Forgot your password?
typodupeerror
Slashback

Slashback: Mexico, Ukraine, Oceania 188

Posted by timothy
from the seymour's-gettin'-married dept.
More reason below on why not to eat the yellow links, as well as the ongoing interesting effects of the Sircam virus, and whatever happened to Linux in Mexican schools. (Answer: it didn't.) And please send some good news for next time.

... and you'll like it! LupusUF writes: "As everyone knows by now...Kazaa is using top text links Kazaa is using top text. But not only are they using them, they are badmouthing people who complain about them. When someone posted a complaint, a Kazaa moderator (Super_Harris) started out his reply by saying "How Dare You!" and then went on trying to explain why they are using top text. Another moderator makes some more poor excuses in the same thread. The same thread also has some very useful information about the spyware that kazaa has installed with the latest version (cydoor, Onflow, New.Net, WebHancer).

My advice would be to get ad-aware.

I hope Kazaa starts treating its users with more respect, and at least gets moderators that can answer questions without treating their users like idiots."

Sircam Sircam A quivering, cowardly reader wrote to point out that sensitive Ukranian government documents were apparently leaked by the Sircam virus. Even juicier than the steady stream of love notes, recipes, tax information, homework, bids and schedules that keeps flowing into my mailbox.

Don't look for much help from Microsoft on this, either, and hardly any from ISPs. Most of the ISPs I've contacted still claim not to have heard of Sircam, and say "it's not our responsibility." Email from Microsoft (after I cc'd them on a few of my virus alerts) equally disclaims responsibility. Funny how Sircam never made it to the front page of their site. Kudos to Charter Communications for calling customers to let them know they were infected -- and a pox on Prodigy for refusing to.

May the path of least resistance rise to meet you. Alec Muzzy writes: "Wired has a story about a failed plan to install Linux on computers for Mexican Schools in an effort to save money. Instead they have decided to run Windows, because Linux wouldn't run on their hardware. As they say, 'It was easier to go with Windows.'

Here's a perfect example of where the free cost of Linux should have been an advantage, yet they decided to go with Windows instead. Does this mean that the costs of running Linux are higher than the cost to purchase Windows?"

This discussion has been archived. No new comments can be posted.

Slashback: SpYwArE,

Comments Filter:
  • by Anonymous Coward
    Fuck it, I was waiting for an on-topic article to post this, but there's been nothing really appropriate yet. Here's a quich hack that might just do some good!

    ---
    I just has a fairly evil thought while reading through securityfocus:

    Old address of www.whitehouse.gov
    (as attacked by code-red): 198.137.240.91 = C6 89 F0 5B
    Address of www.riaa.com: 208.225.90.120 = D0 E1 90 78

    [coward@anonymous coward]$ grep "C6 89 F0 5B" codered.hex
    FF 00 50 C7 85 80 FE FF FF C6 89 F0 5B 8B F4 6A ..P.........[..j

    Someone please tell me it's not really this simple!! Grab a copy of the worm (netcat listen on port 80, you should have it in less than an hour) replace the whitehouse IP with the RIAA's, and then netcat it back into a bunch of IIS servers?

    ---

  • by Anonymous Coward
    Uh, I take it you've never installed KaZaa have you.. there's a bloody checkbox for all the plugins they ask to install on your machine, so you can choose NOT to install them.

    Why do people bitch about add-on packages being spy-ware when all of such add-ons can be opted out, and have UNINSTALL options?
  • by Anonymous Coward
    Being that I work for Charter Communications (thanks for the kudos, Timothy) here in Michigan, and having had to deal with customers about virii infections, I can say that to an extent, it *is* in our best interests to let customers know when we find they have a virus.

    Especially one like SirCam that sends out random bloated MSOffice files, BMP images, etc...

    Truly not much we can do, except for call. Cutting off service is usually the last used of our options. It only takes a quick call, or even just a reply to that e-mail I just got with an attached .xls file. ;) Of course I would rather spend all that time hacking on a uBR924 to fix a corrupted flash image or forgotten password, but it's never a good thing to forget that our customers are the basis for my paycheck, at no matter what level of the biz I'm in.

    It's *very* easy to say that it's the Outlook user's responsibility, but most, if not all, Outlook users I know had no choice in their mail client. And easily the majority of them are not as geeky as most of us, and it's easy for us to say they should be aware... How many of them have a part of their job description that they are to stay on top of the latest virus/worm/etc?

    Please.

    I will, of course, agree that MS is greatly responsible for the whole ease of spread of ILU and SirCam.

    This is My Opinion®, not necessary that of my employer, etc, etc...

    Randy Carnahan
    --
    SW::POP Michigan Region
  • by Anonymous Coward
    Funny thing that.. if it happens in South America or other places it's called bribery. If it happens in North America it's called 'lobbying'

    You honestly believe DMCA got passed because it was a good idea? Hell no, it got passed because the people who wanted it made a 'generous campaign donation' to the people who could make it happen.
  • by Anonymous Coward
    It's just cheaper for Mexican schools to pirate Windows than to learn Linux. Wouldn't you agree? ;-)
  • by Anonymous Coward
    Can't use an OS because you've never used it before? Learn to use it!

    "Hi Mom! Whats that, you can't open the word document you were sent by your friend? Oh, O.K, follow my instructions. Open an xterm first. An xterm. Oh your using KDE arn't you? See the little icon at the bottom of the screen that looks like a screen? Yeah, the black one. Click that. O.K, has a window opened? Great. Now, type su and press enter. No, s, and then the letter u. Su, yeah mom. O.K, now type your root password. Thats the one, on the peice of paper I told you keep safe. That one, yeah. You can't find it? Keep looking Mom, you really need that password...you've found it? Good. Type it in, and press enter. No Mom, it won't show you what you're typing. Oh right, you must have typed it wrong. Type su and enter again, then type your password in and press enter. Did it work? Um, how can you tell? Does the bash prompt say "root" or "mom" on it? The bash prompt. The writting on the left of the window, on the line you're on. It says "root"? Good. Now put your disk in the drive. Type mount /dev/fd0 /mnt/floppy. Yeah, mount, then a space, then a backslash, then d, e, v, another backslash, f, d, and the number 0, then a space, then a backslash, m, n, t, backslash, then the word floppy. Floppy, f, l, o, p, p, y. Thats right Mom. An error? Oh, that means you don't have FAT support compiled into your kernel. O.K, heres how you compile a new kernel...."

    So on and so forth. Yeah, Linux for everyone! Wooo!
  • by Anonymous Coward on Thursday August 02, 2001 @04:50PM (#2174789)
    It's pretty amazing to me that they decided to buy a $100 OS instead of a $30 modem card, and in general Linux requires fewer system resources than Windows. And having problems installing because of old drives not being able to read CD-R's is a little silly, too -- for the volumes they're talking, they could easily press their own CD's for almost nothing. I have to believe that there's something else going on there. Like it being absurd to have 2 people responsible for every aspect of of deploying computers and software to thousands of schools without any staff for training, backed by a bureaucracy that was willing to give $millions to MS rather than building staff to support this project.

    Kickbacks? Corruption? How much would MS pay to keep latin america from developing into a center of Linux/open source development? :-)
  • next time you make a pathetic attempt at a troll you should:
    1. pick a product which doesn't have an equivalent in the Linux world. (amavis + VirusScan)
    2. pick a product where the product you're touting doesn't die under heavy load (500k messages/day) for no apprent reason


    --
  • amavis works well, though there is the obvious performance hit due to the extra processing done on every message. With some optimization, you can get the performance to stay at an acceptable level though.

    --
  • Oh you meant how do you block viruses using a linux server?

    killall -9 sendmail
  • Sendmail -> AMaViS -> Sophos Sweep ... Does the job VERY nicely! I'd recommend Sophos to anyone!

    Barely related, but another nice mail server addon is "Drac". It hooks into qpopper or cucipop and uses RPC to update a database of IP addresses allowed to use your relay. Successful auth while checking POP gives your IP a half hour relay window. Others are denied.

    The real Threed's /. ID is lower than the real Bruce Perens'.

    --Threed
  • On the part about Linux in Mexico, I have to wonder what part would not run on their systems.

