Comments Take A Vacation

Mon, 03 Apr 2006 11:16:32 -0400

Until I implement some changes, I have disabled comments. After my ego got past the 50 or so "nice blog" comments, I realized these were all spam links to on-line-gambling sites. They probably used some sort of "bot" to post the comments as I doubt a real person would spend the time to do this.

Windows 911 (Some friendly advice)

Sat, 14 Jan 2006 13:06:42 -0500

If you use Microsoft Windows and are having problems with slow performance, pop-ups, or have recently had all your money cleared out of your bank account, then the following tips might help. If you do nothing else, Stop using Internet Explorer (i.e. the thing you use to look at the web). And remember, if you are having a problem, in most cases, so has someone else and the answer may be on the web. Google is your friend. Read on for some tips and free software to help combat problems.

PLEASE NOTE: This page recommends using tools and programs for which I have no control. These programs have worked for me. If using the programs causes problems for you, please do not ask me to fix them. If you are truly concerned about the issues I describe below and do not want to try and fix things on your own, then consult a professional.

Read This First

The Malware problem continues to grow. Clicking on the wrong website can allow the bad guys to "own" your system. By "own", I mean they have complete control of your system from which they can launch SPAM email campaigns, monitor your keystrokes (looking for passwords), watch where you go on the web and place pop-ups on your computer. And, you may never know all this happening in your computer. The possibilities and problems are endless. These types of attacks are not limited to teenage pranksters, this is a serious worldwide organized crime and you are the target. Yes you.

The most vulnerable are those that have all or some of the following:

Use Microsoft Windows
Use Internet Explorer
Have not installed all the current Microsoft Security Patches
Have a high-speed (broad band) connection to the Internet
Have a "naked" Internet connect (a PC directly connected to a cable of DSL router)
Have recently place an unsolicited CD or floppy in your computer.

If any of the above apply to your computer, please read the rest of this page. It is long, but an ounce of prevention will be well worth the mountain of pain a successful hack can cause on your financial well being.

So What Is The Big Problem?

Many versions of Microsoft Internet Explorer (IE) are insecure. It can be used by someone on a remote computer to take over your computer and download viruses, load programs that monitor your keystrokes to get passwords and credit card numbers, or turn you computer into a remote spam mailing machine. Despite efforts by Microsoft, IE is still a huge security risk.

Also, connecting a Windows machine directly to the Internet is dangerous. See below for free virus, SpyWare, and firewall software. It now take less than 20 minutes for a naked Windows PC to get infected with some kind of crud from the Internet.

Is This A Real Problem?

Yes. Please read this article and/or this article (registration required). This problem is serious. There are many other articles about Internet Explorer security, but this recent one is the most serious.

Update: Jan 25-2006 There is an yet another extremely dangerous Windows flaw that allows easy access to your system. Check out this announcement from Microsoft. (Remember you paid money for this product).

Last year there was an other extremely dangerous flaw in Microsoft IE. This flaw exists even with the new SP2 updates installed. You can go to this Site for more information. They even have a test to see if you are vulnerable.

Take a look at: Browse Happy

You may also want to look at this and this.

Are There Any Other Pressing Concerns?

Yes. There is a particularly nasty exploit that has not caused any problems, but has the potential to infect many system. Unless, fixed Microsoft systems have a vulnerability that will allow viruses and other malignant software to enter your system when you look at a web-page with a picture in it. That is right. By just browsing the web, you can get infected. Microsoft is aware of this and has, in traditional Microsoft fashion, put out a tool that "kind-of" works. You should read this advisory from Microsoft, then read this page. You should download and install all Microsoft Updates, THEN Download this tool and scan your system as you may remaining vulnerabilities. You may need to contact the vendors of the software that have included the software that has the problem. The exploit is often called the GDIPLUS.DLL vulnerability. Good luck, this one is not easy as easy to clean up. Also remember Google is your friend. Ask questions and dig for answers.

What Should I Do?

If you think your system is completely "hosed" (slow and infected) and full of "gunk" (malware) it may be best to start over and reinstall Windows. At the same time install and use the free software described below to fortify your system. A few thoughts may be helpful, however.

If you use your computer to browse the web and do office work (word processing, spread sheets, etc.) consider using Linux. A free and particularly friendly version is called Ubantu. Ubantu includes a more secure web browser (Firefox) and a complete office suite (OpenOffice). OpenOffice is almost 100% compatible with Microsoft office.
If you want to reinstall Windows, then consider a small firewall/router to put between your computer and the Internet. Although it does cost some money (usually less than $80), it will allow you to re-install Windows safely. If you do a Windows reinstall from your original CDs, the first thing you will need to do is update all the Microsoft security patches. (The number of files is about the size of a typical CD so the update process will take a while). While you are doing this, you computer is vulnerable to attacks from the Internet. If your PC is "naked" (just connected to the cable or DSL modem) chances are you will get attacked during the security upgrades! With a cheap firewall/router placed between your computer(s) and Cable or DSL modem such attacks can be prevented. Plus it will offer a continued first level (but not complete) of protection once your system is up and running.

What Can I Use Instead of IE?

