OT curt


I don't know how it's released now but, when I installed my wifes system IE came with every bad thing enabled; java script was a bad one. Windows systems come (used to for sure) lying on their backs, legs spread begging.
Windows systems (last time I looked and it's been awhile) didn't seem to have any sense about evil network packets. It's no wonder they seem to be virus petri dishes.
BUT, that's just my take on how it was. I'm sure Vista is perfect ... it's so secure you can't use it.
Paul

--
The lotto must be rigged, I should have won by now.
Modular furniture is cruel and unusual.
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Paul Newhouse spake thus:

Well, I should amend what I said a little. It's not so much the browser (IE) that's the problem as the mail client (Outhouse Express), which happily opens (or at least use to) every message the user selects to view and blithely opens any attachments included, which may contain Very Bad Things for your computer (virii, Trojan horses, other exploits).
Internet Exploiter also left the user wide-open to certain attacks as well, as Paul explained, but the more likely avenue of infection would be through OE.
I understand at least some of this may have been fixed, but I prefer to use open-source software (Mozilla) that has always been designed with security in mind, not as an afterthought.
--
Don't talk to me, those of you who must need to be slammed in the
forehead with a maul before you'll GET IT that Wikipedia is a
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Yes, I had forgotten Outlook, I have a fairly good firewall, mail handler infront of all the systems. So I tend to ignore Outlook's rather poor design/behavior.

I use the M$ platform only because I have to; 3PI, MPLAB, the club books and reading things that people send me in word.doc format that I think I want to look at. Otherwise I use my open source unix system. There I run almost everything with network exposure in a chroot'd jail so even if someone breaks in they are nowhere.
Microsoft doesn't strike me as learning very quickly by past mistakes.
Paul
--
The lotto must be rigged, I should have won by now.
Modular furniture is cruel and unusual.
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Paul Newhouse wrote:

How about a little explanation of how to do this to a Linux user? Please email me if you think others would not be interested, but I suspect I'm not the only one.
-- It's turtles, all the way down
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Well, on NetBSD you do "chroot <dir>". If any outside evil doer breaks in to the thing you are running in <dir> (apache, mozilla/firefox, sshd, ...) they are in a "chroot'd jail". Read up on chroot. The technique is especially useful for servers but, generally useful. It's not perfect but, it raises the effort bar for the bad guys quite a bit and reduces the reward potential. You are still running the same kernel so you need to make sure you have some sensible packet filtering in place (if it doesn't come setup by default) to zap short, misconfigured and such packets. Run something like portsentry auto identify scanning attempts and block those "up to no good" addresses.
I don't run Linux much so you'd be better off asking in a Linux oriented forum for specific details on Linux. There is probably some Security Forum for your flavor of Linux. They will be able to give you a lot of guidance.
The big advantage from my perspective is that even if you can do all of this for Windows you are still stuck with some, clearly demonstrated, lousy network applications that are so security porous that firewalling them is a much bigger, and perhaps futile, effort.
IMO, just by using one of the *ixes you are miles ahead security wise.
Good luck, Paul
--
The lotto must be rigged, I should have won by now.
Modular furniture is cruel and unusual.
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Paul Newhouse wrote:

Thanks. I'll try "chroot <dir> startx" and see if it works next time I reboot.
-- It's turtles, all the way down
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Make sure that startx and all that it needs are somewhere in <dir>. If startx is is normally at /usr/X11R6/bin/startx then you need:
<dir>/usr/X11R6/bin/startx
also. Don't go linking them together. You don't want a pollutted <dir>/... to leak back into your base system.
Enjoy, Paul
--
The lotto must be rigged, I should have won by now.
Modular furniture is cruel and unusual.
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Paul Newhouse wrote:

Paul, that almost sounds like I'd have to duplicate the whole directory tree. If so, I haven't gained anything but a backup copy.
To the rest of you, I apologize for converting an off-topic thread to an even more off-topic thread :-).
-- It's turtles, all the way down
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

YUP!
No. While it's true you have a backup, you also have a pollutable copy. And if it gets infected it won't affect the rest of your system. Only the chrooted jail which means the infection is confined. This is most useful for servers but, can be used in other contexts.

I'm not going to feel very guilty about that; it was way/whey/weigh OT before we started this discussion.
Paul
--
The lotto must be rigged, I should have won by now.
Modular furniture is cruel and unusual.
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
I did a little (realy precursory) reading on chroot. It is easy to understand why there are so many windows systems out there.
writes:

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
J Barnstorf spake thus:

Yes: do any of the Unix geeks really think the average computer user is going to put up with (let alone be able to handle) all the system administration that has to be done with a Unix box?
Not that Unix isn't a superior OS, but it's not ready to plug-n-play for the average human bean. A well-set-up Windows box can be, though. (Even Macs aren't easy to set up: I just recently helped a friend get her Fire Wire network going, and it was no easier than the equivalent task on any Windows system; so much for the overhyped "the computer for the rest of us" crap.)
--
Don't talk to me, those of you who must need to be slammed in the
forehead with a maul before you'll GET IT that Wikipedia is a
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

There is no free lunch. I am amazed at how much crap I have to know about Microsoft Windows products in order to deal with them. M$ users somehow accept this as an acceptable level of required knowledge. Yet, a roughly equivalent level of knowledge to use one of the *ixes is unacceptable.

