Slashdot Mirror
Ask Slashdot: Remote Support For Disconnected, Computer-Illiterate Relatives
An anonymous reader writes I use email to communicate with my folks overseas. Their ISP only allows dial-up access to their email account (there is no option of changing ISP), that can receive messages no larger than 1MB nor hold more than 15MB (no hope of changing that either). They are computer-illiterate, click on everything they receive, and take delight on sending their information to any Nigerian prince that contacts them, "just in case this one is true". Needless to say, their PC is always full of viruses and spyware. In my next yearly visit, instead of just cleaning it up, I'd like to gift them with some "hardened" PC to use for email only that would hopefully last the year before someone has to fix it. So far, these are the things I have in mind:
- Some kind of linux distro, or maybe even mac. Most viruses over there are windows only and propagate via Autorun.inf or by email attachments, not having Windows could prevent both.
- Some desktop environment that hides anything unrelated to connecting to the net and accessing their account (dial-up software, email client, web browser, exchanging files between their hard disk/email attachments and USB drives). By "hide", I just want the rest to be out of the way, but not entirely removed, so that if necessary, I can guide them over the phone. For this, Ubuntu's Unity seems like a particularly bad solution, but a Gnome desktop with non-removable desktop shortcuts (is this possible?) for the file manager, browser, email client and dial-up program could work. An android system is unlikely to work (they have no wifi, and they were utterly confused with Android's UI).
- This could be a life saver: some kind of extension to the email client that executes commands on specially formatted emails (e.g., signed with my private key), so that I can do some basic diagnostics or install extra software if I have to. This las point is important: they currently rely on acquaintances who may not be competent (they can't evaluate that) if something happens between my visits. They, most likely, wont know how to deal with anything non-windows, so all tech support would fall on me. (This is the reason I haven't moved them from windows yet.)
- Another very useful extension would be something to automatically re-assemble attachments split into several emails, to overcome the 1MB message limit.
Does any of that exist? If I have to build that system myself (or parts of it), do you have other suggestions? For the inevitable and completely reasonable suggestion of getting someone competent for tech support: I've tried that too. The competent ones don't last beyond the third visit.
What is the issue with using a web mail provider? Gmail optimizes for low bandwidth links.
Clearly, anonymous reader is a masochist.
To increase your pleasure, I suggest Damn Vulnerable Linux.
I think you are asking for the impossible. Maybe you need to give them ipads, tell them to ditch the old emailaaccountsand have a happy life?
No is an appropriate answer you know.
You don't need an exotic hardware or software configuration. You just need new folks.
Use a SSH or VNC server, and also use a dynamic DNS client so you have a hostname instead of some random IP address, Then you can control the machine directly when it's online. VNC might be really slow over dialup though, you'd need to use Tight encoding with JPEG quality cranked all the way down to make it usable at all.
I usually end up tunneling VNC over SSH, and the VNC server only allows connections through the tunnel.
Chrome OS is the perfect solution, no?
So... Like.... Get them a fax machine instead
every time someone suggests a mac i scoff at the stupidity of it, but actually, shit, they sound perfect specimens.
No malware is written for it, it is impervious to network attacks, and it can be restored to the original system image just by shaking.
Get them a console (as in a game console) with an internet browser app built in. Something like a Wii or a PS3 or something. Set it up so the home page is the webmail interface.
Safe as you're ever going to get I reckon.
Make them run ProxMox. Then if they get infected you just reload the Windows VM from an ISO on a read only DVD.
I'm sure they'll wise up quickly when they're having to actually pay for support. Ultimately, it sounds like they're not just illiterate, they're purposefully ignorant and the only way that they'll learn is if there are consequences attached with needing somebody to fix what they ought to know better than to do.
I really don't believe you when you say there are no options. There are always options.
If it were me, I would buy them an iPad with 3G/LTE if they can get 3G/LTE in their area. if not I would buy a router with WiFi that can use a dial up connection and buy them an iPad with WiFi only.
And set them up with a gmail account instead. They need decent spama filtering and it would get rid of the size limit.
I can whole-heartedly recommend any cheap chromebook. They are basically completely support free, and can be reflashed in an instant.
I'm not sure how well they work with dial-up, but can't really see why they'd perform worse than any other modern browser.
I dont know how to hook them up to POTS line, though. But i guess there is some kind of solution for that.
On another note: where do they live that they don't have access to slightly higher-speed 3G internet? I've travelled through third world countries, and cell-phone-internet seems to be almost omnipresent in some form or another.
You could pay about $100 per year to use Skype to call their telephone whenever you want.
Alternatives to Skype exist.
Calling cards are possible (I've had success buying from Nobelcom.com).
You wouldn't be able to attach any photos, but they're not fun with dial up anyway.
You would have to call your parents when you are all awake, but calls are more personable than email.
Though even an out-of-date Linux distro is going to be safer against malware than Windows, keep in mind that it's almost impossible to keep one of the major distros updated with security patches via dialup. I tried that with my father in law's computer for a couple of years, setting up a cron job to dial up automatically late at night, every night, and chip away at the downloads. It fell further and further behind.
Other than the fact that I don't know if any of them even support dialup, a Chromebook seems ideal for this application. Updates are smaller and less frequent, and ChromeOS is strongly hardened as compared to a standard distro, so it's less worrisome if they miss some. Chrome Remote Desktop would enable you to take control of the machine when needed (that actually works on any platform) and while it's painful at dialup speeds I have used it successfully.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Cut them off, kill them, or swap their PC for a P-p-p-p-powerbook.
It ain't worth it.
Use fetchmail to pull from their account, drop it in their "inbox" managed by dovecot and create a whitelist via sieve (mail filter). You might even be able to get sieve to do that whole 'exec by email' thing if you want.
The real key here is that what they see in their 'inbox' is only what you allow them to see since you're dropping everything except your approved From addresses (or similar criteria).
Option 2: switch to snail mail and cancel their ISP account.
Look, just give them Linux (if they will tolerate this -- computer illiterate people still don't like their environment to be changed), and put something in /etc/init.d/rc.local to e-mail you their IP address every time they dial in.
Alternately, you can just give them a shortcut that displays the IP in a window for them to read to you.
