Join or sign in Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below. Use Your Email Use FacebookUse Linkedin

My experience with no shouting

Locked

I have several non-nerdy friends and acquaintences who have called me with serious system problems (spyware, viruses, worms, etc. all via unsecured broadband). After I undo the damage (sometimes rebuilding from scratch in serious cases), I leave them with five things: ZoneAlarm, or preferably, a broadband router/firewall; Spybot, set to automatically update and scan nightly; AVG from Grisoft, also set to update and scan nightly; Windows Updates set to do its thing automatically, and Firefox. User is advised to stop using IE. I have yet to have anyone call me with further issues after months. Case closed, as far as I’m concerned.

Topic

One More

In reply to My experience with no shouting

You might want to leave them with one more thing – Education on how the system got messed up n the first place.

Two more..

In reply to One More

I would add OpenOffice.org and Mozilla ThunderBird to the list. Email is a key concern for me. Had to give free training on these initially. But I do that for my own good, you see!

Not so sure about that

In reply to Two more..

I wouldn’t waste time trying to get people to use OpenOffice instead of MSOffice. Outlook 2003 should be set to read all mail in plain text (far nicer anyway).

I do everything originally suggested and more and implement all that for everyone who uses my home network. I don’t place any “restrictions” on use the way my workplace does, and there are never any real problems, which proves how much pleasanter and more effective this approach is to the draconian (and counter productive) “no internet use” policy so widely adopted now.

at work

In reply to Not so sure about that

I wouldn’t call it draconian. You’re at work to, well, work. At work, you’ll probably never get spyware or viruses on your computer unless you’re doing something you’re not supposed to (unless you’re a web site tester).

I agree

In reply to at work

I understand where you’re coming from, but sometimes I wonder why our firm bothered get internet access, because no-one’s allowed to use it.

I realise you’re at work to work, but there are times when using the internet to look up information would greatly help customers and we can’t, because the fear of spyware and vulnerabilities with IE has led to a blanket “No Internet Use” policy.

I quite agree that a lot of problems could be solved with the use of OpenOffice and Thunderbird, however in a working environment which measures a person’s computer literacy by their expertise in M$ products, it’s never going to be a reality.

And frankly, MSOffice is not the source of most of the problems – macros can be disabled, so can html mail. It’s Internet Explorer, which gives management a good “reason” to ban internet use so that employees don’t waste time surfing the net.

Suggestion

In reply to I agree

Here is a suggestion for your management, set up one old computer for internet research. Who cares if an old WIN 98 Pentium 2 takes a dive. Make an image of the hard drive and reinstall it when necessary.

Has to be done from your own desk

In reply to Suggestion

I’ve worked in places that have a crashbox for use by employees. However, on a business footing, a lot of what I would like to do on the internet needs to be done from my own workstation, while I’ve got a customer on the phone.

Putting them on hold for 5 minutes while I went across to an old PC so that I could access the net, simply wouldn’t work.

It just seems somewhat ironic that we forge ahead with faster broadband connections and cutting edge technology – and then businesses become more and more frightened to take advantage of it.

IE, MS Office, OE, Outlook

In reply to I agree

Unfortunately, MS Office, OE, and Outlook all make use of the IE rendering engine, which means that avoiding IE without avoiding those applications means you’re not really avoiding IE at all. There’s malware out there that takes advantage of this MS software design “feature”, and it can be avoided by using applications other than those peddled by Microsoft.

It’s true that MS Office is the least vulnerable of the bunch. This isn’t because MS Office is any better designed, though. It’s only true because it takes a lot more work to get something to successfully target MS Office, since MS Office isn’t typically used to surf the web or otherwise interact directly with the Internet. It can be, however, and documents with malicious payloads designed for viewing in MS Office can find their way to their targets, even if it’s not as common as malicious email and web documents doing the same with OE, Outlook, and IE.

Viewing emails as text only is a step in the right direction, as is disabling macros. There are still elements of danger, however, that must be dealt with from time to time. If a client will let him- or herself be “converted” to non-MS products, I make that effort, including choice of office suite.

remote linux web browsing from windows

In reply to I agree

What we have implemented is remote web browsing. Set up cygwin(cygwin.com) on each workstation. Have a linux workstation set up somewhere on the network. Put the IE icon on the users desktop, in which the icon starts cygwin which ssh’s (ssh -X -f $linuxserver firefox) into the linux box and launches firefox or your preferred browser.

And if IE is your problem and you do not want to try the solution mentioned above, you may want to investigate openbsd firewalls, I think OpenBSD has a rule you can implement to block IE from hitting the Internet allowing all other web browsers to access the web.

Not true

In reply to at work

My boss is a real straight arrow and only goes to legit sites but still gets the highjacks and all.

I have to go in every few weeks and clean it up. NEVER have found anything to even HINT he was somewhere non-business related.

With web sites getting hacked and the warez loaded on them, no where is safe if your using IE.

Reply To: My experience with no shouting

In reply to Not true

I can pretty much guarantee that if your boss’ computer is being “hijacked”, it’s not happening on legitimate business sites.

Either he’s downloading and running things that are causing the problem, or he’s opening e-mail attachments that he shouldn’t be opening.

I use IE…and with my computer being properly secured, I’ve never been “hijacked” or any other such nonsense. Use a virus scanner, use a spyware detector, use a good firewall, stay away from Pr0n sites, and you’ll be just fine.

I can vouch for it

In reply to Reply To: My experience with no shouting

First, my firewall DELETES all attachments such as exe,bat,src blah blah blah.

His system is faced in a way that you can see what is on the screen from the hall way. Many people have their system setup this way so they can not be accused of having anything inapropreate on their systems. It is all out in the open.

He doesn’t download utilites or apps.

Agreed

In reply to Reply To: My experience with no shouting

I agree with pickleman. I have never been “hijacked” except when I was not using a firewall. Until recently I used IE (switched to Firefox ONLY because of tabbed browsing) and never had issues. Education is the key.

What I do at work

In reply to at work

I often surf the web for techinal information. I go to lots of sites to track down some information. Clicking on a bad link has taken me to porn, hacker sites etc. by accident. Doing this it is easy to get infected. Also I have accidently mistyped a web site address and gone there as well. Trying to do my work I have been infected by this.

Endoscopy

Why not Openoffice.org and Thunderbird

In reply to Not so sure about that

Have you used the lastest versions of these?

Both are FREE, Thunderbird absolutely rocks, is sooo easy to use, very user friendly, etc, etc. I highly recommend it to customers, friends, everyone.

Openoffice.org will seamlessly import/save as M$ Office formats, is simple to use, although there is a small learning curve but manly learning where the tools/functions/features are located (and generally in a more logical place (but not always)).

No VBscript problems, no Office macro problems, improved security/reliability and more adhearance to established, world wide standards.

In case you cannot tell, I am firmly behind Open Source for both personal and professional use. I will save my company thousands when I quit maintaining subscriptions to M$ Office (and in my office we use Groupwise, it is also rock solid)

what about…

In reply to Why not Openoffice.org and Thunderbird

have you ever tried foxmail? I have used it for months and found that it to is a very nice program!

OpenOffice and Thunderbird

In reply to Why not Openoffice.org and Thunderbird

I have been using OpenOffice for some time now on Linux and Windows. It is pretty good at importing and exporting MS Word docs that are simple. I have had problems with more complex MS Word docs that use fields with lookups and other advanced formatting options.

Thunderbird and Firefox are both good. The only problem with Thunderbird for Outlook or Outlook Express users is with hotmail. Thunderbird will not connect with the Hotmail site to act like a POP3 mail program like OL and OLE will.

The next release of OpenOffice, by the way, will include a relational database similar to MS Access. The release is expected around March. This will provide most of the functionality of MS Office Pro.

Thunderbird can work with Hotmail

In reply to OpenOffice and Thunderbird

there are numerous third party apps that enable hotmail pop’s ot Thunderbird.

Such as:

BlueHttpMail: http://bhttpmail.sourceforge.net/
hotmail popper: http://boolean.ca/hotpop/
hotwayd: http://hotwayd.sourceforge.net/
Freepops: http://freepops.sourceforge.net/en/

So while it isn’t integrated in Thunderbird, THIS WEEK, it is still possible.

Personally I hate anything that adds a new background process, even if scheduled for periodic updating and not all the time.

Thanks, OZ Media

In reply to Thunderbird can work with Hotmail

I didn’t know that. I will certainly look into it.

Michael B.

no free downloads with hotmail soon

In reply to Thunderbird can work with Hotmail

I’ve actually heard that hotmail will start charging to be able to download their mail service to a client like outlook express or thunderbird, starting some time around mid this year.
So unless you want to pay for the feature, you won’t have to worry about proxy applications to do it with thunderbird.

Not really relevant though is it?

In reply to Thunderbird can work with Hotmail

I have had sales people try to tell me that EVERY cable company is mandated to provide nothing but HDTV by 2006.

Look into the order a little deeper and you’ll realize they will also be broadcasting standard cable in most areas too, they are not being forced to transmit in digital unless they can adequaltely provide it to more than 90% of the subscriber area. In Canda, digital coverage is limited to more urban areas, with the portion of the total unreachable subscriber base WELL over 10% of the total subscriber base, there will be no forced changes made by most companies here.
US Digital stations are simply fed here and rebroadcast analogue unless the cable company decides to provide it digitally, which is rare.

No need to buy that TV the sales rep says you will HAVE to have next year after all.

My point us when/if it happens, that will be a better time to go buy that new HDTV. Technology will be cheaper and more advanced than todays HDTV technology, which has already been improved in Japan to an ultra high definition signal. In which case HDTV owners will be buying new sets all over again.

Until then stick with what you have.

Use the HotMail pops until such a day as they start wanting to charge you for it. When they lose 90% of their customer base in a few short weeks, they may start looking at alternatives, I’m sure.

Why wait in a bomb shelter unless you are under threat of atack? Sure you will be the first one in, but you’ll also waste a lot of your life in the process.

not so

In reply to OpenOffice and Thunderbird

OpenOffice.org is indeed going to include integrated database functionality. It already allows connections to and management of some external database management systems. The point at which you’re wrong is where you call Access a “relational” database.

Access produces flat-file databases. It’s a tremendous pile of junk. It does a pretty crummy job of trying to emulate the functionality of a relational database management system, and Microsoft has spent millions on trying to convince people that it is “relational”, but it’s not.

Sorry for the nitpicking, but I figured a correction was in order.

I find the Open Office bashing quite funny actually

In reply to not so

MS junkies are so intent on not admitting open source is growing that they will bash a FREE release that is version 1.0 for not standing up to a $700 suite that has been redevelopedand reengineered for MANY years now. MS office has had…….HOW MANY REALEASES? And they STILL don’t have it right?

Open Office can’t handle SOME Excel macros, and a FEW Word tables in V.1.0 but it is slated to be improved in a short time.

The differences I see:

Open Source – sees and issue and has developers around the world work as a community to provide better results and then it is released free of charge.

MS – Collects issues for several years and has a small team of engineers (compared to the opensource community) that will TRY and address the issues IF THEY ARE WIDESPREAD ENOUGH for the next version they release in 2- 4 years at an exhorbitant cost. If an issue doesn’t cover a certain percentage of a user base it is not addressed period, ‘deal with it’ is their mentality.

Open Office will overtake MS Office functionality in due time, again, what did MS provide when they first started WORD? I remember Win3.1 for WORKGROUPS!!

Let’s just say they are damn lucky noone else saw value in building GIU driven dekstops back then, MS would have never made it.

I give them credit for ingenuity, but they haven’t kept up that pace in their race to simply flood the market with unreliable pooh-pooh.

NOTE: I do not LOVE linux and have never been a Linux junkie, I have also never loved MS or been a MS junkie. I have big enough eyes to see a product for what it is though and understand that Open Office is one hell of a contender for MS Office even in its infancy.

yeah — hilarious

In reply to not so

It’s both amusing and frustrating to see the FUD-sowing that goes on. The biggest issue I have with the whole mess of complaints that the Microsofties are spreading about OOo (OpenOffice.org: they had to officially include “.org” in the name due to a confusion of terms with a file format that uses the name Open Office) and other open source alternatives to MS products is the matter of “compatibility”.

When someone like me mentions compatibility of file formats and applications, it refers to the ability to transport files between applications and produce equivalent output. By that standard, not only is OOo admirably compatible with MS Office, but it is more compatible with MS Office files than MS Office is, itself. Part of the reason for that is planned obsolescence: if a new version of MS Word produces files that can only be opened and edited using the new versions of MS Word, those who want to be able to do so must upgrade their software. This translates into revenue for Microsoft, as millions of users buy newer versions of MS Office. Another part of this is the fact that Microsoft is intentionally breaking compatibility with other, non-MS products (such as OOo). This, of course, leads into how a Microsoftie (meaning, in this case, someone wedded to MS software regardless of the actual comparative feature sets and failings of various applications) uses the term “compatibility”.

To a Microsoft marketing shill, “compatibility” means “ability to be a Microsoft product in all but name.” This much more demanding and restrictive (to say nothing of “illogical” and “counterproductive”) use of the term “compatibility” plays directly into the Microsoft market dominance mindset. The fact that OOo has a great many features and capabilities that MS Office lacks is of no value in such a comparison. This type of comparison also devalues the fact that the latest version of OOo maintains the same level of compatibility with previous versions of MS Office, if it doesn’t actually develop greater compatibility, and is meanwhile also more compatible with new MS Office file format standards than older versions of MS Office ever were. Even older versions of OOo do a better job of managing newer MS Office file formats than older versions of MS Office. The fact that OOo can be upgraded for free and (depending on your platform) with no greater difficulty than simply downloading the new version (or, on a Debian Linux system for instance, as part of the normal process of updating software using apt-get, possibly by way of a scheduled, automated script that you don’t even have to initiate personally) is also of no value in such an application of the term “compatibility”.

If MS Office were judged by the same standards from an OOo perspective as the Microsofties use to judge OOo from their own collective perspective, it would be found tremendously wanting. While OOo keeps up with MS Office developments with admirable alacrity, MS Office developers make zero effort to learn from the efforts of others or to maintain any kind of compatibility with competing applications.

And yet, it’s OOo’s fault that OOo isn’t MS Office. Personally, I wouldn’t [b]want[/b] it to be MS Office. The occasional problem people have with transporting documents from MS Office to OOo, for one thing, typically involve complex macros not translating: I, personally, don’t want the single most virus-exploited functionality base in MS software to run on any system I use, anyway. What needs doing is not strict, 100% compatibility with the shoddy implementations of MS Office. What is needed, instead, is for people to learn to do the same things using other, less problematic, tools.

Someone that reaches true mastery of the ancient art of underwater basketweaving, and refuses to learn how to weave baskets above water because they already have a basketweaving skill, pretty much get what they deserve when they have to go through more crap to get the same results. The problem is that when there’s enough of them to dominate the market, it can affect what is “acceptable” from other basket weavers, even if that “acceptability” forces lower quality or more problematic output.

I’ve made a decision, in that regard: I will use the tool that works best for me. That’s OOo. If, for some reason, I absolutely must use MS Office for something, I will do my utmost to use it to arrange for any files I’m working with to be more easily transported to other application suites. I will also educate people in the desirability of using file formats other than (for instance) MS Word’s .doc format, such as the .rtf Rich Text format.

Great, something for my CD Catalog

In reply to OpenOffice and Thunderbird

Access is a hierarchical database, with a GUI that enables joins.

A relational database allows rules to be imposed on it to preserve and use relationships between tables.

I hope it’s better than access.

Why OO?

In reply to Why not Openoffice.org and Thunderbird

I have tried OpenOffice for several months after noticing an article about it on this site. It is a great app and has a lot of great possibilities such as the print to PDF feature, but it 1)does not always import MSOffice files correcty, 2)does not have all of the features of MSOffice, and 3)is not compatable with 99% of the systems of the other people I deal with on a daily basis. Until these are overcome, I don’t know that I would go crazy giving it to people who aren’t technologically savvy enough to properly secure their own systems.

GIve them a chance

In reply to Why OO?

How long did it take MS to create the mess of tools it offer now? And it still has massive security and coding bugs, system by system.

OO is just a wee infant of a suite. Yes it’s been around for a while, and developers have just MADE it work as needed. With SEVERAL installs I have done organization-wide, I have had users sending me thank you emails about how well it works with MOST of their office docs, those that don’t work seamlessly take a little tweaking and that’s it.

I have no problems rolling this out to masses of users with older hardware even, it has some nifty tools that Office hasn’t and most like will never offer. Again, how great was MS Word in Windows 3.11?

One thing you must admit, it certainly has created an industry BUZZ, moreso than anything MS has released in ………….well since the first Windows GUI I suppose.

OO and MS Office

In reply to Why OO?

I tried Open Office some time ago. I found that a complex five page paper took considerably longer with to create using OO than a similar paper created using MS Office. Recently I installed the latest version on an old Win 98 machine, and it was much improved. But it wasn’t MS Office, so some of the users refused to use it. They’ve gone back to manually maintaining a spreadsheet rather than use an Open Office spreadsheet that looks and acts pretty much like Excel. Like it or not, that is what Open Office is up against.

Again

In reply to OO and MS Office

Open Office is very young.

It has taken years for Office to become a somewhat useable suite. It has taken JUST as many years for people to get used to it and learn how to use it.

Most offices used to use Word Perfect too, MS finally released a better product, and Word Perfect couldn’t keep up the pace and do better.

Office suites become personal for some users, just note how many times they also bitch and swear at MS Office each day, it’s always something it ‘Didn’t let me do’ but has done until now! 5 minutes later they resolve their error and say how fantastic it is.

Users just want ease and comfort, you could put a suite TEN times better than MS Office in front of them and they’d STILL bitch.

For many companies users are one thing to consider when making such decisions, but not the sole factor when it comes to money, in fact they become rather trivial at that point.

