Open Letter to a Digital World

jg21 writes "Exasperated after spending 5 hours removing spyware and trojans from his wife's Windows PC, sysadmin Chris Spencer has written an impassioned Open Letter to a Digital World. In the letter he reviews the 'elephants in the closet' - i.e. unfixed bugs and glaring security vulnerabilities - that Microsoft in his view hopes ordinary users will ignore, including some discussed in previous Slashdot stories."

Re:I don't get it.

[d3v]

Definitely. Update windows, install Firefox and she'll be fine. Even if she insists on visiting the darker side of the web...

5 hours!?

[JamesTRexx]

I've found a quicker way to get rid of those files, identify the executables through task manager and the "run" keys in the registry, then change filepermissions to block the system and user accounts on those files and/or directories, kill processes, remove registry entries, reboot, delete files. No more respawning webrebates etc..
And if you haven't set the filesystem to NTFS, you need to be slapped silly.

Re:5 hours!?

[tomjen]

And if you haven't set the filesystem to NTFS, you need to be slapped silly. Or you run a dual boot system and need linux to read/write your win files

Re:5 hours!?

[julesh]

If you have a copy of an NT based OS, you can use captive [jankratochvil.net] to get read/write access to your NTFS filesystems.

5 hours?!? (sigh)

[mjh49746]

It takes him no less than FIVE hours to clean all the spyware from a Windows PC? And he has a degree in computer science, RHCE, and ten years of system administration expirence?

You know, that's pretty funny if you ask me, because I can usually do it in about 30-60 minutes or less (give or take), and with no degrees and no professional training whatsoever.

Here's how you do it....

1. Run msconfig

2. Uncheck all startup entries that look suspicious

3. reboot

4. Update and run Lavasoft AdAware

5. Update and run Spybot Search and Destroy

6. If you have them, and you should, update and run your favorite antivirus scanner.

7. Make sure all the spyware leftovers and their folders, if any, are deleted.

8. Run msconfig again and reenable anything legitimate that you might have disabled

9. reboot

Now, why do you want to disable the suspicious shit with msconfig first? If you ever get really 'stubborn to remove' shit like Ebates Moe Money Maker and friends, they're practically impossible to remove just by spyware scanning alone. You have to stop them from loading in the first place before you can get rid of them.

Well, other than the fact that he's laughably inept at cleaning spyware, he's still got a very valid point about just how utterly shitty and insecure the Windows platform is. It's been woefully insecure for years, it's woefully insecure now, and it will be woefully insecure for the unforseeable future. That's not just my opinion, it's a well known fact that Windows has been full of holes since at least since Windows 95, and likely earlier.

So, here we have a company that doesn't give a shit about it's product, doesn't give a shit about it's customers, doesn't give a shit about the law, and still it abuses its monopoly after being convicted of such in court. And as much as I blame Micro$oft for all the ills of the computer world, I'm a lot more pissed off at the consuming public for being the lazy, complacent sheep that they are for tolerating this abuse upon society for as long as they have, and instead of sitting on their fat asses allicted with "Homer Simpson Syndrome", they ought to be complaining to their government enmass and threatening to vote out the whole of Congress itself if that's what it takes to get them to do something about Microsoft. Damn! It's almost like walking into a run down crime ridden neighborhood, and looking at the people in it acting as though it's all normal that the neighborhood is all run down, vagrants and junkies sprawled out on the streets, drug pushers on every block, and hearing the sounds of gunshots, security alarms, and police sirens all the time.

Total batshit insanity, man! Just total batshit! But I guess it's what the people want. They don't really want freedom or justice, they just want to sit on their ass, watch that braindead 'Survivor' or 'American Idol' bullshit and wait for the TV to reprogram them into wanting the latest 'excercise in a bottle' weight loss fad or the latest $50,000 SUV that gets 3 mpg, has a DVD, and increases your penis size a whole 5 inches! What an utter travestry!

Well, that's my rant. Probably won't do anything to change the world no more than that 'Open Letter to a Digital World' will, but who knows? It only takes a few angry and motivated people to get the ball rolling.

Re:You did a disservice to your wife

[Apathetic1]

Let's face it, Windows XP (and to a lesser extent Windows 2000) is designed to be run as an Administrator. They tell you in the documentation not to run the computer as an Administrator but the first user who logs into an XP Home machine is an Administrator by default. Several popular CD burning applications will not run correctly without Administrator priveleges. Hell, Diablo II won't run if the user is not an Administrator.

