The Cost of Computer Naivete

wiredog writes "What happens when you put an unprotected Windows 98 box on a broadband connection? Two perspectives from two reporters for the Washington Post (frr,yyy): The User's " an odyssey that has taken $800 and roughly 48 man-hours over nearly three weeks" and Digital Doctor's "Her PC was in such bad shape, it required 10 1/2 hours of surgery to restore it to working condition.""

Slow computer!

[NeoFunk]

Geez... it takes 10 1/2 hours to install Linux these days? Have all distributions gone the way of Gentoo?

Re: Slow computer!

[Black Parrot]

> Geez... it takes 10 1/2 hours to install Linux these days? Have all distributions gone the way of Gentoo?

Hours??? You've obviously never tried it over a dialup connection!

Re: Slow computer!

[ReTay]

Is it just me or should that guy be embarrassed to admit that he took 10.5 hours to reinstall an OS and a security suite? I realize that he took the long way to fix the issue. As far as I see it if ANYONE other then the client has had root on a box you can't trust it. Ever. You need to reinstall from known good media and start over.
But maybe that is just me.

Re: Slow computer!

[Black Parrot]

> Is it just me or should that guy be embarrassed to admit that he took 10.5 hours to reinstall an OS and a security suite?

Embarrassed? If he was charging $45/hour he should be bragging about it.

Re: Slow computer!

[ReTay]

Umm $45.00 X 10 hours would be $450.00
He states that he billed her 800.00 total.
That is a lot more the $45.

I would hope computer people have more morals than used car sales people or politicians.

Re: Slow computer!

[Anonymous Coward]

First, the article says the guy came over in course of the next week and try to install Norton firewall, to no avail, and that the owner made some calls to M$ for like half an hour. Therefore the $800 paid for more than the 10 hrs of technician labor.

Second, as someone else pointed out in this thread, you do not expect a car to go on without maintenance. Come on, the computer is not a damn fridge. It is a COMPUTING device, and the Internet is a complex two-way medium, not a dumb TV set. If you do not take

Old joke alert

[plover]

Q: What's the difference between a used-car salesman and a computer salesman?
A: The used-car salesman knows when he's lying.

Re: Slow computer!

[BlueStraggler]

Honestly, only an idiot would pay that kind of money to have their drive wiped and os reloaded.

Anybody whose data is worth less than their computer is just using it as a toy. Regaining access to your data is of far greater value than making the stupid hardware run. If it was one of my computers, I'd happily pay the $800 (or even $8000) to get my data back, and *then* I'd ditch the "ancient piece of crap machine" and buy a new one.

(Well, actually, I keep distributed backups to avoid this problem, and use almost exclusively ancient piece of crap hardware since the machines themselves are irrelevant. So if it were my computer, I'd probably just spend the $800 on women and beer.)

Re: Slow computer!

[jedidiah]

What I think is shocking is the fact that the PC tech apparently did not feel it necessary to wipe the OS and start from scratch. Both these articles perpetrate the dangerous notion that being r00ted is recoverable. Once a system has been compromised, there's no telling what other nasties reside therein.

This bit of info was sorely lacking from both articles.

Re: Slow computer!

[gnu-generation-one]

"He should also be smacked in the head for not getting her off Windows 98. Windows 98 is 6+ years old. How many people here recommend 6 year old Linux distros?"

I sometimes use and sometimes reccommend Windows 98. It doesn't have the security problems of XP/2000 (no Windows Messenger, no LDASS or whatever that was, no remote assistance, no product activation, no media player with evil crap in it, you can update it without revealing the software you use to Microsoft, the EULA doesn't allow Microsoft to impose new terms on you in the future, nor does it allow them to remotely install software on your machine. It's not as stable, but it only needs to run for long enough to play a game; nobody would be using Windows for any real work anyway, and you can dual-boot back to a proper operating system when you've finished playing the game.

Oh yeah, and "flamebait" is the button you want to press. Reccomending windows98 indeed! Don't I know that the moderators are all MS guys, with their "if you administered a billion computers for a fortune-500 company like I do, you'd know..." attitude.

Tips, and a list of known rogue spyware cleaners

[Alien54]

He went down the merry path of trying to rescue the system in order to keep customer data intact. The story is typical of someone who is entering the fray without have their tools prepared in advance. The solution always looks easier than it really is.

In his case, he needed

• a CD with all of the relevent tools and updates
• a windows boot disk with CD support
• an understanding of the windows command line in order to copy a subset of these tools to a convenient folder on the hard drive from the CD
• The knowledge to run these tools from Safe mode, and how to get there in the first place
• Include in the subset of tools one that can fix the broken LSP setup.

  [LSP or Layered Service Provider is a piece of software that can be inserted into the Windows TCP/IP handler like a link in a chain. However, due to bugs in the LSP software or deletion of the software, this chain can get broken, rendering the user unable to access the Internet. Spyware is good at this, and some cleaners leave a broken LSP behind.

  With the correct tool, the fix takes seconds. Without the tool, you need to uninstall and re-install the winsocket, or else the same with the entire network support. Otherwise you fall into the trap this poor bloke got into.]

tips - I deal with this stuff all of the time. The best data on this stuff can be found in articles at spywareinfo.net - the forums are not bad either, although spywarewarrior.com also has good forums. also good to have is this list of known rogue spyware cleaners [spywarewarrior.com], along with this list of Anti-Spyware Orphans & Outcasts [spywarewarrior.com]

My current recommended free antivirus is Avast! Home Edition [avast.com], which is very low maintenance for the home user, and requires registration for the free license. It also protect a number of common Instant Messenger clients, as well as several common P2P clients. It is better than AVG in my opinion, and detects many trojans as well as spyware.

You can get a system that is so hosed that it will not boot, not even into safe mode, even under XP. The solution there to remove the hard drive, drop it into an external drive enclosure, and hook it up to another system where you can use scanning software to do a basic clean so you can boot in the original configuration. Once it boots you can install cleaners from safe mode, and then run cleaners from inside every user account.

Re:Tips, and a list of known rogue spyware cleaner

[CerebusUS]

Besides, the typical "mod parent up" post, can I recommend creating a BartPE boot CD with those tools you mention on it. Then you can skip the step of mounting the hosed drive in another machine.

I used a generic BartPE disk this last weekend to copy a friend's data off a system that was so badly hosed it wouldn't let me log in.

Nice stuff.

Re:Slow computer!

[Chuck Bucket]

I know, I know, don't feed the trolls, but if more ppl would read things like this: Dispelling the myths of Gentoo Linux, an honest review [lxer.com]: more ppl would know what they were talking about in regards to Gentoo.

Oh, and CAN WE GET A GODDAMN GENTOO TOPIC ICON ON /. PLEASE!

CVB!@#$%^&*()

Re:Slow computer!

[jimicus]

or reinstall Windows 98 or any OS...

