldn't be able to fuck it up in short order? I'll tell you what, I'm a bit skeptical of that.
In any case, blaming the world for your wife's stupidity is not going to fix it.
linux doesn't give files run permission on download by default like windows does. unless someone su'd to root, chmodded the file, and then ran it, a file doesn't get run. i don't go out of my way to install adware and spyware, do you?
It is possible to avoid all of those. Usually that means that you have no friends or all of your friends are more pro-active and have taken the appropriate precautions (the ones you haven't). Of course, there is the extremely lucky factor.
While you may be hitting Windows Update on a daily basis (you do not say whether you are or are not), it is still possible for patches to not install correctly. I've seen it a few times with the DCOM RPC vulnerability and patched machines still being cracked by welchia. Firewalls prevent that. Or you can rely upon luck.
You download warez and you haven't been hit by a trojan. That's pure luck.
The same with spyware.
So, the reason you haven't been infected yet is
Not because you take appropriate precautions with your system.
Not because Windows has a good security model.
But just plain luck.
Why rely upon luck? You already know what threats are out there.Well, from your statements, they follow the same precautions you do.
Therefore, since the other factors are equal, it is Windows' fault.
.Not and Windows is buggy and full of holes.
Linux and Java is to rescue.
You don't run and you are not behind a firewall, you don't us AV and you don't use any spyware software. You download shareware/freeware/warez.
You have NEVER gotten spyware or a virus.
I cry bullshit.
You MIGHT be able to get away with that kind of system administration with WinXP SP2. If you hang an unprotected windows box onto an external (read, outside the firewalls) 100 meg network, you will be scanned within 30 seconds to a minute and compromised within an hour. Possibly longer, if you have really tweaked the machine. That would go against your premise though, if you spent any time securing your machine, then you probably needed a firewall.
There are trojaned machines constantly scanning for machines, like yours, in the wild. Microsoft patches have been too late to stop an infection more times than I can count.
I am a sysadmin and security engineer. I could secure a box, without third party apps, so that I could surf the web, download software (AND INSTALL IT) etc. It takes time and effort that I am not willing to spend. It also assumes that there is nothing on that workstation that I don't mind sharing with the world, since I am not perfect and any machine can be hacked/cracked if you put it on the Internet.
I use winxp sp2, firefox, proxomitron, adaware, symantec AV, spybot, sygate firewall and a couple of homerolled apps. Between my wife and my kids, we still get adware/spyware, we have not had a virus in years. A large percentage of the shareware out there has some kind of spyware. Many websites get you when you register. Etc etc etc
"So I have to ask myself, what to do all these people do to get their computers so messed up? Why isn't it happening to me, when I run the same Windows without any protection? Is it really Windows fault? "
Sorry, your post just doesn't ring true for a workstation that is actually used for daily, office automation type work and play. Microsoft doesn't even try to claim that you don't need a firewall or other protection. They don't hang windows boxes on the net unprotected.
Right now, most of the spyware I see is installed without the user's permission (via ActiveX with IE).
Spyware can be installed on Linux, but the user will have to take an active role in installing it.
That by itself will cut out a huge chunk of the infections.
Security will never 100%.
But you can get it so each avenue of attack is 100x more difficult than with Windows.
Eventually, the easiest way for them to get spyware on your machine will be for them to break into your house, install a hardware keystroke capture device and then come back in a week, read your password and install the spyware.
This article just goes to show how useless IT certifications are. They may get you a good job, which is what matters, but they don't truly guarantee that you know what you're doing.
If this guy had half a brain, he wouldn't be blaming Microsoft for this, he'd be blaming himself and his wife. He is probably on a more secured network that me and look what happened. 5 hours?! 10 years experience be damned! I am a college student living in a dorm on a completely-open network and I have *never* had a single security problem with my Windows box.
Why, you ask? Is it because I am uber-l33t and have all sorts of Cisco, Microsoft, and Novell certs? No! It's called common sense. People refuse to make certain sacrifices in the Windows world that are taken for granted in the Linux world. Certs just mean you know the basic facts and protocol names and config file names, but they don't imply wisdom or intelligence.
There are 2 things his wife is doing wrong:
1. She is logged in as an administrator for the purpose of browsing the web.
2. She is browsing the web with Internet Explorer, a known security wasteland that she and her husband chose to use regardless.
The result? Surprise, surprise, a security compromise!