This way, you can just get them to dial in and troubleshoot their problems via ssh. You may want to have a fresh OS image in a different partition that you can restore from the command line if needed.
I use a disposable gmail account and a Python based mail client to do the e-mail sending for this purpose.
Alternately, something like GotoMeeting might work -- albeit slowly.
Do you time travel to 1995 to visit your parents? In any case, the overall scenario and questions don't make sense. Do they have some sort of dial up service that only allows them to access their email (with a 15MB inbox no less!) and nothing else? If so, not having web access how do they get all these viruses and spam email? If they do have web access, why do they have to use that "blast-from-the-past" email account for which you are trying to find crazy workarounds instead of anything else? It doesn't have to be webmail, you can set them up with a POP or IMAP service. Also, why the talk about running commands from email, can't you use one of the dial-up friendly remote management software? TeamViewer works over 56k. I doubt the "anonymous poster" is describing a real situation, it sounds more like an attempt at trolling.
Violence is the last refuge of the incompetent. Polar Scope Align for iOS
The environment you describe (minus the viruses) is one where UUCP was designed. Dial up, retrieve some information, log back off. Now today they would dial up to an IP ISP and make a TCP connection and run UUCP over that, not the raw modem, but the basic principals still apply.
Plus, if you use this method you will have to route them through your server / domain. You can do your own aggressive spam filtering while white listing yourself (and other relatives) before they retrieve the e-mail. You'll also need to configure their machine to queue the outbound e-mail locally.
You can then use your favorite Linux distro, I won't recommend one in particular. They can read and reply to e-mail locally with a variety of clients. You'll want to get them a good web browser and configure it properly for them, of course.
Other options include webmail (may be slow over dial up). Or the old school solution of something like "fetchmail" which would grab your e-mail on demand from a POP3 server and copy it to your local mail spool. Dial up, run it, log off, read and reply to e-mail locally. ISP's mail limits wouldn't apply.
Just for trip down memory lane, 1 Megabyte at 38400 bits/sec is over 3 minutes not counting overhead. A 1MB attachment is probably a 5 minute download in the real world. Are you sure you want to enable them getting larger images?
I support a Windows 7 PC in our community center (retirement community). I simply installed Drive Vaccine (http://www.drivevaccine.com/), which is cheap and allows you to either lock the PC down entirely (no virus infection possible :)), or keep say a "documents" folder writable, but locks the rest of the PC down. This PC has run for several years, and is restored to a "baseline" after each restart. Never an infection, as it can't survive the reboot. Users can surf the Internet all they want, and write and receive emails etc, etc. Occasionally, I unlock it to do updates of various sorts, but then I lock it down again. Sounds perfect for your parents.
Sounds like your family lives in Cuba, I heard they can only use email over there, and is heavily monitored and restricted to a few people only.
- First solution would be to use a Windows thin client. Set it up, write the configuration to flash and then lock it. If it goes BOOM just turn it off and turn it back on and it will be exactly the same as it was. Mail will have to be on the web because nothing will be saved locally.
- Second idea would be to use a terminal server / remote desktop. Give them just enough to log into a system that you maintain at your location. Make sure there are no visible links to a web browser (or anything else) on their local computer.
----------
One thing people should tell their parents/grandparents/non-techie friends, "Anything fun, cool, and/or free on the web is inherently dangerous. If you can't tell how they are making money then you should suspect everything you see."
They ... click on everything they receive, and take delight on sending their information to any Nigerian prince that contacts them, "just in case this one is true".
Your Relatives should not be on the Internet. Not only will they be scammed out of possibly every cent they have, but they are probably sending spam and viruses to all of us.
Troll is not a replacement for I disagree.
Thats about the easiest solution to your problems. Pretty much every other solution you see in this thread is going to require more maintenance than a windows machine. You can't expect a bunch of armchair admins to provide you sensible answers, 90% of the response you get here are going to be custom solutions that aren't completely thought out and require 100 times more effort than the person giving them to you realizes. You're just getting spew from a bunch of guys who think they are super clever.
The solution is to make it so you don't need to support them, and if all they do is browse the web, a Chrome Book is the answer. The down side is that they become Google's bitch, but its probably worth it for your needs.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Automated System Restore disk of a Windows image with everything preinstalled, Or make a custom linux distro and do the same thing.
I suggest making it as easy as 1) put disk in drive before going to bed,2) restart computer,3) sleep,4) wake up in morning and remove the disk from the drive (that you left open before turning the computer off) 5) turn of fresh computer.
On reboot you can delete the contents of the desktop and copy the shortcuts from a backup that is in an other directory restoring them would keep the desktop free of clutter.
are you any good with scripting languages, If you installed the program and made its associations only be something you know/use. This could also get around the multi-part issue as you could embed something like wget commands to download files and that would allow for bigger file sizes.
You would have to look at some of the old multi-part mail programs I know it is something that used to be done.
As long as they're just doing email you could get them an android tablet.
Comment removed based on user account deletion
i don't know where to go with Linux recommendations but pppd on freebsd will allow dialup on demand, but if you don't want that a manual link can be put on the desktop. chflags run as root (chattr if you don't like bsd and insist on linux) can make files immutable then not even root can delete, or move without running the chflags program first. if you want parts of the os to be protected feel free to make immutable files anywhere you feel like it to 'harden' the system the freebsd handbook has a walkthrough on compiling the kernel which is highly recommended for removing features and making the system harder to hack. disable or remove everything you or they don't need to further harden the system, and use a customizable WM and edit it so that only the functions you or they need are present i don't know what the people use these days, though.
freebsd is easily configured to run on slow computers. keep in mind software modems may be a real pain to configure and there are usb modems that might work good, further research is required. i don't know what hardware you're running for them, but if you've got them on an arm board there are way more people working on linux based ARM support while FreeBSD warns they aren't end user ready... however a basic browser and email virtually anything x86 is usable for a modern browser which may not work right on dialup requires at least 256MB of ram with 1GB or better recommended by me.
https://www.gnu.org/philosophy/free-sw.html
If they even get a globally routable IP. ISPs in some countries put customers who don't pay extra for a static IP behind carrier grade network address translation (CGNAT) on 100.64.0.0/10 (RFC 6598) or 10.0.0.0/8 (RFC 1918, older practice).