OO will get better, MUCH better, it is designed to pyramid itself into a better platform by nature, that’s what open source is all about, not just free sofware but better software due to the millions that are building on it everyday.

Give it time, but don’t wait too long, or before you know it you’ll be playing catch up.

Give v2 a try in march

In reply to Why OO?

I tried openoffice 1.1x A while ago and while I liked the concept I had a few formatting issues and speed issues with word document formats, espc numbered lists. All the issues I’d encountered are slated to be addressed in version 2.0 which is out around march. I can’t wait to give it another chance.

While my work would never migrate from M$ office at my place, companies that need basic functinality could certainly do with openoffice. For home users it is great, free powerful software without a huge price tag attached, you can’t go past it. Microsoft target home users with bundles of M$ works, the most woeful excuse I’ve ever seen for an office package. Yep try v 2.0

Partial agreement here

In reply to Not so sure about that

In many environments, the short term training costs and support headaches are a significant barrier to adopting OpenOffice, even though the long term payoff is huge in eliminated upgrade costs. OpenOffice is also somewhat more difficult for most users for database integration such as mail merge.

I agree WHOLEHEARTEDLY on using Thunderbird, though. I have been much happier with it than Outlook Express.

Otherwise Firewall, Antivirus, anti-spyware, and switching to Firefox is a good combo. I would go with double-firewalling, i.e. protect the network from DoS and scanning with a hardware firewall, and protect each PC with software based firewall (I prefer Sygate).

For the really secure environments, a product like ProcessGuard is an excellent addition.

mmmmmmaybe

In reply to Two more..

On Thunderbird…if they use outlook express, then yes, I’d offer that to them. Have had great success with migrating private users from OE to Thunderbird. However, some people are really picky about their email clients, though and if they’re attached to OE, then swapping clients on them won’t make them very happy, no matter how well it works.

On OpenOffice. I’ve used it, I like it, hey, it’s free too. But there is a bit of a learning curve and for most people who are not computer savvy and dislike learning something if they don’t have to…and those that already ask others for help with to fix their systems, I have found their reception to OpenOffice very cool. They are 9 times out of 10 already familiar with MS Office and if they’ve already paid the hundreds of dollars for it, they’re well motivated to stick with that.

I have yet to have any corporate clients to desire to switch from MS Office to OpenOffice for this reason. From what I’ve seen, the only users of OpenOffice are people like myself, who work in the industry, and want to try out a non-MS product and those who simply can’t afford the $400 full MS Office Suite. I’d be interested to hear if any one has successfully sold the idea of an MS Office to OpenOffice migration to any of their business users.

see me raise my hand

In reply to mmmmmmaybe

I’ve gotten two businesses switched from MS Office to OpenOffice.org.

As for email: Moving to a client other than OE is important, but even more critical is securing whatever client you’re using as much as you can. The first thing all these knuckleheads need to do is [b]turn off the preview pane[/b]. It absolutely boggles my mind how many otherwise intelligent people use the preview pane, despite the fact that with it you pretty much [b]cannot[/b] delete an email message without opening it, unless you jump through a bunch of hoops.

Even more difficult than getting people to turn off the preview pane in an email client is getting them to view their emails “simplified HTML” or text-only. Another important step, and just as difficult to get an end-user to accept, is blocking externally served images. Even explaining that HTML “enhanced” emails and remotely served images just lead to more spam doesn’t usually convince the lusers.

Email security is one of the major annoyances of my life, simply because it’s so easy to secure email and yet people are so resistant to doing so.

uummm Sorry but…..

In reply to see me raise my hand

“It absolutely boggles my mind how many otherwise intelligent people use the preview pane, despite the fact that with it you pretty much cannot delete an email message without opening it, unless you jump through a bunch of hoops.”

Yes I can in Thunderbird. I right click on the message and select delete, it DOES NOT render the email in the preview pane. I can do this even if there is just one message in the folder. I can also mark it as junk without it rendering in the preview pane.

Thunderbird does not select the new messages when I change folders.

Groupwise and the preview pane. I have my staff (and my machine) set to view as test by default (and can even LOCK the users from EVER using html view if I choose). GW also never executes any scripts from the preview pane.

I think you are correct in that any version of an M$ product does not have either of these capabilities.

my point

In reply to uummm Sorry but…..

My point mostly pertained to users of OE which, last I checked, automatically opened emails in the preview pane when right-clicking on them. I like Thunderbird for a number of reasons, including the ability to right-click a message without viewing it in the preview pane.

Even Thunderbird suffers a limitation in that regard, though: You can’t highlight multiple messages for deletion in one shot without causing one of them to be previewed. So, yes: in Thunderbird, you can delete messages one at a time by right-clicking and choosing the delete option, but that can get old quite quickly if you have a lot of emails to delete without previewing them. I’d tend to consider two clicks per email, under some circumstances, to be “jump(ing) through a bunch of hoops.”

In any case, I meant my remarks in that regard to apply to a majority of cases, not as an absolute. Apparently, I wasn’t as clear about what I meant as I thought.

Yes you can

In reply to my point

By holding down the Shift key you can select messages as you like without opening them…

to: ianus, re: preview selection

In reply to my point

Before you can use the Shift key to add more selections to your initial selection, though, you have to start by selecting ONE MESSAGE. When one message is selected, it is opened in the preview pane. Am I getting through yet?

2 different cans of worms

In reply to see me raise my hand

First of all, yes preview pane is for morons in my mind. I have a friend who’s alwsy asking me to clear out viruses, they open anything they are sent.

And no matter how I try, his mother refuses to let me shut off the preview pane.

“I like it like that!” – Tough sh*t!!!!

Two weeks later, “Piece of junk, I don’t know what’s wron just fix it and let me know when it’s ready,I have important email”

Sure, if you consider online bingo invitations and those stupid pictures everyone’s seen 100 times as being important.

So once again, I explain that the preview pane is letting viruses open automatically.

“Well I NEED the preview pane, I don’t like it the other way”

see you in two weeks then I guess. Too bad it’s a friend’s mother and not someone I bill.

As for GroupWise, well that’s a completely different ballgame.

Groupwise with the right protection will actually scan inbound,oubound and internet mail before it is passed to the MTA. This kills off garbage long befor ethe desktop. It was just another bonus of GWAVA antispam protection.

With a properly secured GroupWise system you can open anything that hit’s the box without issue.

In 7 years of GW operation I have seen TWO infections, and i remember them well, even though they were just two or three corrupted files that were easily deleted. The virus didn’t go on to damage any other files as it simply couldn’t run the script in teh GroupWise environment. MOst ciruses in GW are just a matter of deleting the attachments.

So turn of preview pane in anything insecure, I don’t even preview in Thunderbird, I’m not that freakin’ lazy!

Tbird preview

In reply to 2 different cans of worms

I don’t use the Thunderbird preview pane, either, as you may have guessed by some of what I’ve posted in this discussion. My boss does, though. I’m pretty sure that’s how the trojan got onto his system that was acting as a filetrading server. I was pissed, but he’s the boss. All I can do is make suggestions about what he should do, as tactfully as I can, and hope he eventually sees the error of his ways.

Although I know…

In reply to 2 different cans of worms

of the potential threat involved, I leave my preview pane on. I have never received a virus through email. The only emails that I download to my PC are from our very own mail server. I don’t use mail clients to download emails from Hotmail or any other free service of the sort. I know that I may be pushing it, but I trust our Mail Server’s virus scan. Once in a while, I get a file that is suspect…and I delete it without viewing it. I’ve had great difficulty obtaining a virus through email that has not already been blocked.

good deal

In reply to Although I know…

I’m not in a situation where I can really (very easily) arrange to be that well protected externally. As such, I don’t use the preview pane.

Even in your circumstances, I’d probably turn the preview pane off (for one thing, I like having the extra screen real estate to view the list of my inbox contents), but it’s not as critical the way you receive email as it is for most people.

Several times

In reply to mmmmmmaybe

IN fact full MS to Novell Suse across the entire organization, multiple brach offices and a VPN. We started Friday afternoon had an early night and were testing and bug checking LIVE on Saturday afternoon.

User called with very simple and pbvious issues on Monday but for the most part it was eamless. I did four companies in a year and a bit. 2 were Netware shopd that just did the Novell Suse upgrade, 2 were full-on MS diehard shops.

I have received thank you’s from users for easing their day and they are stunned at how similar OO and Suse were to Windows, they were worried about it until using it. Other than that, no problems.

A couple of staff have instaled MS Excell, for macro’s that Open Office can’t handle YET, but the new V.2 is coming out VERY soon, some screen shots and info are available at openoffice.org .

SO now you heard it, and for several different companies, mulitple branches, VoIP PBX’s in the mix etc. It was sre a hell of a lot easier than a MS server build that’s for sure.

Then again, I’m a Novell junkie, they could pump that code through my veins anyday!

This is for original post…

In reply to Two more..

I agree with the software that you want to load, cool. However, user education is the #1 most important factor in securing a system. You can have all the bells and whistles technology has to offer, but 1 uneducated or careless user opens the door and negates your security initiative. I’d like to add that Spy Sweeper from Webroot I have found to work MUCH better then Spybot. Spy Sweeper will cost you some money though. Also, Microsoft’s new beta version of their AntiSpyware works well too (even thouh i bet they are going to start charging for it).

now hve reduced most of my problems…

In reply to One More

I use XP PRO with Service pack 2 in a small home office network LAN no Wireless. 6 systems.
I have the DSL without the H/W firewall on.
MS Office 2003
MS Explorer ver 6
Full Outlook for e-mail
Nortons Systemworks (Norton AV ver 4)
Spywareblaster
I have found that since I have turned off the XP RESTORE function I now have removed most of the crashes and shit comming in.
I still get some come through but have a policy as follows…
Do not have auto preview on and we personally check e-mail in as follows.
1) if it looks suspicious delete without opening viewing
2) Delete any e-mail with nothing in the Subject line (the execption) if we know the sender and it is their ligit. address.
3) We surf the web and my sone plays Counter Strike and uses Messenger.
I do have some of the systems using AVG 7 and we have had no problems with them either.

My suggestion you have to mame the users accountable for the problems. After one user having to rebulid his system up again from scratch 8 hours their views have changed, and they are now careful.

Regards Carl

Would seem to make sense, but . . .

In reply to One More

I’ve spent many hours educating friends in private and users at work. In all fairness, I’m good at it. I’ve had almost universal response: they forgot what I told them and lost the notes I gave them.

I think the only reasonalbe approach is to make clients out of your friends and sale them a PM service. Like pool service. Come around every month and tune their systems. As an alternative, provide ad-hoc serivce at $75 / hour.

AT work, workout the best deal with management to make users accountable.

Ditto and more

In reply to One More

I first make my clients read this post:
http://forums.net-integration.net/index.php?s=181835f0425c45622511eba38a269d2e&showforum=38

Then i fix their problem. I have been known to use 4 different online scan products (have found one finds what the others wont but takes all 4 to find ALL problems)

then I explain why they got infected (virus subscription ran out a year ago – 9 out of 10 users) and how to KEEP their av updated. Zonealarm is a fav.

As far as removal, Spy Bot, Adaware, CWshredder and Stinger. And finally Hijack this. I usually run all 9 products multiple times as I have found is the best way to be SURE I got all.

I can’t share ALL my secrets with the clients, or I will put myslef out of a job.

I actually found a 3.4 mhz system in the TRASH cuz the business did not know what was wrong with the system. (Virii infected) 24hrs later, i have a KILLER system for FREE! 😉

Norton Firewall work with Spybot??

In reply to My experience with no shouting

I’d like to know if anyone knows if Symantec’s Norton Firewall(I have already)can work together with Spybot(considering getting)? Are they compatible or will they interfere with one another? Anyone who knows will do. Thanks!! Matt

I wouldn’t use the Norton’s product…

In reply to Norton Firewall work with Spybot??

Norton auto-protect products generally cause more problems than they fix…

Use Zonealarm…much better!

J

Zonealarm????

In reply to I wouldn’t use the Norton’s product…

I haven’t really been a big fan of Zone Alarm but I do use Sygate Personal Firewall Pro which I find it a lot better than Zone Alarm unless someone can change my mind 🙂

In addition to the SPFP, I use Sygate Home Network which I like it a lot better than any other SOHO softwares that I’ve tested for my SOHO network.

Ty

I switched from

In reply to Zonealarm????

Zone alarm to sygate personal firewall, for home use. Works quite fine for me.

ZoneAlarm????

In reply to Zonealarm????

I really like ZoneAlarm, the reason is that it is VERY user friendly.I own a small computer repair store and I have many “non-geek” customers. Zonealarm works for them without them having to take a class on “how to.” I know that there are several very good (maybe even better) products out there. But, Zonealarm with SpyBot S&D, AdawareSE personal edition, and a good (not Norton’s) antivirus that updates itself in the background have kept my customers safe and happy. However, just a note, sometimes NOTHING will protect them from themselves. LOL

ZoneAlarm????

In reply to ZoneAlarm????

I used ZoneAlam a lot until last September when I discovered the Free Sygate Firewall. Sygate is much easier to use, and its more secure. Sygate hides the PC from the Internet, I only get 3 post scans a day now, all from my ISP. With ZoneAlarm, I got about 60 per night.
I used to have Norton too, but it let too many viruses through, even though I checked for update daily. AVG does the job much better.

Norton Internet Security

In reply to I wouldn’t use the Norton’s product…

I agree that if Norton is not setup properly with internet permissions that it’s a pain in the arss. One thing people don’t know about auto protect is that you should use smart scan, so the resources are not drained each time you open a file or download one. But if you were to scan on a weekly basis, you’d be fine. I’m going to reply to the main topic down further and give my tried and true way to let go of these pests.

Norton firewall and antivirus

In reply to Norton Firewall work with Spybot??

Hi,

I am running XP using Norton Firewall & Antivirus with Spyware Doctor v3.1 and it is working just fine for me.

Yeah

In reply to Norton firewall and antivirus

The ones that the poster quoted in the original thread have free versions that are not limited to a trial period. It’s a good move on his part. Regarding the other comment about Norton Firewall and Spybot, I haven’t seen a problem either. Personally, I use an alternative firewall – not Norton or Zone Alarm.

software firewalls

In reply to Yeah

Anything made by Norton is a frightening hunk of hostageware. I can’t stand the stuff. ZoneAlarm does what it’s supposed to, though there are better options out there.

Nothing replaces a hardware firewall, though.

Yes

In reply to software firewalls

The number one protection is of course a hardware solution. My second choice would be a dedicated firewall – ie. PC with routing and firewall configured.

We can argue which is the best software firewall available, but the point remains… they are all pretty much the same… I’d like to see a firewall that renames the active .exe’s and apllies the changes throughout the software. This would combat any bots that would try to kill the task.

Try this much better Anti Spyware

In reply to Norton Firewall work with Spybot??

I have tried just about every anti spyware type program on the market and the best without a doubt has to be SPY Sweeper by Webroot. The only small reservation I have with regards this program is that it can be quite resource hungry – but hey what price do you put on a system that will remain spyware clean.

Norton Internet Security & Spybot

In reply to Norton Firewall work with Spybot??

I use the Norton Internet Security system AND spybot on the same PC. No problems with these at all.

The NIS includes Norton’s firewall, antivirus, antispam, etc. I still run SPYBOT every few days. The firewall seems to pick up on things I use and initially gives me a choice. Once I choose to allow it, it never discusses it. It can be manually revised in the firewall later, though.

Should be fine combination…..

SpyBot and NPF

In reply to Norton Firewall work with Spybot??

I’ve been using Norton Personal Firewall for almost a year and have been using SpyBot Search and Destroy, amongst other spyware checkers for about 4 months.

When I first installed SpyBot, I configured it to load its resident browser helper program that continually monitors for threats. So far, neither program seems to have affected the other.

Norton vs others

In reply to Norton Firewall work with Spybot??

mbaren

Though others have tried to point you to other products they have failed to answer your question. If you wish to continue to use Symantec’s Norton Firewall, Spybot will work with no problems. However, I agree that Norton Firewall has become bloated and is a drag on any sytem that runs it. Better choices for less money have already been mentioned by others.

Yes

In reply to Norton Firewall work with Spybot??

Great reply title huh? But yes, I do have Norton antivirus & Norton firewall running along with Spybot. I also have eTrust?s Pestpatrol but find that Spybot catches a few more tracking cookies than pestpatrol. I also use Netscape 7.1 (from day-one cause I?m also a resigned MS user and prefer other options when available). Spybot?s ?spyware inoculation? function does not work with Netscape ? it will find the spy-ware after infection but will not prevent it from coming in through Netscape.

they do

In reply to Norton Firewall work with Spybot??

run both including Windows Beta Spyware and Ad Aware.

None get ALL the spyware alone. Grouped together I get all of em.

Norton Ad trashcan is pretty good to in blocking .

You might want to consider adding hijack this to the list

In reply to My experience with no shouting

I’ve found the only way to reliably get rid of browser hijackers is with hijack this. However I wouldn’t recommend the average user try it as it requires a reasonable knowledge of computers (particularly the registry).

BHODemon

In reply to You might want to consider adding hijack this to the list

I use BHODemon and it has found/fixed things that nothing else has – definately in my recommended arsenal for Techs and users:
Spybot
BHODemon
Adaware
And a couple Links:
http://www.doxdesk.com/parasite/
http://www.answersthatwork.com/Tasklist_pages/tasklist.htm

HiJackThis

In reply to You might want to consider adding hijack this to the list

We use HiJackThis extensibly in our shop, however it is NOT a program that I’m comfortable with leaving on a users machine. It is an excellent program but does require a little bit of nerd like qualities to use properly. Most of my customers would crash their machine with it.

Is this an alternative

In reply to My experience with no shouting

Of late, in similar circumstances I have used Norton Internet Security to provide the firewall, anti-virus and email cleaner, together with IE. It can be a bit awkward to install, particularly if other anti-virus packages have not been removed properly but so far there have been no complaints.

