×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Open Letter to a Digital World

michael posted more than 9 years ago | from the no-one's-listening-la-la-la dept.

Microsoft 545

jg21 writes "Exasperated after spending 5 hours removing spyware and trojans from his wife's Windows PC, sysadmin Chris Spencer has written an impassioned Open Letter to a Digital World. In the letter he reviews the 'elephants in the closet' - i.e. unfixed bugs and glaring security vulnerabilities - that Microsoft in his view hopes ordinary users will ignore, including some discussed in previous Slashdot stories."

Sorry! There are no comments related to the filter you selected.

We are so much smarter than the rest of the world (1, Flamebait)

Cold Winter Days (772398) | more than 9 years ago | (#11129010)

because we don't use Windows.

Re:We are so much smarter than the rest of the wor (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11129015)

I don't want to start a holy war here, but what is the deal with you Linux fanatics? I've been sitting here at my freelance gig in front of a Linux box (a PIII 800 w/512 Megs of RAM) for about 20 minutes now while it attempts to copy a 17 Meg file from one folder on the hard drive to another folder. 20 minutes. At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this Linux box, the same operation would take about 2 minutes. If that.

In addition, during this file transfer, Mozilla will not work. And everything else has ground to a halt. Even Emacs Lite is straining to keep up as I type this.

I won't bore you with the laundry list of other problems that I've encountered while working on various Linux machines, but suffice it to say there have been many, not the least of which is I've never seen a Linux box that has run faster than its Windows counterpart, despite the Linux machines faster chip architecture. My 486/66 with 8 megs of ram runs faster than this 800 mhz machine at times. From a productivity standpoint, I don't get how people can claim that Linux is a "superior" machine.

Linux addicts, flame me if you'd like, but I'd rather hear some intelligent reasons why anyone would choose to use a Linux over other faster, cheaper, more stable systems.

Re:We are so much smarter than the rest of the wor (1, Flamebait)

Cold Winter Days (772398) | more than 9 years ago | (#11129024)

This is about our future. Look at the bigger picture. Will we still have access to any kind of software without bowing down to the Mighty Bill? Don't get distracted by some file copy operation taking too long or other unimportant stuff. Fight for the cause!

Re:We are so much smarter than the rest of the wor (0)

Anonymous Coward | more than 9 years ago | (#11129055)

Very funny, this is the same post as yesterday! Maybe you should change your text once... that's pathetic.

Re:We are so much smarter than the rest of the wor (1)

ninthwave (150430) | more than 9 years ago | (#11129178)

Maybe he sat at the display for 24 hours 20 minutes now and can't realise the passing of a day. I feel sorry if it is that slow and suspect he may have hardware problems as well as social and psychological problems. (No one has talked to him in the last 24 hours for him to realise a day has passed, and he is so obsessed with this computer that he doesn't like that a day has passed and he hasn't noticed.)

So we should all be nice to this person.

Remember don't make fun of those with special needs.

Troll (2, Interesting)

Zen Punk (785385) | more than 9 years ago | (#11129069)

I was going to seriously reply, but this is a troll. He refers to Linux as if it were a type of computer, not a peice of software. Pure nonsense.

Re:We are so much smarter than the rest of the wor (2, Interesting)

Beolach (518512) | more than 9 years ago | (#11129103)

I actually have exactly the opposite scenario. At my work, we have a fileserver running MS Windows 2000 Advanced Server, with a 2.4 TiB RAID NTFS filesystem. At home I run Gentoo on my box, w/ UATA/133 IDE drives using ext3fs. It takes slightly less time to _delete_ a 4 GiB file on the fileserver at work, than it took me to _move_ about 5.5 GiB from one drive to another in my box at home. The MFT for the NTFS filesystem on the fileserver at work is very very badly fragmented, drastically killing performance. Now, this is our fault for not keeping it defragmented (well, not mine, as it was already like this when I transferred to this department ;), but I've never defragged my box at home either, so...

I don't get it. (4, Insightful)

spacefight (577141) | more than 9 years ago | (#11129016)

He has a CS degree, runs Linux himself and still let his wife surfing the web with IE? What went wrong? We all now that alternatives exist.

Re:I don't get it. (0)

Anonymous Coward | more than 9 years ago | (#11129036)

He should teach his wife how to download Linus from the internets.

Re:I don't get it. (0)

Anonymous Coward | more than 9 years ago | (#11129242)

Does he come with Dics roasting capability?

Re:I don't get it. (5, Insightful)

Bagsy (176584) | more than 9 years ago | (#11129039)

Not only that, I bet his wife belongs to the administrator group aswell. There are far too many people who have the wrong user rights.

Re:I don't get it. (3, Insightful)

mentin (202456) | more than 9 years ago | (#11129088)

I regret I don't have moderator points for parent.

He claims to be a "system administrator and have a degree in computer science", and he lets his wife run as admin.

More than that, with all that experience he is naive enough to believe that he can clean machine using the very same machine - have he ever heard of rootkits and stealth program? Maybe he is just an idiot?

Re:I don't get it. (3, Interesting)

mattyrobinson69 (751521) | more than 9 years ago | (#11129121)

He should educate his woman. My girlfriend 2 and a half years ago used Windows 98 IE and had the comet cursors (plus a load of other crap). Now she hates windows and its trying to think which distro to put on her new computer.

I think its the boot logo that did it (tux)

Re:I don't get it. (4, Insightful)

fishbot (301821) | more than 9 years ago | (#11129179)

More than that, with all that experience he is naive enough to believe that he can clean machine using the very same machine - have he ever heard of rootkits and stealth program? Maybe he is just an idiot?

Doesn't that kind of prove his point? Joe Public wants to use the computer. The computer won't let him. Just run it as admin! That's the default, so it must be OK, right?