    No drivers for Winmodems. (Some of us actually read the article...;-)
  • Linux installs are like Windows installs in that they are much easier after you have done 5 or 6 of them, but that's hardly consolation to the new Linux user. Even worse, Linux is only a little better if you can get it pre-installed. Even then it's not quite like Windows, and there certainly are quite a few things that aren't well supported. On the other hand Linux has some really cool advantages over Windows, especially for power users. I definitely prefer my Linux desktop over my Windows one, but I have learned to use Unixy tools.

    There are some tips that make Linux a little easier to use. First of all, join a Linux mailing list, preferrably one for the distribution that you are using, and spend some time lurking. Yes, I know, you have better things to do than reading 100 emails a day about how to get a particular sournd card working. You don't have to actually read all of the email, you just need to get a feel for what sort of questions are being asked, so that you can A) not ask the same question as the last 400 people when you have a question and B) so that you can learn a little bit about how actual Linuxers get their work done.

    For example, a new Windows refugee with a fresh install of Linux almost always heads straight for Wine, because they want to run their old familiar software. Now, Wine is certainly useful for those critical pieces of software that don't have Linux equivalents, but that kind of software is getting more and more scarce all of the time. Instead you should (after making sure that it hasn't been asked a million times) ask some actual Linuxers what they use as a replacement for the software that you would like to use. You would be surprised how enlightening this is. I learned about LaTeX that way (long before Linux had a word processor), and I have been grateful since. LaTeX is certainly not as easy to use as a word processor, but for some types of documents it is clearly the "right tool for the job."

    Another word of advice is to refrain from building packages from source unless you really have to. Yes, I realize that this sounds contrary to the whole Open Source ethos, but the way to mastery is long and fraught with many perils (sorry I couldn't resist). Chances are good that there is an RPM package of the software you want to use, and since you use RedHat, it's almost certain to work for you. Save the source code for pieces of software that you want to hack (or debug).

    If you decide that Linux isn't for you, try back again in six months to a year. You will be amazed at how far along it will have come. Linux isn't for everyone yet, but it is getting there.

  • by Kojo (1903)
    Yes, I feel like an idiot replying to my own posting.

    Anyway, I put my keyboard where my mouth is (or something like that) and sent Miguel the Wired link. I wonder how many others did? I know I'm not that original. Hope it helps the folks in Mexico.

  • Well, it would seem I actually am an idiot, as I was incapable of replying to my own posting correctly...

    Anyway, I put my keyboard where my mouth is (or something like that) and sent Miguel the Wired link. I wonder how many others did? I know I'm not that original. Hope it helps the folks in Mexico.

  • ...
    Luis Miguel Ibarra, who prepared a customized distribution of the open-source operating system...Finding enough capable programmers and system administrators proved to be the primary obstacle for the project..."We need a lot of people trained in Linux here in Mexico," Ibarra said
    Wouldn't this be a good time to contact Miguel "Ximian GNOME" de "Hey! I'm from Mexico" Icaza? Am I the only one who read this story and instantly thought of a phrase like:

    "I started an entire Free Software Project while working at the largest University in my Home Country of Mexico, so I'd know a little something about Linux and might know 1 or 2 other people in Mexico who do too!"

    or

    "Hey! Didn't one of those GNOME guys come from Mexico? Maybe we should call him and see if he knows anyone..."

    Just a thought...

  • by mmontour (2208)
    I have been needing the help and advice on some things, but files send I to people, no response!

    The thing is, if you want free help and advice from people, you need to show them some courtesy in return. Try putting a nice friendly "ILOVEYOU" in the subject line next time, and I'm sure you'll get a much better response. If that doesn't work, send them a picture of Anna Kournikova too.
  • AC wrote:

    Two questions.
    1) Am I clean or is there something else that I need to deinstall?

    2) I didn't know what KaZaA was, and have not installed it. Does anybody know what other programs could have installed eZula/TopText?

    I cannot answer that. We deselected the TOPtext installation during the KaZaA setup so it never got to my system in the first place. If possible, get a copy of the Norton System Doctor (NSD) and have it inspect your HD. NSD can usually find dangling registry entries, orphan DLLs, and other nasties that may help you troubleshoot what else may be lurking in your system.

    I just had an idea: Go to eZula.com and check their list of partners. Perhaps you downloaded something in the past few weeks/months that you missed. Also, since they get along so well with IE, there is a possibility that they used IE or Outlook (is that what you use for e-mail?) to sneak the TOPtext program into your system.

    It's late... I'll let my subconscious work on other ideas. If I come up with something else I'll post it in the morning.

    Cheers!

    E
  • by ciurana (2603) on Thursday August 02, 2001 @05:48PM (#2174801) Homepage Journal

    I've been using KaZaA for several weeks without intrusions or undesireable software running on my Windoze box.

    The latest upgrade for KaZaA, including all the "enhancements" came over the wires either last Sunday or Monday. Neither TOPText, nor any of the other "intrusionware" were installed.

    I believe "intrusionware" became a problem for us in 1998 or so with QuickBooks Pro and its desire to install AOL (Corel Draw! also installed some unnecessary crap by default). We realized that most default configurations of shrinkwrapped software tended to install things we didn't want in our (or our customers') systems. Ever since we follow these steps to prevent the introduction of undesirable code:

    • Never use the default installation. Always click on "customize install"
    • Always take a snapshot of the registry prior to installing the software and one immediately after running it for the first time. We use both Norton Registry Tracker and Remove-It for that. Remove-it also does a before/after snapshot of the contents of every directory on the HD.
    • Ensure that the after snapshot in the previous step is taken after you run the program. Yeah, I like repeating it because it's important.
    • Make sure (in your C:/AUTOEXEC.BAT) that the TMP and TEMP environment variables point to the same directory so you can view what temporary files were created during the installation.

    We found that, 95% of the time, our desktops (and those of our customers still using Windows) were easily rolled back to a known "clean" state by using these tools. The other 5% we had to manually remove one or two registry entries, or DLLs/VxDs loaded during Windows start up. If we absolutely must run a piece of Windows software (i.e. QuickBooks), we can usually pick and choose what to remove and what to leave installed by following this procedure.

    About the KaZaA installation
    In the case of KaZaA, it drops an upgrade program in its download/share folder. That program gives the option for a "custom install". Deselect (is that a verb?) the options that you don't want such as TOPtext. Watch your registry. No changes to the system.

    KaZaA installs some banners and other annoyware under C:/WINDOWS/SYSTEM/adcache. KaZaA's UI is a modified version of Internet Exploiter. It's a web browser with a custom UI. You can disable the annoying ads at the bottom of the screen by:

    • Using the junkbuster proxy for filtering the sites where KaZaA is getting its banners from. The default banners come from www.qksrv.net. Block it. There may be others down the line. Block them as they appear.
    • Unloading KaZaA and manually erasing all the GIF and JPEG files in that directory. Lave the two HTML/JavaScript files in place (B_416800.HTM and B_416900.HTM), though, or KaZaA won't work.

    This process sounds like a lot of work, but in reality it only adds about 2 minutes to every new software installation. It saves us from endless hours of grief at a later time.

    Annoyware aside, I really like KaZaA. It's quick, and I've been able to find everything I searched for on it.

    (If you see my previous posts, we're a mostly-UNIX shop. We (and several of our customers) run a hybrid UNIX+Samba+Windoze environment. No flames on this, OK? I'm a realist, and business demands that we use Windows under certain circumstances)

    Cheers!

    E
  • Take a look at TINY [seul.org]. It was designed for exactly the use you're asking for.
  • Could they exist?

    Think about it, you've got a bunch of closed source stuff written by some shady companies, can't imagine that is all the best quality code.

    But then, it might be a difficult one to exploit, not as easy as, say, a buffer in an index server extension...

    Most of this spyware won't have ports listening, they'll be initiating the contact with only certain hosts. Still, the fact that Webhancer patches Winsock leaves some room open for problems.

    So is it possible? Can you imagine the consequences? Instead of 300,000 unpatched IIS servers, you might have 6,000,000 targets (number of Kazaa downloads).