Some desktop environment that hides anything unrelated to connecting to the net and accessing their account (dial-up software, email client, web browser, exchanging files between their hard disk/email attachments and USB drives). By "hide", I just want the rest to be out of the way, but not entirely removed, so that if necessary, I can guide them over the phone.
I don't see enough thought being given here to how his parents use their computer besides sending and receiving their emails.
Technical support by telephone across multiple time zones does not appeal.
Not that I'm an Apple fan boy, but there are no known viruses for iPads. You're still vulnerable to web-based javascript attacks, phishing, etc, but if the primary function is email, Gmail filters out 99.9% of spam these days. As far as taking care of the dial up requirement, use their existing box to run pfSense or something (https://www.pfsense.org/), which double as a dns-based ad blocker or even an IDS if you want to get *really* fancy.
Note: I've never configured pfSense to work with dial up connection. If they share this connection with their phone line (ie have to disconnect / reconnect from the internet often), then I would suggest a MacBook Air with full security settings (only apps from the app store, stealth mode, etc) and a USB RJ-45 phone connector.
There are wifi routers with built-in dial-up modems you could use to enable the use of a Chromebook.
I'd move them to gmail (use forwarding for their old e-mail address if they are attached to it) and if they need offline access to the e-mail just use Google's IMAP.
My first instinct is to recommend iPad -- I got my parents one and they haven't booted the Windows machine in years, the dial-up aspect of that could be tricky (you would need a router that dials out via modem -- it's doable, but might be more complex and assumes the presence of a mail client on the iPad that talks to the ISP ... hopefully it's POP or IMAP, but without specifics it's hard to know. But if you must use Windows, it's not an impossible situation. You just need to know where the knobs and switches are, and enable them.
A lot of other modern stuff is going to not work well with the dialup option.
For the purposes of the discussion, I'm assuming they are on Windows 7. If they aren't on Windows 7, they need to get there, at least. If they are still on XP that just sucks because a lot of the below stuff isn't there.
Parental controls:
I have children and have done a fair bit with the parental controls. In this case, instead of the parental controls being used for kids you would be using them for your parents, which also works. To enable the parental controls, you create a username for your parents as a regular (limited) user. This will prevent them from doing a lot of stuff right off the bat, like installing software. You also should make sure that UAC is enabled. You can create a Admin user for yourself. Once you have set that up, you can download the remainder of the controls from https://familysafety.microsoft... , and then control the user account for your parents. You can control what is accessed on the Internet, if they can download stuff, programs they can run, etc.
You can also do a LOT with Group Policy. Type gpedit.msc at the Run Window and lock down everything you don't want them to change. You can lock down the Desktop, among other things.
Windows also has the ability to send a Remote Assistance request via email or as a file attachment, which uses Remote Desktop to allow screen access and control. Given that you are going to be doing this over dialup to some other part of the world, you can set your client appropriately to minimize bandwidth utilization by dropping the amount of colors being shipped back, not showing the desktop, etc -- it's all under the "Experience" tab of the Remote Desktop client, and I've successfully used it over some pretty slow connections with decent results -- it will outperform VNC in many areas, especially screen refresh time since you can cut out a lot of the unnecessary stuff.
If you are going to do the above, get it sorted out on the beginning of your next visit since when you lock stuff down it's not hard to be too tight and stop stuff from working that should actually be working.
And take the power cable with you the next time you visit.
Ask your sister, she might be able to help.
My suggestion is to go with a Mac, if something goes wrong, there is at least a chance that someone else can fix it.
If you go with the linux or locked down windows options, they are going to be in trouble if it goes wrong.
Apparently there are Wireless routers that are designed to connect via dialup (for instance This Router.) With that, I would go with a Chromebook / Chromebox or an iPad.
Given the constraints, that is probably the best you can get. However, you could probably experiment with an old Win CE Thin Client or an old WebTV and try to get either to work, but neither are particularly great solutions.
Slow Down Cowboy! It's been 1 hour, 47 minutes since you last successfully posted a comment
Send them a bootable disc or USB stick with a Linux or BSD distro on it. They can use a second USB stick for any data they want to retain.
My 60 year old mother uses Lubuntu made to resemble windows xp. She is perfectly content and unable to do any damage virus-wise. If she needs something Windows-related, she uses my dad's machine.
My father insists on Windows and running his user account with admin privileges. He also likes surfing around, clicking on god knows what and carelessly opening every attachment...while refusing anti-virus updates...etc. I use iptable rules on the router to segment the LAN into 2 networks...one network just for him with only WAN/internet access...and then another normal LAN for my mom's linux box and the rest of the house including the WLAN stuff.
TLDR; Don't try to change the behavior of old farts, just work around them. As for remote support. Give them a linux cd and tell them how to use it when their virus-laden Windows boxes grind to a halt.
Oh, good point. I wish I could edit the original post. They use POP3 + SMTP. The ISP runs a Horde+IMP webmail server, but it is a used only as a last resort (too complicated/slow/expensive over dialup). They do need persistent storage, those 15 Mb fill up very quickly. CDs/CD drives last long enough, I'll look into that live-cd solution. I hadn't thought of it. And unfortunately... yes, I'm serious.
I know it seems off topic but if you had them run Vidalia (autostart on)+TorBrowser, that'd stop a lot of the crap toolbar/plugin stuff that a "normal" browser would allow and I think it also blocks some classes of dangerous downloads.
New keyboard. New Problems.
I think it is a safe bet that the folks back home are running Windows and that is all their local dial-up ISP can reasonably be expected to support.
Local support is the only answer here.
Not the once-a-year parachute drop --- and not the trans-oceanic telephone call that has to be scheduled across five or six time zones, perhaps more. There is no joy in that even when it is IT Pro to IT Pro.
You access their email inbox. Anytime your parents receive an email, you print it out and snail-mail the printout to your parents. They then send their reply to you, and you type it in.
If they are using an internal WinModem, drivers and the ability to access this over linux may be severely limited. I would suggest if their only access point is a good old fashioned screeching modem that they get brought an external one (assuming that they don't already have one)
. .
Set the computer up with all the software they'll need, disable any admin access by them, install something akin to Deep Freeze. Every time they reboot things will revert automagically. You can create a small partition for the email app's data folders to serve as a persistant store, or you could just migrate them to simple webmail. GMail can check pop3/imap accounts for you.