Yeah, but you know what happened:

Tech: Heck, this is a mess. Best to reinstall the whole lot from scratch. You do have backups, right?
User: B... Back--ups?
Tech: (sigh)

Re:Slow computer!

[jimicus]

Not the point. If the customer doesn't have backups of their work & you don't have easy access to some means of backing it up, you'll have to do it the hard way. (WTF are you doing such a job if you don't carry around a spare hard disk?!)

If the customer simply doesn't like the sound of rebuilding from scratch, you'll have to do it the hard way.

If the customer doesn't have access to original install media (and you're going to be a Good Little Tech and refuse to put pirated software on), you're going to have to do it the hard way.

Trying too hard.

[SatanicPuppy]

I used a win98 box as my game machine for a good while. Just through normal use, the damn thing would degrade over the course of a year and become sluggish and erratic. Grant you, I'm using it like a 15 dollar ho, but that's not acceptable. (I've still got the comp, and its running RedHat8, and STILL getting slapped around, and it's got an uptime of 108 days (Power failure). Vive la differance.)

The secret is to keep a data drive and a OS drive, and when it ends up in the shitter (as it will, without a doub

Re:Trying too hard.

[aonaran]

Ghost, DriveImage, PartitionImage, whatever you want to use fer godsakes people make a backup of some kind.

I don't know how often I've had to explain to people that backup software is only really useful if you make the backups BEFORE the problem occurs. waiting until you have a problem does absolutely no good. ...but still not one person I know has a proper backup of their machine.
Not even the ones who already have the software to do it.

Making ghost images

[Alioth]

You don't need any stinking non-Free software to make ghost images.

Here's how you do it:

0. Set up a recipient (either a second hard disk, a machine on the network - whatever - I do it over the network)
1. Boot Knoppix on the machine you want to ghost.
2. Mount the destination.
3. dd if=/dev/hda bs=128K | gzip > /path/to/image.gz

To restore:
0. Set up the source.
1. Boot Knoppix on the machine you want to install.
3. Mount the source.
4. gzip -dc /path/to/image.gz | dd of=/dev/hda bs=128K

Tips: Overwrite any free space on the machine you want to ghost with a huge file filled with 0x00, then delete the file. The disk image will compress much better as you've scrubbed the deleted files.

I use a system like this to ghost many machines at a time (an image server can easily deal out 30+ images at once). It'd cost a fortune to license many copies of ghosting software - with Knoppix and a very small shell script, I've got an automated system which will do many machines at once. (A typical 40GB fresh WinXP install with our apps compresses to under 1GB with gzip).
If you're doing WinXP, remember to either make a Sysprep build or use something like System Internals free (open source but not truly free) tool to change the SID and hostname of the machine when it's booted the first time. (This is the approach we use due to the limitations of sysprep).

Re:Making ghost images

[vvg]

You can also use partimage [partimage.org] instead of dd. The advantage is that partimage does not copy unused areas.

I also save the MBR and the output of fdisk -l seperately.

Beware that support for NTFS is still experimental.

To be fair to Microsoft

[Anonymous Coward]

(Yeah I know, fair to Microsoft... on Slashdot!)

Windows 98 is 6 years old and isn't sold with computers anymore. This test just shows remaining Windows 98 users they should keep up to date or upgrade to XP.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:To be fair to Microsoft

[Throtex]

If you wanted to be really fair, I could say that I could put my Commodore 128 on the Internet and let anyone who telnets to it run anything they damned well please, and I still wouldn't have problems...

Re:To be fair to Microsoft

[dave420]

Yes, and that OS can't do as much as Windows 98 can for that particular user. Let's compare like with like here. I mean, I could say "and I can turn on my Spectrum 128 +2 and it would run fine!" - technically true, but hardly a real comparison.

And this is /., so no-one expects microsoft to be absolved, even if they did nothing wrong ;)

Re:

[account_deleted]

Comment removed based on user account deletion

Re:To be fair to Microsoft

[garcia]

To be fair, if you installed a stock version of Slackware from 1996 on the net, without a firewall, you would be subject to known exploits either in the kernel or the userland programs that were included in the stock distribution.

Re:To be fair to Microsoft

[geomon]

To be fair, if you installed a stock version of Slackware from 1996 on the net, without a firewall, you would be subject to known exploits...

Oh, CRAP!! (runs from room to find server and power switch)

Re:To be fair to Microsoft

[SillyNickName4me]

> Of course, this being /. the answer is to move to Linux which doesnt have bugs and never needs updating....and they wonder why folks who know their stuff call them trolls.

People who know their stuff also know that in 1996 there already existed linux distributions that did not run any services by default. This might still be vulnerable to bugs in the ip stack for example, bur I am very sure it is possible to install some distributions from that time on a machine, not instalkl any vendor updates, leavin

Re:To be fair to Microsoft

[callipygian-showsyst]

Actually the ONLY time I was ever 0wn3d--either Windows or other--was with a circa 1996 version of RedHat!

Someone got into my pc using the LPD Root Exploit [pestpatrol.com]. Of course, I was stupid enough to put a Linux box on the Internet with no firewall! Still my personal experience from that time was the Linux had a problem!

Re:To be fair to Microsoft

[NoMoreNicksLeft]

You mean the only time you were owned and knew it. With linux, software behaves consistently enough, that it's much more obvious when you've been nailed. The cable modem light blinking furiously, the hard drive whirring? Shit, something's up!

With Windows, you're left wondering if that's normal behavior...

Re:To be fair to Microsoft

[maximilln]

Not if the person who hacked your box knows what they are doing

That's lacking proper perspective. I know of only a few dozen people who could successfully deceive ps and netstat at will, and all of them have far more important things to do. I know of many other people who probably have the skill to do it but have no interest in poring over the source code to actually figure it out. Then there's the matter of writing a properly deceived edition, compiling it, and placing it on the victim's machine. Scr

Re:To be fair to Microsoft

[moonbender]

Both 2000 and XP have a command line application called netstat - I'd have thought it imitates the GNU netstat...? It certainly was useful to me a couple of times.

Re:To be fair to Microsoft

[sw155kn1f3]

you obviously have non-standard netstat...
standard is:
netstat -o

Re:To be fair to Microsoft

[NoMoreNicksLeft]

Same could be said for windows, though in reality it rarely happens with either.

The ratio of uberhacker to script kiddy being what it is, what I've said is much more applicable.