  • but does amavis work? I'm an ISP that would like to do this kind of filtering, but I'm hesitant to implement a new setup without knowing for sure how dependable it is. I love using linux as a server, but switching a critical system like that is not a light matter.
  • I've gotten a bunch of documents for my advice (although they all have spanish filenames) and I would like to see what's in them. How am I supposed to open them? Obviously I don't want to execute them, because I would get infected.
    Any ideas?
  • Yes, ISPs should be installing Sircam filters, assisting users with installing such filters, or both. It's in their own interest to do so, to cut back on terabytes of unwanted traffic clogging up their pipes.

    It's not good enough to tell people not to open attachments, when those attachments are clogging up their pipe and filling up their disk, or using up their disk quota at their ISP.

  • What advice should you give to someone who's clearly got a bad case of SirCam?

    If you look at the CERT Advisory [cert.org], the only fix it discusses is installing commercial anti-virus software... While that might be a good idea, I would think that there's got to be some other proceedure, like Delete this or that, reinstall MS Word, go into the Control Panel and click the little box that says "I'm not a complete fool, and I care slightly about system security, so don't run any damn macros without asking me", or whatever.

    Has anyone seen cleanup proceedures discussed? I know little about the Windows world these days, but my friends still have me pegged as The Computer Expert.

  • I don't expect ISPs to handle viruses, but I do expect them to at least let users run procmail (or something similar) on the ISP's machine so that users can filter some things out prior to moving it across the slower ISP-to-user connection.

    BTW, anyone got a good procmail rule for recognizing Sircam?


    ---
  • Congratulations, you've just destroyed the referential integrity of the message. If the message had a MIME-encoded cryptographic signature, you rendered the entire message useless.

    Time to start using _plain text_ again, isn't it? I've never understood the eagerness of stupid mail clients to use Mime all over the place. Ohwell .


    The real solution is a well-designed email client:
    Uses cryptography to establish trust.
    Only automatically opens/runs attachments via sandboxed methods.
    Requires user intervention, and by default displays a warning, for accessing attachments that cannot be sandboxed.


    To use your own word. Balderwash!
    Cryptography to establish trust? What on earth prevents the virus from using the same crypto? The passphrase? The passphrase that may be sniffed from the keyboard by the virus? Yeahrite.

    Sandbox model. Well, sure, but don't you forget something? How should the nice little doc be _saved_ for the cluebie, after he opened it in his nice little sandbox?

    Note number 3 is ok. User intervention is OK, but it'll make user just click 'ok' all the time, and have no effect except for the first month or so. :-/


    --
  • Too bad Symantec's scanners, as of July 27, 2001 anyway, couldn't catch Sircam.

    --
  • by sharkey (16670)
    Try here: http://officeupdate.microsoft.com/OE/scripts/help/ OE-attach.asp [goatse.cx].

    If that doesn't help, you can try here: http://www.microsoft.com/exchange/download/advice. asp [amishrakefight.org].

    --
  • You laugh, but you'd better believe Microsoft will be pointing to this story whenever one of their potential customers is considering Linux. "Look! Mexico tried it and it was a big failure. Stick with me, boys. Nobody ever got fired for buying Microsoft."
  • This is a reply I typed up and started sending everytime I received one of these (annoying 200 Kb bandwidth-wasting) Sircam documents:

    Hello. Just to let you know, it seems that your Windows-based PC appears to be infected with the "SirCam" virus (details at http://www.zdnet.com/filters/printerfriendly/0,606 1,2801171-2,00.html [zdnet.com], possible anti-virus fix details at http://www.symantec.com/avcenter/venc/data/w32.sir cam.worm@mm.removal.tool.html [symantec.com]). It is likely that you, or somebody else who has used your PC, double-clicked an attachment received from another infected user, which caused your own PC to be infected. (Double clicking on attachments you have received by e-mail, whether from a "trusted" source or not is almost NEVER a good idea.)

    What you choose to do about this is your business, but I thought I'd let you know that your private documents are being sent to random Internet users around the world -- and not every one of them deletes them unread like I do.

    By the way, you might wish to consider switching to Linux. I have been a happy Linux user since 1995, and I have not had to put up with these kinds of viral infections since giving up Microsoft software so long ago.

  • that Morpheus creates. You'll note that they start off kazaablahblahblah
  • As far as I can tell, Super_Harris is just some guy with a lot of free time who added "Kazaa Moderator" to his .sig file in a fit of zealousness one day. He devotes a whole lot of posts to plugging his own "advice" website and picking fights with Kazaa critics. If he actually has some sort of official position with Kazaa, I haven't seen the evidence yet.

  • I'd set one up myself, but with the current climate of sue first and ask questions later, or worse jail first, ask questions later, I'm not too comfortable about the idea, even if it turns out in the end to be a legal proposition.

    Now... find a lot of free anonymous webspace somewhere.... hmm...

    -Restil
  • First of all, #2. If a program is secure, it doesn't matter if the port is open. Also, if the system is secure, it won't be able to catch the worm in the first place, and therefore its not a problem.

    #4 same issue. If the worm can get in, then you need to be playing a little less quake.

    A well designed worm will do the following:

    Search for one single hole (lets say a named hole). Install a resident program on the system. Patch the hole. Search out, locate, and infect 100 insecure systems. After infecting 100 other systems, remove itself.

    This worm will only infect a machine once. There will be a lot of scanning, but only 100 times and once the first 100 have passed, that machine will never scan again for that vulnerability.

    A separate worm should be available for every known exploitable security hole. Obviously here I'm thinking of linux systems, but its a start.
    Ideally the scanning could be done to specific blocks of IP addresses in such a way that it will minimize repeated attempts.

    -Restil

  • Yes, when I was working for some school districts in Texas we where able to purchase NT for like $25. $10 more if you wanted a CD set.

  • One installer that really bugs me is RealPlayer. There is a screen during the install where you select which "channels" you want to subscribe to or something. None of the visible options in the scrollbox are selected, so most people just go on.

    Of course the channels that they really want to push are at the bottom of the list and are checked by default, you just can't see them without scrolling down.

    That just bothers me.
  • No, what's really needed is a virus that sends an email to people in the user's personal address book that carries as its payload a letter explaining to all, just exactly why they shouldn't be using Outlook.

    -- -- --

    To whom it may concern,

    You probably know the person who sent this email to you. This person has spread a malicious worm to your computer because they insist on using insecure Microsoft products.

    Please take the time to call this person and suggest to them that they switch to another mail client. Here are some links you can point them to:

    Pegasus Mail [pmail.com]
    Eudora Mail [eudora.com]

    By the way, I am attempting to spread this virus from your machine as you are reading this. If you have taken the appropriate precautions, good for you. If not, expect some phone calls.

    Have a great day!

    -- -- --

  • Most people (joe sixpack, joe average, joe professor, all of whom have sisters jane and kids bobby and susie -- my family, the folks down the block, 'normal' people in the world) use a computer as an interesting, more interactive television and storage locker.

    They print papers for school, keep addresses handy on (electronic) sticky notes, click on interesting things they see on the web, draw picures, archive photos, send notes, play music -- all the things AT&T commercials want them to do. That's why they bought a computer.

    For them, and for more informed computer users, people who spend hours a day at it, the same thing is true ... *All operating systems are bad for most people.*

    I'm not that familiar with Windows (though I do use it sometimes) because the guts, even the outer guts, of Windows just aren't all that interesting to me compared to other things I'd like to know about in the world. I don't find the windows interface particularly intuitive, and I enjoy learning its particular brand of not being intuitive much less than I do the non-intuitive interfaces to various Linux environments ;)

    I can see a user who installs an app from one dialogue box expect symmetry in its removal -- "Hey, I hit 'install Bingo' to put it on, so I can hit 'uninstall Bingo' to get it off, right?" -- and their expectation I think would be reasonable. It's not fair or reasonable to expect them to understand the assumptions made by a badly labeled, poorly-placed remove option, especially when programs are put on specifically to hide. (Installation puts on 10 programs, de-installation takes off one ... huh?) I've used the de-installer on Windows two or three times, didn't find it all that helpful or intuitive, in keeping with the rest of Windows ;)

    For computer jocks (like other enthusiasts in any field) things that are esoteric and obscure to the newbie may be obvious, because they have insider's knowledge, have devoted time and study to it. A lot of them seem to think that only they deserve to use computers.

