If the bank understands, so can a BHO. Good luck getting people to figure out the transcriptions though. You might as well ask them to rot13 their username and password.
The easier solution is to make a browser that does not allow plugins to be installed without root user consent. For my clients, that means a phone call to me because they forgot their root password. Problem solved.
What does Linux have to do with it? I use FireFox on Windows and I am still not vulnerable to this.
Your choice of browser helps, but it's not enough. You might not be caught by this, but Windoze itself listens on other ports and can be exploited. It happens without any effort on your part. Also, you might be tempted to use LookOut or similar, are probably running as root and lack a host of other safety mechanisms that protect the average Linux user.
The average user is much better off running a kernel that has real users that respects permissions embedded in the file system. As someone else mentioned, all of the above makes it difficult for a malicious web site to load any kind of system software without the user knowing. Windoze was designed to make that possible and it is no surprise that security is so poor on Windoze.
Some might complain that you use Mozilla based browsers, email clients and other stuff to avoid Windoze security problems and that's good enough for you. Fine for them, whatever. I consider it all a royal pain in the ass to keep up with all of that. Going to get a handfull of free software programs to make Windoze work right is an exhausting and pointless exercise. Microsoft does it's best to break them and dependency resolution on Windoze has always been impossible. It's much easier, and more secure, to simply install a reasonable distro in the first place.
I won't be paying my taxes this year as I firmly believe the influx of cash will "Break the Bank".
You will pay for TIA just like everyone else. I wish it were not so. Either they are incompetent or dishonest, and both are unsettling.
I doubt they are up to the task. These jokers can't keep track of foreign lobbyists, people who register themselves and make themselves as conspicuous as possible. How on Earth are they going to keep track of terrorists? Can we be sure they can keep terrorists and foreign powers from reading it and planting false information?
A sad parody, from Neiven's Fallen Angels, comes to mind. Technical incompetents had taken over. Their databases of "technophiles" were filled with entries like "Sherlock Holmes".
Everyone stand close together and keep your eggs on your feet. Note, only male scientist who weigh at least 90 pounds and have a pot belly may participate. The design is limited to 9 week stay time, but requires no resupply. brrrrr
the hidden subtext is "We really want to make this compulsory but cannot. So we'll give people the chance to opt in and over time make it really inconvenient for those who choose not to until eventually everyone opts in just to avoid the hassle."
It should be obvious that the quick check in is temporary at best. The long lines at airports have little to do with making sure you are who you say you are and everything to do with government interference. Long lines at airports are the result of a federally imposed lack of airline competition, bag checking and other fall out from 9/11. Those things will still be there after everyone's fingerprints, retinas, DNA sample and sperm motility factors are in some kind of federal potential criminal database.
Say "mooooooooo" all you chattel. Uncle Sam wants to record it for a voice analysis program.
The public owns the airwave, and the FCC just happens to embody the public interest right now.
They can be done away with by a vote. In this case, I'm glad they stepped up to the plate and squashed the takeover attempt.
I wanted to post it myself, but you beat me to it.
STEVE LOHR, clearly understands free software and software in general better than the average reporter. The first word of the article is "GNU Linux". He then goes on to frame the major players and background the significance in light of recent EU anti-trust rulings. More importantly, he understands that Linux is Ready for the Desktop:
For the Linux desktop, a number of applications are already available and more are in development. These include word processing, spreadsheet, database presentation, e-mail and Web browsing software. "For 80 percent of the people in the world, Linux is now a perfectly fine desktop environment," a leading open-source advocate, Bruce Perens, said.
Good stuff for people to read in the New York Times.
I wonder if the EULA WinCE, like most "consumer" software, grants Microsoft the ability to terminate the license at any time. From the user's perspective, Shared Source is irrelevant and I'm sure M$ intends it to be. The average M$ apologist loves to pretend that user control is unimportant.
You are referring to "Ultimatum". The reporter states A's motivation as:
A makes the most money by offering one dollar to B, keeping nine for himself, and B should accept it, because one dollar is better than none.
But fails to mention that B has exactly the same power and motive as A does. When you understand this, you understand why people tend to walk away with $5 each. There is nothing irrational about it.