Windows users focus too much on repair. They assume if they have all the tools to repair a system, that it is secure. AntiVirus programs repair an infected computer (they do some degree of preventative scanning, but that is not full-proof). Spyware scanners? Same deal. Any malware scanner is only useful once you're already infected. (Granted, Spybot has an Immunize feature, but if you rely soly on that, you have bigger issues at hand).
My point is, all the malware scanners and firewalls won't do shit if you intenionally use sketchy software and give it full admin rights. Why does IE need admin rights? Windows Update, that's IT!
I use Firefox and I login as a standard user. If I need to run a program as admin, like to install something, I either right-click and use Run as... or I use XP's fast-user switching (not available on domains, sadly...) People assume that if a Windows box gets damaged it's because of some bug in Windows. Many Windows issues that look like bugs are actually OS hooks that are being exploited. Linux is the same way, and for good reason. It assumes if you are admin then you know what you're doing and gives you nice hooks to modify the OS's behavior. But Linux distros set you up as a standard user by default, but nobody thinks of that. All they think is "Microsoft sucks Linux owns"
So maybe this sys admin should stop wasting money on certifications and go get a tech support job for 3 months, to see what it's like and learn how things work.
Hypocrisy is the 8th deadly sin.
Fine the most conservative girl in your office, and tip her off about when he is looking at these sites. One sexual harassment lawsuit latter and the company won't have that problem again. Come to think of it, if you are a big company just go to HR and mention that logs have shown some people are looking at these sites and ask how you should procede. HR will take it seriously because it is their job to know what can happen if it isn't.
The only software I've run into that doesn't work properly as root (which I run as 100% of the time, and have for many years, and have never ever had a problem, thank you very much) is the x screen saver, which will not start correctly by itself, but rather has to be manually started. This is not a huge problem, considering averge uptimes are in the many-months range, and the fact that it can be coerced into running right after booting, albeit with more effort than should be required.
I use all manner of linux apps - The Gimp, OO, Hydrogen, Sodipodi, Treepad, AI stuff, custom stuff of my own, just about every Internet app you can think of (Firefox is my preferred browser), toolbar thingees, desktop goodies (waves.... ghadz that thing is cute)... and as I say, nothing but the screenblanker has ever given me any trouble at all. Regular sequenced backups make sure I can get back to a previous state (though in all these years, I've only used them to clone new machines into a semblance of an older one -- no crashes yet, not even from a hardware failure.)
So, let me ask you: What are some examples of "properly designed" applications that require me log in as other than root? I'm not talking about configurations that eliminate root by default, like ftp or telnet, as you can simply change the configuration, but software that requires me to run as root?
ftp and telnet are good examples of limited, but adjustable, defaults. I use them inside a firewall which doesn't allow ftp or telnet access to the WAN; so inside my network, they're quite convenient and familiar tools without any particular downside. So one of the first things I do is remove the restrictions on my ability to run them as root, and then merrily work between my machines. Out on the net, I use tools like SSH. No big deal. Access to database is via a severely limited user account. Right tool, right job, the right permissions for the right people. No need for predefined, unbreakable draconian restrictions on applications. That's what accounts are for -- not applications.
Just to be clear: I'm all for the ability to restrict operating privs for users, however, a requirement to restrict operating privs is more religion than sense. You may need a safety net under you, and if you do, why then by all means, put one there and enjoy the warm, fuzzy feeling you presumably get. But don't tell me I have to have one too. Don't need it, don't want it, have no use for it, find it annoying.
I've fallen off your lawn, and I can't get up.
I'm the network administrator for a small company of about 300 users and I see how many email viruses I block every day.
I'm also responsible for the firewall so I know how many worm attacks are out there."proper release of warez"?
"Warez" do not have a "proper release".
"Warez" are cracked commercial programs.
Can I name one trojan distributed via "warez"?
http://216.239.63.104/search?q=cache:m-1tmuPK3u0J
Hmmm, seems I can.
http://channels.lockergnome.com/news/archives/009
My previous statement still stands.
I you actually perform all those unsafe acts WITHOUT running proper precautions AND you haven't been infected, it is pure luck.
You aren't using "common sense".
"No Linux viruses in 2005"
Hey, when you return from 2005, can you tell me who wins the SuperBowl? I'd like to make some bets.
The scans are automated processes running scripted exploits.
If you're vulnerable, you'll be cracked.