From your description of them.... they really shouldn't be on the internet. What you are describing is a means to allow them to receive messages, but otherwise protect them from themselves. What you want to give them is a restricted terminal.
Email: Gmail. Have the old ISP forward emails to the Gmail account or have Gmail pull in email. You can also setup fetchmail to serve as an email bridge.
Firewall: Use a firewall to restrict outbound connections. You can do this by having the machine route all traffic through a proxy you control. Then you can whitelist/blacklist sites/domains to your heart's content.
Self Re-imaging box: have the machine they use re-image itself periodically to ensure it is virus/trojan/malware free. Have their personal files stored on another device(mounted filesystem/etc.) On box reboot, everything on the OS drive is wiped and brought back to a clean state. A cloud device would be better, but if they have dialup speeds, a local implementation of a reimaging is the best way to go. Maybe a local "cloud storage" and "net-reimage" solution.
Have you looked into reboot restore, or any of the other tools that re-image the drive on each boot? Someone that works at a School or University could suggest a good one. That way almost all tech support can be solved with "Have you tried turning it off and on again?". I'd also look into a better email service. Using a fairly cheap service such as Fastmail comes with much better Spam protection.
JEG / SYD / AU
How about a Macintosh SE/30 and Cyberdog?
I'm only half serious.
You don't need any of that.
Get a LiveCD of any os you want. Burn it, you're done.
You boot to the CD/DVD and its a clean OS every boot. They can't break it because they can't write to it.
To be really safe, tape the DVD drive shut.
I suggest a Puppy Linux booting from Read-Only media. Put the mailstore on a separate, writeable disk.
http://puppylinux.org/main/Overview%20and%20Getting%20Started.htm
Every time you boot, it resets the Operating System to a known state.
I expect other suggestions will be along soon.
Internet browsing is a bit slow, but it's pretty resilient to viruses and malware.
Chromebooks don't support dialup to the best of my knowledge. Some models have cellular modems, however, and that might be an option here.
Hail Eris, full of mischief...
E pluribus sanguinem
I can't speak to your other questions except the last one. You can get around email size limitations by uuencoding the attachment and splitting it into multiple files and the uudecoding them to merge them back into a single file. Software such as 7-zip will do this too. Back in the modem days it was a very useful tool to break up a file so a couple of failed deliveries wouldn't screw up the whole download. Just request the part you didn't get. I think Usenet still uses it for posting a file in multiple messages. As for email plugins that do this automatically, I don't know but it wouldn't surprise me if they exist.
Setup a hard drive or usb key with a re-installation image so that if they do experience trouble, they can just re-image their machine. All updates and software they need already installed.
Or you could have the system dual boot. Normal windows boot, but you can have them grub boot into linux and that will give you a pristine platform to log-in and save files/re-image their machine remotely via partition image. You have them boot into linux, and then you can operate on a comatose window partition without interference via ssh.
Seems like a good use case for deep freeze. And you get to stay on windows, though I'm not sure if that's a pro or con.
okay,
That's what we do to (for?) everyone we're sending to east Africa. Live CD with driver for the GSM modem (we don't do dial-up, but close enough), an "uh oh, the spare CD drive also broke" thumb drive, spare CD drive, and half a dozen CD's with a live image, and if they've been out for more than a few months, mail them new CD's. mail file is on the local drive, and when it boots, if it sees a wideband connection, it barfs a backup back home.
Also consider the ancient wisdom about giving one a fish or teaching them catch a fish... and spend six months training them to masquerade as Nigerian princes.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Google it. Takes a bit to set up but its great. Smaller then 1 mb.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
Where is "over there"? I'm having a hard time understanding how they could be so disconnected and yet you can make an annual visit. Does your trip include several weeks of walking through enchanted forests?
If it is a separate machine and you can find some way to make it work a chromebook seems perfect. Pretty much immune to viruses because it's a hardened Linux distro booting to a browser basically. They are typically pretty cheap too. Much better option than trying to roll your own version using some customized linux distro.
If that isn't an option then "freezing" windows seems like the next best option. You can use something commercial like Deep Freeze http://en.wikipedia.org/wiki/Deep_Freeze_%28software%29 or if they are going to be using a new enough version of windows you can get most of the way their with http://technet.microsoft.com/en-us/library/gg176676%28WS.10%29.aspx. If you have to use windows you are looking to lock it down enough that it doesn't matter what they do because nothing will be persistent.
Your parents, their character as you describe it and their unique, unchangeable circumstances present an unsolvable problem given your goals.
You must let them go and allow them to deal with their own problems on their own time and spending (or wasting) their own money.
You cannot save, much less help, your parents because their circumstances and behaviors offers you no alternative.
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
Can you get them to take a computer class?
Linux, lightweight window manager, and pine/alpine. Assuming you can get modem to work.
If you feel evil, mutt with vi or telnet to mail server.
Where are they from? Where is only E-Mail access possible nowadays?
It sounds to me like a made up scenario, just to be a pain in the ass on /.
If you buy it here, and ship it there. Do be careful to either provide an appropriate electrical plug for the country you are shipping to. Good ol' 60 cycle 110 isn't spoken everywhere. Further, the poles and holes may not line up for comfortable penetration to interface this power.
Maybe E-Bay an appropriate power supply for a box or provide an adapter for a laptop....carry on.
*Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
What happened to Slashdot? Most of the replies are saying to buy something new and completely screw with the illiterate's UI, That's a complete no-no. No wonder the UI/UX of the past decade has completely failed. Stop forcing your view of the [computer] world on everyone else. Most people don't like relearning a different way to do the same task when the current way already works, no matter if the newer way is better or not. Most progress happens at generational boundaries, not by teaching 'older' people new tricks. Here are better solutions. If you can't code up the small utilities yourself, find one of the 'hire a programmer' websites and get someone to build them for you.
1) Linux, Mac, or Windows. It doesn't matter that much. If Linux, install a Windows based theme and don't give them admin access. If Windows, buy some software that resets their PC on every restart (there's Linux software too) and make sure the computer is set to shutdown and not simply sleep or hibernate. I don't have enough Mac experience to advise you on any Mac solutions. On both OSes, turn off auto-run. Do they play DVDs? If so, make a script that launches the DVD player software and teach them to click that.