Re:To be fair to Microsoft

[jellomizer]

But still back in 1996 Linux was made with high speed networking in mind. Windows 95, 98 were made with mostly dial up networking in mind. Linux in 1996 wasn't even seriously trying to invade desktop or even much of the server market. At this time Linux was just trying to go "Hello!!! We exist and we can do a lot of stuff that you 10k Unixes can do for free." So it was busy porting all the Unix utilities to it. So we had netscape 3.0 which didn't have enough features to support the viruses and spy-ware. While Windows 98 Has the market share Apple was dead, Unix was dead Linux was just a bit player for hackers. So Microsoft worked on putting on features to the product to sell more, and to kill off netscape. Integrated everything, that was the buzzword of the late 90s. No one really (Who had enough say at Microsoft) had foresight of todays problems to make windows 98 still run in 1994. So features were added. And if Linux had the technology at the time there was a good chance that they would do the same as well.

Re:To be fair to Microsoft

[a_nonamiss]

OK, I hate defending Microsoft, but let's put this in proper perspective. Cars in the 1950's weren't required to have seatbelts, airbags, crumple zones, etc. These innovations happened well after the 50's. You can still drive around proudly in a 1956 Belaire Convertible, but God help you if you hit a moped or a grounhog going 25MPH, because you will probably die a horrible, painful death. Nobody is asking Chevy to provide free retrofitted seatblets, airbags, etc., to increase public safety. Although these cars are not fit to drive by today's safety standards, they were considered safe when they were manufactured. If I were so motivated, I could probably take that '56 Belaire, weld some seatbelts to the frame, make some body modifications and if I was really good, maybe even retrofit some airbags in that puppy. It would be much safer, but considering the amount of time and skill required for such modifications, it would probably be a fraction of the cost to go out and buy a new car.

As much as I feel for the poor woman stuck with Windows '98, I can't really agree that it's Microsoft's fault. When Windows 98 was invented, it was reasonably secure. Since then, there have been many innovations, and things have changed. It is severely outdated, but as long as you know what you're doing, you can keep it running, but in the hands of a novice, it can be dangerous. No different than an old car.

Re:To be fair to Microsoft

[jedidiah]

If I connect an Atari ST or Falcon to the net it won't get rooted like a WinDOS box. If you add features that can be a security problem, then you should design appropriately. It's not as if there weren't ample real world design examples to go off of (commercial Unix, VMS).

The Morris Worm incident occured a FULL DECADE before Win98 was released. Microsoft's so-called engineers should have known better.

Windows was never "reasonably secure". It was designed based on the paradigm "internet, what internet?".

Re:To be fair to Microsoft

[stratjakt]

I know what it installed by default. It installed your ethernet, brought it up, installed telnet, brought it up, and left you to log in with NO ROOT PASSWORD. Thats the uber-secure linux of the past.

Install that old slackware while connected to broadband, and if you decide to take a coffee break before logging in and setting the password (or if you forget to do it, or miss that line item in the install instructions) and you're fucked.

Hell, those were my Uni days. We'd have a ball in the computer lab watching the one TA (total stereotype smelly bearded hippy geek with a bad attitude) install some new linux terms, and we'd race him (and beat him!) every time to log in as root and do various stupid things.

Hell, I'd wager on 7 out of 10 student machines on the campus net never did get a root password set.

Re:To be fair to Microsoft

[sw149]

Mac OS 7 secure and stable as ever.

Yes but...

[ColourlessGreenIdeas]

Consider a hypothetical Win98 user. For the sake of argument call her 'my mum'. She runs a Pentium II-450 and uses it for email, word processing, web browsing and very occasional other bits of office. The computer runs all these tasks fine, but it really isn't powerful enough to run XP. Windows 2000 would make life better, but it will go out of support soon and if you worry about getting legal copies, it's not available in a home edition so it's very expensive. Windows ME can hardly be called an improvement.

So you're saying people in this position need to spend money to upgrade their hardware despite the fact that the current computer runs all the software they want to run at a speed they find acceptable.

Yes I know; install Linux.

Re:Yes but...

[Angostura]

To be honest, I think the thing to do is to print out the article for the hypothetical user, and point out that this is what happens if you don't install critical updates, a firewall, virus protection and Adaware

Re:Yes but...

[kzinti]

Mum's computer doesn't have enough horsepower to run XP, but it does have enough horsepower to run all the viruses and spyware that she will accumulate? That sounds like false economy to me.

Anyway, I think your Mum's computer will run XP just fine with a few tweaks. Turn off all the visual effects, every one of them. And tell Mum not to turn them on again. Turn off unnecessary services (there are a bunch) and don't tell Mum how to turn them on again. Tweaking the services may take you a few hours (don't let Mum do it - do it for her), but in the end XP will run just fine. There are lots of XP-tuning sites out there that will give you loads of other advice - like turning of fast-user switching if Mum shares her computer - seek out those sites and heed their advice.

I have an old 433MHz PII-Celeron laptop with just 128MB of memory, and it runs XP just fine. It's not the fastest computer in the world, but for things like email, web browsing, and occasional Word processing, it does just fine. And it's far more stable than 98, which would crash daily even with just light usage.

Set Mum up with XP. She'll love it. And maybe she'll even bake you some cookies to munch on while you work.

Re:To be fair to Microsoft

[Nick of NSTime]

Consider this for a moment. Jane Boxwine buys a brand-new computer in 1999. It's a Pentium II 400 with 128MB RAM, 8MB HD, and Windows 98. She spends $2000 on it.

Jane Boxwine uses this computer for Quicken, maybe to email her family, Solitaire, and simple things like that. Her computer has not outlived its usefulness, but it is woefully underpowered by today's standards.

So now you're telling her that she has to spend $100 on a Windows XP upgrade *and* install an OS that will be very noticeably slower on her machine? You're telling her that Microsoft made mistakes and now Jane has to pay for it?

So what's the solution for Jane Boxwine?

Re:To be fair to Microsoft

[JJahn]

I think Jane should spend that $100 on some bottles of decent wine, instead of that crappy box wine.

Re:To be fair to Microsoft

[Obiwan Kenobi]

The question is rhetorical. There is no answer. You must either upgrade to a modern OS or suffer the consequences. This is definitely a Pro Linux (tm) situation, as it basically highlights the Upgrade-Or-Die mentality of the Redwood camp.

But in a nutshell, yes, she does need to upgrade if she wishes to keep using her machine as she's used to doing. This is a new environment and Win98 is an old system that quickly bogs down when you try to band-aid it with differing programs such as Anti-Virus or Firewalls (though some are less bulky than others).

Whenever I see a spyware-riddled PC, I reinstall Windows. There is no question. I've gone past running 3-4 different Ad/Spy-finder programs, and them all find something different, only to remove the invaders and then reboot and see that some hidden hook has returned most of them.

This is the sort of madness that most Win98 users live in, and sooner or later abandon it for a smarter OS, which is usually WinXP but on those fringe cases will actually add another point to the statistics of the most stable and robust Mac OSX or even Linux (for those who don't need games).

The solution is to change to something better, and growing pains will be involved. Is that a better answer?

Re:To be fair to Microsoft

[4of12]

So what's the solution for Jane Boxwine?

Switch!