Only a lack of reasoning can make the situation go any other way. People in the room might not have enough time to articulate the situation, or be allowed to by the rules, but they know it instinctively. Given time and intelligence, they can articulate their relative positions and come to the reasonable conclusion. Anything less is unreasonable and insulting. People will take a bad offer from a computer because they know it's stupid. They will spite a bully hoping that the bully might learn a lesson but also knowing the bully is stupid.
The reporter did not spend much time thinking about this, or was talking to one first rate con man of a researcher.
Plenty of colors for the dirty deed.
on
Reverse Graffiti
·
· Score: 4, Interesting
The only problem I can see is that you're limited in choice of color.
Don't you know that the solvent comes with all sorts of tints these days? Citron, and various berry flavor Vodka is available. There's even pepper vodka. It might be more subtle than the average commercial "art" but the obliteration message will still come through.
I still haven't figured out if I *like* professional graffiti, or if it even helps improve the area...
Could it be more despicable? Nothing says "slum" like billboards and graffiti. Don't be fooled, it's always degrading and insulting when people stick their message in your face. The difference between a "legitimate" billboard and someone marking their pissing grounds is mostly the means available. In this case, the advertiser is being cheap and hoping to gain some kind of hoodlum credibility. I don't want to live or work around people with that kind of attitude.
it would be nice for it to mention what makes it "cut-down".
Full on Windows is not competitive in it's native language, so the notion of "stripped down sounded odd to me too, but what I found was even more surprising. Just a little reading is very enlightening. No one but Microsoft and end users will know what's going into the package but Windoze is even less competitive in Thai.
What could they remove for this obvious region based dumping project? Calc? Notepad? The clock on the button bar? Oh wait, I see that they have a "stripped down" version of Office Standard, itself already stripped down.
I have to wonder what they could remove from such a basic set of software. Office Standard comes with a word processor, spreadsheet, email client and a presentation program and DRM that you have no control over. I suppose they could remove the presentation software and leave the user with ascii or Microsoft's crappy html code generation for information sharing. Spell checker, do they have a Thai spell checker? Do they have Thai anything at all? The user will still be looking for a paint program, pdf writer, a browser and email client worth using and third party software to do anything real that's business related. Who knows when M$'s not talking?
Given the above differences in software quality and the ease of "piracy", I doubt that M$'s little dumpting scheme is going to work. Their "People's Software" initiative might suck in a few clueless government types but people who know software are going to continue to chose Linux. They could give their stuff away and it would not be taken up.
How about the lion and ramen worms from 2001? Or how about the fact that someone is trying to convince phatbot/agobot to compile on Linux? Free software is not impervious to worms. However, due to the diversity of systems, it tends to be far more difficult to write a single exploit.
Those are good examples. I ran Red Hat 6.2 and 7 but was not running wu-ftp or BIND, so they did not get me. I have run pro-ftp on my gateway machine, but I've been able to turn off most ports. This clearly demonstrates the value of user control and choice of software. As I recall, the BIND problem was fixed in a few days.
True but a very specific kind of opinion, it's a big long campaign advertisement. Is this the first time people will actually pay to watch such a thing?
It may take two years for the word to get out, but it does, sooner or later. Billions of dollars in propaganda spending, non-competitive agreements and other nonsense can only slow the market down. It won't stop people from realizing a better value. CERT, for it's part, is recommending the only solution available in the face of continued Microsoft security failures.
The quote is so rich, I think I'll include it.
CERT recommends that Explorer users consider other browsers that are not affected by the attack, such as Mozilla, Mozilla Firefox, Netscape and Opera. Mac, Linux and other non-Windows operating systems are immune from this attack. For people who continue to use the Internet Explorer, CERT and Microsoft recommend setting the browser's security settings to "high," but that can impair some browsing functions.
Good bye, anti-competitive little nasty. IE was M$'s attempt to push it's desktop monopoly into the web. I'm going to be so happy when I quit running into pages that ignorantly tell me they are best viewed in IE. With it will go a whole host of proprietary crap.
At least he said "this attack" instead of "attacks".
Credit is being given where credit belongs. The softies can try to spin this, but they will fail as there is little hope for them to fix their platform's underlying design flaws. Microsoft remains a security dissaster.
