Windows Explorer fails and fails and fails...

My customer has had Vista for three months. He called me. Vista is in
an endless loop. The Windows Explorer fails repeatedly and restarts. If
you are lucky, the loop will last long enough to see that one of the anti
virus programs has identified a virus. It was too stupid to prevent the
virus from infecting the system. With a great deal of effort, I was able
to run msconfig from the task manager, but to no avail. Windows explorer
continues to fail repeatedly. I tried restoring to an earlier date.
This attempt also failed. The restore function is broken and the shadow
is not working correctly. It may have been broken by the virus, for all
I know. I tried restoring the system using F11, but the customer had
ignorantly formatted the restore partition (Compaq). There is no restore
cdroms. He didn't get any and he didn't make any. At this point, he can
order the restore disks from Compaq,
and
he can use his computer in the meanwhile with an installation of
PCLINUXOS.
I may tell him to try out Linux before ordering the disks.

A number of my customers have shown a great deal of excitement, when they
first see the Linux desktop. They find the gui easier to use than
Windows. Of course, I spend a little time setting it up for them.

 

The Linux desk top is great although it still cannot hide the need to type
in propeller head instructions to perform basic tasks.
And the sad truth is that productivity programs cannot compete with those
from major Wintel/Mactel vendors, unless all you want to do is surf the web
and use crippleware office suites.

 

80% of my customers do just that..surf the web, take pictures, play
music, read and reply to their email, write and print a simple letter,
play games and use pogo. You can easily setup their desktop to do just
that. They do not have to worry about viruses and spyware. They do not
have to learn anything else, but use the menu. Software updates are
simple and fast. Just yesterday, one of my customers told me that Linux
was easy to use. I had replace ME on his old computer with Linux. It
was faster than that old version of windows and it was a brand new
operating system. It was installed on a p3 with 192 megs of ram. The
movies played without skipping and the sound was noticeably better.
Anyone who wants to delve deeper is free to do so. You can write
programs for Linux, play around with the operating system, learn the
command line. Since there are no secrets, everything is open to you.
There are still areas, where you need Windows programs, but this is
changing every day.

 

A friend of mine just had the same problem - he was tricked into
installing a virus while he was browsing myspace.

System restore worked perfectly for him.

All the security in the world won't protect you from yourself,
regardless of OS.

 

As you can see from my post, I had tried all the options. Nothing
worked. Right now I am downloading loads of programs and games for my
customer. The only problem that I have experienced so far...was locating
the drivers for his wifi. The device was clearly identified in the
control center, so I could look for a specific device (Dell 1390 wlan).
I downloaded the driver from Dell (although it was a Compaq), used Ark to
extract the files, and then used ndiswrapper to install it to Linux. It
worked immediately and asked if the wireless network detected was
correct. I used the resources for finding the driver from Sourceforce.
I have spent as much time in the past looking for and installing a driver
for Windows XP. The rest of the drivers for this brand new Compaq were
built-in except for the Video Drivers which were installed with one click
in Synaptic. I have noticed a big speed increase when using Linux over
XP or Vista. Programs load fast.

It took over two hours last night to install Windows XP from Hp restore
DVD-Roms on another new computer (hard drive died). It took another 30
minutes to remove the craplets. It took 30 minutes to install PCLINUXOS
and another 30 minutes to find and install the Wifi drivers. The rest of
the time is spent downloading and installing lots of free and useful
programs. You do not have to reboot, sometimes you have to log in and
out. You can always use your computer, while installing programs...It is
up to the customer. He will either like Linux and continue using it, or
he will spend the money for the restore disks from Compaq, but in the
meanwhile, he will be able to use his computer without fear of viruses or
spyware.

 

You didn't boot up in safe mode and run your antivirus and anti spyware
programs from there. Therefore, you didn't do everything.

--


Regards,

Richard Urban
Microsoft MVP Windows Shell/User
(For email, remove the obvious from my address)

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!

 

Bill wrote:
...he will be able to use his computer without fear of viruses or
spyware.