Anyone aware of the pros and cons of the two approaches?

Norton security products

In reply to Is this an alternative

Some Norton/Symantec products are great (Ghost, Winfax, Systemworks) but not so for their security products. I have experienced serious amounts of headaches when anything is changed on the PC after norton av or firewall products are installed. eg: change email accounts, networking, new applications, etc. It can make for some hugely frustrating troubleshooting sessions!! I find the norton av and firewall products impact performance quite alot also.

But, that’s just my experience! I take a similar approach to the guy that started this topic. Just changing to Mozilla cuts 80% of spy/ad/malware problems…and it runs quicker, cleans it’s cache properly and has a better bookmark and download system! Kewl! It’s worth having a good go at using it.

The norton a/v corporate edition is a bit better than the pc one but it’s still clunky.

Symantec Internet Security

In reply to Norton security products

I have 3 computers on a network and have widely used Norton Internet Security 2004 on other computers I perform as well. The only problem and frustration is setting it up to allow certain instances and not others. I find if you just install it and by-pass the parental controls your fine. Mine usually suits itself to the way the user operates the computer. It asks permissions and not off the wall questions. Most people understand “trojan” and anyone I work for I inform about new virus’s and such mysterious things as “spyware” “adware” and what is start-up? I also explain MSconfig is a great utility if you know what your doing. I have also used “Hijack-this” I like it very much and there is a site out there that analyzes the txt file for you so you don’t have to think so hard when worrying about the registry. I like ad-aware most. I think its pretty simple and takes care of most problems. I have noticed that running spybot finds others also. Webroot spysweeper also adds another chapter to the game because it finds others also. I personally like them all, but for the best bang for you buck I would get NIS 2004, ad-aware, the firefox browser and e-mail utility, and lastly install Netscape as a backup for some sites that don’t support Firefox yet. This way the only purchase is $50 Security/antivirus instead of having a dealer or Best Buy tell you its going to cost you $100 to get your system looked at and we recommend you buy this, this , and that. Now you can buy a new dell…($499 special)

Unremoved removed Norton

In reply to Norton security products

Your right. On both counts. The biggest frustrations come from Norton/Symantec products that have been removed/uninstalled that leave behind registry settings and files that screw with you adinfinitum.

Left over Registry entries

In reply to Unremoved removed Norton

I’ve got an old pc with WIN 98 that I’ve given to my 12yr-old nephew for off-line school work (typing mostly). His on-line work is supervised by parents on a newer machine. Unfortunately the old machine still has Norton registries that I can’t find which cause error statements on start-up. They remain from a System-Works install that never worked and didn?t un-install cleanly.

No admin priviliges!!??

In reply to My experience with no shouting

One of the most useful steps for home computers which you don’t mention, and in the vast majority of cases is not followed, is creating non admin users with full control over only ‘my documents’and using these for day to day operations. With this, Norton and spydoctor i havnt had a single problem for 6 months, only logging in as admin to run updates or new software. Even with IE i dont get a single pop-up!

From the other side..

In reply to No admin priviliges!!??

My computer is connected to braodband, and is on 24×7. I log in with an admininstrator account, run auto updates and AVG. I haven’t had a problem in over a year. Before SP2 I used the google toolbar to eliminate pop-ups.

user accounts

In reply to No admin priviliges!!??

Because NT-based Windows versions only simulate some of the behavior of a multi-user OS, this isn’t really any kind of cure-all for malicious code. It sounds like you’ve been lucky, if you’re running this system on an always-on broadband connection.

Using limited user accounts does help to secure the system, even in Windows. Unfortunately, with Windows it only protects against malicious events that require user intervention to be completed. That means that if you have to approve an installation of malware by clicking “OK”, and you’re signed on with a user account that doesn’t have administrative permissions, you’ll be (momentarily) protected from your own stupidity if you click “OK” because the installation will be blocked.

On the other hand, stuff that doesn’t require user intervention occurs in the background and is unaffected by user accounts (generally speaking: I’m simplifying the OS architecture’s effects a great deal). The reason for this is that many activities that are disallowed for limited user accounts have to be running in the background just to allow the OS itself to function, let alone much of the software installed on it. Since the functionality of the OS itself and installed software isn’t divvied up among user accounts the same way it would be in Unix, this means that in behind-the-scenes matters, user accounts provide zero protection in Windows.

Windows power users and admins should be aware of this, and allow for it in planning security procedures for Windows systems. Alas, many are not. In fact, many don’t care, and many more have heard about the dangers of a fundamentally single-user system and refuse to believe it (probably because they’ve mostly heard it from people telling them why Windows “sucks” which, in my opinion, it does).

While I don’t know much about “spydoctor”, I have dealt with Norton utilities quite a bit. My experience is that they’re bloated, crufty, slow, resource-hungry, too expensive for their effectiveness, vulnerable to attack, and prone to conflicts with other software, to say nothing of the fact that I tend to dislike anything that doesn’t easily allow itself to be uninstalled by the user. Norton software works fairly well for some people, sometimes, but when someone’s looking into options for what to use, I recommend something else. I certainly don’t want to tell someone to use something that may cause more problems than good.

One suggestion and a warning

In reply to My experience with no shouting

I have had no real problem with Spybot but discovered Ad-Aware from Lavasoft to be a bit more user friendly. You can also set it to automatically update when you boot up and connect to the Internet. On the new browser, Firefox, you might want to do some research before throwing in with the new guy on the block. It does appear to be more secure and seems to work alright but some recent posts on various sites are suggesting Firefox may also have some “issues” with security. Do a google search and check it out first. I have both but my comfort level is still higher with IE…but that may change as Firefox matures.
I agree with the other selections like AVG from Grisoft. The new version 7 works very well and also can be set up to auto update. And another thing, all of these mentioned are free.

Firefox not mature?

In reply to One suggestion and a warning

Firefox 1.0 may just have been released a few months ago, but the product has matured considerably through the many betas over the years, dating all the way back to Phoenix. Moreover, the security issues in Firefox have been fewer in number than those in IE, typically less severe than those in IE, and fixed more quickly than those in IE. In order to achieve the same “comfort level” with IE, one would have to lock it down, so that ActiveX and active scripting are disabled. And, by the way, when you Google “Firefox” you get 23,200,000 hits. Good luck wading through that mess!

Firefox Safe??

In reply to Firefox not mature?

Nothing is safe from the eyes of the masses. The biggest flaw in IE is its popularity and the fact that its Microsoft. NO internet based software can contend against millions of green eyed monsters.

FUD

In reply to Firefox Safe??

Trying to claim that the only major security problem with IE is its popularity is a common sport among Microsofties. It’s all just FUD, though, intended to discredit competitors without actually using any hard facts. That assertion is based on the assumption that security through obscurity works: it doesn’t. Even if it did, I’d prefer the more secure software, whether the security was a result of application obscurity or not.

IE’s biggest problem is, by no means, its popularity. Its biggest problem is the way it’s hooked into the OS. This creates a great big gaping hole in system security that allows malware to affect a lot more of your system than it should, and that makes it very difficult to keep malware out. Its second biggest problem is probably the default functionality of ActiveX and other “features” that constitute huge friggin’ security issues.

I wouldn’t call popularity a “problem” with IE at all. IE’s popularity is a problem for general security on the Web, sure, but it’s not a problem for IE. The only problem with IE popularity is that it means there are millions of people using it. That’s a problem, because of the massive security problem that represents.

Agreed and on that same note

In reply to FUD

Popularity is one thing that makes Firefox such a ‘good’ program. Open Source means there are as many if not more developers available to debug, secure and patch it as there are malicious coders.

MANY malicious coders do so because they don’t like MS’s marketing and pricing angles. They are usually the ones using Open Source to hack IE. they don’t like being restricted by secure code that they cn’t customize and manipulate to support their personal needs, OO gives them this ability, why target it?

MS business prectice has been the catalyst that fuels such exploits, people don’t have the sameissues with FREE, open source software.

Anyhow, even if they did target Open Source, there are still more people patching and working on improving it than MS could ever hope to have behind their closed engineerign and development doors. Closing doors on themselves is all they have achieved.

More precisely…..

In reply to FUD

I’d be more inclined to suggest IE’s biggest issue are slack admins and click happy users.

The truth is IE can be secured without the assistance of third party tweaks. The issue is really how far a ‘normal’ user will bother with tweking security settings, if at all.
Truth is………..it’s a whole lot easier to install Firefox & be done with it.

As for Admins – It’s a rare Admin that will make use of Group Policy for fear of ‘upsetting the users’……….but that’s best left for a future discussion.

Firefox and Thunderbird just keep getting better

In reply to More precisely…..

Since changing to Firefox and Thunderbird, I think I like them more every time I open them.

It seems you notice something everyday that used to be a pain in IE that works faster in these two.

What a great combination of browser and email client.

My hat’s off to these guys for writing such excellent code. It behaves with all the little perks of IE and OE but SO much better. Fast, no adware, no spam (not that I got spam before on that account).

Just a breeze, now if THESE guys were out to make money, they could make it hand over fist, especially when compared to IE and Outlook for ‘issues’.

It seems some of th ebest thins in life really are free. And these guys saved me so much hassle it’s not funny…actually it is… WooooHOOOO, LOL !!!:D

Let’s take stock.

In reply to More precisely…..

You can apply third-party tweaks. You can fine-tune settings for security purposes. You can disable unnecessary and security-compromising misfeatures. You can install Firefox to avoid IE security issues. You can do all of these things.

. . . and yet, you act as though it’s an either/or situation. This isn’t a boolean decision, dafe2. The more of the above you do, the more secure (and, incidentally, [b]stable[/b] and [b]fast[/b], assuming you don’t use bloatware like Norton’s) your system becomes. Yes, you should definitely make use of group policies where appropriate and apply third-party security solutions like carefully configured firewalls and intrusion detection systems. If you can increase your level of security by switching browsers, you should do that [b]as well[/b].

Thus, I use Firefox, and recommend it for any Windows user currently using IE that has the option of migrating.

I see your point……………..

In reply to Let’s take stock.

Of course, there are places where you cannot deploy Firefox & that’s where a custom IE MSI & Group Policy come into play.

circumstances where Firefox isn’t an option

In reply to Let’s take stock.

I agree: such circumstances do exist, and under those conditions one must do what one can with IE. Of course, I’ve yet to run across a circumstance where IE was actually needed and that need wasn’t the fault of some idjit making the wrong decisions (typically involving such mistakes as failing to use standards-compliant code, for instance).

Examples where IE is necessary

In reply to Let’s take stock.

Just FYI stuff:

PeopleSoft – HR ressources for Employees
MySAP – Various BI elements

dafe2, re: IE necessity

In reply to Let’s take stock.

Agreed. Those are necessary uses of IE. Like I said, though, at root they’re instances where IE is necessary because someone made a stupid decision. In the case of PeopleSoft (for instance), somebody made some very stupid programming decisions (or perhaps marketing decisions that too precedence over programming concerns) that led to IE being necessary for full functionality. If PeopleSoft weren’t apparently full of knuckleheads, IE wouldn’t be needed if someone wanted to avoid it.

Now that Oracle bought PeopleSoft, they might see about fixing that. I guess we can only hope.

Oracle and Peoplesoft

In reply to Let’s take stock.

I’m surprised that it actually went through. In the end I knew that it would, but I wasn’t sure if Peoplesoft themselves would actually strike the deal, or if Oracle would have to buy it from the bank. 🙂

This is my final offer… ok, now this is my other-other final offer… let’s be honest, there’s final offers and there’s final offers. It’s funny to see such idle threats from software giants. Oracle knew very well that they would not flip them off.

Perhaps

In reply to Firefox Safe??

The security lies in the fact that…

1) ‘Open source’ do it for the love of the game
2) ‘malicious coders’ do it for the love of the game
3) do you see a connection here?

…who’s the bad guy?

love of the game

In reply to Perhaps

I don’t see many of the malware and highjacks as being done by someone who has a love for coding. It is by people who are looking for ways to make a quick buck by taking advantage of other people.

2) for the love of the MONEY

Am I way off base with this?

Partially

In reply to love of the game

I agree that most hard code coders are trying to write software not klll computers.

There are many breeds of hijackers in my mind.

Those that are creating SPAM lists and reselling them. Tracking provides immenss amounts of trend info and target marketing for potential spammers who pay big bucks for the lists.

Those that are actually legitimte companies trying to aquire dempgraphic info on users for marketing.

And I find a lot of malicious code is directly aimed at MS as a spit in the face or an example of a vulnerbility they refuse to respond to or fix as requested.

Plus script kiddies with no life of course.

Sure they can

In reply to Firefox Safe??

The single biggest and only problem with IE is slack administrators (or) lazy users……….end of story.

‘The sky is falling’ attitudes of Firefoxers cry foul when so called holes in MS software are discovered………HELLO…….very few of the ‘vulnerabilities’ require ‘immediate’ attention.

not so

In reply to Sure they can

You forget about the fact that IE’s basic design on Windows, wired directly into the OS such that it allows exploits to be propagated across the entire OS where it wouldn’t be on a different OS or with a different browser (take your pick). That’s just the most egregious fundamental security flaw in IE’s design. Of course, that’s not a “bug”. It’s just design that completely ignores security concerns.

Besides, regardless of what sort of attention a vulnerability “requires”, it’s still a vulnerability, and it still often takes [b]months[/b] for Microsoft to address the same class of issues the OSS community regularly addresses in mere hours.

In any case, I’ve never been a big fan of Microsoft’s tactic of stalling on addressing vulnerabilities, then blaming the victim when things go awary. The fact that Microsoft patching procedures actually [b]recreated[/b] the vulnerabilities that led to the SQL Slammer fiasco, and Microsoft blithely went about blaming sysadmins for failing to patch regularly (probably costing a lot of innocent Windows admins their jobs), just illustrates how the worst-case scenario is not only possible, but a matter of record.

Heheh

In reply to not so

We’ll continue to dissagree on the design features of IE…..LOL

As far as the the Slammer……..it sucks to be the admin that didn’t pay attention to the advisories & apply the necessary patches.

Slammer

In reply to Heheh

That’s the point, though: many of them [b]DID[/b] pay attention to advisories and apply the necessary patches, but a later combination of patches caused an earlier patch to be [b]uninstalled[/b], which basically means that Microsoft’s shoddy patch testing caused hundreds (at least) of computers to be struck down when they should not have been.

Bummer………………………

In reply to Heheh

I didn’t know that.

Really?

In reply to One suggestion and a warning

“I have both but my comfort level is still higher with IE…”

WOW – Obviously you haven’t dealt with too many systems that were completely TRASHED beacuse of IE have you my brother in geekdom – G’head man – take the plunge. Everyone I helped shed the horrendous cloak of IE bought me beer for Christmas. Yes … I seems to have a few minor issues but nothing compared to IE.

P.S. Service Pack 2 sucks!

Security concerns with Firefox

In reply to One suggestion and a warning

Oh, certainly there are concerns with any program that accesses unknown computers on the internet. But if you check the comprehensive database at http://www.secunia.com you will find that compared to IE’s 76 issues (20 still unpatched) and Opera’s 34 (4 unpatched), firefox has the least buggy track record with 6 (5 unpatched). Of course, more will be found as time goes on, but the open source track record is pretty good on fixing things. Open source products that have been around as long as their commercial rivals, including various flavors of linux, usually have few if any unpatched flaws after just a few days or sometimes weeks, compared to weeks, months, or YEARS for commercial software.

Just what is it we are paying for again?

Days?

In reply to Security concerns with Firefox

That’s pretty uncharitable of you. It has been my experience that issues with Linux get patched in mere hours. The incidence of a Linux problem that doesn’t get fixed in less than a day is extremely rare. On the other hand, at any given time you’ll find several Windows issues that haven’t been patched for months, or even years.

The fact that Microsoft occasionally just rates a problem (including security issues) unimportant enough to [b]never fix[/b] sickens me. The fact that Microsoft then goes on to say its products are more secure than open source, which fixes security issues in mere hours (I have yet to hear of Microsoft doing that [b]even once[/b]) just boggles my mind.

Yeah. Very good question: “Just what is it we are paying for again?”

Your bandwidth

In reply to Security concerns with Firefox

and their software.
No LOL, not even a smirk.

My bandwidth . . . ?

In reply to Your bandwidth

Unfortunately, it’s not my bandwidth either. Verizon DSL, for instance, has actually added additional charges to service use when people use “too much” bandwidth in a given month period (too much being determined by whim, of course, since nothing specifies a level of bandwidth usage that is “too much” in their service contracts).

Spybot and Ad-Aware play together

In reply to One suggestion and a warning

I use both Spybot Search and Destroy and Lavasoft Ad-Aware. No anti spyware is completely 100% effective, and these two together seem to get almos all of it. They work well toghether, and I articularly like the immunization feature of SpyBot.

ZoneAlarm refuses to install – alternatives?

In reply to My experience with no shouting

I have a laptop which recently started misbehaving (it threw up error message boxes about TrueVector) when I tried to access the internet. ZoneAlarm was the culprit so I uninstalled it, thinking it had been corrupted, but when I tried to reinstall it, I got as far as clicking the “I agree” button and it aborted. I’m running Windows XP. Does anyone have any recommendations for alternative software firewalls which allow the use of VPNs (unlike Microsoft’s offering which blocks use of VPNs!!!).

Check your setup

In reply to ZoneAlarm refuses to install – alternatives?

We use the microsoft firewall and have no issues using VPN. All my XP SP2 users connect via VPN.

Zone Alarm is good, but I found users would just click randomly to Allow / Don’t Allow when prompted as they had no idea what the questions mean.

uninstall notes

In reply to ZoneAlarm refuses to install – alternatives?