You make good points.

But Jane's problem is that she knows about as much about her computer's operating system as she knows about the automatic transmission in her car.

She bought these advanced devices (computers, cars) in good faith that since everyone else seemed to be buying them, they must work somehow, and if there's a problem, then a lot of people will be in the same boat trying to solve the same problem, so that solutions will be easy to come by.

But there's more to Jane's computer problems than to her car problems: since she bought her PC, she's bought a bunch of convenient, shrink-wrapped boxes of software to run on that box.

If Jane gets up the courage to switch to something like Mac OS X or Linux, she won't know how to deal with getting that shrink-wrapped Windows application and all of its weird data files from her Windows box onto the new application.

Tragically for Jane, advantageously for Microsoft, there is a significant barrier discouraging her from switching to a competiting platform.

If the Windows API were an free, complete openly-published standard that competing companies could implement, then this wouldn't be a problem.

Re:To be fair to Microsoft

[Bert64]

If the API were open and free then anyone could implement it and sell/make available for free a compatible OS.
microsoft would be forced to compete on quality and price with all the other vendors offering compatible solutions, look at the price/performance/quality of hardware in the last few years due to competing hardware makers.
Users would be free to install whatever os they wanted, safe in the knowlege that all their apps would run the same under any of them.
And, with people running different os's with di

MS is, alas, targeted Re:To be fair to Microsoft

[swschrad]

and a switch is definitely in order. when you have blight, nematodes, and rot in a soybean field, you have to rotate out of soybeans and plant anything else unrelated for several years to clear the land.

in the MS software monoculture, we are also at that point. pick Mac OS or Linux, but switch. you can't grow anything in that MS patch any more.

if you can't/wont, I have had multiple update choke-n-hangs with norton antivirus in the last year plus. each has finally been resolved by switching that user to Grisoft's AVG program, www.grisoft.com... and using Zone Alarm and Ad-Aware to deal with the other types of threats.

Re:To be fair to Microsoft

[erroneus]

In short, YES.

Rebooting your PC from crashed applications and drivers is normal. Get used to it. When Microsoft decides to stop supporting a given OS and all other newer ones require better hardware, then YES you should be forced to upgrade both the OS and the computer too.

"I'm sorry, that's just the way it is." But look over here! Isn't that "Clippy" entertaining?

Re:To be fair to Microsoft

[swordboy]

So what's the solution for Jane Boxwine?

I just worked on her PC. Nearly exactly as you've described.

The solution was simply to install one of the many free antivirus packages out there (I used AVG) and AdAware as well as a helping of Windowsupdate.com. Microsoft was gracious enough to realize that Win98 users will need support for a long time coming.

After removing half a dozen viruses (virii... whatever) and 500 spyware/adware "objects", the PC runs fine.

Re:To be fair to Microsoft

[mike449]

So what's the solution for Jane Boxwine?
Switch!

A router (with built-in firewall) is obviosly a better solution than a switch in this case.

Re:To be fair to Microsoft

[AsbestosRush]

I, at one point, thought this too. However, when you think about it, it's really kind of asinine.

Here's why I believe this: The computer is a tool, just like a car, a microwave, blahblahblah. The end user just wants it to work. Just like they turn the key on the car, turn on the microwave, blahblahblah. The answer of "Her solution is to bite the bullet and really learn to use a computer." really isn't addressing the issue of the fact that it's supposed to be a tool that I turn on and use, not have to

Re:To be fair to Microsoft

[DCheesi]

Err, if you haven't noticed, many of the worst M$ security problems lately have affected only the WinNT codebase, including some that are WinXP-specific. As long as you're only running client apps, Win9x derivatives may actually be safer than the newer ones!

The problem here isn't the OS version, it's that she didn't install the necessary security apps before exposing her computer to a direct internet connection. True, WinXP includes a very basic firewall app, but ZoneAlarm is just as easy to install and probably works better anyway...

Disagree with your conclusions

[siskbc]

Windows 98 is 6 years old and isn't sold with computers anymore. This test just shows remaining Windows 98 users they should keep up to date or upgrade to XP.

First, no it doesn't - they didn't do the necessary control experiment, which would be leaving an unpatched, no-AV machine with XP hanging around on the broadband network. Do that and your box is fried a lot faster than 98.

...I have some Win 98 boxen around here, as well as some Win XP/2K. I have MANY more problems from the newer boxes, mainly because most of the newer worms are no longer "compatible" with the older machines.

Yes, it's security by obscurity, but that's good in addition to having current antivirus signatures! With the XP/2K machines, we can't patch them fast enough to keep them clean on our notoriously insecure university network. The 98 machines are dedicated to running some specific lab hardware, and are sufficient to the task. They aren't getting replaced, or upgraded. Well, I did upgrade them from 95, but even I'm not that crazy. ;)

Windows 98? What about XP?

[Brain Stew]

It is bad enough with 98, but what if the same experiment where conducted with XP, considering all the wild RPC attacks?

Re:Windows 98? What about XP?

[MadRocketScientist]

My recent XP experiment:
I was installing a firewall for a client a couple of months ago after they got a new DSL circuit installed. The connection failed, so I called the provider and was informed that the line was disabled for security violations. Someone had plugged in the WinXP home edition desktop before I got there. Needless to say, it was so laden with trojans we didn't bother trying to clean it, we just went straight to the system restore disk.

same old stuff but more of it.

[twitter]

XP gets wiped out the same way, but the user does not notice it as soon. XP is generally running on better hardware and the "slowness" is not as evident. The software and design is mostly the same, so most of the same hacks apply. Just do an "upgrade" at a fortune 500 company and you will see that the best M$ can deliver for the money and kept up by dedicated professionals is still totally owned. Small offices and home users are just as wiped out.

They also get owned through dial up. Just as fast. Once again, the slowness of the connection itself masks the fact that the thing is broken. It makes the user think that dial up is unusable, when I've shared a dial up connection with my wife under Linux without problems. Dial up users are also targeted by a special class of worms, porn dialers, which can cost the user plenty. I've heard users tell me about their computers dialing on their own in the middle of the night. Nasty.

With all the broken Windoze boxes out there able to launch all manner of attacks, the web is a really ugly place right now.

Format?

[Klar]

So to sum up, I spent one day cleaning up problems created by ne'er-do-well hackers and overzealous advertisers and four more trying to resolve a known problem with a product that is supposed to help prevent problems, not create new ones.

So the tech place got the girl to pay for a 10 1/2 hours of labour for a format, install of Win98 and Norton Anti-Virus? Why not just spen $100 and put a copy of XP with a firewall turned on, or hell... spend $0 and throw a copy of linux on? If the comp was full of spyware and you could backup any infomration you wanted to save, why not just format right away if you aren't comfortable using the anti-spyware programs?