2) Remove their write permissions to their Desktop folder. Put the shortcuts where you want them, then remove permissions to delete them and remove write permissions to the file that says where they're located. That way your users won't be able to accidentally move them and get confused. It's easier to do this on Linux than Windows. Create a few folders for them to access (or use the default Pictures, Documents, Music, etc...) and remove write and view permissions for the users from everything else. Now they will only be able to save files in a few locations and won't be able to see anything else. You will control the user account that can modify these files.
3) Most desktop email clients have plug-in/addons/extensions and most of them have rule based filters. Create a filter that moves any of your special emails to a specific folder. Have a background task/service/cron job/etc... watching the location on the file system where those emails get stored. Once it detects a change, it runs some program that scans the emails and does whatever the email wants it to do. If they have to access the email from a website, create a GreaseMonkey script or similar and download then check the data that way.
4) Send attachments as broken up zip/7z/rar files. Use your special email filter and program to recombine them. zip/7z/rar all natively support split archives. Alternatively you could mail them CDs, DVDs, USB sticks, etc... with whatever updates and new software you want them to install. Since auto-play is turned off, you can have an "Update from Danny's Disk" that runs whatever installation script you have and stores that the update was run (The illiterate users will probably try to run one of the updates multiple times and out of order, so prevent that if it could case problems). Another way to get around the 15MB limit is to use an online filehosting servers (there are tons of them) and only email them the link to the files. In that case, you might want to set them up with a download accelerator (remember those?) as you don't want them to have to restart larger downloads when the connection goes down or if the ISP hiccups on the larder than normal file.
Instead of emailing them commands, you can contact them and agree to both be online at the same time. Then you can remote in and do whatever you need to do in terms of modifying their system files. Command line access works fine over dial-up (even faster than email).
Finally, create everything in a virtual machine first. That way you can test any changes/scripts prior to sending it to them. You don't want to accidentally mess something up.
Since they are on dial-up, speed is probably not an issue. I would get a good linux distribution that supports a "live CD". I believe there is software out there that can create a "live CD" out of Windows XP as well.
Running the OS off of a CD is quite a bit slower than a hard drive but is virtually impervious to most viruses as the virus can not write itself to read-only media. They can still get viruses on the hard drive and resident memory by downloading and running stuff, but the virus can not make itself permanent by changing anything on the OS CD. The next time they turn the computer off or reboot, the virus goes away (until they run the downloaded infected program again). However, it could encrypt/ransomware the hard drive if there are any family pictures on it that they want (I would keep such things on a thumb drive).
/thread
I have given an Android tablet to my mother in law (an old farmer in a remote region). It works like a charm. No problems.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Fuck me with a spoon.
Your problem is one of social engineering, not hardware or software. It's almost impossible to "idiot-proof" any kind of technology if the people using it absolutely refuse to learn. Sadly, this seems to be your problem.
Until your relatives can be persuaded that the device in their house can take their identities, their life savings and perhaps even their children, they'll just keep going merrily along, trusting other people to clean up after them.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
The OP had stated that his parents are just as likely to send off their details to a nigerian prince as they were to click on things they shouldn't. The solution here isn't just about getting them a more secured device, you need to somehow get between their mail and their computer and do some filtering. If they don't get the spam in the first place, they can't send their personal details all over the world (or shouldn't in any case).
You can only teach a person how to use a computer if they are willing to learn. If they just want everything to be extremely simple, then treat them like children.
Personally, you may want to seek getting them a chromebook, it will just be a slight learning curve for them, but should allow them to do pretty much everything they need to do.
a good 90% of the time average people spend on the computer is spent within a browser window. the other 10% is games, or desktop software.
I suspect they are the type of people that are afraid of breaking something.
Get them off of their ISP's crappy e-mail. Get them some Gmail Goodness. Those file restrictions are limited to that provider.
Maybe Dropbox?
Did you say dialup?..... *flips a table* I give up. 28.8K - 56K isn't internet, it's a crime against humanity. A T1 isn't even sufficient for modern computer bandwidth needs.
Stick to Snail-Mail.
The user scenario you describe is hopeless. Don't waste your time. Get them a mobile phone and use txt and multimedia messaging
Or if all they can actually do is email. DOS.
Until 1998 I ran DOS 6.2, DOSPPP (for dialup) and I don't remember what program I had for email. Along with NCSA Telnet. I think I used a TSR ("terminate and stay resident") - may of been required to launch DOSPPP.
Those "windows.exe viruses" wont get very far in a 16 bit environment.
There was also DOS SLIP. One of those should be able to connect to a dial-up account.
They are computer-illiterate, click on everything they receive, and take delight on sending their information to any Nigerian prince that contacts them, "just in case this one is true".
I'm sorry to say this, but you seem to be oblivious to the facts. They are too ignorant to have a computer. Pack it up and take it away from them OR insist that they learn how to use it. That they send information to 419 scammers suggests to me that they may just be too dumb or senile to function - to a degree so severe that it may not be safe to leave them alone. Perhaps they need an assisted living facility?
Thought it was 1997 for a minute...
- No annoying pop-ups that normally plague Windows.
- No trojans and self-installing crap to speak of
- Adblock? (or his stricter brother Noscript)
- I still grant admin access because there are some cases where a simple command needs to be run
- Remote SSH admin access can be routed through any unblocked port
The meaningful content is entirely in the subject.
If you want to be seen, stand up. If you want to be heard, speak up. If you want to be respected, sit down and shut up.
I know you're very keen on the idea of moving away from Windows. However, it seems like your family may at least be used to that version or installation of it. As a result, you may be causing more trouble than you want by giving them a new interface that's more foreign than what they have now.
Therefore, I might suggest a $45 option to "harden" a Windows installation: Faronics: Deep Freeze. (http://www.faronics.com/products/deep-freeze/standard/)
This program will let you get their existing PC setup in that perfect state you want it in, then 'freeze' it in place. If they get a virus, spyware, malware, etc.. The solution is simple: Reboot. Upon rebooting, the PC -always- reverts to the state you froze it in. Their document storage space they can read/write and things stay there, but if a program is installed, *poof* it's gone.