I’ve found that when you uninstall zone alarm, it leaves some files and sometimes the truvector portion installed on the machine. I believe they have instructions on their website for curing this. Then after that try the reinstall.
I personally use a product called Panda Antivirus Platinum 7 which has a firewall built right in
and I have no problems whatsoever. I use Adaware SE pro for the spy and malware.

I VPN through XP’s built in FW all the time

In reply to ZoneAlarm refuses to install – alternatives?

Just have to make sure you have the right ports open and you can do anything (so far) through it. Matter of fact, I believe XP’s FW only blocks having open listening ports – If you establish the connection it should be fine.

Personally I think that most personal FWs are smoke and mirrors. You shouldn’t need to be told that a FW blocked something – that is a sales pitch. If it is doing its job correctly it just blocks the bad stuff, and doesn’t bug you about it. You can check the logs later to see whats been going on. JMO…

Problems with Zone Alarm

In reply to ZoneAlarm refuses to install – alternatives?

I have also found that zone alarm conflicts with other software. I haven’t used it in awhile so maybe the latest versions are OK.

I don’t like presonal firewalls in general, as most users are not savy enough to use them properly. The warnings they produce about unsafe activities are usually in technospeeak. Most users will just choose to allow everything through.

On the other hand I have been using a firewall that I do like. It is limited in what it does, but it does it in clear, understandable messages.

Check out Geek Superhero.

No spyware thanks

In reply to My experience with no shouting

Pre XP SP2 – regular spyware hits on my remote users (interstate) laptops. Post XP SP2 with firewall enabled – only one user has been hit since (because he neglected to install SP2).
Call me crazy, but MS seemed to have alleviated my problems…for now. We run weekly spybot scans and nothing has surfaced. Ran MS’s beta and that also turns up nothing.

An alternative AV product – Avast

In reply to No spyware thanks

Instead of AVG, I use Avast! from Alwil software. It’s free for personal use. See http://www.avast.com

I prefer Avast’s user interface to that of AVG’s, and it does appear to have some features that AVG lacks (at least the last time I looked) such as a P2P AV service.

BlackIce

In reply to My experience with no shouting

I have used the BlackIce Firewall for several years now and found it excellent (together with a broadband router/firewall (at home) and Symantec anti-virus software)

Blackice

In reply to BlackIce

I have a couple of friends who use Blackice almost exclusively. For a software firewall, I used to use Sygate Pro. I found it to be rich with features that would allow you to counter an attempted hack. I was always able to identify various bots, trojans, and internal threats, with the monitoring and trace utilities – threats that are not necessarily identitfied by any security company.

Different but Similar

In reply to My experience with no shouting

I use Outpost 2.5 Pro as it performs faster than ZoneAlarm and is easier to support neophyte end users. Mike Lin’s Startup Monitor, http://www.mlin.net/StartupMonitor.shtml which alerts user every time something attempts to register an automatic startup, Spybot using the innoculate feature-no auto scan, avast! from Alwil automatically checks for updates several times per day, set On Access Control to High-no autoscan, Windows Update set to notify only so user will gradually get an education by reading the update descriptions, and Opera (currently 8.0 beta 1). Opera is easier to use, faster, easier to set up, and has many features not found in Firefox, including an integrated email client. If email needs are high ore needing security beyond Opera, I use The Bat! currently beta 3.0.2.10.

Open Office is used for an Office Suite. If something mandates Microsoft there is much loud discussion on the vulnerabilities and responsibilities of using it. I use WordPerfect Office for long time users who have difficulty aclimating to the Open Office interface.

No customer has ever been infected using this combination and machine performance is minimally impacted! If up-front protection is in place the autoscans are needless overkill that just wear out the hard drive(s).

Stop services

In reply to My experience with no shouting

I allways disable some windows services, like:
server
messenger
DDE
Remote registry
Upnp

Add another

In reply to My experience with no shouting

I totally agree with your list, and I would add another – Spywareblaster from Javacool software. Set it up with automatic updates – cost a few $$$ per year – and you will go a long way to keeping spyware and tracking cookies off the machine totally.

Alan

Right on!!

In reply to My experience with no shouting

I agree with your choices 100%

Firefox, ABSOLUTELY NOT

In reply to My experience with no shouting

If somebody put Firefox on my computer, not only would I remove the garbage off the computer, but they would no longer be my friend, and I would seriously consider suing them for putting that garbage on that computer. As a matter of fact I ran into a computer not to long ago that had the software installed, and it was so messed up, that a clean installation of Windows xp was recommended. The computer had a installation of Windows 2000 on it, but they did not have installation media for that, so I did not perform the installation myself. I have pretty much decided that the only browser that I will be using will be Internet Explorer and if they mandate using Firefox at work, then I will continue to use Internet Explorer anyway and ensure that the software would be removed.

One problem computer, it’s Firefox’s fault?

In reply to Firefox, ABSOLUTELY NOT

I think you might want to broaden your testing/knowledge before someone at your workplace finds out and downsizes you. A single computer with a problem that has Firefox installed proves nothing. There are hundreds of other things that could have caused Windows problems that were unrelated to Firefox (the fact that they were running a pirated version of Windows would be the first thing I would look at.)
I’m typing this in Firefox, and have been using it for months, with no problems, except for the occasionaly IE-only website.
And “deciding” that a specific program will be the only one of its type you will use is foolish. If you are in the IT field, you should be trying out new options constantly. If you stand still, you’re going to be run over and left behind.

T

I agree… nothing wrong with Firefox

In reply to One problem computer, it’s Firefox’s fault?

I’ve been using Firefox myself for many months including the version prior to 1.0 and have had no problems whatsoever. Methinks bigjim needs to hone his problem diagnosis and troubleshooting skills.

I’ve been in the IT field for 39 years (and counting) and I’m always learning, always trying new stuff and am never caught standing still… or coming to half-baked conclusions based on momentary observations and incomplete information.

Had bigjim spent a little time investigating the problems on the machine that just happened to have Firefox on it, I’m certain he’d have found something much different than the conclusion he obviously jumped to.

It’s better to be the windshield than the bug

-JW

Curious, no reason given

In reply to Firefox, ABSOLUTELY NOT

I find it very interesting there’s no lucid reason NOT to use Firefox. I’ve been using it on my 2 work PC’s, and 5 home PC’s since th V1 beta, and it’s far superior to IE in so many ways.
Maybe you should take a good look at it again, with no preconceptions.
Also, I highly doubt a PC was totally messed up by a browser of any kind.
DC

Maybe BigJim is an MS Schill?

In reply to Curious, no reason given

I don’t mean to disparage another poster on this board, but such vehemence for one product (IE) over another with very little supporting evidence always makes me wonder what the poster’s motive is? Perhaps he feels he needs to protect a sizeable $$ investment in MS? Or, maybe he simply reveres MS in the same way some do the Bible? Or he’s a junior public relations person in MS’s schill factory hired to raise FUD about new (and better) products?

Having worked in PR myself at one point, I lean towards the last reason. Lots of companies do that to “beat down” the competition.

What the heck is a schill anyway.

In reply to Maybe BigJim is an MS Schill?

I take offence to the comment that someone may be putting things in my mind. The main reason that I have for not liking Firefox is simply I do not trust the people who have written the code. The motiviations of Microsoft is perfectly clear, they are to raise revenue for Microsoft. I have yet to look at Firefox and really don’t intend to. I am quite pleased with Intenet Explorer and it has given me no issues and works quite well.
As for PR, I don’t believe in it. I believe in stating things honestly and completely truthful. This is my stance on Firefox, I don’t trust it, and until I have a chance to read the ENTIRE CODE of the product, I WILL NOT TRUST it. Internet Explorer was purchased and updated by Microsoft and installed on a Microsoft Operating System. I know that it will work everytime I go to use it. Over the last 20 years, I have noticed that programs written by other people tend to crash and cause problems in Windows. I believe that it should be MANDATED that if you wish to sell hardware that works on ANY system, then you must SIGN the drivers. If the drivers are not signed, then they have not business outside the organization developing them.
As for motivation to support Internet Explorer, it does not matter as much. I would not use Firefox on Linux either. Konqueror works perfectly for me.
As for your speculations, do not persume facts not in evidence, unless you are prepared to face the consequences.

A schill is

In reply to What the heck is a schill anyway.

a dupe, someone who you put out in front to take the heat, that you can disassociate yourself from should things turn out not to be as described.

Plant and Patsy are connected terms.

I didn’t say you were and aren’t saying you are, (threats from americans called big jim are taken seriously in the UK, they let them have guns), but you did come across as one, principally for not coming up with a reason for your opinion.

This site is basically about opinions, so the why is important. I may not agree with your ‘why’ but I’m naturally suspicious of anyone who doesn’t state one.

In my opinion, if someone won’t tell me why they have come to a position, then that means they don’t want me to know. That sort of things always seen in the worst possible light.

I certainly agree with you about Microsoft’s motivations , and you can trust their self interest. I’m not sure that the position you hold is your best interests though. Not sure at all.

P.S.
I at least would be very interested in how you’ve had no issues with IE. It’s something not many of us have managed in our environments.

If the moderate tone of this response surprises you, don’t worry, I’ve got a feeling that any others are going to be flaming hot.
LOL

3 characters less than a schilling

In reply to A schill is

What’s that old saying?
Pennywise. PoundPolish?

Internet Explorer is FatBrained.
Using it is stupid.

All your ~~~~~~~ Belong to us.

Sperm

Pennywise, Poundfoolish

In reply to 3 characters less than a schilling

old, chap, otherwise know as the curse of the bean counter or Magooitus . Someone who’ll pay ?10 this month to avoid saving ?100 next month.

BigJim’s position, after he’d explained it makes sense. All the browsing seems to be internal, so the price of using IE on the net isn’t paid.

Saying that as a professional IT developer, not having a connection to the rest of the world would cost me a fortune. So his solution to IE’s known security defects is inapplicable in mine and many other cases.

Unfortunate, I would have been quite happy to see this lamentable situation resolved.

Firefox will do fine, while MS figure out that the market they had is no longer the market they’ve got.

A Shill is a carny term …

In reply to What the heck is a schill anyway.

the person who bets on the wheel and wins, finds the pea in the shell or picks the right card in 3 card monte. He or she is a person in the employ of a person who pretends to be a consumer or independent consultant. One thing to norte before slinging the slang…Shills get paid. patsies don’t.

Schill or Shill

In reply to What the heck is a schill anyway.

Whether it was a typo or what, I don’t know. But, a shill is one who poses as a satisfied customer or an enthusiastic gambler to dupe bystanders into participating in a swindle. If he really meant a schill then he is calling them a fish because a schill is a European pike perch related to the wall-eye. If you like a little humor then you might like the variation that I once heard: Shillary (A lie told by Hillary Clinton in an attempt to obtain support)

Upgrade firefox beta for security patch

In reply to Curious, no reason given

V1 beta works but it should be upgraded.

Oh, a browser can definitely mess up a PC

In reply to Curious, no reason given

but it’s name won’t be Firefox, it will be IE. 🙂

Having said all that, I’ll return to the matter at hand – the tools are all good for now but Firefox will not remain foolproof for long. People will soon be developing for it and nothing is 100% secure.

I also agree that hijackthis is the finest garbage removing software but it’s not for “non-geeks”.

Yes, very curious…

In reply to Curious, no reason given

I too found it odd that no reason was given. I’ve using Firefox (and it’s predecessors) for a long time on three different machines, and it has become my default browser. The only problems I’ve had are those Web sites coded specifically for IE (aarrghh!!), in which case I fire up IE and deal with it (grudgingly).

Reason for Firefox stance

In reply to Yes, very curious…

I don’t trust the software. Internet Explorer has gotten to the point where it is now because Netscape wanted to eliminate the operating system that comes on the computer. Well that is not going to happen. Web applications, not really applications. I want REAL applications that work on the disconnected computer. The internet has some use, but how many magazines to you read?
Just like all open source software, I will not fully trust the software until I have had a chance to read and understand the code. That is it. That is my whole reason for not using Firefox. I know what you are saying now. I have not read the code to Internet Explorer and Windows either, but that is why you have warranties. If people put out crap for software, then there are remedies that can be gotten.
Plus I like simplicity, I don’t want or need another browser installed on my computer. I believe that one is enough, and it came with the operating system.

Pot… Kettle holding on Line 1

In reply to Reason for Firefox stance

Oh the irony of this past statement “… I don’t trust it, and until I have a chance to read the ENTIRE CODE of the product, I WILL NOT TRUST it.” Yet you admit not viewing the IE source, but somehow it is worthy of your trust? Why.. and please be rational, don’t say cause M$ is in it for the money (so are drug dealers). You logic is akin to saying “I’m not using condoms because I can’t study the molecular code of the latex”.

Not with standing the fact that I suspect you might not have the skillz to review the entire code. Please note*: FireFox is not written using M$ software development tools, and as an incentive, if your so good at code review there is a free $500 bucks waiting for you (see below).

And you obviously never read a “click-through” software agreement or what you refer to as a warranty. You might be interested to know you don’t own any software, your given license to use software. If the software fails the maker is immune from any and all of your legal actions. This isn’t a car that you can take in for warrantee repairs, Micro$0ft owes you NOTHING.

Haven?t you ever wondered why people haven’t filed class action suits against M$ for defective products (like car manufactures and for example faulty seatbelts).

I guess I should expect nothing less from a guy that blindly believes all OpenSource is garbage and all Closed(Proprietary)Source is safe. All rational thought appears to have left you long ago, unless your a troll, if so… I’m done chasing bait in your pond.

If Microsoft (a multi-billion dollar company) is so serious about the safety of its products why don?t they do this?? http://www.mozilla.org/security/bug-bounty.html Mozilla is non-profit and they are willing to pony up $500 and give out the source.

Oh yeah, I forgot OpenSource apps are untrustworthy.

Don’t get too mad

In reply to Pot… Kettle holding on Line 1

You just might be his manager one day, by some unfortunate stroke of luck of course.

Obviously that is the mindset that keeps you and I employed. Graciously thank him for jeopardizing his network. For every poor admin, there are two good ones to fill their shoes.

I can’t believe

In reply to Reason for Firefox stance

That his e-mail isn’t an AOL account.

Lets talk more money than brains here.

If you want to say you are too lazy to look for a solution to the problems going on, say it.

If you don’t have the understanding of how to install a program on your computer that doesn’t have autorun on a CD, say it.

Which is more likely to have bad code found and fixed, open source where anyone who understands code can look it over, or closed source where there is more of a push to be first to market than to have a good product?

Glad I don’t have someone like you looking after our company computers.

Why buy a word processor? Notepad and wordpad come with your computer OS. (or didn’t you know that?)

A Thought

In reply to Firefox, ABSOLUTELY NOT

Utilizing your logic, I’ve never worked on a system using Firefox that has Operating System problems. 100% of the systems I’ve worked on with Operating System problems have used Internet Explorer, therefore Internet Explorer must be the problem. I’ll be sure to never use Internet Explorer again!

I too use Firefox on my work PC and all home PCs without problems. Be sure to broaden your scope prior to making quick assumptions.

good grief!

In reply to Firefox, ABSOLUTELY NOT

This is irony, right? An apparent pirate copy of win2k and you blame the BROWSER?

post your cv here so I don’t accidentally hire such a low-brow.

“….would no longer be my friend….” Ha!

Wow!

In reply to Firefox, ABSOLUTELY NOT

I would not hire this guy! A definite security breach waiting to happen.

Hold on there Tonto

In reply to Firefox, ABSOLUTELY NOT

If that system was THAT messed up then I HIGHLY doubt Firefox was the culprit – Either that or you have no clue as to what your doing – Only you can know that.

Man – ending friendships – law suits – I can see the headlins now

“Man kills friend over browser rage incident”

Firefox vs IE

In reply to Firefox, ABSOLUTELY NOT

You should give it a try instead of basing your opinion on one system. Firefox blows IE away not only is it more secure it is by far faster at bringing up webpages. As for your friend it was probably the bootleg 2000 and other stolen software that hosed the system. Possibly not running the microsoft security updates. I seriously doubt the problem came from Firefox.

Is Firefox it really more secure?

In reply to Firefox vs IE

I agree that in this instance, Win2K was probably the problem – not Firefox.

However, is Firefox really that much more secure? There is a vulnerability listed at:

http://www.mozilla.org/press/mozilla-2004-10-01-02.html

There are some statistics at the bottom of the page supporting Firefox being more secure. If Firefox was as ubiquitous as IE and we extrapolate those numbers to the number of IE users, I would expect the number of security holes discovered to be larger as well. It appears to me that hackers would find more holes in Firefox if more people were using it.

I have used firefox and like it; but found enough pages that don’t load properly to preclude my use of it regularly. It’s a hassle to break out IE when a page doesn’t look right instead of just using it instead of Firefox.

I believe that the best security solution is not creating more secure browsing software. There two things that will make the computer use more secure. 1. Better educated users (good luck!). 2. Legislation that allows prosecution of malicious, predatory installation of software that the user doesn’t want.

My 2 cents. . .

Faster turn-around and track record

In reply to Is Firefox it really more secure?

First, if / when there are more expoits found in FireFox it has been proven over and over again that OpenSource programs have a much faster turn around time from when an exploit is found to when a patch has been released.

MS has sat on more than one exploit for several months, this is the company that will keep you safe?

As for sites that “don’t load properly”, does it load if you use ANY other browser? Can you blame the browser because someone used the frontpage wizards to throw together a non-compliant web page?

Any business that writes a page that doesn’t load in anything from Opra to AOL just doesn’t know how to create a web page.

If I have something to sell, do I want only IE users to be able to buy my product? Heck no! I want all the AOL users with more money than brains to come to my site and buy everything up.

There are things known as industry standards. MicroSoft has never been known for following them.

Also, regarding recovery….

In reply to Faster turn-around and track record

If Firefox craps out, remove and reinstall. If IE craps out… good luck. I can get it up and running again, but not everyone has that sort of experience with the MS beast.

Like that would ever happen . . . .

In reply to Also, regarding recovery….