    For *most* users, programs like kazaa's spyware tie-in are sufficiently difficult to detect that the users don't even know they're there.

    The esoteric aspect of computers are cool -- it's neat to discover how things work (see Gary Brown's site, and ask him to stop submitting every single thing on it to slashdot;)) and to be interested in the inner workings of electronic things, but there's no good reason to expect people to jump in high on the learning curve of computers, and every reason not to.

    Ignorance, not stupidity, is what's being preyed on here, and ignorance is curable, but not by osmosis. Bad interfaces make people feel stupid, so they never care to correct their ignorance in favor of doing other things with their time. So they end up with crud software on their disk, and don't feel like learning how or why it got there, have no idea that it's reporting info to others. ("but it would be trivial to monitor the ports that it might --") No. Again -- Jocks, yes. Most users, No. That's what's so slimy about this stuff.

    timothy

  • One simple, specific act that would should have been done by Microsoft years ago, that should have been forced on them by angry users years ago, and which can be easily implemented today with either real mail servers or third-party Exchange add-ins, would stop SirCam and many other viruses in its tracks.

    If an attachment is executable, drop it on the floor. (Be nice and replace it with a message explaining that the executable attachment was stripped and, if this is the 1-in-a-million legitimate occurance the attachment should be retrieved from the sender via FTP or HTTP.) "Executable" means anything with an executable extension (e.g., "vbs") or which starts with a Windows executable prefix.

    This takes a little bit of time to perform, but it's far cheaper to automatically scan the first few kilobytes of a message than to needlessly send gigabytes of virus-laden mail. It also takes less customer service time than answering mail from irate customers who lost important messages because the virus filled their mailbox, who have lost hours as their system tried to automatically download megabytes of virus-laden mail, etc.
  • Well, yeah - in a way: a "vaccine"...

    Although not strictly "good" - because vaccines are typically (always? I am not a virologist) made from weakened or dead viruses, which basically give the immune system time to build up a resistance as it fights this lesser threat (and yeah, sometimes even a vaccine can cause the illness it tries to prevent).

    But I am not sure it would be accurate to describe a virus-killing/patching virus a vaccine or not...

    Besides, all the points you made are valid, and are things that really keep this kind of idea on a back burner...

    Worldcom [worldcom.com] - Generation Duh!
  • by cr0sh (43134) on Thursday August 02, 2001 @05:55PM (#2174846) Homepage
    Right! As others have said, wait for the BSA audit. What I can't understand is why all those machines even need modems? Throw some cheapo network cards in them, add a hub and put a good modem in one machine acting as a modem gateway (I tend to doubt each machine has it's own phone line, too)...

    Worldcom [worldcom.com] - Generation Duh!
  • by bravehamster (44836) on Thursday August 02, 2001 @04:33PM (#2174849) Homepage Journal
    I have been needing the help and advice on some things, but files send I to people, no response! Where can send I this file to get advice that I am needing?

    Goodbye!
  • The fact that things were done on the client side instead of the server side should not be relevant (IANAL).

    IANAL either, but there's this new law out that should help you with your prosecution. You may have heard of it...Digital millenium something or other.

  • Is there one main web site out there where people can submit interesting things they've received in order to have their advice? An admitted voyeur, I've been disappointed with the quality of things I've gotten so far - although one zip file full of (clean) pictures of some girl was interesting. I guess this means I correspond with boring people. Oh well.
    ----
  • I always figured that it would be cute to modify a spammer's bulk mailing program so that it quietly slipped in a couple emails traceable to the spammer. Emails with threats... To high-placed politicians... That should get the wheels of justice going :-)

    But I have mixed feelings about making life worse for the dumb clod that catches viruses. Yes, they deserve to be LART'ed, but going beyond that is probably stepping from justice into barbarism.

    How about a virus that sends an email to the local paper, which can have a weekend insert listing all the community dumbasses?
  • Yes, I read it this morning. Thanks.
  • by FattMattP (86246) on Thursday August 02, 2001 @04:34PM (#2174858) Homepage
    ...because Linux wouldn't run on their hardware

    [snip]

    Here's a perfect example of where the free cost of Linux should have been an advantage, yet they decided to go with Windows instead. Does this mean that the costs of running Linux are higher than the cost to purchase Windows?"

    No, it's because Linux wouldn't run on their hardware. Not to state the obvious or anything, but what part of "Linux wouldn't run on their hardware" did you not understand? The hardware was already purchased and waiting for drivers to appear wasn't an option. They needed something to get up and running with.
  • If I can detect that toptext software from my web server so I can have the server refuse to serve pages to people using toptext.

    Strangely enough, I would not object to client/server software that allowed users connecting to a server to annotate my pages and read the annotations of others if:
    1) The software did not install deceptively as part of another product.
    2) The annotations don't take the form of advertisements and
    3) I was running the server or the person running the server asked my permission before pointing it at my pages.

    I suppose one might question the value of the stuff on my web page, but it is valuable to me and I'll not stand for it being modified against my wishes.

  • As for the installation of Linux on Mexican computers, a great deal of that was probably education. Not many Mexican school teachers would be up to the task of installing Linux. Honestly, they have enough trouble finding teachers qualified to teach anything there. I'll probably get slammed by any Mexican nationals that come to the site, but my impression of Mexican education from when I lived there was that it was well, third world.

    I certainly don't blame the teachers. It's, to a large degree, a matter of finance. It's a poor country and they can't afford to hire good teachers and they can't afford to educate good teachers. It's a viscious circle.

    I never really had any confidence in the ability of Mexico to deploy Linux in their schools. Just didn't seem likely.

    Which brings me to a point of internationalization. How well does Linux internationalize to other languages, like Spanish?

    All (or I should say, a great majority) of the computers in Mexico use "Spanish (Traditional)" keyboards (the Windows definition of the keyboards) where the enyay (the n with the squigly line on top) is where our semicolon/colon key is on English keyboards, and most of the non-letter keys are relocated. As well as having the ability to place accent marks above the vowels.

  • I find your assessment to be a little too biased, sorry. And I say that with having a few years of living in Mexico under my belt. I find that the corruption situation has been improving significatly over the past 5 years.

    That said, I don't know exactly where you live, and conditions are different from area to area. As I said in my previous post though, I think it has more to do with a lack of people trained in Linux than with lining a politician's pocket with $$$.

    Also, as a democrat, I found your remarks in that area a little offensive. We won't go into the literacy of some of the "great" republicans of recent history cough-cough-Quayle-cough-cough.


  • I think the slashdot populace (not you, the kind of people whose sentiment was expressed in that line about ISPs) should think their principles through carefully. Most of the time, ISP regulation of your email or access is seen as bad on slashdot. So is government regulation of the internet. I agree. But when there is some annoyance, they want regulation to fix that. Bad idea!!

    Annoyances like spam or sircam are not that bad compared to what could happen to the internet if we encourage value-add ISPs like this (or in the case of spam, government regulation). Just press delete or write some damn mail filters. Stuff like the DMCA or the CDA is much, much harder to deal with.

    It is true that corporate email systems should have filters for this. Perhaps, if I ask my ISP to block mail with attachments, they should be able to provide that service. But when I am paying for raw internet connection, I do NOT want regulation on that from anyone. Do you?

  • Are you sure the documents come from where they say they do? It would be easy for this worm to remember a few of the addresses it has had along the way and falsify the address. It uses its own SMTA. Sure, I'll bet SirCam is not that clever, but it could be.

    It's good to want to warn people, but keep it short and simple. The links are nice. Admonishments about double clicking, trusted sources and "your business" can be percieved as smug and are inefective in anycase. Do you know this thing requires a double click? MS will give a scary warning for the links too... the user may be scared to look at your untrusted email links after that.

    Imagine getting something like this from some clueless MS user who had been tricked. Replace Linux references in the above with MS BS and you can see how offensive it is. Also, imagine that the files they referenced were not yours.

    The essential information you are sending is that you recieved mail purporting to be from them, their machine is infected (must be if SirCam remembers it? imagine if it had an address harvester!), and news links. A three liner should do.