While it might not be a perfect solution for you, you'll be able to make a yearly trip to do updates, or use 'normal' PC remote control methods to run updates and re-Freeze the system.
At any rate, something to consider.
Good luck, either way!
Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: General Protection Fault. [Paroty Error.]
1. Install Ubuntu 2. Setup only the applications they need in the task bar. 3. Install teamviewer host and or just enable openssh with dyndns for location. 4. ??? 5. Profit!!! I've had this set-up for my mother for 4 years now. She had Windows beforehand, but it kept committing suicide and was a much easier target for would-be malicious agents (yeah, she gets her fair share of "Microsoft support" calls offering to fix her computer - she knows how to respond these days). It's just rock solid, runs a web browser (gmail, facebook, google searches) and it runs skype too.. she doesn't need anything more than that.... and it keeps her support requirements very low. I just do a system check whenever I see her and it's always just happy as larry.
A Raspberry pi is an inexpensive solution to most of what you suggest.
Run the Raspbian distro of linux (or Pidora).
You could give them a noobs SD card and allow them to have an XBMC style media player as an added extra.
I tried exactly what you describe at home with PcLinuxOs
It works to some extent, however some settings (like static ip network settings) will not save to the live cd...
then you find some website that wont work with your version of firefox, or skype decides it must be updated, and you have to do the whole thing again
Wioski is another windows based option.
in the 90s
Use some livecCD or Alpine Linux to create your own CD, and tunnel IP in mails for the fun :D If the latency is less than the TCP time-out you might even get a decent ssh connection.
http://packetstormsecurity.com...
Really, from what you say they're so "illiterate" that putting them in front of a computer can only get damages. If their only need is e-mail, maybe they should use other forms of messaging, even SMS could be better. Otherwise, give them a computer with a very limited interface, email only, like e.g. those kiosks in the shops that allow you to print your photos.
Your best bet might be to use a LiveCD (or a LiveCD distribution on a SD card with the read-only tab set - if you're concerned about them removing it, attach a card reader internally). Set up a hard drive partition for their data. Then whatever they do to your config or whatever spyware crap they manage to install disappears next boot. As for the DE you might want to look at KDE as you could use the Kiosk functionality to lock their desktop down. For troubleshooting, not sure if their ISP would block outgoing ports but if not you could run ssh, firewall everything else and have an icon on their desktop that puts up a big window containing their IP address. Then you can talk to them on the phone, get the IP address and ssh in. But to be honest if you're running a LiveCD type setup there shouldn't be much troubleshooting except for "switch off and on again".
I see this as an issue with the environment they're using. Currently - the way they are trying to communicate has *way* too many barriers and risks.
In my opinion, the risks outweigh the limited benefits that their "ISP" provides.
So....write a letter. Communicate over snail mail. No viruses, no Nigerian princes trying to dupe your relations out of their posessions.
This of course, is assuming that regular snail mail is not also blocked.
Eagles may soar, but weasels don't get sucked into jet engines
That's easy: Chromebook.
Looks flashy, neat little apps, apple style all around but without the premium costs, impervious to any malware not sanctioned by Google, starts in seconds and they'd have to put in a real expert effort to screw things up. And no hard feelings about having Google take care of them, since all Princes of Nigeria allready have their contacts, so this Problem can't get any worse anyway.
Set up their account and put the access data in an envelope for them and keep them handy for your self, so you can log on their account and clean up if things get messy or they want something deleted and are to overwelmed to handle it.
Unless, of course, their connection is too flaky for Chrome OS to be useful. Then you're screwed. Fiddling with custom Linux and all that stuff you mentioned would be to much of a hassle IMHO.
We suffer more in our imagination than in reality. - Seneca
A good solution to the remote-admin by email are fetchmail and procmail. Plus, i know it's out of fashion, but a working MTA, if you care about the box replying.
CLI paste? paste.pr0.tips!
Not such a funny idea. It could be somewhere like this place. This is truly remote, with only a ship every three months or so to bring supplies. NO airstrip, not on the slopes of a dormant volcano.
Get yourself a box. In it place a couple reams of notebook paper, a bunch of pens, envelopes, and stamps. Then ship that to them. Tell these people that if they can't learn to be responsible then you are not going to jump through hoops to make up the difference. Just because you know computers does NOT mean you are responsible for lazy-dipshit-proofing every computer owned by a lazy, irresponsible family member.
Webconverger sounds like exactly what you are looking for. An OS the boots straight into the browser. It has the added benefit of the option of either a hard drive install or a live CD, meaning that nothing would remain on the system after a reboot.
there is no option of changing ISP. messages no larger than 1MB nor hold more than 15MB (no hope of changing that either)
Why? For whatever service they provide overseas, find someone else and pay them more for a "professional service".
Clearly there is no "proper" solution for your listed issues, its an internal problem that your trying to fix on the cheap. It wont happen.
Some kind of linux distro, or maybe even mac. Most viruses over there are windows only and propagate via Autorun.inf or by email attachments, not having Windows could prevent both.
Debian
Some desktop environment that hides anything unrelated to connecting to the net and accessing their account
LXDE, and, you'll need to create user accounts to your own specs.
some kind of extension to the email client that executes commands on specially formatted emails (e.g., signed with my private key), so that I can do some basic diagnostics or install extra software if I have to.
Teach them how to copy and paste into the terminal
Another very useful extension would be something to automatically re-assemble attachments split into several emails, to overcome the 1MB message limit.
Winrar, 7Zip.
If you want to play it cheap and to your own specs, you'll need to research, plan and implement everything yourself. If not, pay for better staff or get a professional to do it.
I gave my mum (95) an old PowerPC laptop I got for the price of buying a replacement power supply. It is running a version of OS that probably is no longer updated, but turning off automatic updates doesn't hurt.. I have also stuck on an Applesript that e-mails me when the machine powers up, which she does every morning to let me know she is OK. She is probably a bit less click-happy then your users.
looking on google some people have reported success with 3g/4g USB dongles (mobile internet) bit not with a dial-up phone modem. If you have one to try it might work, but it is so unusual now that there is a big chance drivers won't be included.
I recommend you give them a Linux box and then support them using Team Viewer. Works for me with elderly people I support.