Now he's infested with spyware, trojans, viruses and the like. So, he installs SpyBot, AVG, ZoneAlarm, whatever. Nobody told him that wouldn't work because the processes are on the same box. Of course he has to go out and buy another machine for the sole purpose of disinfecting the first! (OK, he doesn't, but Joe Public won't understand the difference between 'installed on another hard drive' and 'another computer')

It just goes further to prove that to clean your PC of all these attacks the first thing to do is remove Windows and all its failings. Or buy a Mac.

Re:I don't get it. (5, Insightful)

Anonymous Coward | more than 9 years ago | (#11129057)

He has a CS degree, runs Linux himself and still let his wife surfing the web with IE?

Yeah, it's almost as if she has a mind of her own.

Re:I don't get it. (1)

WarMonkey (721558) | more than 9 years ago | (#11129205)

Yeah, it's almost as if she has a mind of her own.

And what an extraordinary mind it must be that she chose IE...

Re:I don't get it. (2, Informative)

d3v (778364) | more than 9 years ago | (#11129059)

Definitely. Update windows, install Firefox and she'll be fine. Even if she insists on visiting the darker side of the web...

Re:I don't get it. (4, Insightful)

Soko (17987) | more than 9 years ago | (#11129064)

He has a CS degree, runs Linux himself and still let(sic) his wife surfing the web with IE? What went wrong? We all now that alternatives exist.

Let his wife? Let?!?!?! You sir, are obviously not married.

Besides, we still have to deal with IE only websites, which perhaps his wife has to use in her career? You've made a faulty assumption, friend.

The only fault I can find with the author is that he didn't realise what his wife was dealing with in the first place. She should be using Firefox for browsing, unless she needs an ActiveX control for a particular site for some reason.

We know Windows has these problems, so we should take whatever steps we can to mitigate the risks when we need to use that OS.

Soko

Re:I don't get it. (5, Funny)

Master of Transhuman (597628) | more than 9 years ago | (#11129083)

"You sir, are obviously not married."

Not married?

This is /. - he can't even get a date!

Date? He hasn't even been apprised of the fact that there are two sexes!

Oh, wait, yes he has - vi and emacs...

Re:I don't get it. (0)

Anonymous Coward | more than 9 years ago | (#11129176)

What would be the PC (Politically Correct) way of saying tried to convince her not to use the all evil IE

Re:I don't get it. (0)

Anonymous Coward | more than 9 years ago | (#11129235)

What would be the PC (Politically Correct) way of saying tried to convince her not to use the all evil IE

Not sure exactly what you mean by "politically correct" but I'd suggest dropping the word "evil".

However, since we don't know whether or not the article's author tried to persuade her not to use IE, it doesn't seem to be something you could use as the basis for any conclusions about him.

Re:I don't get it. (1)

chrysrobyn (106763) | more than 9 years ago | (#11129180)

Let his wife? Let?!?!?! You sir, are obviously not married. ... The only fault I can find with the author is that he didn't realise what his wife was dealing with in the first place. She should be using Firefox for browsing

My wife has a mind of her own. Let me tell you this: if she runs IE, it's not my fault. It's her computer. If I don't realize what she's doing, it's my fault for not invading her privacy and that's where that ends.

Re:I don't get it. (0)

Anonymous Coward | more than 9 years ago | (#11129230)

The author of this article, is a Linux system Administrator, I can't blame him for not knowing how to secure Windows/ securely use Windows. Linux most likely won't solve the problem, and it also requires tweaking to make it secure. Besides, we still have to deal with IE only websites. Then upgrading to linux is not going to help. Switching browsers will do a better job, especially if she runs programs that only work on MS Windows. And incase switching browsers is not an option, than various IE wrappers exist: http://www.maxthon.com/ [maxthon.com] http://www.avantbrowser.com/ [avantbrowser.com] And there is: http://www.pivx.com/qwikfix.asp [pivx.com] I don't have experience with these products, firefox does it all for me.

Re:I don't get it. (1)

rongten (756490) | more than 9 years ago | (#11129066)

And maybe his boss has IE as well, and when the Chris told him to use firefox, the boss said "Thanks, but no thanks, I will stick to mama Microsoft".

Re:I don't get it. (0)

Anonymous Coward | more than 9 years ago | (#11129112)

There are a number of people that have made such comments in this thread. The thing that people have to realize is that you cannot force someone else to do what is better for them. He can harp at his wife all day long to use Firefox, but if she doesn't care enough too, then there is nothing he can do about that.

Re:I don't get it. (1)

calibanDNS (32250) | more than 9 years ago | (#11129194)

Too true. I provide support for my wife's computers at my house, and my in-laws' computers at thiers. When I first started doing this for them, I layed down a simple rule: if any one of them doesn't make any effort to keep their computer free of virus and malware, then I'm not going to make it a priority to fix their computer. I installed anti-virus software on each machine, and showed them how to run it. I scheduled it to run nightly, and told them all to let me know if anything is found. They're also required to update their virus defs at least weekly. Next, I installed Firefox. Some sites won't work with anything other than IE, and I understand that. I simply asked that they use Firefox whenever possible. Finally, I showed them how to run Windows update manually, and require them to do this at least weekly as well.

Whenever I'm asked to fix any problem on one of these computers, I first check that everything has been kept up to date. If anything hasn't been, I get back to that computer once it's been updated by its owner. My point is that we cannot force users to do what's best for them, but the Slashdot crowd can use its technical knowledge as a bargaining tool to encourage people to be responsible users. This kind of attitude would never fly in a corporate setting, but it works well when providing family tech support, which is something I assume many Slashdotters do.