  • I'm sure what he meant was that he can't use email ; )
  • Yup, I've only got a couple of these so far, but I figured the proper thing to do was educate people. And how better to drive the message home than public humiliation - I've mailed them back to give them my advice on the file they sent (as requested), told them how I got it (in simple terms), and informed them that I'd be making fun of them on my web site. Ahhh, it feels good to help : )
  • The other two posters above have been very helpful, but I think there's one thing that will still need to be done. Sit your friends down, reiterate the fact that they've just sent out private data, and tell them to remember this next time they get a suspicious email attachment.
  • by jorbettis (113413) on Thursday August 02, 2001 @04:44PM (#2174873) Homepage

    Hardware compatibility problems have been solved, and the idea to adopt an open-source platform still stands.

    This year, 1,400 schools will be equipped with external modems, and Ibarra plans to install Linux on those computers.

    Dosen't sound like they're giving up to me. Also, they already have twenty schools running on GNU/Linux. They have schools already on it and they're planning to add more, it's just not a fast or as wide-spread as they had hoped. Just because a project dosen't go off as well as expected dosen't mean it is a failure.

    Was Linux 2.4 a failure because it shipped a year late?

  • If an attachment is executable, drop it on the floor. (Be nice and replace it with a message explaining that the executable attachment was stripped and, if this is the 1-in-a-million legitimate occurance the attachment should be retrieved from the sender via FTP or HTTP.)
    Congratulations, you've just destroyed the referential integrity of the message. If the message had a MIME-encoded cryptographic signature, you rendered the entire message useless.
    "Executable" means anything with an executable extension (e.g., "vbs") or which starts with a Windows executable prefix.
    Wrong, wrong, wrong. There is no such thing as an 'executable extension'. Any supposed set of 'executable extensions' will block plenty of legitimate, innocuous files and fail to block plenty of malicious executables. (Hint: every Microsoft Word document is an executable file.)

    Moreover, extensions are not entirely meaningful with MIME. Marking a .txt file as 'content-type: executable' can cause surprising things to happen.

    This takes a little bit of time to perform, but it's far cheaper to automatically scan the first few kilobytes of a message than to needlessly send gigabytes of virus-laden mail.
    Balderdash. People who use poorly engineered mail clients *deserve* what the get, in the same way that people who drive a car without a spare tire deserve what they get.

    The real solution is a well-designed email client:

    1. Uses cryptography to establish trust.
    2. Only automatically opens/runs attachments via sandboxed methods.
    3. Requires user intervention, and by default displays a warning, for accessing attachments that cannot be sandboxed.

    Anything else is just half-assed attempt at a solution that will inevitably break.

  • 1. You have an account with an ISP that you use for business purposes. The ISP has a maximum mailbox size of, say, 20MB. If the mailbox fills up, anything else gets bounced.
    Based on a $1600 street price for a 181GB Seagate Barracuda hard drive, 20MB of storage costs $0.18. Including the costs of administration and operation, the lifetime cost of that 20MB would be, say, a whopping $5.
    5. By the time you get to back work and sort out the mess, the bounced client is over deadline, costing you big money in lost business.
    Richly deserved lost business. If you aren't willing to invest more than $5 in communication infrastructure, you are obviously running an absolute joke of a business. A 20MB email quota is as absurd as getting party-line telephone service: customers will flee.
    Would you be able to collect damages from the infected individual, for allowing their machine to be used to (essentially) DOS you? It be argued that they were negligent by not keeping their antivirus software up to date and by opening the attachment in the first place.
    That's the nature of the Internet. You are relying on the goodwill and competence of millions of people you will never meet. If communcation really matters to you, you will have backup systems in place. (Such as modems or even leased lines.) If you have no backups, and run your single point of failure on a shoestring, count on having spectacular total failures.
  • Time to start using _plain text_ again, isn't it? I've never understood the eagerness of stupid mail clients to use Mime all over the place.
    MIME lets you do several nice things: 1) Send messages in multiple formats. 2) Get the crypto gobbldygook out of the damn message. 3) Attach arbitrary files of arbitrary types in arbitrary charactersets and encodings, in a system agnostic fashion. 4) Encapsulate one message in another message *exactly as it was received*. (This is wonderful for bounces because you can see exactly what bounced. The bouncing MTA just has to stick it in a section of 'content-type: multipart'.) Of course, Outlook has an annoying tendency to shit all over itself for certain randomly chosen MIME messages, but then I was talking about fixing Outlook...

    Or do you really think the bad old days of 'clip here, uudecode, untar' were good? System-agnostic structured messages are a great good.

    Cryptography to establish trust? What on earth prevents the virus from using the same crypto? The passphrase? The passphrase that may be sniffed from the keyboard by the virus?
    If the worm can sniff your keyboard, the game is already over. The goal should be to keep that from happening in the first place. Besides which, a good OS can keep anything from ever sniffing your passphrase. There just aren't any good OSes -- yet.
    Sandbox model. Well, sure, but don't you forget something? How should the nice little doc be _saved_ for the cluebie, after he opened it in his nice little sandbox?
    Documents don't save themselves, the trusted code of the sandbox saves them, and it does so when and where the user says.
    Note number 3 is ok. User intervention is OK, but it'll make user just click 'ok' all the time, and have no effect except for the first month or so. :-/

    There is essentially never a legitimate need to receive an executable as an email attachment. People who really need to can set up crypto and learn how to use it, and the other 99% can live without it and not know the difference.

    Besides, if people *want* to hand their computers over to the Black Hats, there's no way to stop them sort of a draconian OS. Home users who do it will pay through the nose to get their machines unfucked, and corporate users will pay with their careers.

  • I'm well aware of the other costs, but the exact number doesn't matter.
    We are well into $2/user, or roughly 10% of your average dialup subscription.
    10% of your average BOTTOM OF THE BUCKET AOL-GRADE CONSUMER SERVICE. Anyone betting a mission-critical business operation on that level of service deserves to lose. If I were running a business where email was critical, I would consider it a privilege to pay $600/year for email service. Remember that even the smallest business pays about $50/month for telephone service. Not paying $50/month for email service with plenty of safety margin is sheer folly.
  • I meet "software engineers" and "system administrators" all the time who want nothing whatsoever to do with Linux.

    Here's the deal, in case anyone hasn't figured it out yet: PEOPLE WANT DENIABILITY.

    "Well, it doesn't work, and we have a trouble ticket in with Microsoft" (Translation: I don't have to do anything for the rest of the month!)

    "Well, the Visual C++ toolset have been upgraded, and we need to upgrade several parts of the server infrastructure, and the vendors are shipping late" (Translation: I don't have to do anything for the next two years!)

    "Well, the infrastructure has been upgraded, but now we all need training" (Translation: off to vegas for drinking and whoring!)

    "Well, the system just crashes -- Microsoft products aren't the greatest, but it's the only game in town. It'll get better with the next service pack" (Translation: I don't do anything but install the crap!)

    Dr. Who refered to these people as "The Tesh" (The techs or technicians). They had little interest in science or engineering, or creating anything new, or even improving what they had, but rather had a kind of cult of knowledge where *they* held the secrets and they rarely let anyone else in. Microsoft is the cult, the MCSE/MCSD is the tesh. They can always throw up the "Microsoft has bugs!" excuse when things go bad.

    Contrast this with Linux -- all you need is desire, skill and talent. There is nothing hidden, and it's all free. How far can you go? It's up to you.

    The choice seems so simple, but I meet more and more programmers and admins who just want to use access and VB -- no interest in anything that is not just "a few clicks to the next paycheck", or anything that could remove their golden parachute of deniability.


    Treatment, not tyranny. End the drug war and free our American POWs.
  • I agree. The quest for deniability knows no boundary, even in operating systems.

    But, with Linux, you could (OH MY GOD HERE IT COMES) actually fix the problem, thereby helping yourself, your company, and others.

    Grotesque concept, eh?


    Treatment, not tyranny. End the drug war and free our American POWs.
  • > The feature is that its broken, and there is no
    > value in me to fixing it.

    My interpretation: "Fixing bugs in, or adding features to, Linux, will not increase my personal worth".

    This is true, but only if you have a personal philosphy along the lines of "My life is better when I make more money and work less". If you have that belief, this discussion is basically over.

    I reject that philosphy for myself. I think it is great to make more money, but it is certainly not my life's goal or focus. To me, everyone is better served when quality, service, freedom and justice are the goals.