While no one will tell you that free software is immune to attack, they can tell you that free software users are not monthly victims attacks that take advantage of moronic software design. Can anyone point to a single free software worm that auto propagated?
The variety of free software and it's quality makes such stuff very difficult to design. Imagine that you did find an exploit for a popular linux desktop that could propagate itself. Right away, you are limited to less than half of the linux population. I use KDE, others use Gnome, Window Maker, OLVWM and so on to console emacs. Typically, news of the exploit is trumpted with bug fixes and patches. Problem solved, usually without loss of data.
The widespread, spam sending, net threatening DoS attacks that we have seen on the Microsoft monoculture won't happen with free software.
McBride the McWhore
on
Wired on McBride
·
· Score: 2, Interesting
... if you can, for a second, believe in what he's doing, like he does, you will make amazed at his dedication
If you can believe what he says, you can believe anything. SCO has no case. The article gives him and his case too much credit.
He's doing what he's doing for money, not because he believes he's right. He's trying to steal hundreds of people's work and charge money for it. An honest man would have produced the infringing code before they went to court. SCO's been in court for more than a year and has nothing to show for it yet. McBride, however, is just a puppet. Microsoft is behind this, they gave him the money and he's marching to their orders.
... they decide to remotely delete 1000 mp3s. Will I know it? If I do, I'll just pound that power button and ask questions later. Other than that, I'll turn my computer off when I leave the room.
What will you do if the next boot takes a little longer than usual? You can't fight a rooted computer. All you can do is save your data, then wipe and reload.
An AC asks for proof that WMP roots your machine and spys on you. OK, Read your EULA and then inspect your files. You should find a file with the name of every song and movie you've ever played. Where it's located may be version dependent. They have given themselves the right to determine it and the ability to do it easily.
Running Red Hat Fedora, I routinely use yum to update packages... not much different than Windows Update.
There's a big difference in trust. I don't have to trust my Linux distribution because I can prove that it's AOK. With Windoze update, you must trust Microsoft and it's very difficult to check. M$ has proven that they can't be trusted.
With Windows update you get binary junk and have no idea where it goes or what it does.
With free software, you get stuff that's open for inspection that can easily be checked.
Sure, you can get into trouble with non-free software on Linux. That's why distributions like Debian clearly denote what is free and what is non free.
Don't want your computer searched? Don't connect to the network.
The choice you offer is: Be rooted or flunk out. How do you get your homework assignments, notes and other stuff required by your classes?
People should be outraged at the imposition of having their computer owned by their school for yet another winblows boon-dogle that won't work. I don't even own a M$ operating system, so I'd have to go out and buy one as well as find some crappy computer to sacrifice to the cause. You don't think I'd trust real work to a networked M$ box do you? The aggivation something like this would cause any clueful computer user is endless.
If I was paying a network fee and ended up w/a virus or worm because of some other careless idiot I would be pissed.
Careful what you call people. If you are running Windows, you are that careless idiot and I'm pissed at you for clogging my network. Even the best maintained Windows boxes get owned through unpatched Microsoft holes like this. If banks and other fortune 100 companies can't avoid being auto rooted, neither can you. The army of broken Windows bots is a threat to everyone, but we should not blame the user.
Operating Systems that have not exhibited these kinds of problems should be encouraged, not saddled with a backdoor or banned. It's easy enough to monitor traffic at building routers and chop off the MAC address of problem machines. Wouldn't you like to know if you had been rooted and that the perpetrator had not used your machine to harm others? Winblows need special help, but it does not have to go as far as the Big Brother bot proposed.
As part of Microsoft's Strategic Technology Protection Program, and in response to direct customer need for a streamlined method of identifying common security misconfigurations, Microsoft has developed the Microsoft Baseline Security Analyzer (MBSA). MBSA Version 1.2 includes a graphical and command line interface that can perform local or remote scans of Windows systems.
It's a backdoor, they can do anything they want to your system. It can scan, read and write files. It's like giving them root, so they own your computer.