Re:I don't get it. (1, Troll)

mm0mm (687212) | more than 9 years ago | (#11129161)

He has a CS degree, runs Linux himself ...

Me think she was making a lot of "friends" on Yahoo Personals using IE, without sharing her browsing history with her husband who's been busy lately.

Re:I don't get it. (0)

Anonymous Coward | more than 9 years ago | (#11129164)

His wife is not the problem, it's him visiting porn sites

Re:I don't get it. (1)

Tony Hoyle (11698) | more than 9 years ago | (#11129214)

The degree means nothing - they don't teach security, or even basic common sense.

He needs to get some real-world experience. Then he'd know to install firefox and make sure the Windows PC is locked down & behind a good firewall.

Why don't you cry me a river (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11129020)

Bunch of girly men!

Civilisation has survived uncountable years living in the wild with fugly bugs trying to eat them alive.

Now that you nerds have your intarweb toy you think everything should fit perfectly in your dorky little world, especially when you get it for free as in beer, err I mean kool aid, paid by your mommy. Well, if I ever meet you, I'll kick your ass!

Firts ps0t (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11129021)

Fisrts Post W000t!

preaching to the choir (4, Insightful)

venicebeach (702856) | more than 9 years ago | (#11129022)

Well, this is a nice letter and all, but I have a feeling the only people with the patience to read through the whole thing are already convinced of its content...

Re:preaching to the choir (1)

rongten (756490) | more than 9 years ago | (#11129038)

Than maybe you could kindly suggest your local PHB to read it, telling him that there he could find the reason why his homepage is now www.XXX.XXX?

Re:preaching to the choir (3, Insightful)

ninthwave (150430) | more than 9 years ago | (#11129196)

No we usually get called in to fix the PHB's machine and we explain the situation we somehow find that our proxy servers are more restrictive and we can't download drivers and support files, yet the PHB a month later will call in with more problems, and his connection has the rights to make it through the firewall.

And we explain the issue again and we can only view the company intranet now. And still the PHB can view manhole or suicidegirls or hamsters in love .com or whatever his fetish of the week is.

The suggestion always means the tech's and regular staff need locked down but it never applies to the idiots that actually cause the most problems.

Not that I am bitter or anything.

Re:preaching to the choir (1)

rongten (756490) | more than 9 years ago | (#11129049)

And another thing, he actully made the effort of organizing and collecting references.

I could be convinced of the fact, but I could not provide "evidences" to back up my statements out of the tip of my tongue.

Time to print it and stick it in my wallet, or to copy in my palm, whatever.

Re:preaching to the choir (1)

buro9 (633210) | more than 9 years ago | (#11129126)

Not true.

I'm converted by philosophy, but not in practice.

I have this year installed a number of Linux distros (Red Hat, Gentoo, Mepis, Debian, Mandrake) and am yet to find one that recognises all of my hardware (my RME-DigiPST [rme-audio.com] sound card proving impossible to get working) or fulfils all of my software requirements (a contact manager that can sync with both an Ericsson and Motorola phone for example).

I am still finding that each time I look at Linux that I lack things... be it something that replaces ID3-TagIt [id3-tagit.de] , or rips and encodes similar to EAC [exactaudiocopy.de] and LAME.

I've knocked together this Wiki page [bowlie.com] for the forum I run as several of us want to migrate. As you can see... it's not been updated in a while and the few unanswered questions are still unanswered.

Now, the point of this post is this... each time I have looked at Linux to date I find it is not quite ready, but that it is closer to being ready. Each time I find it easier to jump into, and easier to get started on and with fewer outstanding questions.

However... each time it has still failed to do everything I do with my computer. So I stay on Windows and think "maybe tomorrow"... and then get lazy.

When I'm lazy I stick to Windows, because it does work.

Then I read articles like this, which are preaching to the philosophically converted. Articles such as this remind me that I've yet to switch, remind me that I'm being lazy... they remind me that I had some unanaswered questions and that I should ask them again.

I personally think there is a lot of value in this. It's already put it back on my desk as a fun thing to do this afternoon (give Gentoo another try!).

Re:preaching to the choir (1)

Anonymous Coward | more than 9 years ago | (#11129189)

Good luck, as someone who also uses Linux and windows for high end soundcards, EAC, DVD-audio, etc... I can tell you that Linux and audio is one hell of a mess. Even the distros specifically for audio, (name escapes me), are pains in the ass with various hardware. JACK, ALSA, OSS... it's rough, and I use linux a lot for server/torrents/decoding/encoding. EAC will work with wine I've heard, but jesus h it's more trouble than it's worth to be using wine and hassling with linux audio.

Re:preaching to the choir (1)

buro9 (633210) | more than 9 years ago | (#11129222)

Thank you :)

The ALSA link alone helps more than you can know :D

sysadmin huh? (1)

cgsamurai (786876) | more than 9 years ago | (#11129029)

Obviously not a very good one.

He gives good sysadmins a bad name in regard to preemtive security measures for all fresh os installs....
...not to mention regular maint. and system hygene. tsk, tsk.

Yet another fear monger out to scare the sheep.

Transparent installers...pfft (1, Funny)

Anonymous Coward | more than 9 years ago | (#11129033)

Must be saddening to have a wife that lies about the sites she visits.

All the spywared boxes we fix at work, NONE of the customers know how that porno dialer got on their system. etc etc

Re:Transparent installers...pfft (0)

Anonymous Coward | more than 9 years ago | (#11129123)

All the spywared boxes we fix at work, NONE of the customers know how that porno dialer got on their system.

Expermiental results:
100% of the users in the test sample didn't know how the software got installed.

Conclusion:
They're all lying, and so is anyone else who doesn't know.