They're idiots

[Killjoy_NL]

"Her PC was in such bad shape, it required 10 1/2 hours of surgery to restore it to working condition."

It takes me a lot shorter to install Win98 on a box and that includes saving any or all documents.
1.5 hours tops.

If not "idiots" at least "barely competent".

[khasim]

So, you talk to someone who's having problems with her Win98 machine on a broadband connection.

#1. Advise her to go out and purchase an inexpensive hardware firewall.

#2. Advise her to go out and purchase a decent CD-rewritable burner and a few rewritable CD's.

#3. Backup all of her data.

#4. Wipe the drive and partition it into 3 segments. OS/swap-n-temp/data.

#5. Re-install the OS and apps. Patch. Configure. Google toolbar is she must use IE. etc. Anti-virus set to auto-update every hour and auto-delete infected files (see #7 before you start screaming).

#6. Copy her data back to the machine. Make sure it is in the data partition.

#7. Show her how to backup the data partition onto the rewritable CD's. Inform her that here hard drive WILL fail sometime in the future and that this is will keep her data safe from that.

These are the basic steps whenever I'm asked to fix someone's computer. And it does not take 10.5 hours. Like you said, 1.5 hours tops.

Mantra

[wbav]

Whatever happened to:

Format, fdisk, re-install do da, do da?

Pull all the useful data off onto a spare disk and clean the machine. Just don't be like my neighbor, and wipe, then install your new os on the spare disk.

Re:Mantra

[aelbric]

Format, fdisk, re-install do da, do da...

Thanks. Took me a minute to put that to the tune of "Camptown Races". Then I started laughing. Sonn as I get mod points you get one.

10.5 Hours?

[digitalvengeance]

Very few machines are worth 10.5 hours for me. Factoring in labor, I can save a lot of money by saving the data elsewhere then FDisking and reinstalling the OS. Even considering windows install time, program install time, and configuration, I don't have 10.5 hours in it and the user probably has a less glitchy machine for it.

Similar idea to what I wanted to try

[British]

I wanted to take a 98(non-second edition) box, no patches, no firewall, and no updates and visit a frew pr0n sites with IE, and see how much I could get it to be 0wned with spyware, plugins, popups, etc before it was rendered unsuable. Make it a competition to see how quickly it would bring the system down.

The screenshots would have been hilarious. If I only had VMware.

Surgery?

[Blindman]

I think someone thinks a little too highly about their profession.

And I hope she buys a Mac next time

[paulproteus]

While Apple's track record on security isn't perfect, I hope she'll realize that she has these problems because she chooses to use Microsoft products. That it's a choice is debateable, given MSFT's documented predatory practices. However, it's ultimately up to her to stand up to the monopoly, since the government refused to.

If she buys an Apple Mac computer next time, she will have a computer that functions better, works better, and breaks much more rarely than her current Windows computer. It's simple, really.

(Me, I use Debian GNU/Linux because I value the freedom that is in Debian's goals. I recognize that Apple shares to some degree these goals, looking at its KHTML-based Safari goals.)

Flame me, since many of you will, but consider that whether you blame the creators of Gator, Microsoft, or worm writers, she would have a better experience on a Mac.

"choice"

Re:And I hope she buys a Mac next time

[Mant]

I hope she'll realize that she has these problems because she chooses to use Microsoft products.

No, she has these problems becuase she didn't know about computer security. I've had my XP box for a couple of years, and had no problems. Norton AV, Windows Update and Windows Firewall have been just fine.

I'm no great fan of MS business practices, or some of their software, but you can run Windows quite stably and securely without much effort. Choosing to use MS is not the problem.

Surgery?

[kaleco]

'Surgery' is a little misleading since it suggests hardware damage was incurred. If I was determined to use a metaphor, I'd go for 'therapy' :)

Hard to believe!

[callipygian-showsyst]

Her PC was in such bad shape, it required 10 1/2 hours of surgery to restore it to working condition.

C'mon now! IF runing Spybot S&D and Microsoft's own repair process didn't fix it, you could have just reinstalled Win98.

Total time, 2 hours MAX!

It's Interesting

[aynrandfan]

I find it interesting (and a little frightening) how otherwise educated people (reporters, for instance) can be so clueless in critical areas. Is this inevitable for people?

And yes, I do consider basic computer literacy a critical skill; your computer is not just an appliance. Letting your computer get 0wned is much like letting your car run out of oil.

Not necessarily

[cprincipe]

For example, a tax accountant would probably think you clueless if you ended up having a big tax bill on April 15. Paying your taxes properly is a critical skill, since everyone has to do it.

Or a doctor would think you clueless if your cholesterol was over 200. It's (usually) quite simple to keep your blood cholesterol low.

Unless it has happened to them or someone they know, most computer users are unaware of things like spyware, virii, etc.

Re:It's Interesting

[RAMMS+EIN]

``Computers are still expensive (when compared to other electronic devices), and I think when you've spent that much on a PC you sort of expect it to work.''

Or, when you buy such an expensive machine, you learn how to use it and take good care of it. Back in the day when computers were still uncommon in households, the people who used PCs were very aware of the virus threat and had backups and virus scanners.

These days, even though the virus threat is a lot bigger and gets more publicity, people just don'

This reminds me..

[manavendra]

..of my initial days of tinkering around with RedHat 6.x.

My old office had two RH boxes on a static IP. There was no such thing as an administrator. As a programmer, I was supposed to install all applications, configure them and also *ensure* it was up and running.

Got a call from the ISP two days later. They had shut down the machine because of complaints from other users - apparently some application from these machines were flooding the network (I never did find out what they were doing though). Got the ISP to restart them. Frantic googling and few "security guide" downloads later, I started exploring what was wrong with them (incidentally, I was *still* accessing those machines remotely - my office wouldn't pay for me to go to the site to check the machines). Turned out there were THREE rootkits installed on one of thsoe machines. Found the traces of one of the possible three attackers - was some IP space in netherlands. Later found that that range of IP addresses was actually under contention and was thought to be not allocated and probably belonged to some malicious/rogue ISPs (I haven't understood this part yet).

Not knowing much, I got them to reinstall the OS. Of the three, two rootkits appeared within 2 days. Another re-install, this time with the Linux security guide implementations for securing the box. Things were ok for about 2 weeks or so. I then had yet another attack and someone was using my box as a IRC relay host (or something) and I was still in trouble.

Finally, after some RH updates and more tweaks (and ipchains and iptables install/config), I was able to have reasonably secure machines.

Trial by fire, but I learnt a lot!

*shiver. I hate to think how it would have been, had those been '98 machines

Not uncommon

[lukewarmfusion]

My mother's machine was the same way. Win 98, no windows updates for nearly three years. On a cable broadband connection, no firewall. Anti-virus wasn't updated since 2000.

Between an updated McAfee, Ad-aware, and a few other spyware removal tools - I spent nearly eight hours on getting her machine back to a working condition. Once I was able to back up her data, I formatted and moved her to XP Pro.