They will not skip over your machine if there is a more "attractive" machine next to it. They don't understand the concept of "attractive".
There are only TWO ways to prevent that.
#1. Stay up-to-date on ALL of your patches.
#2. Run a firewall blocking all outside access to those ports.
The scanning machines don't care if you're "attractive" or not. They only care if your machine is exploitable or not.
Since you have stated that you do NOT run a firewall
Personally, I'd rather not spend that much time hunting down some work-around that may not even exist when I can just setup a firewall correctly and run some anti-virus software.
If it's 2K and she wants to burn CDs, she can run a modern version of Nero (v6) or Roxio (v5 and later) which work for restricted users.
Use Evolution instead of Outlook? Bewa
They should have started preaching "don't run as root" as early as NT 3.5. Because they haven't until 2000, developers have six years of old programming habits to break.
Now MacOS X - I haven't run that though I'm aware of its BSD roots. How much legacy Mac software works as non-root on MacOS X?
Use Evolution instead of Outlook? Bewa
You know, the more you get into this, the weirder your claims are.
You computer is "less attractive" to scanners.
You don't download software that looks "seedy".
You don't run services you don't need. That's really funny considering that you're running Windows.No. More likely I have actual experience with the subject matter. There isn't one site that will give you all the details on current patches / exploits / work-arounds. Particularly when a new exploit is announced.
But I'm willing to grant that you may be better at it than I am. All you have to do is post what sites you "spend virtually no time at all on" but are still able to ensure that you non-firewalled, non-anti-virus machine is still secure.
That's not Microsoft's fault that EA Games decided to use a broken copy protection scheme.
It took me two weeks off and on to fix an old Windows game (Quake II) to work as a limited user in XP. http://www.pan-am.ca/testing.html And I'm not a full time games programmer. What's EA's excuse?
Use Evolution instead of Outlook? Bewa
The next worm-plague you unleash should irreparably transform infected Windows computers into Linux PCs after their next reboots.
Think about it.
I prefer the "u" in honour as it seems to be missing these days.
Similarly, telling all the stories about how Linux is so wonderful and easy to use isn't going to mean a lot.
The simple fact is that many of the people on this board have to work with windows (from 95 to 2003) everyday and can tell you horror stories
The "people on this board" have an amazingly high (statistically speaking) number of horror stories to tell about, surprise, Microsoft products.
about machines that have been secured, reside behind a natting firewall, etc etc but still they get slapped down by the newest virus which has snuck in through a vulnerability which was patched three months ago.
I suggest you put up or shut up - are you saying that the machine was magically infected with something even though it had been patched? Care to share your horror story on this?
The other area you seem to be missing is the inate ability of users to fuck things up, no matter how secure you make it. All it takes is one innocent click on a link and all of a sudden you have spyware coming out your nose.
Yes, and we all know Linux cures stupidity and increases the user's IQ by about 100 points after install.
Oh, and I love how you call people "astroturfers" because they're sharing the fact that they haven't had the same sheer number of horrific experiences with spyware and the like. I guess that makes everyone else a fanboy, eh?
Bottom line is that much as I enjoy reading Slashdot, it seems its sole purpose has turned from being really "news for nerds" to "let's bash Microsoft" day in and day out, most of the time putting out hysterical-sounding headlines that do no justice to the actual topic being covered. It saddens me because Slashdot has become the mouthpiece for the zealots that used to be confined to the advocacy groups on Usenet. We are doing the same things we accuse Microsoft of: spreading FUD. When the balancing POV gets nailed as "astroturfers" then you start having problems with fairness.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
She understands me when I explain Limited User vs Administrator. I explain that it's like using safety guards on a power tool. She knows to switch users to the "Owner" account to use Windows Update and Office Update, and not to use anything else when using those update tools.
I only had to show my Mom once - some people I show more than once but that's OK - it's preventing problems before the fact.
Here's my Mom's config for the curious:
AMD K6-2 500, 256 MB RAM
Integrated LAN, DSL Internet
XP Home Edition, Service Pack 1 (She's waiting for me to visit to install SP2)
MS Office 2003 Student & Teacher Edition
Outlook 2003 for email
"Owner" Administrator account - password protected
"Mom" Limited User
"Kids" Limited User for the grand kids
I turned on the built-in firewall before connecting the LAN cable the first time. I explained to her why it needs to stay on, and she doesn't turn it off.