IE crap out? It is written by The MicroSoft Corporation. It does not “crap out”.

What could you have been thinking?

The MS police will be knocking on your door any minute now to discuss your blasphamis comments with you, in private.

Listen to this…

In reply to Like that would ever happen . . . .

We are in the process of updating a backup server that is running 2003… everything was fine until we hit an IE patch (don’t ask me why we are updating IE???)… now it’s hung…but it seems to be creeping along – with any luck, it’ll be done by the time our schedule starts up. Piece of crap.

Like the commercials say

In reply to Like that would ever happen . . . .

IF IT AIN’T SCOTTISH, IT’S CRAP!!!!

Well MS can knock my door too, better still have them send Mr. Gates and a few partners to help him find the bloody Chicklets he begins to spit up soon afterwards.

When they finish here, I can them send him to a few customer sites that REALLY aren’t too happy with him and far less accepting of MS than I am.

Better still, give me time to create an Open Office spreadsheet of pissedoff customers so he can visit them all in one trip.

😀
And as they

IE crapping out?

In reply to Also, regarding recovery….

Must have been someone that either doesn’t know what they are doing, or went to a few too many porn sites. I’ve NEVER heard of IE “crapping out”, as you put it.

You are just another anti-M$ person – face it, it’s all about politics with people like you. You just love to hate Microsoft products, rather than try to understand how to use them properly.

IE crapping out!

In reply to IE crapping out?

You say you’ve never heard of IE “crapping out”. Well, gee, I have. I’ve heard of pretty much every single application and major, cohesive feature set on Windows “crapping out” at one time or another, including Windows itself. Windows has problems with keeping the registry in some kind of sane order, filling it with cruft over time as the user installs, uninstalls, and reconfigures software and GUI settings. DLLs tend to get corrupted over time, memory leaks and conflicts develop, and other problems arise. The end result is that, eventually, you may find that some critical functionality now causes system lock-ups and crashes, application crashes, glitchy behavior, and so on.

If you claim this hasn’t ever happen to you, there are three possibilities that come to mind: either you’re the luckiest Windows user in the world, Bill Gates has told you some Wonder Secret of Windows that nobody else in the world knows, or you’re lying. The commentary house offered about not being able to recover easily from a major IE problem is entirely valid, and it doesn’t make him anti-MS. In fact, of the people in this thread, he’s one of the least polarized in regards to MS vs. non-MS. He’s been thoroughly reasonable and pretty mild all along. If you want someone to accuse of being anti-MS, you should save your spurious accusations for someone that more closely fits the description, like me.

I loathe Microsoft. Their business practices make Enron look like a pack of guardian angels by comparison. Aside from that, the marketing department’s domination of software design at Microsoft has produced a great many problems with MS software that no other vendor or software project has ever experienced, including that fiasco of Microsoft security produced by the way IE is hooked directly into the OS to allow privilege bypassing and remote code execution natively, among other horrible effects of a monumentally bad idea. My low opinion of Microsoft comes from the fact that I’ve been supporting MS software, both professionally and non-, for years. I’m still doing so, and I’m still coming to dislike Microsoft’s offerings more all the time.

Your attack on house is not only unfounded, but patently absurd. Save your specious statements for people that will take great pleasure in tearing you apart, like me.

Awwww DUDE

In reply to IE crapping out?

Can’t believe I just read that! WHere have you been all these years where you have never heard of IE “crapping out”? IE has a COMMON issue with just “crapping out”! Just all of a sudden…ceasing to be.

When it comes to political discussions there are two sides, if one doesn’t agree with the other, it is deemed anti-xxxxx. Now whomever disagrees for whatever reason will ALSO be placed into the anti-xxxxx group, regardless of complaint.

With IT it is exactly the same. There are MS Junkies and there are the anti-MS people.

Now regardless of what anyone says and no matter what thier experience is, you will label them as anti-Miscosoft and discount any further opinions that person may have based on such a falsely conclusive opinion.

Nice play! Well done…what a winner!

Apotheon, it’s just too bad I can’t buy you a beer!

Did you go to school on the short yellow bus too?

In reply to IE crapping out?

For the record – I pretty much hate anything but Microsoft.

You may want to put something realistic on the table. Internet Explorer does die from time to time – A bad shutdown could cause library corruption for instance.

Get a life.

to: Oz, re: beer, and to: dafe2

In reply to IE crapping out?

Can’t buy me a beer . . . ?

http://tinyurl.com/5e468

http://tinyurl.com/5snkp

http://tinyurl.com/5ldux

Those’ll do. Heh.

———

Hey, dafe2, do you think you’ll be called “anti-MS” now?

Hello

In reply to IE crapping out?

[i] a> Here… you should try on this coat. It’ll protect you from from the weather.

b> I don’t need a new coat.

a> You don’t need a new coat? It’s crazy out there. You won’t last an hour with that ratty old thing.

b> I’ve never noticed.

a> When you go outside you don’t get cold? You’ll get sick.

b> No I won’t.

a> How’s that?

b> I don’t go outside.[/i]

*

I figured that I should make an appearance considering I’m being poked at. Unlike ‘apotheon’, I really don’t have much to say to the guy.

1) I’ve used IE for years, inside and out.

2) I use Firefox at home now since the release of 1.0 for Windows, but have used it for a while on Linux boxes. I found a few issues with the beta for the MS port and only gave it a second chance after following a few discussions, here at TR, fourth quarter 2004.

3) Firefox is a simple program that you can add and remove at your leisure whereas IE is a beast – plain and simple.

4) My concern regarding IE is somewhat directed at people who do not know how to manage their systems accordingly. I’m in the field of IT and I provide service to end users – of course they visit porn sites and whatever the ****.

5) I have seen MS crap out in all walks of the OS, and you can trust that I know how to manage my system.

apotheon

In reply to IE crapping out?

Two of the great websites on the web!

Having a friend that’s a Guinness rep and another who owns a pub that serves Guinness, I have more than my fair share of Guinness swag now. Bar towels, inflatable pints, banners, metal signs in the shop, t-shirts, shorts jackets etc.

The think geek stuff I have always thought was interesting, great gadgets, but I never buy any of it, they are usually similar to local gadget shops but better quality items are found in town; Zippo camera’s etc. are a little better at shops in town than the TG version for example.

But they have plenty of stuff on line to kill some time while checking out the latest.

WOW, do I have a bridge to sell you

In reply to IE crapping out?

Talk about a MS zombie.

Sorry to say this after being a member of TR for so long, (3 months) but if you join a posting and say something like that you really undermine your credibility.

You fill find that there are people from the *nix camp, some from the Windows camp and some that are somewhere in between.

NONE of them will even try to claim that IE doesn’t “crap out” without going to porn sites.

What are you basing this off of?

In reply to Faster turn-around and track record

“MS has sat on more than one exploit for several months, this is the company that will keep you safe?”

Give me an example – and give me something to back it up as to thier “sitting on it”. MS has extensive testing procedures to patch vulnerabilities. As long as some crack addict doesn’t post the exploit before they can address the vunerability, you will recieve the update on the 2nd Tuesday of the month – AKA “Patch Tuesday”. Would you rather get an update that isn’t fully tested, and then takes down your mission critical corporate applications? Then you have to go around and uninstall the udpates, and sit patiently for a new one?

You’ve got it quite backwords. Firefox does not work properly with some pages – believe me, I’m a web developer. If you keep IE updated and patched, you will have no problems. The same holds true for Firefox I’m sure. I’ve never had problems, and my laptop is connected to the Internet 24×7 via broadband – Windows XP SP2, firewall enabled, tight IE settings, etc. Would you like my IP so you can try to take advantage of all my IE vulnerabilities? NOT 🙂

Facts like these…

In reply to What are you basing this off of?

Mmmmm, looking at
http://secunia.com/product/11/#advisories

I see more then a few from 2004 (which in my book qualify as several months). And some that go all the way back to 2003 (granted it requires Visual Studio 6 as well).

And here is one to counter your claim “Would you rather get an update that isn’t fully tested…”
http://secunia.com/advisories/12765/
Reintroducing a 2 year old bug, now that is some quality testing if you ask me.

In closing I would like to point out that FireFox is more standards compliant then IE so a statement that some pages don’t work with FireFox is accurate. Case in point, develop a page using FrontPage (be sure to add all the proprietary M$ code) then open the page in FireFox. I can assure you that there is an immense possibility that your page will not work in FireFox. Finally, testing the afore mentioned page in any HTML markup validation service (like http://validator.w3.org/ ) chances are it will be noncompliant.

Hence the statement, the page does not work in FireFox, and not visa versa.

tunnel vision

In reply to What are you basing this off of?

You have an extremely narrow, MS-centric view of the world, it seems. Completely aside from the links red_wolf brought up, you apparently have a problem with unsubstantiated assumptions. Note: Telling me you’re a “web developer” doesn’t mean squat. News flash: So am I. I’ve been doing it for several years. Once upon a time, I thought like you do, but then I learned some things first-hand rather than by way of the MS FUD campaign. Judging by your mistaken perceptions and opinions, I could make some guesses about what “web developer” means to you, but I’m not here to make you look bad.

If you think Microsoft does “extensive testing” of patches and updates that prevent “mission critical corporate applications” from going down, you haven’t been paying attention. I guess you didn’t notice the ten to fifteen percent failure rate of installs of SP2 in the first two months (where “failure” means “something important is broken, and workflow was interrupted”). I guess you didn’t notice that the entire UK Department for Work and Pensions network crashed in November because of a simple Windows update that prevented 80,000 people from doing their jobs.

No matter what you use as an OS, or as software running on it, in a production environment you should test all updates off the network before rolling them out to the network at large. The fact that Microsoft’s “extensively tested” patches cause issues more often than those on OSes other than Windows only serves to reinforce this fact.

If you want heavily tested patches, check into Debian GNU/Linux. It doesn’t get any better than the anal-retentive, OCD perfectionist attention to detail that goes into software testing for the Debian distribution. Microsoft doesn’t hold a candle to it, and yet even Debian gets critical patches out within mere hours of a new vulnerability being discovered, as contrasted with the [b]months[/b] it sometimes takes for Microsoft to do the same. If you think Windows patches always come out on the next “patch Tuesday” every time, you haven’t been paying attention.

As I indicated earlier, red_wolf does a decent job of pointing out some of the shortcomings in your arguments, but I just needed to offer a bit of additional support for the attempted correction of your skewed views.

And it was a god read too!

In reply to tunnel vision

I laughed, I cried. It was everything you could want in a post.

Thanks! 😉

Quite welcome, Oz!

In reply to tunnel vision

Thanks for the kudos.

I’m waiting to see if he/she is going to take the bait, and try to claim that MS patches aren’t that far behind. I’ve got a bunch of patch development times on tap for which I can provide links showing some pretty absurdly uneven patch development times between the Linux and Windows platforms. More than two hundred days for a single critical patch is just beyond the pale, but Microsoft seems to consider it reasonable enough to do it regularly.

My two copper coins

In reply to tunnel vision

It’s true Debian is for the retentive, but when it’s pucker factor that matters I run OpenBSD. You can’t get stick pin up OpenBSD’s… oh look a diamond !

http://www.openbsd.org/security.html
Be warned: This is not for the newbie or for those that are GUI dependant 😛

security, re: Debian and OpenBSD

In reply to tunnel vision

OpenBSD is known by many as the most secure x86-capable OS available. I’m not inclined to disagree. I do, however, think that the probable (the jury’s still out) security advantage of a well-managed OpenBSD machine over a well-managed Debian machine is probably pretty small indeed. It’s certainly far, far smaller a difference than between any Unix and any Windows, of course. I think it’s even a much smaller difference than between Debian and most other Linux distros.

I’m also not convinced that OpenBSD ports actually go through more extensive testing than Debian packages. I just think that where the focus on OpenBSD’s testing tends to be more on security, Debian’s is more on stability and compatibility. That’s not to say that OpenBSD is bad at stability and compatibility, or that Debian is bad at security, of course. Both are great at all of the above. I just think it likely that there are minor differences in those various categories of testing excellence, as implied by previous sentences here. Unfortunately, though perhaps serendipitously in terms of allowing us to get on with our lives, there aren’t any meaningful comparison benchmarks capable of making an authoritative statement about the comparative values of these OSes in these areas. It’s my belief that a major reason for that lack of good benchmarks is that the differences are, for most intents and purposes, negligible.

Add SELinux to the mix, and Debian might just match or exceed OpenBSD’s security capabilities. I don’t know. Someone probably does, though.

You can’t be serious.

In reply to What are you basing this off of?

Web development books have entire chapters on the non-compliances beween various browsers. Both with each other and the W3C standards.
Hope your sat down for this bit.
Microsoft aren’t the standard !

Tony

In reply to You can’t be serious.

Code here is within [] not <>.

[b]If[/b]
[i]you[/i]
[u]know[/u]
[u][b]what[/b][/u]
[i][u]I[/u][/i]
[i][b][u]mean[/u][/b][/i]

Perhaps we should defer to his industry

In reply to You can’t be serious.

After all writing good HTML with frontpage is something I’ve never managed.
Well actually I might have done once, but then it switched it all to lowercase and stuck it on one line after embedding 350 font downloads so I couldn’t tell.

Front Page

In reply to You can’t be serious.

Bite you’re tongue! I only played with it once or twice many years (computer years that is) ago now. My experience was in itially shock, then horror and soon after resulted in absolute terror.

I am a complete Macromedia junkie. Say what you like about it, I LOVE the Macromedia StudioMX. I also get a great benefit from Fireworks and Freedhand outside the website realm though so that helps.

I would say your most dominant issue in your first case was that is was Front Page. 🙂

A Challenge

In reply to What are you basing this off of?

Perhaps we should offer you a challenge. You post some links to HTML pages you have constructed that don’t work with Firefox but with IE. So that we can see if they are W3C complient. If your a web developer and you’ve done your work well, this shouldn’t be a problem. Your input and examples could help improve Firefox if that is the case.

If it isn’t the case we might not hear back from you for a little while, as you go check your pages against the standards.

nifty

In reply to A Challenge

I wish I’d thought of that.

Poor guy will be crawling

In reply to A Challenge

all over msdn looking for them now.
Cruel that is.
The best thing is it’s easier to write a compliant browser.

Another challenge

In reply to A Challenge

Perhaps he should simply post links for reference to his work. I’d love to put up a big banner that says “I use IE… I am a web developer… my site was hacked by Sourceforge in response to my general disregard for anything that is not an MS product”

Just kidding. Not my game. 🙂

Personally…

In reply to What are you basing this off of?

I would love your IP. 🙂

Regarding your comment about untested patches; I remember applying patches for patches that were released to address vulnerabilities in IE. How long have you had your computer? New Christmas gift?

I’ll admit that I have not had as many problems with IE as others have had – on my personal machine. I use Firefox now because of this…

a) less spyware
b) fast development in addons (although mostly novelty crap)
c) faster to start up and even faster to load pages
d) download manager – one window with pause feature, although you cannot close your browser or it”ll be lost – this is something they should look at
e) type a word in the address bar and presto – the most common site link is queued up
f) bookmark folders that can be opened up in tabs instantly
g) tabbed browsing
h) size, load, and stability
i) the first alternative to IE that is not so cluttered as Netscape or Opera, among others
j) cross platform availability
k) bookmark toolbar folder for quick launch functionality
l) do need to go on?

What is it with people who automatically associate Firefox with anti-MS thought… I don’t nag on MS, as I appreciate what they have done for the industry, but I will chose my alternatives accordingly.

Chris

Do you have a test network?

In reply to What are you basing this off of?

I know for a fact in the MS world that the vast majority of your large companies will have a test network where they try all new software AND test all MS patches to make sure that the patch will fix more than it breaks.

I have seen that within a week, they will modify that SAME patch 3 or 4 times to fix the problems after their “extensive testing procedure” FAILED to find MAJOR issues with it.

Anytime that ANY browser doesn’t work with a web page, you have to look at the web page FIRST. Were you aware that MS does NOT set the standards for web pages? Suprise. When I write a business web site, it had better work with everything from IE to AOL. If it doesn’t work for every browser, then I am losing customers, and it is a fact again that the majority of AOL customers have more money than brains. Who better for a customer?

Wake up zombie. MS has some tools that make is simple for you to do what you want, but that doesn’t mean that they are the end all when it comes to computers.

Use the right tool for the right job, and that right tool isn’t always going to be a MS product.

I use

In reply to Is Firefox it really more secure?

Firefox on my profile. My girlfriend on the other hand, still uses IE, so I have left it as the default browser. I’ve noticed first hand, that when I run a ***ware scan, anything that shows up, shows up in her profile. Of course, I do get a few bugs here and there, but it is a ratio of about 1:20.

Of Firefox will have it’s vulnerabilities, but IE is a vulnerability beast that I only like to see in a controlled environment.

Firefox Extensions

In reply to Is Firefox it really more secure?

I agree: there are a few sites out there that are designed only with IE in mind. There is a firefox extension, “View in IE,” That adds an item to the pages context menu that opens the page in IE.

Also, there’s a “firefox extension” that adds “view page in firefox” to IE. Love it.

Firefox tip for IE coded pages

In reply to Is Firefox it really more secure?

There is a Firefox extension that gives you two right click context options:

1. View page in ie
2. View link in ie

These are very helpful when trying to read the occsional page with ie specific formatting

Good luck on No 2 as well

In reply to Is Firefox it really more secure?

No 1 is more likely to work.

Laws in the UK, would allow many of them to be prosecuted now, catching and proving are what they can’t do. The only way the law could make a difference is in the last, by reducing the need for proof.

Yes – it is.

In reply to Is Firefox it really more secure?

Leaving aside the arguements over number of vulns unpatched and how fast patching is performed, this line that “it’s only more secure because less people use it” is a straw man. D’oh! It’s still more secure because there ARE fewer exploits; the reason for this IS irrellevant! The guy in marketing who thought this pitch up must be kacking himself with laughter.