Reasoning: You know that you surf gay porn sites and you know that you get spyware, therefore anyone who gets spyware is surfing gay porn sites.

Your capacity for logical reasoning: ZERO.

Re:Transparent installers...pfft (0)

Anonymous Coward | more than 9 years ago | (#11129220)

Your capacity for logical reasoning is below zero. If there is was no porn on the internet, broadband would suffer a big blow.....One of the main reasons people have broadband is porn. And sure they lie about it....

Re:Transparent installers...pfft (1, Troll)

julesh (229690) | more than 9 years ago | (#11129199)

Note that a few months back there was a worm going around that hacked IIS web servers and dropped a spyware installation crack into all the HTML files on the server. There are probably plenty of legit sites that unknowingly install spyware on IE users' computers these days.

I notice he could have fixed this. (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11129037)

.e. unfixed bugs and glaring security vulnerabilities - that Microsoft in his view hopes ordinary users will ignore,

The bugs he describes have already been fixed in Windows.

In other words, he's STILL using an unpatched system, and complains of unfixed bugs? Come off it. MS bashing might be a worthy cause, but this is like blaming Clinton for the war in Iraq.

Re:I notice he could have fixed this. (-1, Offtopic)

Master of Transhuman (597628) | more than 9 years ago | (#11129092)

"The bugs he describes have already been fixed in Windows."

Which bugs?

The ones they announced last week?

Or the ones they will announce this week?

Or the ones they will announce next week?

Or the ones they will announce shortly after the release of Longhorn (sometime in 2008)...?

It's irrelevant what bugs Microsoft fixes. Windows IS a bug. So is Gates.

Who modded the parent off-topic? (0)

Anonymous Coward | more than 9 years ago | (#11129206)

Some MS fanboi or shill got some mod points. Would someone please be so kind as to correct the injustice done to the parent poster?

Thanks.

Re:I notice he could have fixed this. (0)

Anonymous Coward | more than 9 years ago | (#11129099)

What are you talking about? All he says is that his wife's computer was compromised via IE. You aren't seriously going to say that all security vulnerabilities in IE have been fixed are you? For any piece of software as large as IE this would be an absurd claim. It is even more absurd given that IE is also tied into the operating system, and it's past record of vulnerabilities.

Re:I notice he could have fixed this. (1)

calibanDNS (32250) | more than 9 years ago | (#11129158)

The bugs he describes have already been fixed in Windows.

Tight coupling of the web browser with the OS has been fixed? I don't seem to have gotten that update on my machines.

Windows (and it is in not unique in this) suffers from design flaws that cannot be fixed with patches. One obvious solution for these flaws would be for Microsoft, and other OS developers, to make an effor to redesign parts of their system which haven repeatedly proven to be easily compromised. Instead, MS continues to release versions of Windows with default settings that are dangerous to the average user. Microsoft is certainly not the only OS vendor guilty of this, but they are the most high profile and with their controlling share of the desktop market, are easiest to blame for the problems that arise because of infected computers and users who are unaware of how to protect themselves.

Re:I notice he could have fixed this. (0)

Anonymous Coward | more than 9 years ago | (#11129160)

The bugs he describes have already been fixed in Windows.

Didn't I hear that ten years ago?

Try this experiment: install a pristine Windoze XP machine. Connect it to the internet. Try to get the patches you need downloaded and installed before fifteen different russian gangs zombie networks own the box.

Windoze is unsecure when first installed, and it is not secureable short of 1) disconnecting it from the internet, and 2) deleting the entire IP stack, just as MS had to do when they first obtained that much-ballyhooed C3 security rating.

Tell us another one, you anonymous MS PR shill.

Re:I notice he could have fixed this. (0)

Anonymous Coward | more than 9 years ago | (#11129163)

I can't believe this comment has been modded as insightful.

The article lists several vulnerabilities in windows in order to establish Microsoft's track record. However, it never specifies what vulnerability caused the wife's computer to be infected, so how can you claim there is a patch for that vulnerability?

Besides, the article even mentions that 20% of the KNOWN Windows bugs are still outstanding.

How about an open letter to the local police dept (0)

jonbryce (703250) | more than 9 years ago | (#11129042)

To ask why companies get away with producing such spyware. It is illegal in most countries.

Re:How about an open letter to the local police de (0)

Anonymous Coward | more than 9 years ago | (#11129053)

Not down under, theyve just legalised it for their mugs (eh, cops) to use

And this is newsworthy... (0)

Anonymous Coward | more than 9 years ago | (#11129044)

..why?

Oh, hey, Wow! (3, Funny)

Icarus1919 (802533) | more than 9 years ago | (#11129051)

All this time, with all the antitrust lawsuits, and it turns out all Microsoft needed was a stern talking to. Man, wish I could think outside the box like that...

Re:Oh, hey, Wow! (2, Insightful)

levell (538346) | more than 9 years ago | (#11129082)

He's not hoping to affect MS with stern words, he's hoping people start to switch away, which can happen when enough of the geek population think it's right (as Firefox is starting to show).

Once people in numbers start to switch away, it is possible Microsoft will react with better products (again, as an example they have restarted IE development because of Firefox), everyone wins then (even the people who haven't switched).

Re:Oh, hey, Wow! (1)

jim_v2000 (818799) | more than 9 years ago | (#11129113)

*Envisions Microsoft swooping in and buying out Firefox dev team.* Everyone has a price...

Dear Sir, (1, Troll)

kidventus (649548) | more than 9 years ago | (#11129052)

Dear Sir, We have already addressed your issues. Buy a Macintosh. Love, The Digital World.

Re:Dear Sir, (4, Funny)

rongten (756490) | more than 9 years ago | (#11129078)

Dear Mac user,
this is an automatic message from your ISP.