She's had this box for a year in this config and I set it up ONCE.
Is this a good enough example of XP security through proper management?
Use Evolution instead of Outlook? Bewa
Bittorrent came out in 2003, didn't it, Mr. Warez-hacker?
An FTP dump? Isn't that a site on a box that people FTP to and upload/download warez? So if you aren't being infected from that, it is because SOMEONE ELSE is following the appropriate security procedures. Not because of your cool criminal knowledge.
Doing a
MS need not lose the majority of the users for it to be forced to really compete based on quality issues.
If they lose as much as 20 - 30% of the Office software market, they would be subject to credible threats of abandoning their product line by corporations. Indeed, a lost 10% would be more than enough by early adopters to employ this scam to reduce their pricing from MS. [This has already happened earlier this year, without a measurable decline in the MS Office market share.]
At this point the major cash flow is from the OS and Office applications, having lower profit margins on either of these product lines could kill a lot of Microsoft's ambitions.
She has Internet on DSL. I turned on the XP firewall before plugging it in.
Use Evolution instead of Outlook? Bewa
There is. Firstly, Unix has been in use in university environments for nigh on a quarter-century now. Cracking systems has been a hobby for college comp-sci majors for as long as computer systems have been available to crack, and the operating-system-design classes in that major are often based around dissecting the actual source code of the very systems they're trying to crack which means they've far more detailed knowledge of Unix systems than of Windows. And yet, despite that, Unix remains relatively secure in that environment. Why should we assume this would change?
Secondly, track record. Apache on Linux is probably the most popular platform for Web servers based on NetCraft and other surveys. Apache on Unix of some sort definitely is not only more popular than any other option, it's more popular than all other options combined. Unix is the dominant OS there (and the traits that make Linux secure are simply the normal traits of any other Unix variant). Yet while we see regular compromises of Web servers, compromises of Apache on Unix are relatively rare. If it's not compromised often in an environment where it is the dominant platform, why would it be compromised often in another environment if it were the dominant platform?
That exists in XP Home just fine.
I wish Microsoft included more explicit setup instructions, though. Like power tools that require assembly: "First you install the SAFETY GUARD." That much, I can blame Microsoft for.
However, when an XP Home machine starts up for the first time and offers to create a bunch of user accounts and if you purposefully skip this step, I have to wonder if you skip putting the safeties on your new power tools while you're at it.
Use Evolution instead of Outlook? Bewa
Example:
The typical work system I manage has
Win2K
All the latest MS patches
(verified with MS's Baseline Security tool)
McAfee anti-virus
SpyBot TeaTimer
Network specs -
Cisco PIX (firewall)
Snort via a monitoring port on the switch
Guinevere w/McAfee anti-virus/SpamAssassin
I can tell you how many email viruses are sent, how many port scans and so forth.
And I still spend a few hours a week reading up on the latest developments, threats, counter-measures, etc.
Keep your dreams, kid. Just don't waste the professional's time with your fantasies.
I too hate the lack of security and the number of exploits that the typical Windows machine is exposed to. I feel that Microsoft has a responsibility to do something more than they are doing to fix the problem and sadly, I don't see them doing enough in the near future at least.
But I disagree that this is what it should take for people to migrate from Windows to Linux. People should make their choice for the right reasons and only one of those reasons is security. They also have to weigh things like user-friendlyness, support, cost, effort required to learn, availability of the applications that they require and probably a dozen other user variables.
Open Source in general and Linux in particular, has been making great progress in virtually every aspect that I can imagine. In many ways it is ready for "prime time." Yet to claim everyone should move to it, I can't quite accept that yet. In my business, you can't find particular applications (relating to "industrial formulation calculators" for instance) that are necessary for the operation of the business in open source (I've researched this).
While I am able to work my way around a Linux Desktop with KDE and be fairly comfortable with it, members of my family don't seem quite as capable and frankly, I don't want to spend the time teaching them.
Still, I spend close to fifty percent of my workday dealing with spyware (and another 1 or 2 percent dealing with viruses, worms, and trojans) and I hate it. I haven't found a single product out there that does an acceptable job of preventing it or cleaning it although on my home Windows machine the McAffee suite + AdAware + Yahoo Anti-Spy seems to mount a pretty good defense. The McAfee is always on and auto-updated, I run automated anti-virus scans every night. I run AdAware every couple of days, and right now, since it is new, I am running Yahoo Anti-spy every day. My ISP also filters my email with an anti-virus program and I practice all the common preventitive measures and am quite liberal at assigning "spam" tags on incoming emails.