With abilities like that, do you think they will bother to ask you when it comes time to satisfy some big power? RIAA requests to eliminate your music collection will be honored. CIA/FBI requests to search and monitor suspicious characters will be carried out. Anyone who would require such powers will abuse them.
It's as unAmerican as all hell. Such scans would obviously violate your fourth amendment right to be secure in your personal papers. At State schools, the network is public and at many it has been paid for by special student fees, so this is an abuse of a public network, comparable to wholesale wiretaping, post violation and even bugging, if your computer has a microphone they can turn on. At private schools, ownership of the network depends on the amount of public money paid to build it and is encumbered by the fact that they will want to connect it to other public networks. That desire to connect to public networks should be used to enforce the kind decent behavior.
All of the other services mentioned can and should be required of Windows machines but Winblows itself should be optional. Up to date virus definitions are helpful but generally too difficult for the end user to keep up with. All the services besides system monitoring are helpful to the user and the school. If the user chooses to be rooted as a condition of running Winblows, that's their choice.
Operating systems that don't have problems should be encouraged by the University. Not being rooted can be one more reason to run Linux, Mac and other OS. Traffic should still be monitored. If my computer starts belching spam, I'd be happy if my ISP sent me a message and chopped the line. There's a big difference between that and requiring read write to my computer.
I'm not sure where the happy medium is between total computer intrusion and none at all. It's hard to trust anyone else messing around with my computer with software i MUST install.
Windows is already owned and there's plenty of middle ground for Universities that stop short of owning your computer.
Sure, you should be uncomfortable about letting your campus put yet another back door onto your machine, but Windows is crawling with them to begin with. If you are running Windoze, you are already letting Bill Gates mess with it. It's already compiling lists of all the music and movies you play and it sends all sorts of information back home. Any Microsoftie will tell you that it's very important for you to run Winblows Updater, which does much the same thing your campus service will. What do you expect of people who consider stuff on your hard drive "their" operating system and your desk as a billboard to be sold to the highest bidder?
LSU can and does monitor traffic at building routers. Unusual activity has them block the MAC address. It's much easier than requiring expensive commercial software that does not work.
Unfortunately, LSU is moving toward just that kind of stupid requirement. They are specifying that Winblows machines on their network have "up to date" virus software. That's fine, so long as they don't require Winblows in the first place. The student senate is considering a laptop and Active Directory requirement. What a nightmare.
There's lots of room between turning every computer on campus into a campus owned DRM'd dumb terminal and letting the Windows machines destroy the campus network. They could continue blocking actual problems at the router instead of requiring the very source of the problems be run by all. They can offer the service voluntarily to those who simply have to have winblows. Macs, Linux and commercial Unix do not have the same problems and should be encouraged. Computing services should make running Windows as easy as they can and that includes offering virus protection, but they defeat themselves when they dumb the network down for it.
It's that attitude that's convinced most developers that Microsoft development is a bad bet. Articles I read back when M$ switched from VB 5 to VB 6 convinced me that VB and M$ in general were a waste of time. The aggrieved authors complained that they were just finished moving their code from VB 4. The arbitrary changes made broke lots of their code and made them very unhappy. I learned C and C with classes instead. If someone had dropped a Tcl/TK book on my desk at the time, I would have been much better off than I was dealing with the Windoze API.
A company that violates it's duty to it's customers and share holders is sure to violate it's own employees. It's all part of believing that it's OK to violate people. Microsoft employees, typically, are shareholders and customers. Can you expect to be treated any better?
The easier solution is to make a browser that does not allow plugins to be installed without root user consent. For my clients, that means a phone call to me because they forgot their root password. Problem solved.
Your choice of browser helps, but it's not enough. You might not be caught by this, but Windoze itself listens on other ports and can be exploited. It happens without any effort on your part. Also, you might be tempted to use LookOut or similar, are probably running as root and lack a host of other safety mechanisms that protect the average Linux user.
The average user is much better off running a kernel that has real users that respects permissions embedded in the file system. As someone else mentioned, all of the above makes it difficult for a malicious web site to load any kind of system software without the user knowing. Windoze was designed to make that possible and it is no surprise that security is so poor on Windoze.