Due to the last batch of Viruses/Worms/Trojans affecting the Microsoft users that you so despise,
the network is congested, and you cannot reach Itunes stores and cannot download the Steve Jobs Picture of the day.

We apologize for the inconvenience.

Re:Dear Sir, (0)

Anonymous Coward | more than 9 years ago | (#11129101)

Um...this has actually happened. And I didn't find it funny. My cable company wrote me a letter apologizing for technical problems that they incurred when dealing with massive Windows virus outbreaks. I'm sitting there with a Powerbook on my lap and my wife has her iBook and I say, "Our internet experience has to suffer because the majority of their users are too dumb to run Linux or Mac OS. Nice."

5 hours!? (4, Informative)

JamesTRexx (675890) | more than 9 years ago | (#11129067)

I've found a quicker way to get rid of those files, identify the executables through task manager and the "run" keys in the registry, then change filepermissions to block the system and user accounts on those files and/or directories, kill processes, remove registry entries, reboot, delete files. No more respawning webrebates etc..
And if you haven't set the filesystem to NTFS, you need to be slapped silly.

Re:5 hours!? (4, Informative)

tomjen (839882) | more than 9 years ago | (#11129093)

And if you haven't set the filesystem to NTFS, you need to be slapped silly. Or you run a dual boot system and need linux to read/write your win files

Re:5 hours!? (1)

JamesTRexx (675890) | more than 9 years ago | (#11129138)

Why would you want to read/write on your system partition?
I dualboot Windows 2000 (at work) and FreeBSD 5.3 and I have absolutely no reason to do something on the ntfs partition.

Re:5 hours!? (3, Informative)

julesh (229690) | more than 9 years ago | (#11129170)

If you have a copy of an NT based OS, you can use captive [jankratochvil.net] to get read/write access to your NTFS filesystems.

Re:5 hours!? (1)

Master of Transhuman (597628) | more than 9 years ago | (#11129105)

"identify the executables through task manager and the "run" keys in the registry"

Heh, heh, you've never done this, have you?

Where do think he put in the five hours? He's a LINUX admin - he had to spend an hour or more figuring out which of the weirdly named processes in the process manager were legit.

Then he had to surf the Net to anti-spyware sites for an hour to identify all the spyware and determine WHICH registry keys and executables and DLLs had been scattered all over the system.

Then he had to go and delete each one - probably having to reboot at least two or three times.

And of course he missed one.

Oh, yeah, you can easily spend five hours on just a few dozen pieces of spyware that Ad-Aware and Spybot missed.

Almost nobody gets only ONE piece of spyware - that would be easy. It's dealing with 20, 50, 100 or more that takes time.

Re:5 hours!? (1)

jim_v2000 (818799) | more than 9 years ago | (#11129136)

I have no idea how this guy spent 5 hours removing spyware. I have cleared off people's machines who have had 900 different adware related files/reg entries in about 20 min with ad-aware. Then I install Spyware Blaster and Firefox. I delete the IE shortcuts and set Firefox as the default. Also, I run their Windows Updates. It takes about 30 min altogether, and rarely (never so far) is there any problem with reoccuring adware.

My home machine has never had a problem with adware/spyware, and I go to "seedy" sites often. *shrugs* Maybe I'm lucky.

Re:5 hours!? (1)

JamesTRexx (675890) | more than 9 years ago | (#11129148)

Heh, heh, you've never done this, have you?

Oh, only about at least a dozen times when my esteemed colleagues weren't able to get rid of spyware on the pc's of our users. And I'll be doing it more often because IE is the standard browser in our company. Unfortunately.
Hopefully that'll change when the reports of our helpdesk system shows a chunk of incidents being caused by spyware.

Re:5 hours!? (1)

DocSavage64109 (799754) | more than 9 years ago | (#11129193)

That seems like a good idea. Too bad most consumer pc's come with XP Home Edition where all of the security features have been neutered.

Re:5 hours!? (1)

JamesTRexx (675890) | more than 9 years ago | (#11129241)

File permissions too? I haven't heard of that, and frankly, I don't even touch XP, let alone XP Home, with a ten foot pole unless I really have to at work.

You did a disservice to your wife (3, Insightful)

gfecyk (117430) | more than 9 years ago | (#11129077)

Not by letting her run IE, but by letting her run IE on a Windows box as full admin.

"... despite the anti-virus, regular Windows updates, having the good sense not to open attachments, using a firewall, and avoiding any type of seedy activities online..."

Let's see, it's 2004, XP is two years old, 2K is four years old, and your wife got spyware for one of two reasons:

* You let her run too old a version of Windows (98/ME) with no built in security, (Melissa got past anti-virus software remember) or
* You let her run 2K or XP with full admin or "power user" access.

You two only have yourselves to blame for choosing to run a machine insecurely. Yes, you. You could've stopped all of this before the fact if you ran a modern version of Windows as limited users, if you used a mail program Designed for XP and kept that up to date as well as the OS, if you treated the 'net like any other public place instead of trusting everyone by default.

You chose Windows, and you chose to run it insecurely. If you think running Linux is the cure, go right ahead. But if you run it as root, you don't deserve any sympathy from me. And if you run XP as a full admin, you deserve even less sympathy.

Take charge of your own computer security already, however you do it. Don't whine at Microsoft because you let it happen.

And damn my slashdot karma to Hell anyway. I'm sick of this whining: "Microsoft (this), Microsoft (that), Microsoft (whatever)." Lazy bastards. How come MY MOTHER doesn't get spyware or viruses or whatever when she's running only XP Service Pack 1? Without any AV software? Explain that.

Re:You did a disservice to your wife (0)

Anonymous Coward | more than 9 years ago | (#11129086)

" Not by letting her run IE, but by letting her run IE on a Windows box as full admin."