There are two options:

Use Internet Explorer only when you have to and wait until Microsoft releases a security update. I understand a patch is available, but I am not sure it has solved the entire problem. This approach is somewhat dangerous and Microsoft is not known for producing security patches in a timely fashion.
You can use another browser. There are other free browsers available for Windows:
- Opera
- Mozilla(FireFox)
- Netscape
These browsers are not vulnerable to the security holes that are present in Internet Explorer. In addition, they have better security options like "pop-up blocking".

What About Viruses, Worms, and SpyWare?

There are free tools that can help with your system.

Anti-Virus

In all cases get yourself a copy of AntiVir and run it on your PC. It is totally free and it will help clean up any nasties on your PC.

SpyWare

Spyware is a program lives on you computer and monitors what you are doing. It may do nothing at all, it may redirect your browser to a website you had not intended, it may cause pop-ups to appear, it may monitor your keystrokes and report accounts and passwords back to its writer, it may change your dial-up phone number so you get large long distance phone bills. Download SpyBot Search and Destroy to clean your computer. These types of programs get on your system when you download "free" programs or through "holes" in the Windows operating system. Run this every couple of weeks.

In addition to SpyBot, you should also run Ad-Aware from LavaSoft

Firewall

Update: I found this story about Zone Alarm recently. A follow-up story is here. Stay tuned.

A firewall will help you control what programs and people get IN and OUT of your computer. You can get a free firewall called ZoneAlarm for your computer from Zone Labs. ZoneAlarm requires you to answer some questions that you may not understand. There is a tutorial and good explanations. Basically any time something tries to enter your PC over the network, ZoneAlam will alert you. If a program on your PC tries to send data out (like an email) ZoneAlarm will also alert you. You can tell ZoneAlam what programs are allowed to send and receive data. If you ever have a question about a program identified by ZoneAlam, enter the program name into Google and see what it says about it. If it is part of Windows or some software you know you are using (like a web browser), then let it pass. If the program is SpyWare or a virus, then do not let it pass.

Make sure you also get the latest security fixes from Microsoft. There is a a "Windows Update" function in the "Start" menu. Newer versions Windows also have a firewall, but ZoneAlarm is said to work better.

Why Does My Computer Have All These Problems?

Chances are you run some version of Microsoft (MS) Windows. There are two main reasons why MS Windows has problems.

MS software is poorly implemented and designed. The growth of the Internet has amplified these problems to where it has become a real threat to your own privacy and security. Because of poor design, MS Windows is very easy to exploit once you gain access. For instance, if MS Windows were a house, someone breaking in through a window (no pun intended) would have the full run of the house, they could be malicious and turn the power/water/gas off or they could steal all your valuables or use you phone to make long distance calls. The same is true when someone breaks into your Windows computer. They can delete files, access passwords and credit card information on your system, and just like our house analogy, they can use your phone. Another thing they can do is use you computer to send spam email to people -- you will never know this is happening until your ISP tells you the you have an abnormal amount of mail coming from your computer.

Other operating systems, like UNIX (which is used in the new MacIntosh's), and Linux (which is mostly what I use) are designed with better security. Using the house analogy, in UNIX/LINUX, all the rooms have locked doors. This way if someone gets in a window, they will not have the run of the house. The damage they can do is limited to one room. They can turn the lights off in one room but not the whole house. Therefore, it is a lot harder to do bad things in a UNIX/Linux machine/house than in a Microsoft/house. Microsoft computers are easy pickings for the bad guys.
The second reason, is that Microsoft is a convicted monopoly. (Convicted means they were found guilty of using their market dominance to put competitors our of business.) Because they have no competition, and because the US Government, gave them a "wrist slap" for all their illegal activities, they also have no incentive to improve their products. Improvements also include security fixes and updates. Of course, Microsoft does provide security fixes, but it is at their leisure (Half baked fixes for the Internet Explorer problem took at least 6 months to come form Microsoft -- in the Linux world fixes are available in a matter of days.)

If your Microsoft computer were a car, your experience would look like the following. A drive to the grocery store would result in a bunch of pushy salesman getting in the backseat of your car because you have no locks on the door (pop-up adds). On the way home, the car would stop working (system crashes). You have to get out, open the hood and hand crank the engine (reboot). After getting home, you kick the salesmen out, but some of them leave hidden tape recorders in convenient compartments in the dashboard so they can hear what you and your family are talking about (SpyWare). Then you find out that because your trunk lock does not work, a criminal is in your trunk selling drugs to the neighbors while you are sleeping (viruses, spam agents, etc). When you take the car back to the car dealer and demand the they fix these problems (no locks, compartments for tape recorders, constant engine stalling, easy access to the trunk) they say, "that's too bad, but you know we have a new model coming out that you need to buy (upgrade) which should fix all this, but in the mean time here are some things you can buy to fix the problems we should have fixed in the first place. Besides, where you going to go, we make all the cars." That, in my opinion, is the Microsoft Corporation.

Perhaps the biggest difficulty with "The Microsoft Software Experience" is that computer users believe that all these problems are normal. They are not. If you car behaved like your computer, you would be back at the dealer demanding a refund.

Why Are You Doing This?

Let's just say that I like to help friends because a convicted monopolist with over 70 billion dollars in the bank will not. I do not sell home computers or software, so I have no profit motive from posting this page. And, by the way, I use Linux.

Johnny's Garden