    When an individual has these goals...the payoff comes naturally. Cheaters (like the federally convicted Microsoft) tend to ruin it for everyone.

    > I could most likely fix the problem even quicker
    > by calling the non-linux vendor and getting them
    > to fix it. Or just wating. And I would be
    > participating in a much better society in this
    > case. A society that allows its productive
    > member to afford the houses in their
    > neighborhoods.

    An odd way of saying "In case of problems, it is best to wait or do nothing. I will then be considered a productive member of my society. As such, I will have earned a nice home".

    And perhaps a "Harem of Bitches" to go with that home? Strange days, indeed.



    Treatment, not tyranny. End the drug war and free our American POWs.
  • I installed redhat 7.1 on an old HP 386 box that had 4 mb. or ram on it. X is really slow on that machine. Windows 98 will not install on it.

    Maybe, since you already have the machines networked, you could install RH 7.1 (it is free) on a machine with a cdrom, then install on the rest via boot floppies and NFS.

    My own experience is that Linux runs on more hardware as time goes by, not less.


    Treatment, not tyranny. End the drug war and free our American POWs.
  • After all, what do most kids use computers in schools for, besides web browsing, word processing, email and the odd spreadsheet?

    Artwork, if they have Macs.


  • Well, telling people not to click on attachments will help at least somewhat. The viruses propagate by social engineering, so it's important to break the cycle of infection by teaching people not to open the attachments uncritically. That won't do anything to keep current infections from sending out messages, but it will cut down on the next generation of infections and may (ha, ha, ha) prevent the next virus from propagating at all. It's certainly better than just ignoring the problem completely, and there's always the risk of deleting a legitimate attachment accidentally if you scan transmitted email for viruses. Just think about the damage that could be done if some cracker inserted a bogus entry that recognized MS Word headers into the virus definitions for the on-server virus scan used by a major ISP. Then you'd have a really nasty lawsuit on your hands.

    --
    Karma down to 50 again. Thanks Karma Kap.

  • One simple, specific act that would should have been done by Microsoft years ago...

    If an attachment is executable, drop it on the floor.

    For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken

    Thanks for proving the truth of your sig. Auto-dropping executable attachments is not a good idea. Your contention that they're incredibly rare is less true than you think. I know someone who wound up with a big hassle just the other day because our email system does drop executable attachments and somebody was trying to send him one that he needed for his work. As an alternative to your suggestion, might I suggest the following:

    • Not let executables disguise themselves as non-executables. Windows currently lets this happen and even sets it as the default behavior.
    • Require explicit authorization for a file to be executable, rather than implicit as it is currently. This could be something like Unix's executable bit, but could be as simple as prompting the user for permission the first time he tries to open an executable file.
    • Allow executables to be sent, but only in a way that requires an extra step to unlock them. You could, for instance, automatically zip all executables but not non-executalbes when sending them by email, and then attach a note telling the user that you've done so. This lets you send executables but gives the user fair warning that they are potentially dangerous.

    IMO any of these alternatives would be preferable to what you suggest.

    --
    Karma down to 50 again. Thanks Karma Kap.

  • Ever since we follow these steps to prevent the introduction of undesirable code:

    [Description that includes using add-on software deleted]

    Of course an alternative to this approach is for businesses to behave decently and not try to screw their customers by installing a bunch of unwanted junk. Maybe I'm a naive idealist, but I think that users should be allowed to deal with software under the assumption that the default install will only include components that are significant for the nominal function of the program. Extra packages should be clearly marked as extra and require a separate installation. Any company that doesn't follow this simple principle is behaving obnoxiously and customers have a reasonable right to complain, even if they could have prevented the problem by installing defensively. I understand that this isn' the case, but the rule should not be caveat installor, and companies that behave as though it is should be smacked.

    --
    Karma down to 50 again. Thanks Karma Kap.

  • The main issue here is momentum. If their established momentum is to install Windows, it is VERY hard to convince anyone to change stride in the middle of the program. Especially if Microsoft is dangling a few carrots such as jobs and training in front of some of the political leaders.

    More power to these guys, but they have a tough road to fight.

    Of course, if it's all the same too the administration one thing they could use is the QVWM/Abiword/Gnumeric/Mozilla combination and with proper themes most end users probably would be able to adjust fairly quickly, if they even notice at all. After all, what do most kids use computers in schools for, besides web browsing, word processing, email and the odd spreadsheet?

    After the next major virus outbreak the government could be taking a look around, see the Open source systems standing and the Windows machines dead, and make some intelligent decisions about their future. It is still early enough for that.
  • Well, since I've never been there I'll trust your apprasial of the situation (it fits with what I've heard before) but I can forsee some outcomes which might still allow a win for Open Source in Mexico:

    With the world economy slowing down, there is a chance Mexico might be able to hire some Linux folks at lower prices, especially if they can find some who really care about this issue and are willing to price themselves competitively with the Windows folks in this case.

    The next step is to have Microsoft audit all of Mexico's public institutions for license compilance. American corporations are getting that treatment - what makes you think Microsoft won't stoop to grabbing cash from Mexico? Then Mexico audits to find out where all the cash went and a few people who have been skimming the cream get it in the shorts...

    The third is to get American corporations to donate their old hardware to causes like this. Linux can do fairly well on older hardware, and if they can be convinced that a bunch of educated Mexican computer nerds are just what they need to solve the eternal shortage of qualified computer people, they may just make a dent. (Plus if they can get a tax credit they like that too.)

    A crutical factor is how much autonomy the schools have in something like this. If all schools must meet a national standard, and that standard is windows, we are So Outta Luck. (And so are they.)

    I'm actually surprised that the politicians are interested in the details of the software to be installed at all. Are they actively in favor of Windows, or was it indifference that killed (or slowed, at least) the Linux effort? If it was indifference that might be a good sign, actually. Namely, if they don't care and we do, we might still make something happen. Does anyone have a feeling for this one?
  • Given the odds are most of the hardware Mexico will be able to obtain will be out of date, here are some good tools to make a command line based linux distribution a little less frightening, and more importantly useful. It's surprising how much of an unnecessary luxury GUIs are for many things. Anyone with more experience or ideas, tack 'em on.

    Desktop Shell:
    Midnight Commander - command line mode
    http://www.gnome.org/projects/mc/
    Flash - An altered version of this might prove extremely useful for schools in setting up a basic, intuitive interface:
    http://www.netsoc.ucd.ie/flash/

    Typing:
    Gtypist - includes a spanish mode
    http://www.gnu.org/software/gtypist/

    Editors:
    nano - The standard easy text editor.
    http://www.nano-editor.org/
    emacs - Scary but powerful - for advanced students
    http://www.gnu.org/software/emacs/emacs.html

    Typesetting:

    teTex - fairly complete distribution of the TeX typesetting system; probably not necessary for most levels of education, but if formatted text is desirable this is definitely the none graphical way to make it.
    http://www.tug.org/teTeX/

    Development Environments:

    Rhide - Borland like environment for use with gcc
    http://home.lanet.lv/~pavenis/rhide.html

    Mathematics:

    I do not recommend the use of mathematical programs for educational purposes until there is no other reasonable way to solve the problem. However, a powerful and free computer algebra system does exist, and can be run from the command line, so if research projects or some such effort require it:
    Maxima
    http://www.ma.utexas.edu/maxima.html

    Web Browser:

    links - ncurses based browser. A nice piece of work. It will not do graphics, but will handle tables and frames.
    http://links.sourceforge.net

    Email:

    mutt - mutt is very powerful. It can be configured to act similar to the pine email system in order to be slightly more friendly to new users.
    http://www.mutt.org/

  • If MS was really smart they'd offer free Windows licenses to all K-12 education. Not that they are having a problem keeping users, but that would probably insure vast amounts of Users for Life.
  • Thus far, with N billion dollars in damages being quoted by industry experts for the likes of Sircam and Code Red, and other sites crashing under the load, we've seen little to no impact, and happily advise divesting Microsoft stock and product ownerships when our advice is asked for.

    I agree the brunt of the virus thing should fall on MS, but really, those estimates are CRAP.

