Re: Linux for Kids

From: Ohmster (notareal_at_emailaddress.com)
Date: 03/13/05 

Date: Sun, 13 Mar 2005 16:32:14 GMT

Mxsmanic <mxsmanic@hotmail.com> wrote in
news:1h983110gfb34a31d26lumvv9m40vo8snh@4ax.com:

> No operating system protects against booting with a different
> operating system. The OS must be in control to secure the system, and
> it's not yet in control at boot time. Some operating systems can
> encrypt their own file structures, making them unreadable even if
> another OS is booted (but they cannot prevent the file structures from
> being modified or erased or copied).

Agreed. If the computer itself is not isolated and a user can get to the
machine, then it is not secure.

> I have ActiveX completely shut off for everything. And now I'm using
> Firefox, which doesn't support ActiveX to begin with.

Yeah me too. It took me a long time to embrace Firefox, my favorite
magazine "Maximum PC" (I was a subscriber to "Maximum Olin" too, until
lack of advertising revenue put it down.) praised Firefox like a year ago
but I did not listen and stayed with IE. Now I use Firefox as my default
browser, it blows away IE in spades. The extensions like adblock and
flashblock actually make surfing the web fun again! :)
 
>> I shut the
>> browser as fast as I could and it was too late, I had 5 malware
>> programs installed in less than 3 seconds. Hard to get them out, too.
>
> Why was she surfing so soon after installation?

I built the XP Pro system for her and her family over a year ago. The
husband is a professional painter and one day, I came home from work to
see them completely pressure cleaning, patching, and repainting my entire
house! I freaked out because I just bought the house like two years ago
and don't have the money to paint the house, at all. The husband simply
told me that I really did need to have the house cleaned, patched, and
painted or else the damage would accelerate and it would ruin the house.
He told me that he was doing it because "it needed to be done" and that
he was able to do it. He did not ask for money, he said you do what you
can, when you can, and that is it.

I built them a top of the line AMD system with a 21" monitor and full
multimedia capability, simply because I could, he did not have the money
for it, nor have a clue as to what he needed and would have ended up with
some shitty, proprietary HP or Compaq crap.

I was the one that was cruising around with ActiveX enabled and saw how a
malicious website could wreck your computer just by visiting a web site.
She called me over because her computer was slowing down real bad and she
could no longer go to the Trend Micro Housecall website to scan for
viruses. When I tried at her house, IE would shut down if you tried to
use Housecall and you would get the Trojan report just before it did.
That is why I had wanted to reboot her computer into safe mode, when I
tried to delete the virus startup link in the registry, I was unable to
do it, I got a permission denied message when trying to delete the link.
She has an administrator account and so I was really puzzled at that
message.

Tracy probably did not get the Trojan installed on her computer. Her son
has an account on the machine and he is like any typical young 15 year
old boy, trying out "kewl free stuff", etc. He is the one that probably
caught the Trojan. We reduced his account to "Restricted" to see if that
would stop allowing viruses to enter the machine.

When I went on Saturday to help a friend with a small stereo repair shop,
he has a 2 computer network that I installed for him years ago. The
computer in the back is his and we put his customer database on it, and
the front computer is for the counter help and they can use the DSL and
the customer database program. Because the counter help is always fucking
around with the computer, he gets that one infected quite a bit and has
not clue about viruses or any such thing. When the counter person said he
could not complete the online web work that day because the browser would
not run, I took a look. Yep, sure enough, IE would not run or would stall
right away. One look at running processes showed things like
"xrvvaquyx.exe" running and things like that. Uh oh...

I downloaded the free AVG AV program and scanned to find 14 running
Trojans on the system, 60 malicious files. Deleted them all and the
computer was okay again. Every time this happens, the owner wants to
restrict the front computer with passwords to stop the Internet from
running up there, but the front employees need to use IE in order to
order parts and file claims. What can you do? Last time I scrubbed the
computer, maybe a year ago, he has 3 p2p programs running and sucking up
all available bandwidth to collect and share about 3 Gigs of porn, had
casino programs starting and running on the system, of course AOL got
installed, several chat and messenger programs, and God knows what else.
I scrubbed it all out and then decided to move the customer database to
the back computer and share it from there. No doubt these viruses were
going to hose that computer and it's entire hard disk all the way, one
fine day.

>> Man that ERD Commander is
>> something that no decent computer dude should be without in his
>> toolkit.
>
> It sounds nice. But what if the file system is encrypted, or you have
> an NT-based system using a system password?

I dunno. I have never used any of the NT encryption before. I see it as
an option but have never tried it. These are XP Pro with NTFS systems. I
think that ERD Commander can reset the password no matter if the file
system is encrypted or not. But to try and rescue encrypted files from a
ruined system with ERD Commander and then use them again, I don't know.
That is an interesting scenario. More about ERD Commander can be found at
the company's website:

http://www.winternals.com/products/repairandrecovery/index.asp

It is pretty expensive though, like $1,200 or so. The ERD that I used in
this instance belongs to a friend with a small computer business. He let
me borrow it to fix this computer. It sure did a fine job. 

-- 
~Ohmster
ohmster at newsguy dot com
Loading