Methinks that you need to look backward and see just how many programs required, and many still require being run in an admin account under XP. He probably did that INTENTIONALLY to save his wife from running into trouble with her software choices.

Re:You did a disservice to your wife (1)

cammoblammo (774120) | more than 9 years ago | (#11129197)

Umm, correct me if I'm wrong, but this was his wife's computer. He's the sysadmin at a university. Unless his wife owns a university computer, it's not his fault!

That's right folks... there are women out there who use computers and call in the `experts' only when necessary.

Even when they're married to one.

Re:You did a disservice to your wife (1)

levell (538346) | more than 9 years ago | (#11129089)

Does your mother not have a modem? (what do I win?)

Re:You did a disservice to your wife (1)

mentin (202456) | more than 9 years ago | (#11129130)

My wife is always connected to DSL line, still she never ever got any virus or trojan.

It is very simple:
1) turn on Windows firewall
2) make her regular user (non admin)
3) turn on automatic install of updates

That is all - after following these simple steps I just don't worry about her computer, and she never got any problem.

Re:You did a disservice to your wife (0)

Anonymous Coward | more than 9 years ago | (#11129159)

"My wife is always connected to DSL line, still she never ever got any virus or trojan."

Wow, how do you connect your wife to a DSL line?
Thinking about it a little more, no, I don't really want to know...

Re:You did a disservice to your wife (0)

Anonymous Coward | more than 9 years ago | (#11129106)

... You two only have yourselves to blame for choosing to run a machine insecurely ...

I think the point is that this is how most people run it, since it defaults that way.

Re:You did a disservice to your wife (0)

Anonymous Coward | more than 9 years ago | (#11129114)

You're missing the point though. The point is that the default configuration is insecure. If Windows could not be run securely I believe it might actually be possible that nobody would use it. If you have a brain in your head, i.e. sysadmin, and you really know what you're doing you can help guarantee security under windows. The point is that Microsoft brags about the ease of use of all of their products. About being able to get away with low cost idiot windows admins. They brag that their software is easier to use.... Well when the default configuration is almost guaranteed to get you screwed, I fail to see the logic behind this. It's all about the big picture.

Re:You did a disservice to your wife (1)

mentin (202456) | more than 9 years ago | (#11129118)

The author is talking about JPEG processing bug and he claims that "each of those products linked to it individually." But this is not true on XP, where the DLL in question is always loaded from the side-by-side cache (Windows\WinSxS).

So I am afraid you are right that his wife is running Windows 98 - in which case he got just what he deserves.

Re:You did a disservice to your wife (1)

cranos (592602) | more than 9 years ago | (#11129122)

Heres a question for you. Would your mother know what a virus or piece of spyware looks like?

Before you get all het up about the above comment, think about it. Most normal users wouldn't notice a problem until either their machine slowed to a crawl or nice little pop-ups started appearing offering either to grow their penises or access to sites where young women do interesting things with live stock.

Also is your mother on broadband or dialup? How is her update system managed? What sort of third party firewall software/hardware have you set up between your mothers machine and the internet? How is email managed? These are all questions that need to be answered before we can take your statement that your mothers machine is a prime example of the security of XP throug proper management.

Re:You did a disservice to your wife (2, Insightful)

mattyrobinson69 (751521) | more than 9 years ago | (#11129128)

What about applications that for some reason need to be root, like the sims

Re:You did a disservice to your wife (0)

Anonymous Coward | more than 9 years ago | (#11129135)

Amen, brother. I never thought i would read a post on /. like yours but you are right. This Microsoft-bashing is starting to annoy me. Any competent geek can secure a Windows computer. It aint no OpenBSD but neither is Linux.

Re:You did a disservice to your wife (0)

Anonymous Coward | more than 9 years ago | (#11129183)

How come MY MOTHER doesn't get spyware or viruses or whatever when she's running only XP Service Pack 1? Without any AV software? Explain that.

What's to explain? It's not for other people to explain your unproven claims.

If you think that all it takes to secure a windoze host is to run as an unprivileged user, then you're rather sadly deluded.

Chances are, your mom has thirty or forty spywarez on her machine, and she and you are both too clueless to tell.

Re:You did a disservice to your wife (2, Insightful)

DocSavage64109 (799754) | more than 9 years ago | (#11129221)

Most consuner PC's are sold with Windows XP Home Edition preinstalled. There is no such thing as a non-"power user" login in XP Home Edition. It just seems silly for you to blame the author for a lack of security in an operating system when Microsoft itself purposely removed the security from said operating system.

Re:You did a disservice to your wife (4, Informative)

Apathetic1 (631198) | more than 9 years ago | (#11129239)

Let's face it, Windows XP (and to a lesser extent Windows 2000) is designed to be run as an Administrator. They tell you in the documentation not to run the computer as an Administrator but the first user who logs into an XP Home machine is an Administrator by default. Several popular CD burning applications will not run correctly without Administrator priveleges. Hell, Diablo II won't run if the user is not an Administrator.

I have a heterogeneous network of a half-dozen computers here, some Windows, some Mac, some BSD, some Linux. Don't get me wrong, after it's been properly secured I don't mind running Windows but explaining to my mom why she couldn't burn CDs, install software, etc. was causing more headaches than it was worth. Other operating systems (notably Mac OS X) deal with this sort of thing fairly intelligently, why can't Windows?

Too Complex (0)

Anonymous Coward | more than 9 years ago | (#11129087)

Your average joe is never going to switch to Linux until it is made easy to use. I tried mandrake 10 - apparently one of the better and more user-friendly distros, tried to install drivers for my graphics card and I was led on a wild goose chase of download libraries, command line installing, compiling from source etc. On windows, I just download, install through the wizard, and reboot - done. When Linux is made user-friendly enough to allow me to never use the command line, never have to compile, never have to worry about whether my new graphics card is going to be supported etc., then I will switch. Not before.