BS! You're under a false impression, deluding yourself and most of all,
giving false hope and big misinformation to your "clients' about viruss
and linux.

http://www.desktoplinux.com/articles/AT3307459975.html

You need to read'em and heed'em.
Frank

 

I sure did run in safe mode. You probably didn't understand my post.
Whether in safe mode or normal mode, windows explorer continued to
crash. Have you tried running ANYTHING with windows explorer continually
crashing and looping. It was only after repeated attempts that I was
able to get MSCONFIG or Restore to run from the task manager. To further
complicate the issue, his Norton had expired. Nice, huh. You know so
much you must be an MVP. So much for the great security found in Vista.
So much for the great help you get here. Besides why should I spend more
hours trying to get Vista working, when it only took me an hour to nuke
it and put a real operating system on the computer.

 

Hi Frank:
(snort, burp, fart)
When I directly experience problems with viruses, I will install and use
one of several free anti-virus programs available. If I was selling anti-
virus solutions, as the interviewee of this report, I would probably try
to find some benefit for my product...Oh, but there is..if you have a
server and I quote....
"As system administrators move to Linux files servers they have a real
problem to deal with since the Linux file server can store Windows-based
viruses. Windows-based viruses can write to a Linux/Samba network share
as easily as they can on a Microsoft Windows based network. System
administrators must protect the Linux server from storing these viruses.
The only way is through active antivirus defense on the Linux server
itself."

Ah, windows based viruses. We mustn't store those nasty windows viruses
and pass them on to other windows computers..so we need an anti-virus to
catch them...hmmmmm..very interesting. But I don't have a server and I
don't connect to Windows computers...

I am sure that someone somewhere sometime will devise a Linux virus.
Human depravity is very ingenious... I will just download and install
clam, but so far it has been a waste of time, running an anti-virus.

 

This reply is not coming from Outhouse Express, hence not top posted ...

What a fscking moron! You send him to an OLD article (4 years old) that is
an interview with a guy trying to sell virus protection for Linux. When you
do go to Central Command's (his) website and check on the anti-virus
software they sell for Linux (
http://www.centralcommand.com/linux_server.html ) it states clearly it's
used to protect Windoze client workstations that store executables and data
on a Linux file server. In other words you dimwit, their software is to
protect Windoze systems.

Please go and find a Linux virus - that's in the wild today - that can harm
a Linux system. Tell us about any infected Linux boxes you can verify
outside a lab somewhere. Viruses don't exist in the wild for Linux desktops
because by the very nature of Linux - the complete separation of the kernel
space from the user space, won't allow viruses to propagate and that is
exactly what viruses need to do. If you knew even the slightest bit about
Linux you'd know that the user would have to be as stupid as you to get a
virus in the first place. In fact, being as stupid as you, he wouldn't be
able to accomplish getting a virus. He'd have to purposely install the
virus, make it executable and then try and run it. Then it would only
affect the user space if he could do that.

Guess, we can't expect anything better from the pig-for-brains Frankie Boy.
<snort>

Love and Kisses,
Doris

--
My Microsoft Hero (he loves this company!) ... http://tinyurl.com/yp9cn2
This post is like Wintard Flypaper ... catches them all.
BallmerBumBois: Frank, Julian, Richard Urban, Jupiter Jones, Harry Krause,
Feliks Dzerzhinsky
Sorry if I missed anyone, place your name here _________________.

 

Hi Doris:
I have missed you. I just ran rkhunter and clam...no root kits or
viruses. I guess I could waste more time and check it every week...lol.
I like rkhunter...it checks and warns and then I use clam to check any
suspicious activity. But I feel like the Maytag repairman. I have
Windows XP on a virtual machine and I use spybot and avast on there. You
can't run Windows without virus protection. I had forgotten that I had
installed clam on Linux a long time ago...i undusted it today. When I go
to a site that wants to install something on my computer, I laugh, since
it is probably an .exe file, etc. It would need wine to run. I could
have a virus in the wine directory, if I really tried...I guess. Even if
something should infect a browser..you just delete the browser hidden dir
and the browser returns to its pristine state. Windows advocates just
don't know the freedom that we have in Linux.
I hope you have a nice day skewing the MVP's
Love,
Bill

 

The majority of Virus's are loaded onto machines by people downloading
software from non-reputable sources and running them on their machines. You
would have to be an administrator in windows (root in linux) to load these
programs. So to say that it can't harm a linux box is not necessarily true.
And since so many people to day have their own computer to say that another
person can't load something that would harm your computer doesn't matter.