Now, more specifically:

1. Best solution. It does work, yeilds the most results and takes the longest.

2. Ah, yes, the old arguement – people are not obeying the law – make the law tougher. Dude! There not obeying it now! Prosecution is reactive and can only be thus – you have to have a crime committed first. Better not to have the crime committed in the first place.

Laurie

re: straw man

In reply to Yes – it is.

Your statement is absolutely correct. So what if popularity is the reason Firefox is more secure? That still makes it more secure.

Add to that, though, the fact that popularity isn’t actually the reason. First of all, Firefox has exceeded a minimum threshold of popularity to make it a viable and inviting target for people that might want to write malware. It has more than enough media attention to draw attacks, particularly from IE-philes.

Second: Firefox, unlike IE, doesn’t suffer a vast number of horribly poorly-conceived misfeatures. IE is wired directly into the OS, allowing anything that affects IE to affect pretty much anything else, as well. This makes exploiting vulnerabilities in IE much more rewarding than exploiting vulnerabilities in other browsers: malware writers and other malicious code writers get far more bang for the buck that way. In addition to that, IE includes such security nightmares as ActiveX and other [b]intentionally[/b] included means of allowing foreign code to run natively on your system via IE.

That sort of disregard for security is . . . well, it’s insane. It’s absurd. It blows my mind.

I’m glad, by the way, that I’m not the only person in the world that thinks more legislation isn’t going to solve the problem of current legislation being useless. Creating more laws just creates more loopholes, generally speaking, and it only regulates law-abiding people. What ends up happening is this: law-abiding people are more limited, and law-breakers don’t care. Gee. What a great trade-off.

Wyatt where are you.

In reply to re: straw man

Stupid argument anyway. More law just means more law breakers, and having a law you can’t enforce, damages the entire concept.

Deja vu isn’t it. Software pirates, music pirates and now bandwidth pirates.

You Misunderstood. . .

In reply to Yes – it is.

First, I wasn’t basing my opinion on marketing. I was basing it on observation. The “guy in marketing. . .” remark is ridiculous.

However, your point about Firefox being more secure because potential (possibly nonexistent) holes remain undiscovered is valid. The fact that you misquoted me explains why you would make that remark. If you go back and read my original post, you’ll see I never said “it’s only more secure because less people use it.” What I SUGGESTED is that there COULD be undiscovered holes.

As for the comments about law, you’re way off the mark. You state that people are not obeying the law, so why should we make more? The problem is that there are no laws against a lot of the spyware, adware, etc. I’m suggesting making laws where NONE CURRENTLY EXIST.

I’m wholeheartedly against making more laws instead of enforcing current ones. After all I’m an endowment member (I’ll still be a member when I’m dead) of the NRA and work in a federal prison.

Firefox vs IE

In reply to Firefox vs IE

Really would not be able to tell unless I did a code review of the software. Of course I could not say for sure what happened to the system, but I could not rule firefox out because I have not performed a code review of the software. I don’t know where they got that software or whether or not it was altered from the offical sources. As for whether or not Firefox is more secure that Internet Explorer or not is a good debate, unless a highly respected security firm does a code analysis and comparison with Internet Explorer, then it is just an opinion. So me hard evidence. Of course I have not the time right now to look into it, but eventually I will get around to it. I have real applications to write.

Review

In reply to Firefox vs IE

I’d be interested in the results of your “code review” of IE and Windows, since you quickly ruled them out.

As for your personal system, I agree that no one should install any software without your permission. I’d be ticked also if someone did that.

Your office is different. Unless you own the company, it’s not your computer. If the company specifies a certain package, you’ll use it or look for work.

And no, I don’t think you’re a shill. If vehement support of a specific product is the measure, there seem to be a lot more of those in the Firefox camp.

Proud FireFox Camper

In reply to Review

“If vehement support of a specific product is the measure, there seem to be a lot more of those in the FireFox camp.” Being a Chief Scout at camp FireFox you point is well taken.

I only have this to add, I don’t mind decent and I certainly don’t care if some people choose to use IE. The thing that gets me is disparaging the “other guy” with no factual justification.

I don’t rag IE just because it’s IE, I rag it because it has at least 76 known exploits (to be fair FireFox has 6). If you tell me your an IE user because your Intranet runs on IIS and leverages tons of ActiveX controls, I’ll be the first to admit FireFox isn’t for you.

At the same time I won’t post, “IE is garbage” simply because I can’t read the source code. Likewise just because “The Great Satan of $oftware” (read Micro$oft) makes a program I don’t automatically call it garbage. I had great hopes for their AntiSpyware app (till the whole WeatherBug issue), but Notepad and M$Paint are still great apps 😉

As many smart people have said “software is a tool”. I just don’t buy all my tools from one vendor, and I try to buy the best tool for the job. Keeping in mind that todays “best tool” could, at any given time, become a dull, useless hunk of outdated scrap (that hasn’t seen a major upgrade in 6 years because it’s monopoly crushed all competitors… oops, that just slipped out).

notepad

In reply to Proud FireFox Camper

Unfortunately, Notepad isn’t actually a “great app”. I’m guessing you don’t have much experience with other text editors in Windows. Heh.

It suffers some severe memory management issues, for one thing. It lacks a lot of functionality that could be had without any particular increase in code volume or resource use. In fact, SciTE includes a lot more features with less code volume and less resource use. Notepad isn’t actually a “great app”, it’s just much better than most of the rest of what Microsoft churns out.

I loathe Microsoft for its business practices, and I loathe most Microsoft software for its inferiority. I keep wanting to say “But, just to prove I’m not just anti-MS, I like such and such.” Unfortunately, I have yet to find a Microsoft application that I can really say that about. Do you have any recommendations?

Pssst

In reply to notepad

Apotheon… that was verbal irony.
http://www.ksu.edu/english/baker/english320/cc-verbal_irony.htm

Plus I was stressing Microsoft apps, notice I didn’t say Micro$oft Word, or god forbid M$ Access. As far as M$ apps go Notepad and MSPaint (under WinXP saving as jpeg) are the most standards compliant (although still not 100%) apps, Redmond has made (feel free to correct me if I’m wrong). They are by no means “great apps” in the general scope of software. And if you check past posts you’ll see we think very much alike.

Personally, under Windows I prefer Win32Pad
http://www.gena01.com/win32pad/
For Web coding I like Max’s HTML Beauty
http://www.htmlbeauty.com/
an for the cross platform people
Arachnophilia
http://www.arachnoid.com/arachnophilia/index.html

irony

In reply to notepad

I figured there was intended irony in that. I just didn’t want to leave the matter unaddressed, in case anyone else wandered by and took it as gospel. I’m weird that way.

Hard Evidence

In reply to Firefox vs IE

I hope Secunia qualifies as a “respected security firm” of course only people that pay M$ tons of money (and sign NDS’s) get a peak at the code.

For IE (76 at the time of posting)
http://secunia.com/product/11/

For FireFox (6 at the time of posting)
http://secunia.com/product/4227/

And one day you will grow up and learn

In reply to Firefox, ABSOLUTELY NOT

And one day you will grow up and learn about computers.

You walk up to a computer that you admit wasn’t setup correctly in the first place and then blame it on FireFox?

Either you have bu-ko MS stock or very new to the whole desktop support.

Open your eyes and judge for yourself. Load FireFox on a stable system and you will come back and laugh at your own posting within a week.

Sounds Like a MS Salesman

In reply to Firefox, ABSOLUTELY NOT

Firefox was best thing we ever did to get rid of IE induced problems on our PC’s. Great product.

Since we stopped using IE we’ve had ZERO (0) problems with spyware, viruses, etc.

Firefox works!

You as my support tech, ABSOLUTELY NOT

In reply to Firefox, ABSOLUTELY NOT

‘Anyone can speak Troll,’ said Fred dismissively, ‘all you have to do is point and grunt.’
“Harry Potter and the Goblet of Fire” – J.K. Rowling (2000)

I’ll go ahead and call you out on the obvious troll but honestly Firefox alone is not capable of rendering Windows “…so messed up, that a clean installation of Windows xp was recommended”.

Do us all a favor and don’t just blame software you saw on the desktop that you have zero experience with. The fact your “customer” didn’t have the installation media screams warez (L)user.

Talk about the 101 admin

In reply to You as my support tech, ABSOLUTELY NOT

It is amazing how some people keep their jobs in this field.

Open a book dude.

Frefox, Absolutely Yes

In reply to Firefox, ABSOLUTELY NOT

Perhaps bigjim should seriously look into why he is the only person in the regiment in step. The rate of change from IE to Firefox has become logarithmic.

Are you serious???????????

In reply to Firefox, ABSOLUTELY NOT

“If somebody put Firefox on my computer, not only would I remove the garbage off the computer, but they would no longer be my friend”

Do you get on the ‘small yellow bus’ in the morning?

Opera

In reply to My experience with no shouting

I wouldn’t disagree with the proposal, but I use Opera rather than firefox. I’m not sure if Firefox has the same ‘problem’, but some web sites have been designed lazily and have unoptimised HTML. They are useable with IE6, but not with Opera, so the configuration may not be suitable for all users. One some UK sites, it is not possible to get into the site without IE6 or Navigator as the site identifies the browser and refuses to load beyond the front page without one that they know the site works with.

Hate it

In reply to Opera

Hate it. I installed Opera for about 2 days, and hated it. I don’t like Netscape either. Both browsers have a default installation that is so cluttered… I could never get past that initial impression.

I used Netscape a little bit back in the day, but not now. Based on the browser wars in fourth quarter 2004, with the release of the full MS port of FF, I decided to try Netscape again. I was not impressed, and I couldn’t sit around long enough to give it a fair trial.

I installed Opera on Redhat 8 a long time ago… no thanks… that’s when I ran into Firefox for the first time… while looking for an alternative browser for my Linux box.

Firefox or IE?

In reply to My experience with no shouting

I see lots of critics to both here and I’ve tested both and none are perfect. But i’ve noticed 2 things:
– firefox is at first a bit more secure but i think it’s due to the fact that it’s quite new and not so many has tried to hack through it as IE.
– second: end user like better IE (surely because they have seen it before) but it’s true there are holes.
For my part i found avant browser alright for a bit extra properties to IE and can also recommand opera as an alternative.

Mi Casa Su Casa

In reply to My experience with no shouting

I have found your list is my experience. I have little repeat of problem reports after cleanup, when I leave the end user with exactly your list.

use all these items with top results

In reply to My experience with no shouting

I have installed the items described many times on PC’s except firefox. Nothing against the other browsers but end users are used to IE and provided you have all the security items in place you should not have any real problems. Education of users and creating non admin users in XP is a good idea also.

Cozy

Good stuff

In reply to My experience with no shouting

I was surprised and flattered that Tech Republic chose to highlight my post.

A few comments: Opera is a killer browser, but in many ways the feel is unlike IE. Users would face a steeper learning curve and may find themselves going back to IE again. Firefox is similar enough in feel that users seem to slip right into using it.

Turning off extra services is a great idea. I’ll add that to my list.

Removing admin privileges is also a great idea, but in most cases I’m dealing with some seriously challenged non-techies who wouldn’t know how to deal with switching to administrator to install apps. Someday I’ll get them running Linux and show them how easy it is to jump to su and back ;-).

As far as education goes, I provide that also, just failed to mention it. In fact users are warned that if they slip back into their unsecure habits, I’ll be back to bore them to death with even more details!

Thanks to all for your comments.

Reply To: My experience with no shouting

In reply to Good stuff

I highly recommend a visit to Black Viper’s website for tips on tweaking Windows 2000 and Windows XP services:

http://www.blackviper.com/WIN2K/servicecfg.htm

http://www.blackviper.com/WinXP/servicecfg.htm

One more tool – Windows Startup Inspector

In reply to Good stuff

In addition to your list of tools I like to run the freeware app called Windows Startup Inspector. It collects all the processes that fire up when the system starts in a list. Then, through a webb link your list is updated with the definitions of each process, and they are ranked such as “required” “Remove” etc. You can then turn off the proesses you chose not to run at the next boot.

This is most benificial with a system that has been so hammered you can’t run hardly anything.

TeaTimer is good too

In reply to One more tool – Windows Startup Inspector

If a user has a little bit of computer sense, I turn TeaTimer on (part of Spybot) and instruct them to not allow registry changes unless they are installing trusted software. Of course, if they are doing some kind of system diagnostic, something may want to write itself in to run on boot. So you have to be careful about user’s IT IQ’s when deciding whether or not to add this great and efective freebie to the mix.

The ultimate virus

In reply to Good stuff

With most of my residential customers the really serious problem they encounter is their children.

Not only are they incubaters that collect and bring home medical viruses from school, they attract malware like magnets atract iron fileings when they cruise the webb. I highly recommend a seperate parent system that is password protected.

Then I train them all on what they do to attract the bad stuff.

Additional tweaks

In reply to My experience with no shouting

I pretty much use all of them and in addition to Firefox, I use Avant browser with a built-in pop-up blocker, Ad blocker and tab interface like Firefox. I use Avant browser alongside Firefox because there are just some sites that Firefox is not able to load properly. I also use AVG, Ad-aware in addition to Spybot. Lastly, I put the address of many ad sites to 127.0.0.1 in the hosts file.

Ad Sites

In reply to Additional tweaks

Would you share your list of sites?

List of Sites – Easy

In reply to Additional tweaks

Just get SpywareBlaster – that will add something like 3300 sites to your Restricted sites in IE and block cookies from them as well, and they update the database regularly (free download for manual updates).

It also blocks cookies from the same sites in Firefox.

No need to find your own sites – it is already done.

And it is software by donation, same as Patrick Kolla’s SpyBot S&D.

Alan

here’s some odd stuff that work.

In reply to My experience with no shouting

depending on the type of connection, I add the following:
ad-aware
spybot
sygate firewall
winpatrol for dialup
zonealarm for broadband
spywareblaster
firefox
spysweeper by webroot (trialware for 30 days)
smartfix by einfodaily (a small outpost firewall with additional features)
AVG (the latest version is very user friendly)
And if the person is using ME I also install something called unplugandpray available on major geeks.
have never experianced any conflict with these in any system and usaly find several viri when norton is installed. all in all this seems to keep most of my people happy and I tend to get callbacks now for user errors only. (I deleated my modem and can’t get my homepage was the latest one lol.)

Firefox Asolutely

In reply to My experience with no shouting

Ihave read with great interest the comments made about this post,and I do much the same thing in setting up a computr for friends etc. But the main thing is to educate them as to the importance of keeping everything up to date,anti-vitus,adaware.spywareblaster, windows etc.
in a recent survey over 85% of home and IT computers
were infected in some way.
The mentality of people is this,”its free” so I will download it the result in a lot of cases is spyware and trojans installed by the usres themselves. The same go’s for email attachments,
Poeple are curius by nature (the saying curiosity killed the cat comes to mind)but in this case it’s curiosity screwed up the computer.(must be Fiefox!)not me!.On to Firefox,is it 100% secure no , no software is, but for one thing it is not intrigrated into Windows the same go’s for Thunderbired
The net result for me is no problems, except what users cause themselves.education is a great thing.

With caution

In reply to My experience with no shouting

I would be hesiant to automatically implement MS updates/patches; sometimes they are as bad as the problems they are designed to fix.

Firefox also has its problems and as it gains desktops, becomes more of a hacker target. You need to spend time setting up Firefox to do things IE does out of the box; your client may/may not be able to tell you everything he/she needs (re plug-ins).

Grisoft’s FREE! AVG is fantastic. I use the free Ad-Aware SE app for spyware. Firewalls are a must.

Your clients would be well advised to purge all cookies at end of day; I purge cookies, history, and auto-saved (Internet) files.

—-
John Glenn, MBCI
Certified Business Continuity Planner
http://johnglenncrp.0catch.com/
Business Continuity Planning Is Business Survival Planning

Adware removal tool & Proactive Suggestions

In reply to My experience with no shouting

I didn’t see this one on the list but I have used Lavasoft’s Ad-Aware an it worked well.
The price was right, they have a free personal edition.
Use the local security policy and lock down there services and permission. This will help getting this junk in the first place.

AdawareSE

In reply to Adware removal tool & Proactive Suggestions

I also use AdawareSE alongside Spybot S&D. They work well together, one will find what the other may miss.

SpywareBlaster and SpywareGuard I use along with IE Spyad to help keep the junk out.

All are free!

Removal utilities compared

In reply to AdawareSE

http://tinyurl.com/673tc

This chart shows how well the combination of ‘Ad-Aware Se’ and ‘Spybot’ compliment each other.

Agree and Disagree

In reply to My experience with no shouting

I agree that without some explanation of how to avoid most spyware/adware the problem will quickly resurface. Educating the client is the most effective way to assure that I don’t have to return a month or two later to perform the same tasks. I also agree that Firefox is a good alternative, but IE should not be uninstalled. The use of a simple NAT device like the broadband firewall/router is also a good choice. I do no agree with the use of ZoneAlarm or other 3rd party firewalls, or free anti-virus software like AVG. I prefer F-Secure Anti-virus. AVG while it may be the best free tool it doesn’t have the ability to catch the newest threats before they reek havoc or clean up everything that?s there before it is installed. I’ve been using Spybot and Adaware together to clean computers of unwanted nonsense for a while but have recently changed my opinion with the dawn of Microsoft?s new antispyware software. It works better then both together and can be set to work proactively. One tip would be to run antispyware software with each user account on the computer. I don’t like things popping up constantly getting in the way asking users questions they have no idea how to answer so any active software other then antivirus software set to delete malicious code is deactivated until needed unless I feel the user has some grasp of how to answer the questions presented to them. I know of many instances where others have come before me and done as ron_enderland@mckee.com has and it isn?t working and can hinder the use of the computer and confuse the user.
In a nutshell less is better. Pay for Anti-virus software. Disable active 3rd party firewall software and other active scans that won?t be utilized. And, Educate!!!