Some might complain that you use Mozilla based browsers, email clients and other stuff to avoid Windoze security problems and that's good enough for you. Fine for them, whatever. I consider it all a royal pain in the ass to keep up with all of that. Going to get a handfull of free software programs to make Windoze work right is an exhausting and pointless exercise. Microsoft does it's best to break them and dependency resolution on Windoze has always been impossible. It's much easier, and more secure, to simply install a reasonable distro in the first place.
You will pay for TIA just like everyone else. I wish it were not so. Either they are incompetent or dishonest, and both are unsettling.
I doubt they are up to the task. These jokers can't keep track of foreign lobbyists, people who register themselves and make themselves as conspicuous as possible. How on Earth are they going to keep track of terrorists? Can we be sure they can keep terrorists and foreign powers from reading it and planting false information?
A sad parody, from Neiven's Fallen Angels, comes to mind. Technical incompetents had taken over. Their databases of "technophiles" were filled with entries like "Sherlock Holmes".
It should be obvious that the quick check in is temporary at best. The long lines at airports have little to do with making sure you are who you say you are and everything to do with government interference. Long lines at airports are the result of a federally imposed lack of airline competition, bag checking and other fall out from 9/11. Those things will still be there after everyone's fingerprints, retinas, DNA sample and sperm motility factors are in some kind of federal potential criminal database.
Say "mooooooooo" all you chattel. Uncle Sam wants to record it for a voice analysis program.
I'm going to go dance in the street.
STEVE LOHR, clearly understands free software and software in general better than the average reporter. The first word of the article is "GNU Linux". He then goes on to frame the major players and background the significance in light of recent EU anti-trust rulings. More importantly, he understands that Linux is Ready for the Desktop:
For the Linux desktop, a number of applications are already available and more are in development. These include word processing, spreadsheet, database presentation, e-mail and Web browsing software. "For 80 percent of the people in the world, Linux is now a perfectly fine desktop environment," a leading open-source advocate, Bruce Perens, said.
Good stuff for people to read in the New York Times.
A makes the most money by offering one dollar to B, keeping nine for himself, and B should accept it, because one dollar is better than none.
But fails to mention that B has exactly the same power and motive as A does. When you understand this, you understand why people tend to walk away with $5 each. There is nothing irrational about it.
Only a lack of reasoning can make the situation go any other way. People in the room might not have enough time to articulate the situation, or be allowed to by the rules, but they know it instinctively. Given time and intelligence, they can articulate their relative positions and come to the reasonable conclusion. Anything less is unreasonable and insulting. People will take a bad offer from a computer because they know it's stupid. They will spite a bully hoping that the bully might learn a lesson but also knowing the bully is stupid.
The reporter did not spend much time thinking about this, or was talking to one first rate con man of a researcher.
Don't you know that the solvent comes with all sorts of tints these days? Citron, and various berry flavor Vodka is available. There's even pepper vodka. It might be more subtle than the average commercial "art" but the obliteration message will still come through.
I still haven't figured out if I *like* professional graffiti, or if it even helps improve the area ...
Could it be more despicable? Nothing says "slum" like billboards and graffiti. Don't be fooled, it's always degrading and insulting when people stick their message in your face. The difference between a "legitimate" billboard and someone marking their pissing grounds is mostly the means available. In this case, the advertiser is being cheap and hoping to gain some kind of hoodlum credibility. I don't want to live or work around people with that kind of attitude.
Looks bad for evil M$.
Full on Windows is not competitive in it's native language, so the notion of "stripped down sounded odd to me too, but what I found was even more surprising. Just a little reading is very enlightening. No one but Microsoft and end users will know what's going into the package but Windoze is even less competitive in Thai.
What could they remove for this obvious region based dumping project? Calc? Notepad? The clock on the button bar? Oh wait, I see that they have a "stripped down" version of Office Standard, itself already stripped down.
I have to wonder what they could remove from such a basic set of software. Office Standard comes with a word processor, spreadsheet, email client and a presentation program and DRM that you have no control over. I suppose they could remove the presentation software and leave the user with ascii or Microsoft's crappy html code generation for information sharing. Spell checker, do they have a Thai spell checker? Do they have Thai anything at all? The user will still be looking for a paint program, pdf writer, a browser and email client worth using and third party software to do anything real that's business related. Who knows when M$'s not talking?