She had enough trouble learning XP - I wouldn't dare put Linux in front of her.

Almost 20 viruses.
Over 150 spyware components, files, etc.
Three hours of Windows Updates to download over a broadband connection.

Don't clickety-click on everything on your screen. Some of those links are bad.

Hosts File

[ejdmoo]

I bet he didn't check the hosts file. I bet that was null routing the liveupdate DNS records.


Once the infections were removed, LiveUpdate still could not retrieve the latest virus-targeting data. So I gave up on that and uninstalled and reinstalled the entire Norton AntiVirus program, hoping that its update system would work afterward -- but it did not. I again tried to access Microsoft's Windows Update Web site, but IE still failed to respond.

Suspecting a problem with Internet Explorer itself, I tried to repair IE using the Add/Remove Programs control panel. That didn't work either, producing an error message that indicated some file or files necessary for IE were damaged or inaccessible. Trying to restore the previous version of IE, 5.5, yielded no benefit, either.

Finally, I abandoned ship, reinstalling the entire Windows 98 operating system to repair the damage to Internet Explorer and allow Kathleen's computer to access the Internet and update the Norton AntiVirus definitions.


I always check that file. It always gets hijacked. I'd be willing to bet that was his problem.

The real way to protect windows on a broadband

[foidulus]

connection: Cover your ethernet chord with a prophalctic(sp?). Of course, you block out all the interesting stuff on the internet along with the bad stuff, but that is the price one must pay to sleep with a dirty whore!

Nuke it from orbit. Only way to be sure.

[frankie]

Sheesh, here at the office, if IT is called to disinfect a PC, we'll spend maybe an hour to twiddle with SpyBot, RegEdit, etc. If it isn't clean by then, we fdisk the beast, reinstall from master image, firewall, windows update. Way less than 10 hours.

Needs an `OBVIOUS` tag

[Wingchild]

A few years back a buddy of mine came over to my apartment and plugged into my hub. I wasn't using a router at the time, just a hub with a WAN port for broadband. (I know it sounds terrible, but I keep my system configured according to DISA's security guidelines; sometimes I feel like testing it against real-world attacks. Bit of a masochistic streak.) I was running a locked-down Win2k box; he brought an unsecured Win98 system -- with it's C drive shared. To EVERYONE.

Things were going pretty well, and we left the systems on overnight. When we signed back on in the morning, my machine was fine; his machine had been compromised -- in grand style. We found the following:

- two separate users were connected to it.
- Cygwin, which my friend had managed to break and wasn't operational, had been either repaired or reinstalled.
- gcc was added.
- eight (!) separate viruses were on the system; two had been compiled with the local gcc, from the look of it.
- those viruses were being sent out around the net.

The main data on the system was not compromised and while there was a minor virus infection, for the most part things were not touched. I should say, "things were not touched that we could detect" -- they could have taken a full copy of his HD for all I know, not that anything important was on there (it was just a gaming box).

He probably wouldn't have noticed the attack itself except that his processor wasn't all that hot and he was on a 10M/sec network card; between the heavy compiling and the constant sending of virii system performance had dropped noticably.

The fix?

Unplug from the internet, make sure no data on the box is needed, and format it back to the stone age. It isn't like reinstalls take a long time. (Backups are your friends. :) )

Weeks to fix a computer...

[NoMercy]

There are quicker methods.

Drive C: contains a valid NTFS partion, are you sure you wish to format (y/N) y.

Something sounds fishy

[darkjedi521]

I've put unpatched '98 installs and unpatched XP installs side by side on my school's network. Guess which one got nailed with viruses?

The XP box, which caught Sasser, and probably a few other nasties, but I didn't bother looking, and just nuked the box.

The purpose of the exercise was to make a CD containing all the updates as of April, 2004 that a clean 98, 2000, or XP install required to be usable.

She was right on the cusp of greatness

[jgorkos]

From the article:
"What a revelation: Four programs -- one a firewall and three to combat spyware -- I downloaded FREE worked better than one I paid through the nose for. Why would anyone create these terrific programs for free? Often, as in the case of ZoneAlarm, they hope people will like the product so much they will buy an upgrade or, in the case of the spyware, pay to subscribe for upgrades."

She was right in the middle of the trees, and couldn't see the forest... yes, free software, even WINDOWS free software, works better and does what it says it does.

Talk about leading horses to water...

Neatly illustrated

[maximilln]

I finally decided to install Apache. I had been running an ftpd for a long time to transfer files between home/work/family/friends but so many of them began asking for me to appeal to the least common denominator that I finally did the apt-get install apache. Honestly speaking it was the easiest fileserver I've ever set up. Granted I didn't look into authentication or restricting access yet. I simply wanted to install it and offer files. In terms of basic functionality apache was much easier to achieve liftoff than ftpd or samba.

Here's the rub that fits with this article: Apache was not up and running for more than 2 hours before I had 3 IP addresses, two of them on my own ISPs /24, poking around for overflow vulnerabilities by sending SEARCH and GET requests with more than 8190 bytes.

Why can't these script kiddies be stopped? It is obvious what the intent was.

Re:Neatly illustrated

[Apathetic1]

I suspect those were worm requests (W32-Nachi tries to overflow the buffer that handles SEARCH requests in IIS), rather than a particular person attempting to 0wn your webserver. I had to start filtering the request strings out of my log files becaues they were filling up the /var partition every two weeks.

Type of person

[oasis3582]

The user here was probably the type of person that would love to see pics from MyParty! (.zip file attached)

Pick up the Ball Apple!

[microcars]

from the article:
"...More important, everybody selling to home users -- Microsoft, hardware manufacturers, software developers and retailers -- needs to do a better job of informing customers of the risks and potential problems of Internet access."

I don't know why Apple doesn't pick up this ball and run like hell with it.

Most of the people I know that run 98, 2000 or XP just assume that ANY computer OS, Windows or Mac has the same internet "experience", but it just costs more to have the same crappy "experience" on a Mac.

The fact is...

[jb_nizet]

It's now a major pain to install a windows system from scratch, using the original CD.
You now have to
- think about getting the latest service pack first
- think about getting a firewall with its license key (love it when the firewalls ask to be registered before working, and need an internet connection to be registered!),
- think about getting an anti-virus (same story)
- then install the system (disconnected from the network, of course, so forget about "configuring an internet account" during the install)
- install the service pack
- install the firewall and the anti-virus and make sure that they're running
- go to windows-update and patch your system
- start to play.

This is an impossible task for 99% of the regular windows users, who don't even know what a firewall is and how to configure it. There have been improvements in the installation process of OSes and applications, in order to make it possible for reg. users, but all these efforts have been ruined by virus and worm writers.
And I'm not even talking about spyware, adware and spam...