AVG

In reply to Agree and Disagree

You are correct that Grisoft’s free version does have some limitation, it is the (IMHO) the best free product out. They also have a very inexpensive version for purchase for the SOHO and it will auto-update, and they produce updates almost daily and sometimes more then once a day, and they will send you and email when the have a virus signature update available. The updates are VERY quick and small, they try to design them for dial-up customers.

It is a very robust and mature program.

There are personal preferences with all software.

The one common thread to all this is also the most difficult, Educate the Users.

Hold on a sec . . .

In reply to Agree and Disagree

I have cleansed the system first. That’s the big part that takes all of the time. I then take the five steps (actually six, I’ll be killing off unnecessary services too). The steps I mention call for minimal user intervention. And as I reiterated, the user gets an education, too. I fail to see how these steps “can hinder the use of the computer and confuse the user.”

Great comments from everyone, evemn the ones I disagree with! Even enjoy the Firefox troll . . .

M$ Anti-Spyware

In reply to Agree and Disagree

Yikes… first Micro$oft has not said if they plan to charge for the app so you have fallen into the same trap drug dealers use.. the “free” sample, get you hooked and charge you later when you can’t live without it.

Second, I too considered using the app until I read this http://www.eweek.com/article2/0,1759,1749409,00.asp
Any Anti-sypware app that thinks adware is acceptable is USELESS. I bet Cult Dead Cow will next ask to have BO removed too, http://www.cultdeadcow.com/tools/bo.html

Pre-Checked Optional Component

In reply to M$ Anti-Spyware

Oh my fault then, here have some of my time, bandwidth, memory and drive space. I’m so sorry, no really I am.

Course I clicked on said eweek link to find this out and got a popup, so I think I’ll need a second opinion.

So Many Choices… ever consider Computer Associates?

In reply to Agree and Disagree

It’s astounding to see all of the differing opinions on this subject. Kinda like who likes what auto manufacturer based on product and design. Having dealt with computers for over 25 years, I have seen quite a few. Notably, I have been a faithful user of Norton products for 15 years, and have SystemWorks with their anti-virus. A few friends have AVG, but I have also run across a free version by Computer Associates that runs very well on XP Pro. My preference for a firewall is Zone Alarm. We use that and Tiny Personal Firewall at work, but I use ZA exclusively on my home network (don’t even get me started on the built-in one with XP). Both Ad-Aware and Spybot Search & Destroy are primary weapons in my software arsenal, which I take with me to anyone’s PC I have to work on. As for Firefox, I like it, but will always favor IE, even though my first browser was Netscape. In a nutshell, use what you are comfortable with – as long as it works!

Take it out of their hands.

In reply to My experience with no shouting

Remove the possibility of these problems by removing the ability of the user to do any damage. I use products from Faronics (Deep Freeze and FreezeX). Here is an article of mine that I was asked to do about the subject…
http://ascnetquarterly.org/NewArticle.asp?id=145

you got that right!

In reply to Take it out of their hands.

Funny, I just got a demo of DeepFreeze and am about to do the
same thing. Even with limited user rights, my PC users have
somehow found new and exciting ways to mess up their
machines. Guess what? That’s not going to be happening any
more. Deep Freeze, I hope, is going to save me a whooooollle
lotta trouble : )

Deep Freeze

In reply to you got that right!

While Deep Freeze is a usful tool it doesn’t work well on lower end computers. Like a PIII 733 with 256Ram and little hard drive space. Also if a user wants to add a program/game/whatever they reboot and it’s gone. Not always a good idea. Nice for office bad for home.

Agreed

In reply to Take it out of their hands.

Here we use Deep Freeze on approx. 110 desktops and 60 laptops. Some are “older” machines still using 98 or 98SE. These machines are in several different labs that we manage, so no one user has the same machine each time. Deep Freeze has saved us countless times from problems by just rebooting the machine after a user has called and “messed up” their computer. The main complaint we have is the user cannot save to the hard drive. All but a few of these boxes have cd burners installed or have USB ports on the front for pen drives for saving large files and all have 3 1/2 drives for saving small files. We do run the updates once a quarter, just to keep the software current. All of our equipment is running MS software, haven’t been able to convince our IS dept head to try anything new.
To change gears for a minute – FireFox has worked exceptionally well for me on my home network. I have four computers that use different OS’s – Linux, 98SE, Win2k Pro, and XP Pro. I switched all of the to FireFox after I tried it out on my 98SE machine and saw how stable it worked there (had many, many problems with IE). The Win2k and XP boxes have also straightened up and now I have no problems.

just my 2 cents worth.

WhoDo

Spyware cleaning

In reply to My experience with no shouting

I have used Ad-aware and Spybot. I recently downloaded the Bata Microsoft Antispyware program and have found it to be the better of the three. So good in fact that I would consider purchasing it if it comes to that. Hopefully they will keep it free (not likely). Give it a try.

Housecall

In reply to My experience with no shouting

I have found that Trend micro’s housecall anti virus check is a quick way to clear a broadband connected machine before beginning to install all of these apps. It does not catch everything, but gets rid of all of the basic garbage so that I can begin as close to clean as possible.

Add Thunderbird and AdAware to the recipe

In reply to My experience with no shouting

Thunderbird is a much better, more secure mail client than Outlook, and AdAware complements Spybot, each of them occasionally finding things the other misses.

That is a good LIst but….

In reply to My experience with no shouting

On the Spyware side, spybot itself is not good enough, try adding ad-aware your anti-spyware goodie bag. other wise that seems like a good enough list.

Another good peice of advise if your client have XP make sure sp2 is installed. might have to tweak it a little and as someone else said educate them would as well.

just secure ie and teach users to hit no

In reply to My experience with no shouting

I’ve found that firefox just isn’t very good at running cold fusion or hard core asp apps. That and it has some nasty security holes as well. So why not just secure ie – that way you get all IE’s functionality, and as long as you teach the user not to hit yes install on every pop up, they will be good.

And how long has MS been trying?

In reply to just secure ie and teach users to hit no

“why not secure IE” he says. That is the funniest thing I have read since the last friday yuk yuk was posted.

How many YEARS has MS been TRYING to secure IE?
How many times have they said they secured it, just to have a MAJOR exploit get exposed within a month?

Good thing SP2 came along to secure our systems. OOPS! Forgot, that had a bunch of exploits within a week, didn’t it?

To “secure” IE you need to have all the patches updated daily, turn off active X, JAVA, and all scripting and then run system as a USER with NO system rights at all.

Secure IE = Useless IE

In reply to just secure ie and teach users to hit no

The first step in any serious attempt to secure IE is to disable active scripting (akin to disabling javascript). This alone make IE useless.

The popular PC myth says “if you don’t click yes, you can’t get infected”, this is exactly that… a myth. With today BHO’s and IE’s well known remote code execution exploits users do not have to click yes a single time, yet they still get infected.

As others have said check your Browser’s security here: Then make an informed choice.

For IE (76 at the time of posting)
http://secunia.com/product/11/

For FireFox (6 at the time of posting)
http://secunia.com/product/4227/

Not fair

In reply to Secure IE = Useless IE

fighting FUD with facts.

That just isn’t fighting fair.

You are suppose to get all emotional and start screaming how much you like this one and hate that one.

You are going to kill good debates like that.

;)

In reply to Not fair

I smite FUD with the great sword Cluebringer!?
—-
The power of accurate observation is commonly called cynicism ? George Bernard Shaw
—-
“There is no patch for stupidity.”
-Kevin Mitnick (this one should get me flamed)
—-
Been there – done it – Sold the T shirt and consulting services to the to the guys that did not want to employ me!
—
“A word to the wise ain?t necessary — it?s the stupid ones that need the advice.” –Bill Cosby
—
“I cannot help but notice that there is no problem between us that cannot be solved by your departure.”

no flame

In reply to ;)

You won’t get flamed by me for that. I love that Mitnick quote.

statistics

In reply to Secure IE = Useless IE

I find it interesting that on IE’s best days it still comes in with twice as many vulnerabilities found as in Firefox.

This is one of those items that needs to be brought to the attention of the people that claim IE is only more exploited because it is more “popular”. Secunia reports vulnerabilities, not exploits. Exploits might increase in number because of the popularity of the software, but vulnerabilities are inherent to the software and don’t rely on “popularity” for their numbers. As long as your software is popular enough for anyone to bother looking for vulnerabilities, your vulnerabilities will be discovered. It’s that simple.

Ahem Don’t hit no!

In reply to just secure ie and teach users to hit no

Some of the requests for popups take no or yes as yes. Only safe thing to do is close the window by x in it out or closiing the browser. Transpose a couple of letters going to google.com for a free demonstration

They put it in onclose now

In reply to Ahem Don’t hit no!

The yes no bit is just make you believe you have some control.
If you want to see all the tricks hit some porn password or mp3/warez sites.
Do it on somebody else’s machine, someone you don’t like. Or if you are like my son, do it on Dads.
Once they’ve knicked most of your resources, you can kill them all, with fast fingers and Alt F4.

Even the ones with no captions or them bu**ers that are bigger than your desktop.

You will of course need to install IE, for comprehensive research.

Spread the word brother!

In reply to My experience with no shouting

I think Ron is bang-on with his recomendations.
I do the same thing, and suggest the same products for those people who didn’t understand that surfing naked is a bad idea. Corporate IT might disagree, but for the average user, that combination of products will save them much grief. The setting up of automatically updating is important too. The less user intervention required the more likely things will go well.
I might add Adaware to the list since it finds some stuff that Spybot misses.

Anyone use Slim Browser?

In reply to My experience with no shouting

I have loved Firefox ever since I started using it full time about a year ago, but I had used some betas previous to that. My new boss came in and showed me Slim Browser, which is presented almost like it is a new browser, but appears to really be an add-on for IE. It does clear up many of the issues with IE from what I’ve found and also adds some functionality to IE that I think should have been there for ages already. The only glitch I’ve found with Firefox, which may have been cured in the release of 1.0, was that when I clicked on links in my email in Outlook, and Firefox was set as my default browser, it would open the link, then ask me if I wanted to open the link, so if I clicked yes to that, it opened it again. A little strange and I didn’t have time to get back to that to see if it is fixed or what was causing the issue. Slim Browser doesn’t have this issue, but since some of the controls are different than Firefox, which I’m used to, it took me a while to get used to the difference. Case in point…Ctrl T opens a tab in Firefox, but in Slim Browser, it translates the current web page. Ctrl N opens a new window in Firefox, but in Slim Browser it opens a tab (although it calls it a new window). Minor, I know. Anyway, as far as my list of tools, I agree with most people in that I use Spybot and Ad-Aware along with some education and if the person is open to it (home user), I recommend using a different browser like Firefox. We’ve even considered changing over to Firefox at my place of work. I use Zone Alarm and have used other firewalls, but Zone Alarm is a little easier to use, although some may argue it is a little bloated. I have used other products for security and such, like many of the Norton line, but I’ve found that they tend to be bloated to some extent, especially SystemWorks. Ick. Slows down every PC I’ve seen it on quite a bit. I just switched off of Norton Anti-virus to eTrust to demo it, but I’d like to try AVG as well. As far as a proactive approach to sypware, adware, etc., one person recommended to me Pest Patrol. I haven’t tried it yet. Anyone else know a good, proactive program for that? Thanks!

Proactive total solution to spyware

In reply to Anyone use Slim Browser?

Believe it or not Microsoft’s Beta version of antispyware software ROCKS!! It cleans more effectively then spybot and adaware combined and can be set to work proactively.

ms antispyware

In reply to Proactive total solution to spyware

the good thing about microsoft’s antispyware is that they didn’t develop it. they bought it.. so there’s a chance that it will work like it is supposed to.

According to an earlier poster

In reply to ms antispyware

they are already allowing adware through. Weatherbug I think it was. Microsoft decided this one was OK, I wonder if you are allowed to say different. Blocking ‘everbody’ elses adverts.
Hmmm, where’s the benefit in that.

Course weatherbug, say they aren’t adware, It is a piece of software that tells you useful things, some of which look very like adverts, so no worries after all.

The fact that it’s a pre-checked optional component targeted at AOL users is just well, unlucky.

According to an earlier post ?

In reply to ms antispyware

Damn
Where do you get this firefox thing from.
When it says it hasn’t worked does that mean it hasn’t worked ?

Good plan – with minor adjustments

In reply to My experience with no shouting

ZoneAlarm is good (I like Sygate better)

‘or preferably’? I would say ‘and’

a broadband router/firewall – check http://www.secunia.com for open issues on the hardware you are considering, there are many good ones with no open bugs

Spybot (or Adaware, or SpyDoctor)

AVG is less troublesome than Norton (Avast has more features and just as easy as AVG, IMHO)

Windows Updates – absolutely! (or use linux)

Firefox – best option for most these days

I would affirm the updates all around, not just windows and spybot, but antivirus as well.

I would also adjust the settings on Outlook Express to eliminate JScript and preview, or better, go to using Thunderbird.

One other product worth considering is ProcessGuard from http://www.diamondcs.com.au – even if you get a trojan, it would have to ask permission to run.

One last addition – I have put Registry Mechanic (www.pctools.com) on one of the machines that used to give me a lot of trouble from multiple users. At the first sign of quirkiness, I run it and let it repair the gunked up entries in the registry. That PC now has a new record uptime.

Couple of others

In reply to My experience with no shouting

Ditto, especially on AVG, for which I have become somewhat of an evangelist since giving up on Norton.

I’d add Spyware Blaster and Prevx (www.prevx.com). And yes, education is a must since your users will be dealing with multiple “should I let this happen” popups as each program learns its way around the system.

You’re doing us all a service by turning your “non-nerdy” friends into responsible and educated Internet users.

Firefox

In reply to My experience with no shouting

I think switching to Firefox is good short term but I also believe when Firefox gains a big enough share of the market, we will all see an increase in attacks through their service as well. IE might not be perfect, and in need of some serious updates, but it’s always the biggest bully who is targeted by the rest of us. In this case, targeted by hackers and virus writers.

Use IE Safely (maybe?)

In reply to My experience with no shouting

I customize my security settings for the Internet zone the following way: Disable “Initialize and script ActiveX controls not market as safe” and “Download unsigned ActiveX controls”. Also set to Prompt “Download signed ActiveX Controls”, “Run ActiveX controls and plug-ins” and “Script ActiveX controls marked safe for scripting”. It is inconvenient to have to answer Yes or No at almost every site but No is the default response so all I have to do is hit the space bar and the page continues loading. I have run into very few sites that will not display correctly if ActiveX does not run, like trying to display a PDF document or Microsoft’s automatic update site. In these cases just reload the page and answer Yes. Or if it is site that you can trust and visit often (like your bank or MS updates) then added it to the trusted sites list. Prompting to run ActiveX also has the added benefit of not having anoying ads that run around the screen, the ad displays but it is not ‘active’. If a web site refuses to display if I don’t run ActiveX then it is probably not worth/safe going to it.

Here!Here!

In reply to My experience with no shouting

Funny I should just read this as I just recommended all those things to one of my friends. I believe most of the problems on the client side comes from procrastination and fear. It’s the old ‘it’ll never happen to me’ theme. THanks for the information in such a clear and concise message!

I agree pretty much…

In reply to My experience with no shouting

I agree with pretty much of what you said. In some cases, Firefox may be a valid solution. BUT as Firefox gets more and more popular, I guarantee that it will start becoming the target of hackers as well.

Is it REALLY that secure? Look at some of the exploits that have been found already. There isn’t a week (day) go by that somebody doesn’t report a hole in a Microsoft product. Part of the reason this gets so much press is simply because MS has so darn much stuff. However, there are several (on average) things found wrong every month with even the almighty Linux.

I think if you get complacent and take a “just switch to Firefox &/or Linux” attitude you’ll pay for it later. Unix/Linux is NOT hack proof. (Though, security is on the front burner, not an afterthought as it seems to be with MS.)

parhaps its been mentioned.

In reply to My experience with no shouting

you might want to teach them to try to use their machine under different user levels.

– always as user account
– base system changes as power user
– advanced system changes – admin.

never use admin all the time.

this is not as easy a practive to implement under a windows OS as it is under a Linux OS – but the effort is definatly worth it.

malicious code does require rights to do anything. it can’t do much if there are no rights allowed.

Just one more account/password to remember?

In reply to parhaps its been mentioned.

So that will equal one more post-it note on the monitor?

Most of your windows users don’t CARE about this. It is YOUR job to keep the computer running, not theirs.

Unless you are in a place that ONLY gives user access to the workstations I don’t see 99% of todays users doing this. Are YOU logged in with just “user” privilages?

They are not going to be-bop back and forth changing accounts.

account management

In reply to Just one more account/password to remember?

we are talking about the general consumer computer user – not enterprise workstation user – and we are talking about windows users – right?

there is going to *have* to be a shift in regular computer user habits/use of computer to start to learn how to “be-bop” back & forth between accounts. similar to linux user habits.

the way things have been – one root/super user/administrator account and you do all your work with it can not continue. changes between one accont for regular work and administrator account for maintenece will have to become common practice on the wondows platform for the user. just like making sure your windows OS is patched, your anti-virus is up to date – it has to be drilled into their understanding that this practice is basic personal computer use 101. they learnt how to install AV and update it. they learnt how to install a firewall. don’t worry – they will learn how to be-bop between accounts.

right now – on windows xp – microsoft have not perfected this account change properly or as well as the open source community have for linux. in most cases when you descalate the user account privaledge from admin to power user or user, you get into a lot of hoopla. but that will change – i am sure of it. in subsequent releases of the microosft OS – you will see better implementation of the user switch.

but by then – who knows where the malware/malicious code community will advance with their work. so perhaps the account switch won’t be as effective.

SL

I’ve worked at a place

In reply to account management

where they did this sort of thing even with power users. It was effective under NT. But the support guys were on rollerskates. They even had to install the software I was going to develop with.
I wasn’t allowed to.