Use Corkscrew to get a reverse-SSH connection tunneled over HTTP/HTTPS. It's ugly, but it gest round almost all firewall issues.
On another note: where do they live that they don't have access to slightly higher-speed 3G internet? I've travelled through third world countries, and cell-phone-internet seems to be almost omnipresent in some form or another.
The cellphone provider there (only one, uggh) just recently began selling email access (just to their own pop servers), over 2G, I think, at about $1/Mb. No mobile internet. Roaming from another provider can cost up to $20/Mb. That's why I'm focusing on working with what they have.
In your situation it might be easier to set-up a locked down FreeBSD terminal which automatically, on a schedule, connects to their email provider to retrieve any new messages. Keep the FreeBSD terminal in text-only mode and give your relatives access to mutt (email) and if their provider allows web browsing, give them access to elinks. You could install FreeBSD on one of those silent-running small-footprint devices with a serial port and use their existing monitor and keyboard; attach the "computer" to the monitor...this works best with a flat panel monitor.
Oh, I forgot about remote support. Install OpenSSH server and enable public-private keypair with passphrase so you can easily connect to their computer when it is on-line. A service to update their dynamic IP address to a host name for ease of use would complete the requirements for remote support.
Give them a live boot disk of Ubuntu or whatever Linux you prefer - wipe their hard drive clean and leave it that way. Lock it down and switch off updates. Give them one or more USB keys to save their data (if they have any). You could I suppose give them a locked USB key that is read only. Put your customised desktop stuff on there for them - you know, a home directory, icons, etc. If they ever mess up bad get them to boot from the Live CD with the read-only key in the drive - step them through copying that onto their trashed key. Go from there.
People like this will never learn, best you can do is lock them down to a given distribution and plan for the day they somehow mess it up.
All those moments will be lost in time, like tears in rain.
People over here will suggest your relatives learn Lisp.
The Linux desktop is a reality and has been at work at my home since '99. I provide support and so things work reasonably well.
But the ideal solution would be to have GUIs tuned to the user. Windows manages to achieve such things by using the Least Common Denominator: non-technical simpletons... Macs OTOH have a better polished interface and actually can make non-technical people more productive. Linux does a similar error to the Windows one, by catering only to users with greater technical prowess.
At home, I have been forced to:
a) provide simplified apps for general users: RPN calculator for me, conventional for most;
b) simplifying user interface: many desktop icons for me, only Firefox and Chrome to my son (he was moving icons from desktop to panel!);
c) blocking the notebook keyboard (xinput) because of the cat which loves to sleep on it (mine fell once taking many keys with it, so I finally closed the lid);
d) tuning apps according to age for some users, like GCompris.
I'm also considering a computer for my elders (~ 80 years old) for use with Skype or Hangouts or whatever... but they're not only illiterate: they hate computers!
Thus I am at loss about what to do... they could use some serious "information hiding" even in apps, so it's not just a desktop problem.
Maybe it's time we have simplified versions of Libre/Openoffice -- which more or less Android provides with the thousands of available apps. Actually, considering what Linus said about Subsurface at his last Q&A, maybe we are past the distribution phase...
Maybe it's time to start having application stores available themselves to the main distributions, like Google's Play Store or F-Droid.
Well you might waste your time re-inventing the hot water, but if you prefer simple out of the box solution for me it sounds like you need some kiosk targeted Linux distro. There are many and all of them work fine. Here is a quick example: http://www.linutop.com/software.en.html
I would recommend Linux- perhaps Ubuntu - certainly if they have no previous experience that has clouded their minds to believe that Windows is the only possible choice. If they must have Windows, I would suggest that you install Linux + a VM with Windows in it, and configure it to log in and start the VM automatically. The reason being that you can then create a backup copy of the Windows disk and leave it somewhere on the Linux disk. This is for when Windows inevitably gets so infected that it doesn't work, at which point you shut the VM down and restore it to its original, freshly installed state.
(hmm, come to think of it - would it work? I have never actually done it; there may be problems with the activation code or something)
Unless they're going to change their habits (LOL, Yeah righ!) anything you do is pretty much a waste of time.
I have extensive family and stopped giving free tech support decades ago. Unless they pay for the support and the cost puts VALUE in their head over a computer being clean, they're not going to be willing to change their personal habits.
Having computer illiterate relatives myself, I have created a few simple scripts and use SSH port forwarding.
Each relative's computer gets a unique port (yes, the system is not really scalable) and connects on network start to my server. This is done via a script in Networkmanager's dispatcher.d. I simply have to connect to my server using SSH with a specific port to get into the relative's PC. Also there is port forwarding for VNC for the cases where a console isn't enough. Should work with any kind of firewall. The system relies on keys, not passwords so it should be relatively safe. There is single point of failure though, but all the keys are backed up and setting a new SSH server in case the old one is broken is a trivial task.
And for the cases when something is really broken, there's a LiveCD created for the sole purpose of connecting to my server and giving me a reverse port so I can chroot into a broken system or simply try and safe what's left on the hard disk. The LiveCD starts without asking the user *anything* and has all the Wi-Fi keys. Every relative gets a copy.
The relatives in question live in other towns and even in other countries. So it's crucial that nothing gets broken. Therefore the relatives use LTS versions only. Have switched from Ubuntu to Mint some time ago because of a more familiar interface. Other reason for LTS is that I won't risk upgrading the whole system when I am some thousands kilometres away.
The relatives must be willing to use Linux and to accept that I have full control over their PCs. In my case the choice I gave was "Linux or do it yourself". And they appreciate that I can solve their problems without having them to do anything.
Chromebooks assume you'll be using the web for everything and have no native apps, even if some work in "offline mode." A distro like openSUSE supports old school software installation out of the box (i.e. off a DVD or even a very large stack of floppies). This ability has saved my butt from time to time. It is possible to maintain an update list and just always have a copy of the latest on your disk that you burn and bring. You could do something like this with Debian, mirror the repos at home and bring a burned disc or external hard disk every time you visit to keep things up to date. But honestly, any Linux distro will be pretty safe from viruses and such. A good email filtering daemon or native email client ruleset will prevent most scams from getting through.
I live in a State that has a lot of dialup still. Yes, in the good ol' US of A there are places that still only have dialup.