Still, all of this amounts to a lot of work. I do think Microsoft shares the blame with the malware authors in the same way that car manufacturers used to carry part of the blame for car thefts (since cars were so easy to steal). Microsoft it would seem to me has the same kind of responsibility that car makers had, to develop a safer product. I am willing to share part of this expense (developing products costs money and that cost is passed on to customers - it is what for-profit companies have to do). I also hope we get help from legislators and from ISP's, and even hardware companies who each in their own way can develop things that would make malware harder to propogate.
I'd also like to challenge computer makers to provide us with additional choices, like packaged Linux boxes, better secured Windows boxes, and software that actually works that comes bundled with machines so that so many people don't download "free" spyware-laden products to do something they expected their computer to do out of the box (Dell, Sonic - do you hear me?).
heh heh
Seriously, read later responses to queries about what my Mom runs. Besides, if she were running AOL on dial-up, all bets would be off regarding time to exploitation.
As for the screaming? It got your attention, didn't it?
Use Evolution instead of Outlook? Bewa
Want to know the "worst" windows environment hell on earth? High school computer labs. They've got firewalls, AV software (up to date, etc.), but they are riddled with problems on a DAILY basis, due to users (hackers, crackers, whatever) that waltz into computer labs or school libraries, or whatever and proceed to their nearest spyware/hackware/warez site and bring the networks to their knees.
But I use linux in my lab now, so I just shake my head as millions of tax dollars are wasted buying M$ crap, and all of the other assorted useless AV/spyware removal/etc. in an attempt to keep some semblance of functioning M$ windows computers. So, all you M$ fanboys who claim that they have "no problems", why don't you volunteer to go to a local school and help them ensure that they have "no problems?"
I need to get a tree mulcher for all of the retarded computer tech's I know that still don't understand a thing, in and of itself.
Microsoft is there to make money. You being happy or upset makes no difference, because you support them with your wallet. So shut the fuck up and eat the cock they whip out for you.
Why is it only sheep can't grasp taking it in the ass? Maybe it's a defense mechanism like paralysis at the last seconds of life. Fucking waste.
A few things came to mind as soon as I started reading this.
First, I wondered why he thought Linux was the only solution. Then I thought about how the problems mentioned will mainly affect Windows users, which means they will already have PC's and not Macs. So switching to Linux or another free variant of Unix would be the lowest cost option.
Second, when I talk to people about switching from Windows, I feel obligated to tell them all that some software is only made for Windows. And my good friend always tells me he can't switch because the games he likes to play are only available for Windows. Firefox, OpenOffice, and other open source software is good for some but apparently all of his favourite games where you shoot everybody are only available on Windows. And there is a lot of hardware that only have Windows drivers.
These problems may not have anything to do with which operating system has the best design, and they may not be fair, but they have to be addressed before the masses will leave Windows.
I did have one final thought. Maybe the best solution would be to stop fixing the Windows spyware, adware, and malware problem. Microsoft isn't fixing it, but other people come up with solutions that allow them to get away with this somewhat. If we just leave the responsibility to Microsoft, at some point all of the Windows systems will grind to a halt and people will switch because that will be the only way to get any work done. Just a thought.
If Microsoft really wants to make a great media player, they should buy Sonique from Lycos, make it open source, and start developing.
To see how Media Player sucks, try to play a video using Media Player, pause it, and drag the window around.
I hate these types of "letters". All they do is make Microsoft look bad, but they don't make Linux look very good. Most people I talk to that are frustrated with Microsoft look at linux (on the desktop) and say - OK, it's free, but it isn't as "nice" as windows.
Those same users really like OS X - but they don't want to buy an expensive computer to run it.
The reason spyware is not a problem for linux yet is two-fold:
1. Marketshare - if you are writing spyware, wouldn't you want to "spy" on the largest user base?
2. Application installation ease - most spyware does not install itself. Most spyware i've run into came from users directly downloading and double-clicking files. Installing apps on Linux is not nearly that easy - and that's why my sisters, neices and nephews don't like Linux. They can't double-click and install.
Sure, eventually Linux will HAVE to be that easy to get the marketshare that Microsoft has. Don't rattle off the excuse about being prompted for a password in OS X - i've seen users blindly type in an admin password every time the installation box pops up.