Microsoft Thai page does not say as far as I can tell without their special software. They have the same bogus "facts" presentation, but you have to have "active scripting" to have the right characters appear. Mostly, the site is in English, the rest is broken, some advert that is. M$ gets its ass kicked by Gnome's beautiful Thai page which rendered perfectly with Mepis / Debian unstable. This page is fun too!
Given the above differences in software quality and the ease of "piracy", I doubt that M$'s little dumpting scheme is going to work. Their "People's Software" initiative might suck in a few clueless government types but people who know software are going to continue to chose Linux. They could give their stuff away and it would not be taken up.
Those are good examples. I ran Red Hat 6.2 and 7 but was not running wu-ftp or BIND, so they did not get me. I have run pro-ftp on my gateway machine, but I've been able to turn off most ports. This clearly demonstrates the value of user control and choice of software. As I recall, the BIND problem was fixed in a few days.
True but a very specific kind of opinion, it's a big long campaign advertisement. Is this the first time people will actually pay to watch such a thing?
The quote is so rich, I think I'll include it.
CERT recommends that Explorer users consider other browsers that are not affected by the attack, such as Mozilla, Mozilla Firefox, Netscape and Opera. Mac, Linux and other non-Windows operating systems are immune from this attack. For people who continue to use the Internet Explorer, CERT and Microsoft recommend setting the browser's security settings to "high," but that can impair some browsing functions.
Good bye, anti-competitive little nasty. IE was M$'s attempt to push it's desktop monopoly into the web. I'm going to be so happy when I quit running into pages that ignorantly tell me they are best viewed in IE. With it will go a whole host of proprietary crap.
Credit is being given where credit belongs. The softies can try to spin this, but they will fail as there is little hope for them to fix their platform's underlying design flaws. Microsoft remains a security dissaster.
While no one will tell you that free software is immune to attack, they can tell you that free software users are not monthly victims attacks that take advantage of moronic software design. Can anyone point to a single free software worm that auto propagated?
The variety of free software and it's quality makes such stuff very difficult to design. Imagine that you did find an exploit for a popular linux desktop that could propagate itself. Right away, you are limited to less than half of the linux population. I use KDE, others use Gnome, Window Maker, OLVWM and so on to console emacs. Typically, news of the exploit is trumpted with bug fixes and patches. Problem solved, usually without loss of data.
The widespread, spam sending, net threatening DoS attacks that we have seen on the Microsoft monoculture won't happen with free software.
If you can believe what he says, you can believe anything. SCO has no case. The article gives him and his case too much credit.
He's doing what he's doing for money, not because he believes he's right. He's trying to steal hundreds of people's work and charge money for it. An honest man would have produced the infringing code before they went to court. SCO's been in court for more than a year and has nothing to show for it yet. McBride, however, is just a puppet. Microsoft is behind this, they gave him the money and he's marching to their orders.
What will you do if the next boot takes a little longer than usual? You can't fight a rooted computer. All you can do is save your data, then wipe and reload.
An AC asks for proof that WMP roots your machine and spys on you. OK, Read your EULA and then inspect your files. You should find a file with the name of every song and movie you've ever played. Where it's located may be version dependent. They have given themselves the right to determine it and the ability to do it easily.
There's a big difference in trust. I don't have to trust my Linux distribution because I can prove that it's AOK. With Windoze update, you must trust Microsoft and it's very difficult to check. M$ has proven that they can't be trusted.
With Windows update you get binary junk and have no idea where it goes or what it does.
With free software, you get stuff that's open for inspection that can easily be checked.
Sure, you can get into trouble with non-free software on Linux. That's why distributions like Debian clearly denote what is free and what is non free.
The choice you offer is: Be rooted or flunk out. How do you get your homework assignments, notes and other stuff required by your classes?
People should be outraged at the imposition of having their computer owned by their school for yet another winblows boon-dogle that won't work. I don't even own a M$ operating system, so I'd have to go out and buy one as well as find some crappy computer to sacrifice to the cause. You don't think I'd trust real work to a networked M$ box do you? The aggivation something like this would cause any clueful computer user is endless.