A friend could send you something that is infected and "trusting" that
friend you load it and infect your computer.

"Well thats ok, I just have to delete that user and start over with a new
account", well if you were running an anti-virus that wouldn't be a problem
and you wouldn't have to do that and you would be helping to stop the
propogation of the virus not to mention you probably wouldn't know you need
to delete the account and start over with out some way of detecting the
virus in the first place.

I don't care how much you love linux, there are free anti-virus scanners
available (try avast.com) and it would be in everyone's best interest if
everyone used them. Every OS on the market today has had virus's targeted
at them, it would be immature and just plain stupid not to protect yourself
in some way...

Jeff

 

Well skirt-for-brains (now that's stretch!) you're absolutely 100%
willing to bet your sorry loser life on the above statement that linux
users can never get a virus. That a linux virus will not propagate itself?
Is that what you're saying you cross-dressing-unemployed fat, bald, old
fart?

Let me know if that's the sword you're willing to fall on, ok?

Be sure now, as your whole (hole?) reputation depends on it, ok?
Think about it...I'll wait for your reply.
Don't answer if you're not completely sure.
You can of course, just fade away.
(snort, smirk)
Frank

 

You get today's prize of being "THE ULTIMATE COCKHEAD"

 

Well there is one flaw in your thinking there. A virus needs some type of
executable to embed itself in. Under linux, unless explicitly given root
access, it can only embed itself in files located in user space. Therein
lies the problem for the virus: User space normally has no executables.
Only data files.

Applications are generally installed into root space where they cannot be
modified. And even *if* you install an infected application, when it is
executed, it still only has user permissions. So even if installed into
root space, it still cannot modify anything in root so it cannot infect any
other applications. So even running an infected application is fairly
useless for the virus.

The only exception is if the user runs an infected application with root
permissions. Then the virus would be free to do whatever it wants anywhere
it wants. However, I can count the apps I need to run under root
permissions on one single hand. Synaptic, Synaptic, Synaptic, Synaptic, and
occasionally even Synaptic which is used to install packages in the system.
So if any 3rd party app has instructions to run it under root permissions
without an exceedingly extremely good reason...there isn't a flag big
enough or red enough to describe the flag that would be raised.

And even Synaptic is something you generally only usewhen setting up the
system and then usually very rarely again and which I can rest safely
assured is not going to be infected. So bottom line, friends can send me
all the infected stuff they want. Doesn't bother me one bit. There is no
way for the virus to spread. That is why Linux viruses are so ineffective
and pointless.

Now of course, exploits do occasionally exist but it's a pretty rare
occurance and generally quickly fixed when found.

In the end, linux viruses can and do of course exist but they have a by
magnitudes more difficult life in that environment than under windows.
Windows environment is comparable to a petri dish under flawless conditions
networked to other dishes with similarly flawless conditions. A virus in
Linux on the other and...well..it's sort of like a fish trying to swim in a
desert with not a drop of water in sight.

The biggest security issue I see for Linux is plain old Social Engineering
in trying to get the user to do something that will compromise their
system. It's hard to protect a system from a user that willingly tries to
destroy it.

--
Stephan
2003 Yamaha R6

å›ã®ã“ã¨æ€ã„出ã™æ—¥ãªã‚“ã¦ãªã„ã®ã¯
å›ã®ã“ã¨å¿˜ã‚ŒãŸã¨ããŒãªã„ã‹ã‚‰

 

Thanks for the sexy compliment, I guess. I brought the computer to the
customer and he was quite pleased. He likes Linux. His sound works,
which it didn't do even when Vista was working, more or less. It kept
crashing..duh. He especially liked all the free programs and games that
I had installed for him using synaptic. I gave him a 45 minute training
lesson on using Linux. I showed him how to download the free programs
and how to update his current programs. Just three buttons. I told him
that if he wanted, he could contact HP for the restore disks. He said
that he wasn't very interested in putting Vista back on his computer.
Linux was much faster and didn't crash like Vista. I thought that Vista
came in the Ultimate Edition...and since I don't use it, I guess I can
pass the Ultimate Cockhead hat back to you....you sexy thing...

 

Hello,

Things in Windows Vista are pretty much the same as the linux
environment you describe, thanks to UAC.