When *nix becomes easy (and popular), spyware will become a problem on *nix.
-ted
How do people get +3 Insightful for completely missing the point?
First, I don't know about anyone else, but it is an incredible pain trying to run Windows (2000, at least, in my experience) as anything but Administrator.
Second: what is this "Maybe he is just an idiot" crap? He could easily have a wife who, like anybody else, would prefer to have their computer how they want it and for others to leave it alone. I know plenty of people who get irritated if anyone changes things on their personal computers--much less use them. As for rootkits, etc., are 80% of Windows users (the people who have this problem) really going to have access to those things, the skills to use them, or even the dimmest knowledge of their existence? Of course not.
Jumping down this guy's throat over the state of his wife's computer is completely missing the point. His point is that there are millions of people just like her, and his weighing of the pros and cons makes Windows an absurd choice for a desktop OS. Address that. Stop grasping for ways to tear him down instead of his argument.
You all keep trying to bash him for his knowledge but that isn't what the article was about at all... You have no idea how smart he is, why his wife uses IE, what kind of person his wife is, what he does on a daily basis, or what color his house his. Don't try to flame people when you have no idea what is really going on. Then I read people trying to hint to some random stranger on the internet that his relationship isn't secure... Just quit it and understand the article for what it was made for. Microsoft is a terrible company that made a pieced together OS. Microsoft doesn't need to spend the millions on editing because they just put out the software and let the users do the bug testing for them so they can release patches(that isn't tested and screws up your computer even more... *cough*SP2*cough*) and they just go through a stupid circle until they claim the OS will not be supported anymore (by this time it is probably in the 3rd step of editing...). I don't agree linux is that great of a desktop either but its guarenteed if Linux devs were given the task to make a great desktop, they would succeed. I would love to see the downfall of microsoft but users prevent that from happening since they don't want to change to Linux because its too different and people don't want to learn new things unless absolutly necessary. In order for people to switch over to Linux, Linux devs are going to have to make an OS dedicated strictly for desktop then work their hardest to get software companies to write for that desktop... Because the lack of ease of availablitiy for normal software programs for Linux is a big down point to Linux as far as the normal user is concerned.
That's because there have been previous exploits that bypass the security settings.
Defense in depth.
Actually we do blame lock companies becuase someone breaks in, we do blame housing contractors, garage door makers, etc.
The legal standard is that of negligence, whether or not the maker of the product should have known that what they were doing would leave the users of the product suspectible to harm. I would even go so far as to say MS is reckless [another, even higher legal standard]. MS knew that what they are doing could potentially harm, but did it anyway.
You must have been running Woody. Any edition of KDE since the Cretaceous Period will look just fine. I've especially liked GNOME since 2.6. GNOME's themes usually have a nice clean polish to them.
If people are really concerned about looks, give them any iteration of SUSE since 9.0. Or show them how to use KDE-LOOK.ORG or ART.GNOME.ORG. They'll be busy all day customizing their UI.
The one REAL UI problem we've got, though, is speed. There is much faster visual feedback in Windows than on any Linux distro I've ever seen. The Windows desktop framerate is often too fast for the naked eye to catch--making window and cursor movements very smooth and easy on the eyes. X is nowhere near that I can watch the frames tick by as I move a window. And I'm on a 2.4GHz Celeron. It's one of those little touches that makes Windows look nicer even though the graphic art is inferior.
You aren't taking any actions to prevent an infection on your own.Again, you are dependent upon other people to maintain their security.
YOU are not doing anything about your security.
I can set up a bunch of clean warez on my machine and tell clueless idiots where it is and they download them and don't get infected, but that doesn't make them any more clueful.
That doesn't make them wise about security.That is self contradictory.
Defense in depth.
Because I'm not stupid enough to believe that just not clicking on things will prevent compromises, I set up layers of defenses.
You are the end-user of the services that other, more informed people provide yet you believe that your actions are the cause for being virus free.
By that logic, I have almost 300 users who are as informed and success at avoiding infections as you are.
Depending upon others to do the work is not the same as protecting yourself.
Really, if its this much of a problem, then she shouldnt use it, she should use something that fits what she expects out of a machine.
If she needs it for work then dont bring your work home, or get a laptop that is just for work and run linux on your desktop.
If thats not good enough, then you have to take security into consideration. With the new security features in sp2 it helps alot for basic users.