I have a heterogeneous network of a half-dozen computers here, some Windows, some Mac, some BSD, some Linux. Don't get me wrong, after it's been properly secured I don't mind running Windows but explaining to my mom why she couldn't burn CDs, install software, etc. was causing more headaches than it was worth. Other operating systems (notably Mac OS X) deal with this sort of thing fairly intelligently, why can't Windows?

Re:Slightly faster doing 1/3rd of the work, yeah.

[Beolach]

Deleting 4GiB on NTFS *should* be in the range of 1 second, and is on most of the hosts at work (all formatted w/ NTFS). But on the badly fragmented filesystems, it's closer to a quarter of an hour (guesstimate, we did actually time it once, but I forget exactly what it was).

Oh, and moving from one filesystem to another is gonna be a whole ton more ops than deleting a file. It was a single file; a 4 GiB DVD ISO image. Delete op only needs to update the MFT freeing the space that had been used by the file.

Re:My answers would be:

[Anonymous Coward]

Let's see...

Let translate these answers to your wife...

She'll make it abundantly clear to you that you'll never ever will have sex with her again.

But my guess is that you don't care because you are single anyway.

Re:Chris is wrong.

[strider44]

I'm not a total linux zealot, though I do use it as preference, and sorry, but you're wrong. IE isn't the only problem. Besides the fact that outlook [express] is a huge security hole (I'll count that under Internet Explorer, since you've probably changed to thunderbird as well) there are huge holes in Windows generally that makes it insecure.

There are a large number of security faults in Windows that make it inherently insecure, most of all default admin access.

Now besides the accepted fact that linux now has a higher market share than OSX, you seem to believe that should linux would magically gain new flaws and exploits with a higher market share. I am interested to know how that works. Even with more people looking for bugs and exploits, they are found not created by people looking for them, and more people looking for them usually doesn't really mean more security holes found when the security holes just aren't there.

When you look at other examples, most notably Apache vs IIS, where the OSS software has a higher market share than the commercial equivalent, the result seems much the same. OSS seems to win every time. Apache, looking at the market share theoretically should have more exploits than the OSS equivalent, but, looking at how a fifth of the internet goes down every so often, it is plainly not the case.

But otherwise, linux is fundamentally different from Windows in many ways, such that spyware is quite a bit harder to install on a linux box than a windows one. Besides the fact that grandma can't install Funnyshit.rpm without going onto root, it's quite hard to install spyware without the users knowledge, and impossible for it to affect other users.

*shrug* I'm tired now.

Re:I don't get it.

[Merdalors]

Things are not that simple: [1] His wife may be wanting to run an application that is not available on Linux (I know my family does). [2] Some amateur applications (games, etc) can only run under Administrator.

Re:I don't get it.

[AstroDrabb]

A good rootkit will only let you see what the rootkit wants you to see

That is why you use a Linux boot disk like Knoppix [knoppix.org] or even a Windows boot disk like Bart's Preinstalled Environment [nu2.nu].

Re:We are so much smarter than the rest of the wor

[strider44]

*sigh* let me guess: using Debian or Gentoo without knowing how to turn HD optimizations on? I do not have the same problem.

Re:I don't get it.

[Some Bitch]

If you "could care less" that means you *do* care. Think about it for a minute.

The original British cliche was, "I couldn't care less" and is still used over here. The nonsense bastardisation is a purely US construction.

Re:I don't get it.

[GbrDead]

The Korean war is not over:
A cease-fire established a demilitarized zone (DMZ) around the 38th parallel, which is still defended today by North Korean troops on one side and South Korean and American troops on the other. No peace treaty has yet been signed to date.
The full article from Wikipedia [wikipedia.org]

My mother doesn't care what spyware looks like

[gfecyk]

She understands me when I explain Limited User vs Administrator. I explain that it's like using safety guards on a power tool. She knows to switch users to the "Owner" account to use Windows Update and Office Update, and not to use anything else when using those update tools.

I only had to show my Mom once - some people I show more than once but that's OK - it's preventing problems before the fact.

Here's my Mom's config for the curious:

AMD K6-2 500, 256 MB RAM
Integrated LAN, DSL Internet
XP Home Edition, Service Pack 1 (She's waiting for me to visit to install SP2)
MS Office 2003 Student & Teacher Edition
Outlook 2003 for email

"Owner" Administrator account - password protected
"Mom" Limited User
"Kids" Limited User for the grand kids

I turned on the built-in firewall before connecting the LAN cable the first time. I explained to her why it needs to stay on, and she doesn't turn it off.

She's had this box for a year in this config and I set it up ONCE.

Is this a good enough example of XP security through proper management?