If we were talking about automobiles you are complaining about having to learn how to drive before getting behind the wheel. Just because you took drivers ed doesn't mean it's not dangerous to drive.
Paul
--
The lotto must be rigged, I should have won by now.
Modular furniture is cruel and unusual.
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
At Sat, 03 Feb 2007 15:29:29 -0000 snipped-for-privacy@pimin.wan.vpn (Paul Newhouse) wrote:

Right. Although Microsoft Windows attempts to 'hide' the admin stuff, it is really all there. And most Microsoft Windows users do things that they really shouldn't, like use the adminstrator account for general usage (a really *bad* idea). Because Microsoft Windows doesn't handle system administration the way Linux/Unix does, Microsoft Windows is subject to all sorts of security and reliabity problems.

I know of several non-geeks who have no problem using Linux systems (which I set up for them). And know of a number of MacOSX users who are non-geeks who have had no problems with their Macs either. The issues of a 'well-set-up Windows box' also applies to a 'well-set-up Linux box' or a 'well-set-up MacOSX box'. Yes, it is non-trivial to achive a 'well-set-up (whatever)' box. The main problem people have is thinking that anyone can properly set up a Windows box, and only a geek can properly set up a Linux or MacOSX box. Most non-geeks probably cannot set up a Windows box any better than they can set up a Linux box, even though Microsoft suggests that they can. Neither Linux nor MacOSX make the (false) claims that anyone can install the O/S from scratch or upgrade the hardware or software, etc. at the click of a few buttons.
Yes, on a certain level neither Linux/UNIX nor MacOSX are plug-n-play, on the same level as MS-Windows. OTOH, that is (in the long run) a *good* thing. The 'dumbed down' interface that MS-Windows pushes, is proving to be rather disasterious in many ways. MS-Windows is the *only* system subject to viruses, adware, spyware, other maleware. MS-Windows is notorious unstable and insecure. The only O/S that needs 'anti-virus' software installed. The only O/S that needs regular visits to a shop to be 'cleaned' and its file system 'defraged', etc. Linux/UNIX boxes and Macs run for *years* without being fussed with in that way. Linux/UNIX systems often stay up and running *continuiously* for *years*. (MacOSX boxes would too, except that they are rarely used as server boxes and most Mac uses don't leave their computers running all of the time.) How often have you rebooted your MS-Windows machine in the last week? *My* linux machine has been up and running non-stop for 26 days (I think there was a power failure about that long ago).

--
Robert Heller -- 978-544-6933
Deepwoods Software -- Linux Installation and Administration
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Sat, 03 Feb 2007 20:49:17 +0100, I said, "Pick a card, any card"

I once logged 461 days on a Novell Server. Had to shut it down for preventative maintenance after I discovered the log was that big. It had dropped off the PM schedule somehow but still chugging along like some loyal employee. -- Ray
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Ray Haddad spake thus:

Yeah, good old Novell: non-standard and proprietary, a pain in the ass to administer (<groan>, another entire manual of commands and stuff to learn). But reliable as all hell. Those Mormon boys done good.
--
Don't talk to me, those of you who must need to be slammed in the
forehead with a maul before you'll GET IT that Wikipedia is a
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Robert Heller spake thus:

>

My point was that there are *some* (not all, certainly) computers one can buy with Windows preinstalled that are really plug-and-play for *most* (not all) users. I'd say this pretty much applies to anyone who is a single-computer user; no network, no non-standard external devices, so they really can plug the damn thing in and start using it. That, after all, has been the great promise of the personal computer all along, that you don't have to be a computer professional to use it. Certainly that's the slant of Apple's "we're cool, PCs are not" ad campaign.

I think Apple, at least, strongly gives this (mis)impression, especially with their current ad campaign. My point is that they're *all* a pain in the ass to configure, and that configuration requires some expertise that the average user lacks, no matter what brand is on the front of the box.

Finally, an admission. A good start.

Bullshit. (And you meant "malware", not "maleware", right? I assume we're leaving gender out of this.)

You're saying that Unix-based systems (to cover OS/X as well) automatically do file system allocation cleanup? I'm not sure about this: is this true? It was my understanding that *all* file systems eventually need maintenance, simply because of the nature of what happens when files are deleted and space deallocated.

Again, this is a false dichotomy. Where I used to work, we had Windoze boxes that stayed up and running just as long as our Unix boxes (Linux and a Sun SPARC).
--
Don't talk to me, those of you who must need to be slammed in the
forehead with a maul before you'll GET IT that Wikipedia is a
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
David Nebenzahl wrote:

I can tell you that on previous Linux systems I checked occasionally for fragmentation and never found more than 1 or 2 percent. I haven't even bothered to look on my current Linux system.
--
It's turtles, all the way down

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Larry Blanchard spake thus:

OK, so the OS reorganizes free space as files are deleted and new files allocated. Not surprising: on the Windows side, even though NTFS is an advance over the MS-DOS file system, it's still primitive by comparison to Unix, and the OS doesn't automagically do stuff that Unix apparently does implicitly. (Is this still true with Vista? Anyone know?)
--
Don't talk to me, those of you who must need to be slammed in the
forehead with a maul before you'll GET IT that Wikipedia is a
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Nothing so 'clever'. UNIX does not bother to 'reorganize' anything. It does not need to. The file system developes some fragmentation, but generally nothing massive and the fragmentation that develops has no real impact on performance.

NTFS is NTFS. Unless Vista is using something like ext2 or jfs or riser or something like that, Vista probably has all of the same disk I/O problems / issues as XP.

--
Robert Heller -- 978-544-6933
Deepwoods Software -- Linux Installation and Administration
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Why do you care so much if people look at Wikipedia ? What is the real source of knowledge you use please share it with the rest of the world?

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Polytechforum.com is a website by engineers for engineers. It is not affiliated with any of manufacturers or vendors discussed here. All logos and trade names are the property of their respective owners.