Honestlly, how many people here that run unix/linux/mac etc that just install the os and do nothing to configure the machine, or secure it in some way (this also counts installing a firewall or other security settings at install (which you can do/ have to do with xp)).
And quite honestly, if hes a system admin he has no excuese for the machine getting to this level, if he cant keep his wifes machine secure and in working condition, I weep for the systems he admins.
TruePunk | Games
The logical improvement I can see at this point in the evolotion of "home computing" is to employ virtual machines. Granted they're not perfect by any means, but the appeal of snapshot rollbacks and isolation from the host OS (relatively speaking) sure makes my life easier. My kids surf the home pc, running Windows in a VM and when they hit a bad site that hoses the "computer", I revert back to the last good snapshot (which I set myself). They don't know it's a "virtual" machine, so it doesn't really matter to them. I know this isn't a panacea, but it sure has helped in my "home computing" situations with my own wife and kids.
I have been using computers for 10 years, no degree, no idea. Never had a virus, never had spyware that i couldn't remove in 20 minutes. All running MS Windows. Some people are just dumb
http://slashdot.org/comments.pl?sid=133250&cid=11
http://securityresponse.symantec.com/avcenter/sec
It's happened before, it can happen again.
Defense in depth, kid.
It's the way the professionals do it.
And now, your reply when I claimed I never said we shouldn't discuss it:
And it is merely complaining, if you don't participate in trying to make it better! If the original poster (an Anonymous Coward) had not been a self-admitted "lurker" and was participating in trying to make it better, I'd have considered his/her comment constructive criticism!
That the system is broken is a claim you have now made twice, without providing any more evidence than that promoting ideology breeds page hits, soYou obviously have an account, why didn't you answer my question about whether you have moderated, and whether anyone pressured YOU to moderate in any particular fashion? I'm curious, because maybe it's only ME that the /. management has chosen to allow free reign to moderate as I choose. Maybe you and everyone else has the experience that when given the chance to moderate up an insightful but dissonant opinion, you've been somehow penalized? It suppose it is possible, though since I don't personally know anyone associated with running the site, I doubt it.
We apologize for the preceding message. All those responsible have been sacked.
Because it has happened in the past to one Microsoft product, it can happen in the future to another.I'm not denying that they are effective.
I am denying that they can be trusted 100%.
Defense in depth.Yes, it would be helpful. Which is why group policies are used to lock down workstations.
But I would not recommend that anyone use that as their only level of defense. Again, Microsoft has had a problem with security settings before and there is no reason to believe that they are 100% safe now.
Defense in depth.Hmmm, by that line of reasoning, firewalls aren't needed because all of the worm attacks have already had patches released.
It is kind of hard to provide links to attacks that haven't been publicized yet. But the vulnerabilities are still out there. http://www.eeye.com/html/research/upcoming/index.
Remote code execution.Thanks.It's working great for the regular users. The only problems are the accounting department and the owner of the company. The accounting app requires all kinds of access to just about everything on the hard drive. They have to run as admin. The owner likes to download and play with new toys and since he pays my salary, I just firewall his connection from everyone else's.
We're running GroupWise so we don't have the permission problems of Outlook. I've customized everything we have. It seems to work right now.
I've also moved the user's temp internet folder and regular temp folder to D:\temp and set the permissions there so I can open up their profile a bit. Also, their swap file is there to cut down on fragmentation on C:\.
We've been moving most of our apps to Citrix so the security problems aren't as bad as they could be.
That's why we're still on Win2K. I have it stable and seemingly secure and still functional for everyone. I have a lot of testing to do with XP before I move people to that. My boss is working with it on his laptop.
We're still using IE because we have two web apps that require ActiveX (and we might be deploying a 3rd next year).
The first giveaway was when the original poster claimed to avoid infection by avoiding "scuzzy" software. Yeah, and you don't get Syphilis from healthy looking people. In all these stories, just imagine the person is talking about unprotected sex and health, except it's even harder to tell if your computer has been compromised, and easier to compromise a computer.
So because they can't detect any problem, they have none. Lots of STDs are asymptomatic, and hard to detect.
Considering
1. The number of ongoing scans any random machine is subject to (so many that putting an unprotected machine onto the net to be patched is a path to infection itself) and
2. the rate of new Windows 'sploits,
It is pretty clear that these people are idiots. Unfortunately, they're such arrogant fools that they don't know they're full of bullshit (or infested with parasites, to be literal.)