Re:Too Complex (1)

Beolach (518512) | more than 9 years ago | (#11129141)

I'm actually of the opinion that getting drivers for hardware for Linux is just as easy or easier than for Windows. Just one personal experience, I have a Promise Ultra133TX2 IDE PCI expansion card. I've never had any trouble using it under Linux. When last I installed Windows XP, Windows kept insisting it had a driver for it, but if I used the driver Windows had, Windows would promptly bluescreen upon rebooting. I had to tell the Windows XP install somthing like four or five times that No, I don't want to use your driver, yes, I do want to use the Promise supplied driver from my floppy.

Now, granted there are quite a number of pieces of hardware that don't have very good, or no, Linux drivers, but there's plenty for Windows too. Ever try to get an old parallel port scanner working on Windows XP? No doubt some that do have Windows XP drivers, but the one I tried (don't remember what brand or model, sorry) didn't. The closest I got were some Windows NT drivers, that would install, but didn't work.

Article Sucks (0, Redundant)

Tom (822) | more than 9 years ago | (#11129094)

The article truly sucks. The spyware angle is nothing more than a hook to get to some unimaginative "switch to Linux" stuff. On a site named Linuxworld that will really convince some people.

Going more into detail about his 5 hours and what exactly is bad about windos and better on Linux would've been a much better article.

It's simple... (0)

Anonymous Coward | more than 9 years ago | (#11129095)

Do it like Cato: Always end your emails, ims, faxes etc. with:

Think. Don't use Windows.

Woah (1)

yogikoudou (806237) | more than 9 years ago | (#11129104)

So, you mean a Unix guru can have a wife ?

So he calls himself a sysadmin? (5, Insightful)

Otis_INF (130595) | more than 9 years ago | (#11129117)

Why didn't he setup a non-root account for his wife on the windows box? Why didn't he install THE browser, Firefox, on his wife computer? Why didn't he enable excessive auditing so he could track down which app installed what and when?

Oh, that's too hard? If that's too hard, you're not a sysadmin.

True, spyware can be almost viral these days, but there is one factor which enables it in the first place: the user. "Oh, this nice free tool from www.[the tool's name].com is so handy!", should ring a bell, a lot of bells, alarmbells to be exact. NO search bar comes for free, unless it's open source, to name an example.

First I thought, hmm could be a great article, but after a few paragraphs it was clear this article is not great, it's the frustration of a person who doesn't WANT to understand windows and blames the consequences of that to the OS. I mean, blaming IE and not having firefox installed should be enough to categorize this article as "ordinairy propaganda".

I get so tired by this kind of stuff (5, Insightful)

Caine (784) | more than 9 years ago | (#11129134)

I run Windows. I didn't use to. Between 1993 and 2001 I ran Linux almost exclusively. When Windows 2000 was established I switched on the simple basis of that it was better.

I don't run anti-virus. I don't have a firewall. I don't run spyware-removals under normal circumstances. If I feel the computer is feeling odd I download and run F-Prot's free DOS version [f-secure.com] followed by running Adaware 6. On some single occasion I've run Norton Anti-virus just to be on the safe side

I'm not alone in using this computer, my not quite so computer-literate girlfriend does too. I often download shareware games and freeware programes, not to mention warez every now and then.

Despite all this - I have never (*knock on wood*) been virus-infected. I have never gotten any spyware.

So I have to ask myself, what to do all these people do to get their computers so messed up? Why isn't it happening to me, when I run the same Windows without any protection? Is it really Windows fault?

Re:I get so tired by this kind of stuff (0)

Anonymous Coward | more than 9 years ago | (#11129166)

I've always wondered that myself.

Similarly, the only thing I run is a firewall and basically the only use it has ever served was during the period of the RPC exploit. I don't run antivirus, I don't run anti-spyware for the simple reason that they are unecessary.

Given the self-proclaimed level of literacy amongst the ferverent pro-linux death-to-microsoft slashdot crowd, it always amazes me that I can get by with such minimal protection while running the whole gamut of dubious internet content, while these guys are constantly complaining about spam, viruses, trojans, worms and spyware.

What are they doing that I am not?

After a while, I came to the only possible conclusion, that being that they're actually just morons (along with any other person who has ever had a virus or spyware) who click "Yes" to anything that pops up while they're frenetically jerking off for the 3rd time that day.

With common sense and the RPC exploited patched, a firewall isn't even necessary to stop infestations of the above. My system is testament to that. It is the godamn stupidity of the users and their voluntary actions that allows this to happen, and Microsoft probably isn't going to cure human stupidity (or horniness) any time soon.

Re:I get so tired by this kind of stuff (1)

julesh (229690) | more than 9 years ago | (#11129207)

Why is this modded as redundant? I don't see any other posts saying the same thing, and it is an interesting point.

And I have to say, I have the same experience. I run Win2K with mozilla as my browser and e-mail client and have _never_ had trouble. And that's not through lack of checking for it, or for lack of doing things that are typically seen as "risky" activities.

Open whining (1)

Cutterman (789191) | more than 9 years ago | (#11129151)

Well, I'm not too impressed.

Tho I run SuSe Linux 9.2 on my main box, my kid and my wife run XP Pro SP2 on another box (gotta have the games d'ye see) and don't end up like this.