Got knocked on the head bit by bit until I was an admin again.

If they had trusted us in the first place, and then policed it, it might have worked a bit better.

Don’t know what your users are like, BUT . .

In reply to account management

I can say that the vast majority of Windows Computer users do not know or care about security/worms/hijacks or what have you. That is what YOU were hired to do, take care of that. Many don’t even see themselves as computer users. It is just one of the many tools they use through out the day to allow them to get their job done.

“similar to linux user habits.”
They are using windows because they don’t/won’t take the time to learn proper computing.

The level of skill of the average user today is so patheticly low compaired to what it was in the DOS days when you had to know more than “click on this pretty picture” to get work done.

Educate all you want. Unless you are in a position to FORCE this, then it will not happen.

user accounts

In reply to Just one more account/password to remember?

“Are YOU logged in with just ‘user’ privilages?”

[i][b]I[/b][/i] am. Of course, I’m on a Linux system right now, where it’s actually reasonable to expect that. Unlike Windows, with a Unix system I can actually get work done without having to be signed into an administrator account at least half the time. I also don’t typically operate under an administrator account when I fire up my Windows workstation (which happens about once a week at most), but all I do on that system is develop software for Windows, so it’s not like I actually use the thing the way it’s generally meant to be used.

It really is essentially impossible to operate within a Windows environment and get anything more than very limited work done, such as creating a document using the office suite of your choice. Even some functionality of office suites is broken by non-administrator account use in Windows. It’s a constant source of frustration that Windows systems don’t handle user permissions better. Even that might not be so much of an issue if Windows were capable of running applications using specialized user account permissions the way Unix systems are, and if it were easier to temporarily take on more permissions to accomplish a given task the way it is in a Unix system.

The Issue with IE?

In reply to My experience with no shouting

If you suggest avoiding the use of IE, what web navigator would you recommend as a replacement?

FireFox

In reply to The Issue with IE?

http://www.mozilla.org/products/firefox/

Good Info

In reply to FireFox

Interesting posts. I need to do some investigating and revision of my own. I have been doing research to secure the PCs at work – went out for surgery and the very first day the server went down twice. That’ll teach me to take any time off. The software we use will not function if the user is not logged in as an administrator – they tend to be at least a year behind and very unconcerned about that lag time. That little gem gave me a couple of headaches, but hey, it keeps me employed! Thanks to all again.

Might want to add

In reply to My experience with no shouting

You might want to add SpyBot Search and Destroy to that list. Personally I run a small network at home and run SpyBot, Ad-Aware, and a router firewall. Thats it. No anti-virus on board. I do go to Housecall once a month and scan for anything that might have got through. Haven’t found anything yet.

P.S. I have switched to Firefox also.

Coty111
Helpdesk Specialist
Locheed Martin
Owego NY

One more thing….

In reply to My experience with no shouting

Have you used HJT? What are your thoughts??

Nope

In reply to One more thing….

Never heard of it. Is it a freebie? Very important if users are to keep the camp guarded.

re: Hijack This

In reply to One more thing….

It’s extremely dangerous in the hands of the less-than-expert. It can be a useful tool, though, to those who know what they’re doing.

Change AVG to Avast and add more Spyware Detection

In reply to My experience with no shouting

I like AVG just fine, but I’ve had a lot of problems with customers’ machines finding a virus during use but missing it during a full scan. Since Avast can do a boot time scan running on XP and 2k, it can get around Windows security and clean viruses in files that Windows “protects” during normal use.

I also use Ad Aware, Spyware Blaster, and Spyware Guard (just started using the later, so I’m not vouching for it yet). And don’t forget the TeaTimer component of Spybot.

One suggestion

In reply to My experience with no shouting

You are so nice to help others, this is admirable.

I have one suggestion which is the antivirus tool, I would prefer avast rather than AVG. The beauty of avast is the real time update feature that provides better protest to the users.

Thank you.

Bulls Eye

In reply to My experience with no shouting

Ron
I also have been down this road. I’ve gone a little further in trying to prevent spyware invasion. I install Spyware Blaster, Spyguard from (Javacool software)as well as any cleaning software (CCleaner) from mrbass.org
I’m in the process of cleaning my friends Sony Vaio which is full of virus’s and crap/spyware you name it.
Sony’s website isn’t much help for support now xp home is shutting down with a BAD_POOL_CALLER problem I’ve never seen before. Think I saw something about possible bad ram??
It’s too bad pc manufactures pay for all the software they include and don’t protect thier products from this ever increasing and very distructive spyware. That’s why most people blame the pc or the os, not knowing they purchased an UNPROTECTED pc.

Is that burn’t toast I smell ?

In reply to Bulls Eye

What a load of horse manure.
Crash n’ Burn.

LOL

My tried and true way for security

In reply to My experience with no shouting

Personally, I’ve been using NIS for years and have not had very much problem, but for my clients who cannot afford I have found an array of powerful free programs that will do the trick.
This array is similar to Ron’s but I would add a few more for constant monitoring.
Zone Alarm, AVG and Spybot work nicely together but Spybot doesn’t have a resident scanner that keeps people from hijacking your homepage or registry settings.

Winpatrol will do this for you, but I don’t stop there because some programs use the same way to search for viruses/trojans and so things could be missed. Spywareguard and spywareblaster can also be running in the background with not much expense.

Most people say that Lavasoft’s adaware and Spybot don’t work together…wrong! If you keep adaware from deep scanning archive files you will be fine 🙂 The archive files can be scanned by AVG on a regular basis.

Along with critical updates from MS you should be fine. I agree with one of the previous posters who says “Education” is important. For my non-savvy computer users I have written step by step instructions to use all of these programs and also guidlines for checking e-mail. Yet, I’m working on a program right now to do all the installing and scanning with these programs.

My last comment: On the subject of email, I wish that everyone could have AOL becuase of their email system. They have a spam catcher that works very well, and if anything get’s through, you can set as spam and never be bothered by it again or you can block anything that has certain word’s in the message. If there is something marked as spam and it is incorrect, you can erectify easily by clicking “This is not spam”. But OE or Outlook is a problem to me because they download the email to your computer before you can read it. My idea is to have a system like AOL’s to prescan for viruses and open them on a remote server that is secure. In terms of security, I would like to find a better way for email.

Tucson, Arizona

holy crap

In reply to My tried and true way for security

You had me until the last paragraph. I find it highly disturbing to see someone give a bunch of good advice and follow it up with the statement that he wishes “that everyone could have AOL”. AOL is over charging for underserviced “feature” sets that actually cause more problems than solutions.

My spam is blocked admirably just by using a good email client (Thunderbird). When I was using Windows to check email (that has stopped), AVG’s email scan functionality was checking for viruses just fine without introducing AOL’s intrusive, premium-cost, bloated hostageware nonsense on my computer. Now that I’m checking email on Linux, things are even more secure for me, thanks.

AOL isn’t the answer to anything. At least, it’s not a [b]good[/b] answer.

Celestial pooh!

In reply to holy crap

Man, I see your point!

The AOL comment threw me, their spam filtering is the most basic and minimal spam system available.

My free online mail, where I reister for ALL websites has all teh same tools AOL does. Plus a suspected junk folder that never even gets browsed before I delete all mail in it now. I haven’t seen any false positives. My home email, I have yet to receive a single spam in 3 years since activating it.

I don’t use it for much though, other than trusted sources and Thunderbird helps no end, but even with Outlok for 2 yaers I never saw a spam message, not one. ‘knock on wood’

A lot of it has to do with your own knowledge of HOW people SPAM you, where they get addresses etc.

I have online banking and they mail me hardcopies of promotions and news (just like the old days) because I don’t even give THEM my email address.

Work gets through, the rest can wait and i’ll check my online account a few times a day anyway.

AOL, a GOOD email client? You can do much better for free.

Petrol to the inferno

In reply to My tried and true way for security

Speaking of AOL…
I especially love what AOL’s browsing enhancements do to images on the web. It’s amazing what “features” can be sold to newbie’s willing to pay twice the industry standard for dial-up access via a huge bloated client. I’m surprised AOL hasn’t jumped on the “HiSpeed” (AKA, a Peribit box and/or a BlueCoat cache device) bandwagon with the like of NetZero and Netscape.

And on and Netscape front isn’t it sad to watch a brand we all know (and loved at some point) die a slow painful death. Its like watching corporate Alzheimer’s

FYI…
AOL = Army of Losers

I agree plus more

In reply to My experience with no shouting

I also use spybot, but I use Ad-Aware also. I have had times where one or the other picks off something the other misses.

nix the Zonealarm – you forgot Adaware

In reply to My experience with no shouting

Tried Zonealarm on three machines. In each case it installed spyware of its own. Never again! Also you didn’t mention Adaware. It is worth it’s weight, alternating with AVG. Haven’t had problems I couldn’t get out of quickly and painlessly.

Educating the masses

In reply to My experience with no shouting

1.) ZoneAlarm
The free version was OK, but I found ZA Pro difficult to configure. The Sygate personal version seems to work well. I ran NMAP -sS -O -v -P0 as well as PING with no results & no popups on the target.

Some of the SMC routers have the Firewall disabled. You might want to check the setting on the new router while you’re visiting.

2.) Spybot S&D
Adaware SE is better & safer for casual users.
My version of Spybot has some minor bugs.
HijackThis?
Here’s the link if you’re serious (01/11/05)
http://www.spywareinfo.com/~merijn/

3.) AVG
I’ve been using Norton and AVG Free Edition for a couple of years now with no problems.
ClamAV and ClamWin also seem to work well with Norton and Outlook XP.

Clam seems to be leaner & meaner with a smaller database to download.

4.) Micro$haft UpSkirt
Personally, I wouldn’t enable automatic updates.
I have a Dell Inspiron 2500 with Win2K SP3 and I choose which mods my work comp receive.

Solid, dependable & trustworthy.
I trust my HDD more than I trust Bill G.

5.) Firefox
I use it at work & it’s acceptable.
I tried to convert my Daughter and husband to something other than IE but his MSN Game Zone wouldn’t work.

FootNote:
I use Mozilla 1.7.5 at home.
When M$ disco’s support for Win2K.

I can stop using IE for Windows Updates.
YaHooooooooooooooooo!!!

2 more free essentials

In reply to My experience with no shouting

1.Startup Mechanic – simple gui for end user to see what’s running at startup.
2.Spywareguard(better with w2k) or SpywareBlaster (better with XP) – stops spyware from getting to computer, update defs quick and easy.

Replace MS JVM with Sun J2RE

In reply to My experience with no shouting

So far I haven’t seen the suggestion to replace the Microsoft Java Virtual Machine (JVM) with Sun’s Java 2 Runtime Environment (J2RE).

I know that the CWS_ or CoolWebSearch browser hijacker and it’s variants exploit a weakness in the MS JVM, and Microsoft no longer supports it.

I usually do this replacement for my clients, as well as add a boot option to boot in Safe Mode. I install the freeware versions of ATGuard (bought by Symmantec and no longer available on the web), Avast, Ad-Aware and Spybot.

So far, I haven’t encountered any problems that couldn’t be resolved by running the latter two in Safe Mode.

To uninstall MSJVM on Win2K/XP machines:

From the Start Menu, select Run.
Enter the command:
RunDll32 advpack.dll,LaunchINFSection java.inf,UnInstall

Click Yes to the confirmation, then select Reboot.
After the machine restarts, delete the following:

\%systemroot%\java folder
java.pnf from the \%systemroot%\inf folder
jveiw.exe and wjview.exe from the \%systemroot%\system32 folder

The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Java VM registry subkey
The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\JAVA_VM registry subkey (to remove the Microsoft Internet Explorer (IE) options)

The MS JVM is now uninstalled, and you can download Sun’s newer J2RE for Windows at http://java.com/en/index.jsp

I think that’s a given

In reply to Replace MS JVM with Sun J2RE

I don’t know too many people that still use JVM, actually I don’t know any.

I have ALWAYS used Sun’s Java, even when MS was still trying to push their JVM farce.

I used to run Sun servers though so it kinda went with the territory I guess.

That’ll Do It

In reply to My experience with no shouting

I’m feeling what Ron’s doing. I have a similar approach. I use AVG (excellent virus protection…and free), Spybot, Panicware’s PopUp Stopper Free Edition, Kerio Personal Firewall and Microsoft’s Anti-Spyware Beta (formerly Giant Company Software’s program) along with Microsoft’s updates for the applicable OS, …and they get to keep IE too.

I find this combination to be excellent. I use it for my own networks as well as my clients with NO issues whatsoever. I set each one of those to automatically download updates and run their subsequent scans during non-productive hours.

The KPF firewall I use on machines that actually have network services that will be accessed across the LAN or WAN. If this isn’t the case, then I stick with built-in TCP/IP filtering for NTW4, W2KPro and the built-in firewall for WinXP.

KPF won’t do adware and pop-up blocking after 30 days, but firewall functionality will remain. This is okay, because the PopUp Stopper utility will take care of that part anyway…along with Microsoft’s antispyware Beta utility.

I took the time to train them all on how to manage those processes and to kick off manual scans & updates whenever it is necessary. More importantly I not only explained to them all HOW they got into the predicament they were in, but also showed them in real time (by mimicking their daily processes with email and Internet usage) how the machines were eventually rendered useless.

Enabling Firefox is okay too, but I’ve found that to be a hassle when it comes to having the browser updated with the lastest and/or applicable modules that aren’t part of the default installation. Clients like change, but not too drastic of change if it can at all be helped.

Firefox did not work for me here is what I did.

In reply to My experience with no shouting

I tried switching to Firefox and that recieved just as many spyware object as IE. So I decided to create one user that does not have any permissions at all and still use IE. That is the only user that I use to go on the web. I also have norton 2005 w/personal firewall and use ad-aware for scanning spyware. I have locked down all of my ports except a few necessary ones and most of my services under this user. The only time in the last year that I have had any spyware or viruses was when my friends logged on as administrator and surfed the web. I also use XP SP2 W/firewall turned off.

Firefox does not work for this…

In reply to Firefox did not work for me here is what I did.

First off – what kind of sites do you visit?

Anyways… everytime I need to upgrade a VoIP gateway with a new flash…

a) we need to reset into a downloader application mode

b) through LAN, the reset causes a connection interuption that firefox does not like, but because of IE’s flaws, it’ll simply refresh the page

c) through WAN the two modes obtain separate ip addresses anyways (if dynamic), so it is not all that vital

d) the IE staus bar will give me some indication that the upload is taking place in the status bar, whereas Firefox just seems to hang there

This is the only thing that I use IE for nowadays

Ditto here dude

In reply to My experience with no shouting

Sounds like what I did this weekend. Hooked up my grandfathers dsl, scanned his old hand me down win98 pc with Add-Aware and it found 324 critical objects. Its been hooked up at my uncle obviously wide open to everything. It had a worthless “checkit 86” popup blocker on there didn’t do much for a firewall. I also installed Spy-bot and it found a rediculus amount of garbage.
Next I insisted no more IE, deleted the icons and installed Firefox then Norton Antivirus/Firewall before plugging him back in. By the way, this man is 89 years old and I finally taked him out of AOL. $27.00 for 56k and being disconnected all the time on his older pc. You can’t even receive egreeting cards or attached pictures. Not to smart but he just didn’t know about computers and technology. So we again had many long talks at the pc explaining what a worm, spyware or a cookie was. This man is amazing for 89, likes to email and and check the weather and use msn maps. Funny and still sharp at 89! Born in 1915 he has seen the world change so much.

Jeff

He’s a lucky guy . . .

In reply to Ditto here dude

to have a patient grandson like you to educate him. Imagine going from biplanes and horse-drawn wagons to streaming video from cnn.com about Mars landings.

I suspect you do a lot of listening in those long talks, too. I wish I’d picked my grandparents’ brains about their day when they were alive, instead of being a smarta$$ teenager who already knew it all . . .

OS at par with your Mother Tongue

In reply to My experience with no shouting

I feel OS is like your mother tongue. You basically get nurtured with it. Someone may introduce a new feature and the next thing you know is the competitor trying to outsmart. I still like MS because if computers have become so popular in the world today it is all because of MS and the way they operate (Not only as a OS, but as a company). Lets be honest – If people hack windows it is because it is easy to find the know how, which itself is a credit to MS. Recently I had to change a Linux based subscriber gateway with a VxWorks based hardware box and now I am contemplating changing that to a Windows 2003 based one because both the Linux box as well as the VxWorks box has not worked half as efficiently as I expected for a computer with only a dedicated function. The VxWorks box infact is from a very reputed company who have now after 4 months agreed to some of the bugs that were found, though initially they were adamant saying such bugs were unheard of.
Finally a word – I spend very little on training people on MS technology, unlike the others.

SImiliar but with IE

In reply to My experience with no shouting

I do the same but use XPsp2 firewall and leave them with IE and firefox to use. No problems here, I’m putting myself out of the job. Cleaning up friends computers is my golf money.

Cons of Firefox

In reply to My experience with no shouting

My problem with this is that I’ve encountered more than a small number of web sites that don’t work with Firefox. However, if they haven’t called you, maybe they don’t care.

True… but

In reply to Cons of Firefox

It’s not that they don’t care, they number of sites that aren’t FireFox “friendly” (through no fault of FireFox I might add) is dropping. If web developers would code to W3C web standards and not to Micro$oft web standards (they are not the same, market share… does not a standard make) we wouldn’t have this problem at all. That being said, you can over come such short comings using:

User Agent Switcher (if the site does not require ActiveExploit… oops ActiveX controls).
http://extensionroom.mozdev.org/more-info/useragentswitcher

View in IE (for when all else fails)
http://ieview.mozdev.org/

There is an extension that allows ActiveX in FireFox but since it opens a great Pandora’s box I’m not going to provide the link, you will have to find it yourself.

[Author]

Replies