    They figure like this:

    If we have 10 boxes needing patching, and each patch takes 10 minutes, that 100 Minutes. We'll call that 2 hrs. If the IT staff makes $50/hr than this bug cost us $100. We have 80 sites so this virus cost us $8000.

    The only flaw, of course, is that IT people patch boxes for a living, and do general maintenance. Its not like they went out and hired these people for the job, now did they? Naw, mostly those $9 billion and $40 billion and $120 billion numbers are bullshit.

    The real costs are not even counted, in most "experts" numbers - bandwidth, diskspace, increased latency, etc. THOSE are real costs, the time of many admins is counted very high, but in fact shouldn't be counted as high. Its their job, you know?
  • Finding enough capable programmers and system administrators proved to be the primary obstacle for the project. "We need a lot of people trained in Linux here in Mexico," Ibarra said. "It's a problem we didn't expect, and that has slowed our progress. We must prepare people.

    reminds me of the old rhyme, "For want of a nail, a shoe was lost, for want of a shoe a horse was lost, for want of a horse a skirmish was lost, etc etc etc, all for want of a nail"

  • Ukrain has some human rights issues. Internet Journalist Georgy Gongadze [gongadze.com.ua] of Ukrajinska Pravda [pravda.com.ua] was found beheaded last november. Gongadze had been investigating corruption on high levels in the Ukrainan government. Later, the leader of the opposition socialist party publized recordings that allegdly linked President Kuchma to the murder. On the tapes Kuchma orders the murder of Gongadze. Have a look here [ualberta.ca].

    It has been pointed out however, that Kuchma would hardly have anything to fear from an e-zine like Ukrajinska Pravda, since very few have access to the Internet in Ukrain, and that it was unlikely that he had even heard of Georgy Gongadze.

    It is, nevertheless, an issue to be alarmed by.

  • For the price of a stinking Network Associates Webshield [mcafeeb2b.com] operating in transparent mode at the router of each ISP, they could filter out most viruses. They could route port 25 traffic through one of these babies and things might be rosier. I chalk that up to lazy/overworked/ignorant admins not caring/able/knowing to put such a system in place. We have a webshield and the only time we saw SirCam was because we had to take it out of the loop for some quick maintenance; the one guy that go it knew not to open it and deleted it.

    Of course, security is a process so no amount of filtering is going to keep 100% out. If you still get that one virus headed for the guy in the company with Outlook and who blindly opens every message that comes at him, then you've still got a cultural problem to cure.

  • Support? You priced it with support? What is support? Seriously, though, as a customer of an ISP, I expect them to spend the money I give them on quality services. The fact that you came up with a much cheaper solution makes it even more shameful that they don't provide that extra level of protection.

    The Webshield you priced covers both sparc hardware and the software, and support is on both. Trend Viruswall [antivirus.com] is just a software product ($1k for 50 users) that you still have to purchase a dedicated machine for in order to do the job properly. Luckily it is available for Linux, so the hardware portion can be cheaper in both initial cost and support.

    We purchased our Webshield a year or two back when there were no solutions like this readily available. Now, Norton has Antivirus for Gateways [symantec.com], and more are coming out. As a small 200 person company, it's not a big deal to get support on our Webshield, but given a choice today, we would probably go for a Linux solution involving the Trend product. Heck, just thinking about the couple of bugs that we've seen in the Webshield, maybe we should consider the Trend product anyway.

  • by sulli (195030) on Thursday August 02, 2001 @04:27PM (#2174909) Journal
    Excuse me, but WTF are you smoking? Do you expect ISPs to filter email for sircam, or block sircam-sending IPs, or ... precisely what exactly?

    Outlook viruses are, in my opinion, the responsibility of (1) Mictosoft, and (2) the Outlook user, who should be trained not to open crap that comes from random people with attachments! I really don't see how an ISP can help. (Of course, helpdesk people need to know about it, etc.)

  • The general consensus was that deploying the 'free' operating system in Mexican schools would save money, but the sad fact is, the lack of hardware support and arcane configuration issues are indeed beyond then ken of a typical teacher/school administrator. These aren't stupid people, mind you, it's just that their training is in totally different areas. Windows, OTOH, can be set up on nearly any hardware configuration through simplistic 'Wizards'.

    So when you boil it down, is it cheaper to pay for training the 100's or 1000's that would need it in the ways of linuxy goodness, or simply purchase windows and click yes when asked until the systems are deployed? I think the Mexican School Boards have realized that it is the former, though I suspect it was with the assistance of MS marketting and sales that made it clear to them. PS, Brian Farina can bite my ass!

  • by MOMOCROME (207697) <momocromeNO@SPAMgmail.com> on Friday August 03, 2001 @02:45PM (#2174915)
    Your rant about corruption is probably accurate, lord knows it is a stereotype that has probably been earned, but I am not sure that it is entirely acccurate regarding this particular case. There are better reasons for their choice, namely that training the employees was significantly more expensive than the windows licenses.

  • The BSA exists in Mexico. It's not a bunch of Americans enforcing it--it's a bunch of Mexicans employed by the Mexican branches of the American companies.

    A company I worked at in Mexico got caught in a BSA audit. They found lots of pirate copies because that's what companies in Mexico do software-wise.

    So at the end of the day the deal was a certain NUMBER of computers were identified as having pirated software. The company was allowed to choose which ones. Those computers were "secured" with a legal sticker over the power buttons that could not be legally broken until the requisite number of software licenses were purchased.

    So, the company just "chose" to have them secure all their old 386 machines that they were going to get rid of anyway. They then stuck them in storage in the basement and purchased the new computers they were going to buy anyway... but they never broke the stickers on the "secured" computers--and never purchased the "required" licenses. Problem solved.

  • by letxa2000 (215841) on Thursday August 02, 2001 @06:27PM (#2174922)
    FWIW, I'm an American who has lived in Mexico for over 5 years now. Let me help the general public with the translation of what the article says. "There weren't enough people available trained in Linux" translates to "The organization wasn't willing to spend the money to hire people trained in Linux."

    Organizations in Mexico, for some reason, would rather spend $5 on hardware/software than $1 on human resources. Perhaps it's because there's so much corruption everywhere that no-one trusts their employees to do their job and to do it honestly. Then again, can you blame them when a CS graduate might earn US$1000/month...

    Believe me, the reason they went with Windows is because they'd rather pay Windows people US$800/month rather than paying Linux people US$1000/month, even if it means having to spend millions of dollars on Windows license. And, of course, some politicians will probably be taking a good part of that $124 million to their personal bank accounts.

    Mexico is a wonderful country, but it's very frustrating to live here and see the incompetence and corruption in decision-making. Believe me, it makes American politics and decision-making seem PURE and reasonable in comparison. Heck, even Democrats sound coherent after witnessing the absurdities and abuses that go on down here--and for a Democrat to sound coherent ought to give you an idea of how bad things are down here.

    Anyway, this isn't a blow against Linux. It's about par for the course in terms of Mexican political decision-making.

    PS--For what it's worth, I can't really see the government actually paying for all the licenses anyway. They'll probably set aside $20 million for licenses, buy one license, and the politicians will keep the rest.

  • My experience with Windows 2000 is fairly limited, but it's not all "cakes and ale" as everyone says it is. Apparently certain hardware configurations don't work well with Windows 2000. I'm in a Windows 2000 lab right now (only computers I have access to since I'm out of my home country on a study abroad program) and the computers in here seem to fucking hate Windows 2000. On several occasions they have blue screened as I was logging in (I can't come up with any logical explanation for this). Internet Explorer and other programs crash frequently for no apparent reason. The computers are all Pentium II 350s with 128MB of RAM which seems like it should be enough to run Windows 2000 to me.

    My other problem with Windows 2000 is that there isn't enough stuff to tinker around with. I like the fact that I can configure Sawfish to perform a merry jig for me. I won't be satisfied with any version of Windows until I am provided with a means of making it do a merry jig and other such silly things.

    Au pays de L'Emperereur Tomato-Ketchup
    Les Enfants sont les rois et ils font la loi!

  • by eah (240538) on Thursday August 02, 2001 @05:09PM (#2174927) Homepage
    As everyone knows by now...Kazaa is using top text links [...] My advice would be to get ad-aware.
    I was playing with KaZaA for a few days, but didn't install Top Text with it. (It pays to read those stupid installation screens, I guess.) Anyway, today I ran Ad-Aware and nuked a couple of hits (from Cydoor). After it finished, KaZaA refused to run, because components were missing.