Maybe all of us who work at this professionally are fools or idiots, and these guys know the one true way. If so, I bet the secret is how to recognize scuzzy software.
Probably this is just the way a certain percentage of the populace regards risk. Some asshole will always refuse a rubber, or avoid the vaccine or whatever the real answer is, because he's just too good to be vulnerable. Thanks to him & his buddies the rest of us have to be even more vigilant. Think disease resistant strains, and of other diseases that were wiped out, but now we rediscover. For instance, polio is making a comeback.
Or they're trolls. I think I need to pull the hook out of my lip now.
Assembly is the reverse of disassembly.
Okay heres an example, one machine at work, patched up the whazoo, running the latest anti-virus and spyware combo, run as user level as opposed to Admin level and the damn thing still gets a spy-ware bundle droppped on it from a great height.
Takes two to threee hours to clean up and then we discover the damn thing is hiding on the network somewhere on another machine patched up the whazoo, anti-virus etc etc.
I never said Linux was the be all and end all of Operating System goodness. Linux has its own problems, mainly hack attacks against third party software packages. However I would put the Linux kernel up against the NT kernel security wise any day.
My astro-turfer comment refers to those who just use throw away lines and incredibly general statements in a bid to try and paint MS or any other product in a positive light. There are plenty of Linux astro-turfers on this site as well , and they annoy me for exactly the same reasons, general, uninformed statements thrown out at the first sign of an attack on their precioussss(whether it be linux, windows or OSX).
...we are still telling our wives what to do.
I have setup my wife with Mozilla Suite for the last year (running on WinXP). She was having trouble with a website that said it needed IE.
She asked, "Do I have Internet Explorer on my computer?"
I nearly cried tears of joy. I almost said, "No." However, having opened the Infect Exponentially client myself for the same reasons, I told her the truth.
Now if we can just get all websites to work equally well with all browsers...
"No matter where you go, there you are." -- Buckaroo Banzai
If you're that smart why didn't you revert to a system restore point? Or better yet have the free version of AD-Aware installed prior to your problems? Did you have a backup?
The fact you are a RHCE means you are dangerous when it comes to windows system administration!
Telling people it's time to switch to Linux is a joke right? People run APPLICATIONS and don't care about the OS. They will run whatever OS runs the applications they want to use. So don't count on Joe user to switch unitl Linux has the applications people want to use.
Crybaby...
It's not as if (for most people) changing ISP is difficult or traumatic.
Which Linux-compatible ISP is as inexpensive as NetZero or Netscape? The amount that a NetZero or Netscape subscriber saves over a year compared to a full-price ISP such as AOL is nearly enough to pay for a Windows tax. Besides, some people can't even get as far as starting the dialer because many winmodems have no driver.
I'll tell you why it will change, because end users are lazy with regards to patching and as Linux attacts more of these end users you will start to feel our pain.
Secondly have you looked at how many security vulnerabilities have been found in Apache 2.x? IIS 6 has NONE (as in not one securty bulletin) in the two years it has been in production.
Also Netcrafts methodology is flawed and counts domains not servers...this skews the results in favor of Apache.
After years of "you're in computers, I'm having a problem...." and having to explain that not every "computer person" knows everything about every computer program, operating system, peripheral, etc. I know ask "Is this on Windows?" If yes I say "Sorry, I don't do Windows, don't know anything about windows, and really do not want to." But what about if they said no? That's happened about 3 times, in each case a simple google found the solution, the user was savvy enough to fix it, done.
a polar bear is a rectangular bear after a coordinate change.
Well practically every ISP in the UK is "Linux compatable"
Good for you. Does anybody from the United States care to respond in order to help other people in the United States? The revised question is: Which national ISP in the United States charges $12/mo or less and uses either standard PPP or a dialer ported to Linux?
As for the lack of driver for a winmodem, this just brongs me back to my other point of choosing hardware carefully.
One who is still between college and a job, possibly because of the jobless growth in some developed countries due to outsourcing to Asia, must receive computer hardware as a gift. How can one choose a gift carefully? Would you consider it polite to hand a copy of a distribution's HCL to each family member who is considering buying computer hardware for you? How can I choose which hardware Dell provides for me inside a laptop? And how can I "choose" to un-buy hardware that I bought before I made the decision that I wanted to switch to Linux?