Forgot your password?
typodupeerror

Ballmer Beaten by Spyware 501

Posted by Zonk
from the don't-tell-anecdotes-at-a-public-event dept.
Devil's BSD writes "At a Windows Vista reviewers conference, Microsoft platform president Jim Allchin told a rather amusing story about Steve Ballmer. Apparently, a friend asked him to rid his computer of the spyware and malware that had accumulated over the years. As the story goes, neither Ballmer nor Microsoft's top engineers could fix the infested computer. The article goes on to discuss and compare Microsoft's new security offering, Windows Live OneCare."
This discussion has been archived. No new comments can be posted.

Ballmer Beaten by Spyware

Comments Filter:
  • by Whiney Mac Fanboy (963289) * <whineymacfanboy@gmail.com> on Tuesday June 06, 2006 @09:46AM (#15479807) Homepage Journal
    Chairs everywhere celebrate the oppressor's beating!

    (and don't believe an article that says Microsoft didn't know what was going down in the spyware world until Ballmer bought in an infected PC: "This really opened our eyes to what goes on in the real world," Allchin told the audience. )
    • by FudRucker (866063) on Tuesday June 06, 2006 @09:58AM (#15479936)
      RE:""This really opened our eyes to what goes on in the real world,""

      its about time, this comes only about 10 years too late...
    • by shotfeel (235240) on Tuesday June 06, 2006 @10:04AM (#15479985)
      and don't believe an article that says Microsoft didn't know what was going down in the spyware world until Ballmer bought in an infected PC

      I'm not too sure about that. IIRC this tale unfolded several years ago and was one of the reasons behind MS's big security push. The only thing "new" about it is that Allchin seems to like telling the story over and over, year after year. And it keeps getting publishes as if its a new story.
      • by Whiney Mac Fanboy (963289) * <whineymacfanboy@gmail.com> on Tuesday June 06, 2006 @10:48AM (#15480355) Homepage Journal
        Hmmmn, depends what Allchin means by "our eyes" by "This really opened our eyes to what goes on in the real world," Allchin told the audience.

        If he meant "Microsoft", then bollocks - I'm sure MS engineers / support partners / etc, were screaming for years.

        If he means "Clueless, viewing MS's security through rose tinted glasses upper management", then I guess that statement could be correct. (I doubt it tho')
      • The only thing "new" about it is that Allchin seems to like telling the story over and over, year after year. And it keeps getting publishes as if its a new story.

        Complaining about a dupe story on Slashdot? Talk about nothing new!

      • by demachina (71715) on Tuesday June 06, 2006 @03:33PM (#15482768)
        I think the only "new" part is Microsoft is selling a subscription service now to protect your PC against this kind of thing :)

        If you want to deal with spyware you need to prevent it from getting on your PC in the first place which is why you need some kind of security softare probably with regular updates so it can deal with new threats.

        This is another in a long line of pretty lame /. submissions. The submitter was counting on getting it accepted and winning acclaim from the /. community by bashing Microsoft and Ballmer ... and it worked. It is an unfortunate fact that it IS pretty much impossible for anyone to confidently "repair" a PC that has been infected with large volume of spyware for a long time, and which wasn't getting security patches. Its relatively difficult to reliably figure out what parts of the system have been tampered with. You are better of backing up all your files, wiping the disk, reinstalling and using a scanner to weed out spyware and virii amongst your files before you reinstall them.

        Allchin is repeating his story because he is now marketing a product to prevent you from getting infected with the spyware in the first place. It is a great product for him to market since it entails an annual subscription and Microsoft really wants some steady subscription revenue. Its also great for Microsoft because its another instance where they are going to use their monopoly power to destroy companies(Symantec, McAfee, etc) that built businesses providing this service when Microsoft failed to deal with the problem years ago. Microsoft is going to transfer some of the billions consumers currently spend on Symantec and McAfee in to their coffers and it should cause a nice little bump in their revenue unless their service completely sucks. And of course Symantec and McAfee are now competitors instead of partners, which is tough for them,
    • by matt4077 (581118) on Tuesday June 06, 2006 @10:40AM (#15480270) Homepage
      Ballmer doen't have friends.
  • *over the years* (Score:5, Insightful)

    by saleenS281 (859657) on Tuesday June 06, 2006 @09:46AM (#15479811) Homepage
    Years of spyware, it's no suprise that they couldn't get it cleaned. How is this any different than a kernel trojan on linux? Reimaging sometimes is the only solution. It's far easier to muck a system up than it is to clean it afterwards.
    • Re:*over the years* (Score:5, Interesting)

      by ednopantz (467288) on Tuesday June 06, 2006 @09:49AM (#15479846)
      No kidding. The real question is why anyone tried to recover a compromised system.