My solution was a linux box, running gnome (you could use unity) and claws-mail. Then in claws-mail I set up a Filter that would execute an external script based on certain criteria. This would do what you want. With your yearly visits, you could do the system upgrades and other maintenance. Just turn off any auto-updates the distribution may have.
The Nigerian thing is fake? Damn, I've been waiting on those funds!!!
Comment removed based on user account deletion
Change your thinking. I got my mom an apple wireless router and an iPad. All my tech support issues went away, and she loves it. Its easier for her to use and with a keyboard does email just fine. These days if you just want email a PC is no longer the best solution.
Why not make a live boot CD that will reinstall the system for them.
I have used SuSeStudio to do that for remote managed server installs. First you create what you need in the studio, then make a installer disk from it, and then when they boot with that CD/USB it re-installs the OS for them, to exactly what you created. That way if they really, really, make a mess of things you can take them back to a clean slate. Also if you partition the drives properly, the same re-installer can leave their data intact (not wise in this case) while repairing any other damage. I would have it dump the homedir, but not the mailstore in this particular case. That way any damage will be gone, any infections will be neutralized and they will still have their old email (again maybe not so wise in this case).
You can use Studio to pre-install the modem drivers too. The only downside is that you will lose any updates each time they step back. You cuold get around this by creating a new version each year before you visit and just change it out each time. It might actually be easier if the choices for faster internet are not available, to reinstall from that new CD/USB each year when you get there. Show up, quick fix w/built in upgrades, enjoy the rest of the visit.
Az
medium tech: an Etch-A-Sketch.
low tech: a legal pad.
if they're clicking everything that crawls over the door or chews through the wall, they should not have a computer at all. before long, they won't have a space left under the nearby bridge either, weasels will take that also.
if this is supposed to be a new economy, how come they still want my old fashioned money?
Take a look a LUbuntu. Load it into a VM and play around with it. It's familiar enough that Windows users can function well enough. It's based on Ubuntu (obviously) so it runs .deb files. You can harden it to suit your needs. You can google for what you don't know. If you do go the LiveCD route that works as well. If you choose not to have it do updates due to the slow connection, you could just wait until the next release and send a new disc.
I refuse to sign
They won't be able to install a thing with a non-admin account.
Use Whale Mail or something similar. http://www.sharefile.com/ Or one can sign up with ANY hosting provider, They all proide GigaBytes of storage. Just send a link to the file and let them download it at their leisure, and it won't clog up their E-Mail box with huge files.
I tried running from a live CD for over a year.
I found that the CD stopped wroking reliably after several months.
The problem is that the CD-drive operates above the maximum storage temperature of the media (about 32C)
Build them a small form factor PC. Don't connect the USB ports and don't provide an optical drive. Install FreeDOS, a basic dialup TCP/IP stack, an email client and a web browser. I'd also set it up to decompress and restore everything from a read-only partition every single time they boot, ideally before processing config files. If there isn't already a way to do this, FreeDOS does have source available, so you could modify that.
Notes on DOS email and web clients:
http://www.tokyopc.org/newslet...
http://www.compmiscellanea.com...
Graham
Virtual PC's, Take a snapshot, then restore when everything goes to hell, 1. Terminal for illiterate 'Puter User 2. Server\Workstation Hosting Virtual PC's 3. Firewall-ed internal NAT 3. Admin Access only to Hosting PC 4. Snapshots created 5. Snapshots restored after virus Optional Options 6. Nigerian Prince Moves In with relatives 7. 30 day eviction notice to the Prince 8. Cry after Nigerian Prince Claims Squatters Rights 9. Move to Nigeria with hopes of interweb clicks 10. Become Lord of the Nigerian Prince Gang Ring 11. Restore to snap shot and get rid of mouse.
Dude, it could be a cabin in the Rocky Mountains in the US based on that description, or any similarly remote location a few miles from a highway. It's possible that satellite or point-to-point ISPs are available, but they are horridly expensive especially for someone whose usage doesn't warrant an always on connection.
Geez, sounds like they'd be perfect for WebTV!
This is what I did for my customer who wanted to use only email with no attachments via dial-up.
1. I started with a Knoppix 3.3 Live CD and an old Dell Dimension PC. I installed an Intel 536EP PCI dial-up modem card.
2. In Knoppix, I ran the script to install Knoppix to the hard disk. I chose KDE as the desktop environment.
3. Running Knoppix from hard disk, I downloaded, compiled and installed the Intel536-4.68 kernel driver.
4. Set up KPPP to access the dial-up Internet Service Provider.
5. Set up KMail to access the ISP's POP3 mail server and SMTP outgoing mail server.
6. Checked that the Konqueror web browser/file manager was able to access basic websites.
7. Installed an Epson C62 printer in the CUPS printer manager, which is accessed with Konqueror, using the URL http://localhost:631/
8. In CUPS printer manager, for the Epson C62 I chose Set Printer Options and Color Model: Greyscale.
An alternative to the Intel 536EP PCI card is a standard 56k serial modem, nice to have lights to look at while it is working. This lasted for 7 years with no problems, until replaced because the customer decided to do something else.
Maybe Cuba?
We've recently added a Chromebook to our family and this has revealed to us how flaky our internet connection is, something we never noticed with half a dozen other computers/tablets/etc in the house. The Chromebook really depends on being connected to reliable broadband, even for features which are supposed to work "offline" - our connection is fine for surfing and streaming but it seems it momentarily drops out every so often, for some reason (I'm still investigating) and that keeps the Chromebook pretty much grinding to a halt when you're trying to use Docs or anything beyond the basics.
So yeah, I'd strongly recommend Chromebooks for situations like this, but not with dialup...
Telikin
http://www.telikin.com/
A Plus Senior Computer
http://aplusseniorcomputer.com...
They are worth checking out.
My goal is to learn at least one new thing before going to sleep and to wake up after each sleep cycle.
So the size of messages using pop mail is limited?
Ops, I shuld have usd the prevuwe but in.
Bootable, non-writable CD, schedule computer to shut off every night at 2AM, forcing a daily reboot from said hardened safe CD OS. Leave one or two copies outside the computer where you can tell them to look if they phone and say they had to throw out the one they had been using.
"There is no god but allah" - well, they got it half right.