This is how I learned about computers

[Gregoyle]

I don't think I'm alone here; problems like this (although not this exact one) were how I learned about computers. It's during these agonizing multi-hour sessions that you really get a glimpse of what goes on behind the curtains.

I learned how to build and modify my own box after many agonizing sessions installing new hardware, much like the doctor in the Post story who couldn't get her printer working for love or money. When you go through all the troubleshooting procedures for figuring out why your new RAM, hard drive, or video card doesn't work you learn very quickly how it all goes together. The second or third time you do it is much easier.

I was never really all that interested in computer security until my first Linux box got rooted. Luckily for me I had it configured for a graphical login where all accounts were listed as icons, or I might never have noticed that there was an extra account. After that I became a computer security nut, getting updates from 5 different sites and configuring multi-tier systems. Being interested in security is also what got me into OpenBSD. The experience I got with OpenBSD was extremely useful for me in getting one of my first IT jobs; I think my broad experience with multiple Unices is what got me that job and allowed me to be successful there.

Troubleshooting problems like these, annoying and frivolous as they may seem at the time, is a great way to become the guy that people go to for their problems. Now whether or not *that's* desireable I'll leave up to you ;-).

Both perspectives, preemptively

[Scoria]

Realistically, I would anticipate a similar result if I were to directly connect an unpatched Red Hat 5.1 machine to the Internet. After all, Windows 98 and Red Hat Linux 5.1 are both technologically obsolete, having been released on June 25, 1998 and May 22, 1998, respectively. They are over six years old, and both were available for purchase. Why should Microsoft support Windows 98 if Red Hat doesn't support RHL 5.1?

On the other hand, Red Hat Linux is open source; thus, anybody is capable of backporting patches to their version of the operating system, whereas Windows users remain dependent on Microsoft. Additionally, the operating system still does possess a substantial user base, whereas users of RHL 5.1 are much more likely to have already updated their machine(s). Most importantly, Microsoft is probably financially capable of supporting Windows 98 indefinitely.

I ultimately believe that it is Microsoft's responsibility to provide support for Windows 98 unless they develop an alternative method for the end-user to properly secure it. Not everybody is willing to endure the inconvenience of installing a new operating system every two years, and the Internet certainly doesn't benefit from a prodigious cache of unsupported, vulnerable machines.

Grr..

[naelurec]

10.5hours?! Man oh man.. the way I look at it is like this:

If spyware, viruses, etc get on a machine, it is effective "0wn3d" .. Going back to sys admin 101, if a box is owned, you have to restore it from trusted media.

Granted, since I can't make a distro of Win98 (with all the upgraded patches, Office, etc) and reduce the re-install time from the 3hrs+ of most-of-the-time sitting at the computer hitting "next" or rebooting (seriously, the time it takes to backup data, format, reinstall Windows, upgrade patches, install applications, reinstall virus/spyware scanned data, install additional protection measures and configure (spywareblaster, virus scanner, firewall, firefox, yada yada) then I tend to do the following:

Run spyware check & virus check (both run mostly unattended, can do other stuff) -- consider the box good. If there are outstanding issues, run a quick hardware diagnostic (unless symptoms make me believe it is the issue initially) and if it checks ok, then reinstall.

Microsoft could have made it a LOT easier if we as IT pros could make a reliable windows "distro" -- throw all the most-requested software on the disk, be able to install it virtually unattended and have it have an updated driver database so hardware installs, again, mostly unattended.

I do use ghosting/sysprep when possible, but there are some serious limitations that only make it feesible for certain situations (ie computer labs, standardized business desktops).

I suppose to an extent, it is job security, but I'd rather spend my time building solutions, than fixing Microsoft's issues. Oh wait, WinXP SP2 will fix all that .. bwhahhahah.. I can't even type it with a straight face. :)

The Cost of Nerd Naivete

[B_SharpC]

Techy Nerds generally have poor social, interpersonal skills. This is the largest factor causing the destruction of their IT industry through outsourcing.

Doctors have Unions, called the AMA. Unions provide "Congress" protection. Dentists have Unions, called the ADA. Their Unions protect their industry by limiting enrollment and limiting both OUTsourcing and INsourcing. There are plenty of willing foreign Doctors prevented to emigrate to the U.S. to alleviate the high costs of Medical.

Doctors and Dentists are smart. They have Congress protection. They have social skills.

Techies and Nerds are stupid. They have poor personal skills. They have poor Congress protection. Hence, Congress screws their IT industry because they can. No protection. No Union. No AMA or ADA for Techies.

This is the cost of Techy naivete. It's the systematic destruction of their industry and jobs through OUTsourcing and INsourcing and Mass Immigration.

Outsource Congress this November. :-)

fdisk and forget it

[leereyno]

Hours and days and weeks of work to "fix" her computer? I say fdisk and forget it.

Computer trashed with malware? fdisk

Computer owned by crackers (who I wish I could kill)? fdisk

Computer infected with viri and sending out penis-pill spam? fdisk

I get to fix infected systems at work all the time and I would NEVER spend weeks trying to fix a system instead of rebuilding it.

Lee

Oh please

[bigberk]

Shall I list the ways you can remotely root a 5 year old *UNIX (FreeBSD, OpenBSD, Linux, whatever) that hasn't been kept up to date?

• wuftpd
• sunrpc, portmapper
• imapd
• sendmail!!
• bind!!!
• openssh
• openssl
• apache
• php
• samba

I'm sure I forgot a dozen other common packages, but you get the idea. Any outdated, Internet-connected system is a disaster waiting to happen.

Is Apple listening?

[5n3ak3rp1mp]

Long ago, an early Mac ad compared itself to the IBM PC by dropping the corresponding manuals next to each machine. The Mac manual was light as a feather, the PC manual pile was 2 feet high. It was of course an exaggeration, but the point was valid.

I don't see how Apple can afford to not take advantage of the current spyware/security craziness occurring in the Windows world, and put out a ballsy ad along the same lines. Perhaps show each computer out of the box being plugged into a broadband connection, and on the Windows box, instantly a dozen windows pop up advertising things. Something along those lines.

I use both Macs and Windows all the time. My mom has a Mac, because I don't have time for the "family tech support" that her having a PC would require. She does complain about occasional problems with the Mac, but I have no doubt it would be at least 3 times as bad if she was running Windows.

Hardware Firewall?

[BrianWCarver]

Why didn't they spend $50 on a wireless router that includes a firewall? I guess it sounds like no one in her house owns a laptop, but if they did and could thereby benefit from the wireless access, this would have been a simple way to protect everything on the broadband connection.

Email to Kathleen Day

[Phil Wherry]

I saw this in the Washington Post yesterday and thought it interesting enough to send the reporter (Kathleen Day) a note, which follows, summing up my thoughts on the matter. I haven't heard anything back yet (and I don't necessarily expect to).