Once application developers start writing programs that don't require
the Windows equivalent of "root" permissions to run, I think this will
do much to better the security environment of Windows.

 

Not entirely, and I will explain why. The key difference is that UAC is a
reaction, sudo/gksudo in linux is an action.

Basically, UAC will react if the app tries to do anything the system deems
potentially unsafe asking the user for permission.

Now if this occurs in an application that the user knows will *never*
trigger an UAC prompt then the user has the ability to make an educated
decision to not allow the action.

However, if this occurs in an application that does occasionally trigger
Valid and safe UAC prompts, but now has become infected and triggers an
unsafe prompt, then the user no longer has any means of distinguishing the
good prompt from the bad prompt.

In the linux case on the other hand, I as a user have to give advance
permission. I consciously have to decide if I want that application to have
the ability to modify the system. If I start the app without those
permissions there is no way it can gain them. So the above case where a
confusion between valid / invalid prompts can occur does not even exist.

That I agree with. If windows apps get to where they will *never* under any
circumstances trigger UAC permissions then and only then can UAC be
effective. And that's where I think UAC's major weakness is. There will
likely always be plenty of crapware like sand on the beach triggering UAC
permissions. And users are generally not intelligent enough to *not* use
such crapware...rendering UAC useless and effectively opening the door for
virus and malware.



--
Stephan
2003 Yamaha R6

å›ã®ã“ã¨æ€ã„出ã™æ—¥ãªã‚“ã¦ãªã„ã®ã¯
å›ã®ã“ã¨å¿˜ã‚ŒãŸã¨ããŒãªã„ã‹ã‚‰

 

This is incorrect. UAC only naturally occurs when the user is performing
an administrative action, in the same way that a password prompt only
occurs from sudo when a user is performing an administrative action.

UAC is explicitly tied to a user action, like double-clicking a file or
clicking on a button - it is not reactive.

A user will only ever see a "correct" uac prompt when they are
performing a clearly marked (shielded) admin action.

Obviously, malware can still "fake out the user" by pretending to be a
admin action... but this is so in linux as well.

UAC and SUDO only prevent applications from doing things that the user
doesn't initiate - they don't protect the user from themself.

The same good design that linux uses to protect against this (having
administrative tools in an unmodifable location on the file system) has
to be enforced in Windows too.

That is why I get a funny feeling in my tummy whenever I see users and,
more disturbingly, programmers that want to automate the process upon
installation of the program of enabling write access to their program
files folder .

This is the same in Windows - you have to intend to initiate an admin
action by actually performing the action (clicking a special button or
double-clicking a program marked with a shield), and the system checks
to make sure this is true by prompting you. If you get a prompt when you
did not intiate an action, it is invalid.

This is the same thing that happens in linux - you have to intend to
initiate an admin action by runnign sudo on an application, and the
system checks to make sure this is true by prompting you. If you get a
prompt asking for your root password when you did not initiate an
action, it is invalid.

Certainly, the next generation of crapware will be the kind that tries
to trick the user into running them as admin. I agree with you 100%, and
users need to be vigilant and ensure that they only run programs with
admin power that they trust.

I am only disagreeing with you that linux's sudo model somehow protects
against this - it does not.

 

Windows has never been a secure operating system. UAC is like having a
steel door with locks and Styrofoam walls. Since the malware and virus
business is so profitable to the gangs that utilize them, it is probably
only a matter of time before they figure out a way to breach Linux.
Proprietary drivers is probably one area that they can work with. This
is probably the best argument for keeping the entire system open source.

With Linux unprotected, I have never experienced a virus. With Windows,
I can not leave it on for very long unprotected without picking up
spyware, malware, and viruses. If something should infect one of my
Linux browsers, I can delete the hidden .dir in the user area and return
the browser to its pristine condition. I said, if it should, it hasn't
happened yet. Occasionally, I will run rkhunter or clam to check things,
but nothing has turned up yet. My weakest link on my system is the
Windows XP in a virtual machine. I have it heavily protected. I have a
fat32 partition for sending files to a 'common area'. I use avast and
clamscan to check that partition. At one time, an anti-virus and spyware
program were adequate to protect your windows system, but I believe that
we are entering a new era, where the protection will be overwhelmed by
the efforts of the gangs.