Re:That, admittedly, is Microsoft's Fault

[Apathetic1]

As far as I'm aware, none of the legacy Mac software requires root access - not anything I've run into, anyway.

Re:I don't get it.

[AmberBlackCat]

So, he installs SpyBot, AVG, ZoneAlarm, whatever. Nobody told him that wouldn't work because the processes are on the same box.

Well, the last time I ran Ad-Aware, it actually restarted the computer and set itself to run before the rest of the programs loaded, allowing it to get rid of programs that already had processes loaded and running. It worked. However, I suppose there could be malware that uses the same tactics.

Re:That, admittedly, is Microsoft's Fault

[Anonymous Coward]

Since the OSX and "classic" systems are completely separate (i.e., OS 9 apps aren't even aware of the /Library directory), I would imagine that the number is just about zero. Win32, OTOH, was first put together in a world that expected no network, a single user, etc. It expects to have as much access to the system files as it wants. The difference is, Apple built a secure multiuser system and then bolted its old single user system in as an application that a user could run on it's own, while MS took a single user system and tried to "bolt on" a secure multiuser system...

Re:I don't get it.

[fishbot]

Sadly there is, and far more cunning. I recently had to kill a bit of spyware on my uncles PC over the phone. He is PC inept, never mind illiterate. Anyway, turns out that there were 2 executables that wrote their own and EACH OTHER's registry entries to get them to start up on boot. Trying to take the spyware programs out one at a time (a logical approach) wouldn't work because you had to figure out which 2 processes were part of it and kill them both before shutting down the machine. They wrote registry information on shutdown! Even when I deleted one of the executables it came back. Nasty recursive spyware.

Took me about half an hour just to kill that one, over the phone, and without a PC literate on the other end. Felt kinda proud of that one, which is wrong on so many levels.

Re:I don't get it.

[WebCrapper]

(Big post to prove my point)

While I understand your recommendation of Dell, there are cheaper companies out there. There are also cheaper solutions.

As a for instance - a VERY simple TCO study without the algorithms involved:

Dell Computer = $1,002 (no monitor, windows installed)
Dell Monitor = 17 inch LCD bottom of the line $299
Initial Cost: $52,040 (40 computers)

HP/Compaq = $1,007 (w/ 19 inch LCD w/ Linux installed)
Initial Cost $40,280 (40 computers)

Sun Ray Thin client = $359 + server costs
Dell Monitor = 17 inch LCD bottom of the line $299
Initial Cost: $26,320 + server ($29,490) + seat licenses $3,960 (40 clients) = $59,770

Sounds simple based on initial price, right? Nope...

The dell's and compaq's use more power and put out more heat and are louder, so you have to account for that (power consumption, both normal consumption and "how big of a generator do we need to run X workstations in an emergency" and how badly it fights air conditioning as well as the general noise level in a call center).

You also have to account for extra staff to handle each computer related problem for the Dell/Compaq solution (2-3 people) vs 1 admin to handle the server and the thin clients (in their case, if its broke, you literally walk out to it, swap it out with a new one and you're done) for approx 1 large call center. Also, in a call center environment, hot desking (ability to switch desks at any time without losing any work) is something that is very important. You'd need more hardware (and licenses) to be able to do this on windows...

Reliability: Windows vs Linux = no brainer

Security: Windows vs Linux = again, no brainer

Support: Who answers fastest and who outsources. Yep, this means calling and waiting on hold. I'll save you the pain: Sun won with 2 mins of hold time before the rep answered (Dell, Compaq, etc = 17mins +)

Now granted, this is a very simplistic lesson without all the extra numbers to run, but its something for you to think over before assuming that one option is just magically better than another. Just the ability for 1 IT person doubling as an admin for the Thin Clients makes up for the difference in price. Add in the extras and its pretty clear which is the winner.

The same thing can be said for monitors, which you've assumed correctly. CRT's are initially cheaper, but in the long run LCD's are cheaper due to their footprint, heat output and power savings.

On a side note to be fair, we're considering both the Thin Clients for Customer Service and Technical Support staff and Dells/Compaq's that have Linux or FreeBSD for Managers, programmers, etc...

Feel free to argue, but until you've looked at the options and actually studied the effects of your decision, you won't know whats really going on. With my research, it looks like you'd be paying upwards of $60k more than me a year (and thats on your BEST year)... Yes, I know you're thinking "how on earth did you figure that out!" Do the research yourself... Now, the funny part is, I've figured most of this out in about 2 days worth of hard core research. 2 days worth of work to save $60k and up sounds worth "some stupid TCO study" to me...