-Phil

Ms. Day:

I find it absolutely fascinating that problems such as the one you encountered are treated primarily as a user education issue. It's true that there are some things that everyone needs to know in order to use a computer. It's also true that savvy users can often avoid security mistakes. But one wonders, "Why is it that users *have* to be security-savvy in order to effectively use their computers?" I'd submit that the problems you wrote about are mostly the result of design flaws and not naivete. In many ways, I think the computer industry has set the bar far too low by blaming users for problems it has created. Put another way: what would you think if you had a car that would sometimes break down without warning if you drove it on the highway without first buying additional parts?

As I see it, there are two design weaknesses that contributed to the problems that you wrote about. First, basically anything you do on a machine running Windows is done with full administrative privileges. In one way, this makes sense: you own the machine, so you should be able to do anything you want with it. The problem, however, is that this blind trust allows malicious software to do pretty well whatever it wants. Most other operating systems (Mac OS X, Linux, and Unix) require you to take some special action (usually typing a password) in order to install software or alter the operating system. While this can't prevent you from choosing to install malicious software, it makes it quite difficult to do so unknowingly. To stretch the car analogy a little further: people can't modify your car's engine without your knowing about it because you have to open to hood in order to reach it. Computers should work the same way.

The second problem is that Windows doesn't make a strong distinction between programs (the applications that you run) and data (documents and the like). This makes several attacks a lot easier, as malicious programs can sneak onto your machine by masquerading as data when you are browsing the Internet. For most non-Windows operating systems, there's something that you have to do explicitly to say, "This is a program and it's OK to run it." If Windows has these protections, there still wouldn't be anything to stop someone from maliciously sending you data you didn't want--but your computer wouldn't be able to then run that data as if it were one of your programs.

It's a mistake to say that anything is totally secure. There have been (and will continue to be) successful attacks on operating systems other than Windows, of course. But I think it's a mistake to think that Windows has so many (and such severe) attacks just because of its dominant market position. True, it's low-hanging fruit for those with a malicious bent. But it's also so much easier to attack Windows because of the way it's been designed.

The very concept of a computer virus depends on both of these two factors. Take away the administrative powers, and the virus has little if anything to infect. Remove the confusion between programs and data, and it becomes much more difficult for malicious software to spread. Many regard it as unnecessary to run antivirus software at all on non-Windows systems. While I'm personally not sure that's a good idea, it does give one an idea of the relative security levels involved.

I think these security problems may ultimately threaten Microsoft's market position. The bad design decisions that are part of Windows weren't made because Microsoft is dumb (quite the contrary: they employ a lot of very smart developers and architects). They were made for market-driven reasons. Lots of old software (dating back to old versions of Windows and the even older days of MS-DOS) simply won't run in a more secure environment. As

Stinger & Ad-Aware Nothing More

[Concrete Nomad]

I do this for a living. I work a regular job trading futures, but I've been playing with computers since I was 6 or so. It is the easiest money to make. I could charge tons, but I just charge around $100 bucks for 1-6 hours of work and usually people are so happy I make everything work that they give me food and beer.

It boils down to having a USB key with 5 programs. They all fit on a 16MB key. Sometimes if I know my client has a virus program ahead of time I will download the definitions, but not that often.

People's problems are always the same. Virus and spyware. I don't recommend that most people use a software firewall since everyone just gets click happy. I usually tell them to just get a router. I have yet to get a call back from any of my clients and each time I do see them they say they never have any problems. They also like the fact that the router is just a one time buy rather than constantly buying new software and upgrading. I know there are free programs out there, but most people just don't trust them (beats me why).

I'll say it..

[TheHawke]

And i'll say it agian..

1. Run Spybot.

2. Run Ad-Aware to clean up what Spybot missed. (which is not much)

3. Load a Hosts file filled with nearly all of the nasty URLS in which the 'wares originate.

Were do you get his hosts file, you might ask?
http://www.pelicancoast.net/~nighthawke/host s.zip

Do a file search for hosts and replace it with this one and enjoy your sparkling-clean system as it roars off the blocks at boot and purrs all day long.

I just went through this

[Durandal64]

My girlfriend's aunt's computer was acting up, and they asked if I could fix it. They complained about pop-ups mainly. When I sat down at the computer, it was just excruciatingly slow. After I finally got the hardware properties to display, I saw that they were running a 2.6 GHz P4 with 512 MB of RAM and a Radeon 9800 Pro. But spyware alone had brought that computer to its knees. It was a mess.

I installed Ad-Aware and Spybot and let both of them run, and just got rid of everything. I removed a ton of crap with Add/Remove Programs, as well (lots of online casino shit and other useless garbage). I then removed those irritating TVMedia pop-ups by booting into Safe Mode and removing the necessary programs and running Hijack This.

I explained to them that, by running Spybot and Ad-Aware regularly, as well as keeping Windows up to date with Windows Update, they could keep their computer mostly clean. But one point I made very clear to them was never to use Internet Explorer unless absolutely necessary. I downloaded Firefox for them and set it as the default browser. I explained that Internet Explorer was probably the cause of 90% of their problems, because it's possible for websites to install things silently by using it or any number of other undesirable things. So I made it very clear that they should stick with Firefox. I also uninstalled Kazaa and installed Kazaa Lite for the kids.

Now their computer is running as it should. No more pop-ups or any shit like that. It took about 3 hours, but I did a damn fine job with that box, and they were grateful. All throughout that ordeal, I was thinking, "God I'm so glad I'm a Mac user."

Mozilla anyone?

[shis-ka-bob]

I was shocked that a search fo Mozilla came up empty. Simply switching to Firefox and making some descent security choices prevents all sorts of spyware. This is something that our reporter can actually do proactively, if only she gets the word. The other useful tool is the Thunderbird Email client. Remove MSIE and Outlook (Express or regular) and you stop all sorts of spyware and virii. Thow in a cheap router with firewall (as others have stated) and some antivirus software and you will have a reasonable chance of being able to use high speed Internet with a Win98 box.

Re:reg only?

[Vacuum Sux]

It's said "Washington Post (frr,yyy)" Free Registration Required, Yadda Yadda Yadda.

Re:Whose fault is it? The ISP.

[Rick Genter]

I maintain computers for a set of Curves for Women [curvesinternational.com] gyms owned by a couple of friends of mine. I run into the spyware/malware problem all the time.

Each gym uses DSL to connect to the internet. While working on one of the computers this weekend, I noticed that McAfee Personal Firewall (I stopped using Norton a while ago) wasn't seeing any inbound events, unlike the other gyms where it sees 10,000 to 20,000 events per week. A little investigation showed that the DSL modem at this site has a built-in DHCP server/router/firewall/NAT function. Seems like the DSL providers are getting a clue and building necessary capabilities into the hardware that the customer has to have just to connect to the Internet.