    The punchline was that it wouldn't even uninstall from Add/Remove Programs. I had to reinstall it just to uninstall it nicely.

    I've installed Morpheus from musiccity.com, and I'm running Ad-Aware again. Wonder if this'll turn out any differently...

    (Side note, damn if Morpheus doesn't look almost exactly like Kazaa.)

  • Since you post as ACoward, my first impulse is to ignore you and wait for you to be modded down. But here's the deal: you (presumably) and I (most assuredly) actually pay attention to the screens which appear after each click of the "Next" button. For us, then, that's not a problem. What is an issue is the vast majority (care to argue this point?) of windoze users, many of whom are no more than kids, who simply click "next" until a program installs. Yet I believe that most of these people wouldn't want anything to do with some of the spyware which comes with kaZaa.
    As for the checkboxes option, how many pieces of software (any commercial word processing app, for example) have you installed which had such a checkbox window with about ten options, some of which you didn't know too much about, and you accepted because that's the default install. Face it, it should be a reasonable expectation that when you install a piece of software advertised to perform a given task, that software isn't going to do a number of completely unrelated tasks which have the further effect of telling a complete stranger what websites you choose to browse?

    Kill Smart Tags:
  • by tulare (244053) on Thursday August 02, 2001 @05:22PM (#2174931) Journal
    It is definately getting interesting on the discussion thread [kazaa.com] mentioned at the top of this article. I think the kakaA folks are now realizing just how badly they have screwed up :)

    Kill Smart Tags:
  • by tulare (244053) on Thursday August 02, 2001 @04:42PM (#2174932) Journal
    I mean, at least BearShare practices disclosure when it wants to install garbage on your machine. And (although I've never felt the need to bother with this one) I'm sure that if you complained to BearShare folks, you'd get a more coherent response than "How dare you! ... blah blah advertisments and buisness..." OK, maybe the writer wasn't a native speaker of English, but I mean, come on. When I deal with anyone, even via email, I at least attempt to make an effort to sound and act like a professional (which, if you met me, is by no means assured). These guys look like a bunch of baked s'kiddies and halfwit marketers to me. If they aren't, then their behavior needs to adapt to what are really reasonable expectations from the consumer which aren't that hard to meet. Picking adware more carefully and clearly stating in the installation what each program is, and why it is installed would be a good start.

    Kill Smart Tags:
  • a couple weeks ago we had a meeting about our latest server tech to deploy. since all our backend software is in java, it doesnt really matter if we deployed on linux or windows.

    Anyways, after some discussion, linux turns out to be more expensive for us to use than windows. Why? Because we're a small company. The tech guys there (myself included) double as both programmers and system administrators. All of us know windows inside and out just by using it for years. For upgrades, windows is trivial to upgrade.

    Linux is a different story. We all also know how to use linux - but none of us are expert admins at it. We would need to hire a linux sysadmin to be safe and ensure it was configured correctly (yes kids, linux is easily hacked too if not configured right) I've never known a linux sysadmin who worked for cheap. So we spent a couple grand going for a windows machine and setup, and saved ourselves several thousand dollars in the salary we would need to pay someone to maintain and secure the linux setup.

  • but one of the main ones. Another reason was we develop software for the financial services industry, which uses windows far, far more than they use linux.
  • We still need a ~$60,000 a year linux admin to keep up with the various patches and do the dirty work of maintaining the setup. Given our hectic deadlines, its not profitable nor wise to take a month off to learn linux better.

    Also, we were not interested in buying lots of systems. Rather one quite large server at the time. Windows was simply more sensible. Even the resident linux fanatic (who knows alot more than anyone else, but not enough) admitted that windows suited our best interests.

  • Later in the article [wired.com] a different, more optiomistic (torwards open software at least) picture is painted.
    But all hope is not lost. Hardware compatibility problems have been solved, and the idea to adopt an open-source platform still stands. This year, 1,400 schools will be equipped with external modems, and Ibarra plans to install Linux on those computers.
  • On the part about Linux in Mexico, I have to wonder what part would not run on their systems. I have a feeling it was more along the lines of would have taken a bit of looking around to find the correct drivers and/or picking another distribution. I am sure that Microsoft did something to sweeten the deal for the Mexican government, and I'll bet that their deal with the devil will come back to bite them when the BSA comes down in a few months to perform a software audit. They'll get what they deserve.

    On the KaZaa thread, the first email which I get saying that my site had links which I did not put up myself will send me to an attorney to discuss what I can do to them along the lines of changing my content, including copyright infringment (I know that I'll have to put notices on the pages) and to see if defacing a website charges can be arranged along the lines of prosecuting them like the Code Red Worm writers could be prosecuted. The fact that things were done on the client side instead of the server side should not be relevant (IANAL).

  • I beleive ISPs should provide some level of support for handling viruses. A lot of ISPs already do filter for viruses. Symantec offers products [symantec.com] that retrofit themselves onto mail servers to automatically reject viruses from being sent and reject viruses from entering. Or at least generate an automatic email to the sender/receiver/mail admin that a virus was spotted in the mail stream and temporarily hold it until advised on what to do. Unfortnately, the same product can also be used by your boss as spy-ware.
  • Disclaimer: I am not a Symantec employee. To prove it, McAfee [mcafee.com] has their own product.
  • by agdv (457752)
    I just downloaded and installed ad-aware. That will teach them!
    But I'm still a bit confused, and need some help. What exactly are the files that ad-aware installed along with itself? They're in c:\windows and they're called 'make_money_fast.exe' 'enlarge_your_penis.dll' 'lose_weight.vxd' 'herbal_viagra.com' 'send_all_your_data_to_our_company.vbs' and 'popup_x10.js', and they're set to run on startup...
  • Now, I swear I'm not trying to defend Microsoft on this, but this is NOT an Outlook virus. Do a little more research on the sircam worm, and you will find out that it will work at any address that it is sent to. The worm is a complete program in it self. It does not rely on Outlook to send mail for it, as the application has it's own SMTP server built in.

    Check out the following for more info on this really impressive... um I mean dangerous worm. http://sarc.com/avcenter/venc/data/w32.sircam.worm @mm.html [sarc.com]
  • by 4n0nym0u53 C0w4rd (463592) on Thursday August 02, 2001 @04:18PM (#2174963) Homepage
    Salon has a pretty good article [salon.com] on the whole parasite software thing. KaZaA figures prominently. There are some reasonable aspects of bundling such software, but it's ridiculuous to do so without a)allowing opt-out and b)clearly notifying users...
  • I run a small non-profit project [truepath.com] for at-risk kids in a slum area in Rio de Janeiro state. We have a small Novell 3.11 network (legally licensed, even though the server does think we're in 1901) and running on a variety of ancient, often rebuilt hardware, ranging from 386-SX-16s to a 486-DX-120. The reason for such low-end hardware is very simple: money (or rather the lack of it).

    I have been unable to find a Linux version with a GUI that runs on such low end boxes. Windows 3.1 runs on some, I have OS/2 2.1 on a 386 and Windows 98 on the 486-DX. I'm also using FreeGEM and homewritten VB/DOS software on most machines.

    Does anybody know of a low-end Linux distribution (that will ideally install without needing a CD drive) with some sort of GUI and some useful application software that could be used for teaching purposes on such ancient hardware?

    Maybe Linux couldn't be installed on some of the existing hardware in some Mexican schools for the reasons?

    Comments anyone?

  • Just imagine a 486-100, 16MB ram, 300MB disk.

    I can happily install Win95(the very first ones) plus Off97 (Word - main app) on it, with netscape and pegasus for some web and mail access. Sure, the performance won't be high, but it will work. No way you can get an X-Windows based office suite on that, and with p-200/32mb the difference in performance would be even more dramatic.

    This is real, some schools _are_ that poorly equipped. I still have to setup such a system from time to time, and I work for an university .. (Bratislava, Slovakia, Eastern Europe).

    While we have some 10-15% of such crappy machines and it's getting better all the time, I can imagine there are schools where such junk is 80-100% of their equippement.

People are always available for work in the past tense.

Working...