M$ may be as full of holes as a Gruyere, but sensible precautions can keep you pretty clear.
Firstly everything runs behind a Freesco firewall on a retired PII box. Then Norton looks after the viruses and updates regularly. SpyBot and AdAware run as cronjobs twice a week. The excellent Supertrick XG - http://www.filesharingplace.com/supertrickxg/main. htm - puts in a big Hosts Deny file and a few other dodges. Firefox browser and Mailwasher + Thunderbird for email. No problems - ever!

We all know Windows is insecure and that there's a lot of crap about - if a sysadmin can't take the obvious precautions then he's only got himself to blame.

Jeez...

/. nitpickers (1)

digitallife (805599) | more than 9 years ago | (#11129167)

It seems that many are quick to jump on this guys back about the lousy job of administering his wifes computer he was doing. How the heck do any of you know he was responsible for her computer before he decided to get down and dirty and clean it up?

Anyways, just because you can nitpick the article to death (oh this bug was patched already nanana booboo), doesn't change the validity of his point. Please, lets look past the little bs and address the article as a whole.

Linux spyware protection (1)

recorderhappy (841666) | more than 9 years ago | (#11129169)

The best protection linux has agains spyware, is that you have to use a console to install it:)

To all the astro-turfers &| geniune windows pe (5, Insightful)

cranos (592602) | more than 9 years ago | (#11129184)

Telling all the stories you like about how your (or your mothers/wives/SO's) machine has never had a virus/spyware attack even though you never run anti-virus software nor a spyware detection suite isn't going to mnean a lot.

The simple fact is that many of the people on this board have to work with windows (from 95 to 2003) everyday and can tell you horror stories about machines that have been secured, reside behind a natting firewall, etc etc but still they get slapped down by the newest virus which has snuck in through a vulnerability which was patched three months ago.

The other area you seem to be missing is the inate ability of users to fuck things up, no matter how secure you make it. All it takes is one innocent click on a link and all of a sudden you have spyware coming out your nose.

The Road Not Taken (0)

Anonymous Coward | more than 9 years ago | (#11129202)

If they guy had asked his wife to do all her browsing through Sandboxie, he could have removed even a hundred spyware infections in just one minute. Why don't you give it a try, Chris.

Windows user status sucks ... (2, Insightful)

Anonymous Coward | more than 9 years ago | (#11129213)

I read a number of people who indicate one should run Windows XP in user mode, but have they actually tried it? Unless you wish to simple browse the Internet, you are pretty restricted and unlike Linux, a myriad of programs require "root access" and cannot be installed locally.

The first thing one should do before connecting Windows to the Internet is simply install a firewall, then run Windows Update, then install Firefox -- sites exclusively reserved to Internet Explorer users are becoming decreasingly common, it should not be a problem anymore.

humm (1)

ucdoughboy (757337) | more than 9 years ago | (#11129229)

" Above all he believes that open source software will cure the piracy problem. (more) " Well duh, if all programs are free then of course no body would be able to pirate something that is in itself free. I'm sure there'll be no problems convincing all the programmers out there to work for free.

5 hours?!? (sigh) (4, Informative)

mjh49746 (807327) | more than 9 years ago | (#11129232)

It takes him no less than FIVE hours to clean all the spyware from a Windows PC? And he has a degree in computer science, RHCE, and ten years of system administration expirence?


You know, that's pretty funny if you ask me, because I can usually do it in about 30-60 minutes or less (give or take), and with no degrees and no professional training whatsoever.


Here's how you do it....


1. Run msconfig


2. Uncheck all startup entries that look suspicious


3. reboot


4. Update and run Lavasoft AdAware


5. Update and run Spybot Search and Destroy


6. If you have them, and you should, update and run your favorite antivirus scanner.


7. Make sure all the spyware leftovers and their folders, if any, are deleted.


8. Run msconfig again and reenable anything legitimate that you might have disabled


9. reboot


Now, why do you want to disable the suspicious shit with msconfig first? If you ever get really 'stubborn to remove' shit like Ebates Moe Money Maker and friends, they're practically impossible to remove just by spyware scanning alone. You have to stop them from loading in the first place before you can get rid of them.


Well, other than the fact that he's laughably inept at cleaning spyware, he's still got a very valid point about just how utterly shitty and insecure the Windows platform is. It's been woefully insecure for years, it's woefully insecure now, and it will be woefully insecure for the unforseeable future. That's not just my opinion, it's a well known fact that Windows has been full of holes since at least since Windows 95, and likely earlier.


So, here we have a company that doesn't give a shit about it's product, doesn't give a shit about it's customers, doesn't give a shit about the law, and still it abuses its monopoly after being convicted of such in court. And as much as I blame Micro$oft for all the ills of the computer world, I'm a lot more pissed off at the consuming public for being the lazy, complacent sheep that they are for tolerating this abuse upon society for as long as they have, and instead of sitting on their fat asses allicted with "Homer Simpson Syndrome", they ought to be complaining to their government enmass and threatening to vote out the whole of Congress itself if that's what it takes to get them to do something about Microsoft. Damn! It's almost like walking into a run down crime ridden neighborhood, and looking at the people in it acting as though it's all normal that the neighborhood is all run down, vagrants and junkies sprawled out on the streets, drug pushers on every block, and hearing the sounds of gunshots, security alarms, and police sirens all the time.


Total batshit insanity, man! Just total batshit! But I guess it's what the people want. They don't really want freedom or justice, they just want to sit on their ass, watch that braindead 'Survivor' or 'American Idol' bullshit and wait for the TV to reprogram them into wanting the latest 'excercise in a bottle' weight loss fad or the latest $50,000 SUV that gets 3 mpg, has a DVD, and increases your penis size a whole 5 inches! What an utter travestry!


Well, that's my rant. Probably won't do anything to change the world no more than that 'Open Letter to a Digital World' will, but who knows? It only takes a few angry and motivated people to get the ball rolling.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?