If I was paying a network fee and ended up w/a virus or worm because of some other careless idiot I would be pissed.
Careful what you call people. If you are running Windows, you are that careless idiot and I'm pissed at you for clogging my network. Even the best maintained Windows boxes get owned through unpatched Microsoft holes like this. If banks and other fortune 100 companies can't avoid being auto rooted, neither can you. The army of broken Windows bots is a threat to everyone, but we should not blame the user.
Operating Systems that have not exhibited these kinds of problems should be encouraged, not saddled with a backdoor or banned. It's easy enough to monitor traffic at building routers and chop off the MAC address of problem machines. Wouldn't you like to know if you had been rooted and that the perpetrator had not used your machine to harm others? Winblows need special help, but it does not have to go as far as the Big Brother bot proposed.
As part of Microsoft's Strategic Technology Protection Program, and in response to direct customer need for a streamlined method of identifying common security misconfigurations, Microsoft has developed the Microsoft Baseline Security Analyzer (MBSA). MBSA Version 1.2 includes a graphical and command line interface that can perform local or remote scans of Windows systems.
It's a backdoor, they can do anything they want to your system. It can scan, read and write files. It's like giving them root, so they own your computer.
With abilities like that, do you think they will bother to ask you when it comes time to satisfy some big power? RIAA requests to eliminate your music collection will be honored. CIA/FBI requests to search and monitor suspicious characters will be carried out. Anyone who would require such powers will abuse them.
It's as unAmerican as all hell. Such scans would obviously violate your fourth amendment right to be secure in your personal papers. At State schools, the network is public and at many it has been paid for by special student fees, so this is an abuse of a public network, comparable to wholesale wiretaping, post violation and even bugging, if your computer has a microphone they can turn on. At private schools, ownership of the network depends on the amount of public money paid to build it and is encumbered by the fact that they will want to connect it to other public networks. That desire to connect to public networks should be used to enforce the kind decent behavior.
All of the other services mentioned can and should be required of Windows machines but Winblows itself should be optional. Up to date virus definitions are helpful but generally too difficult for the end user to keep up with. All the services besides system monitoring are helpful to the user and the school. If the user chooses to be rooted as a condition of running Winblows, that's their choice.
Operating systems that don't have problems should be encouraged by the University. Not being rooted can be one more reason to run Linux, Mac and other OS. Traffic should still be monitored. If my computer starts belching spam, I'd be happy if my ISP sent me a message and chopped the line. There's a big difference between that and requiring read write to my computer.
Windows is already owned and there's plenty of middle ground for Universities that stop short of owning your computer.
Sure, you should be uncomfortable about letting your campus put yet another back door onto your machine, but Windows is crawling with them to begin with. If you are running Windoze, you are already letting Bill Gates mess with it. It's already compiling lists of all the music and movies you play and it sends all sorts of information back home. Any Microsoftie will tell you that it's very important for you to run Winblows Updater, which does much the same thing your campus service will. What do you expect of people who consider stuff on your hard drive "their" operating system and your desk as a billboard to be sold to the highest bidder?
LSU can and does monitor traffic at building routers. Unusual activity has them block the MAC address. It's much easier than requiring expensive commercial software that does not work.
Unfortunately, LSU is moving toward just that kind of stupid requirement. They are specifying that Winblows machines on their network have "up to date" virus software. That's fine, so long as they don't require Winblows in the first place. The student senate is considering a laptop and Active Directory requirement. What a nightmare.
There's lots of room between turning every computer on campus into a campus owned DRM'd dumb terminal and letting the Windows machines destroy the campus network. They could continue blocking actual problems at the router instead of requiring the very source of the problems be run by all. They can offer the service voluntarily to those who simply have to have winblows. Macs, Linux and commercial Unix do not have the same problems and should be encouraged. Computing services should make running Windows as easy as they can and that includes offering virus protection, but they defeat themselves when they dumb the network down for it.
A company that violates it's duty to it's customers and share holders is sure to violate it's own employees. It's all part of believing that it's OK to violate people. Microsoft employees, typically, are shareholders and customers. Can you expect to be treated any better?