      • Ever tried reinstalling Windows and getting it to behave as you want it to, and not as some Dweeb at MS thought would "be the prefered way by most users" (I know NOT A SINGLE person that can actually work with the default settings of any MS system)?

        Trust me, cleaning the computer is by a magnitude faster.
        • by sholden (12227) on Tuesday June 06, 2006 @10:13AM (#15480067) Homepage
          I can work with the default settings of XP just fine.

          • by NetFu (155538)
            The real question is how long can you work with the default settings of XP, which service pack version of XP are you talking about, and if you are even using it to access the Internet.

            Anecdote:

            I've set up Windows XP computers at work LITERALLY thousands of times. If I let a Windows computer install by itself while plugged into the network (with Internet access) so it finishes the install while I'm at lunch (for one hour), it will be infected with a virus by the time I get back from lunch. That's how great
        • Re:*over the years* (Score:5, Interesting)

          by toleraen (831634) on Tuesday June 06, 2006 @10:28AM (#15480175)
          Hmm, after a fresh install, changing a few settings, reinstalling a couple apps, and updates, I'm looking at a 2 hour turn around time. While everything isn't perfect, it is most definitely workable.

          Cleaning a computer, at least in my book, requires the following (not necessarily in order): Backup important files, Windows update, add/remove programs for p2p and other annoyances (with reboots), spyware scan, reboot, spyware scan, hijackthis, virus scan, (if virus found, reboot and scan again), registry inspection, reboot with chkdsk. And that's all I did if they just had some popups. Hopefully all that cleaning didn't cause the machine to loop BSODs at boot-up too! A truely thorough cleaning takes at least 5 hours, and that's assuming everything goes well.

          So, in my expert opinion (5+ years in tech support), reinstalling usually is much faster. Of course a good ol' Ghost image only takes about 10 minutes, and if you ghosted properly, it'll have all your precious settings!
          • Re:*over the years* (Score:5, Interesting)

            by TrippTDF (513419) <hilandNO@SPAMgmail.com> on Tuesday June 06, 2006 @10:42AM (#15480292)
            Ghost, or imaging in general, is a great tool for both PCs and Macs in a work enviroment.

            I am the IT guy for a small network of 25 PCs and about 6 Macs... I have images on hand for every model of machine. Users know damn well that anything stored on their local computer isn't backed up or safe from deletion, so when they have issues, I double check with them that they don't have anything important that we really, really need to save, and then I use one of my images, install any additional software I don't have in my image, and then give them back a healthy machine about an hour later.

            If I think solving an issue on their machine is going to take more than an hour, it gets an image replacement. Saves both on my time getting the machine back up and running, and the user has less down-time.
          • Re:*over the years* (Score:4, Informative)

            by WhiteWolf666 (145211) <(sherwin) (at) (amiran.us)> on Tuesday June 06, 2006 @10:54AM (#15480411) Homepage Journal
            What you said, plus:

            Rootkits CANNOT be reliably cleaned up.

            Regardless of whether its a Linux system, OpenBSD, Windows, or whatever; once your system is rooted, you CANNOT fix it without booting from known-good media, and either testing MD5 sums of each executable, or a wipe/re-install.

            There simply isn't any other way to look at it.
            • by devphaeton (695736) on Tuesday June 06, 2006 @12:08PM (#15481036)
              Of course, the best part is this:

              1) Adult brings computer in for me to clean up.
              2) I remove all the crap their kid installed on it.
              3) Computer works fine, I get paid, Adult goes home.
              4) Within 2 days their kid has reinstalled all their crap onto it.

              5) ???? --- either Adult screams that I didn't solve anything, or they bring it back in, but don't reprimand their kid for effing up the computer again.

              6) Wash, rinse, repeat.
      • So you're saying regular users of Windows should give up when their system gets compromised, and just reinstall everything? That says a lot about the quality of Windows that you can't restore it to a pristine point, and it's also asking far too much from people. They shouldn't have to reinstall their entire operating system just because something buried itself in the registry.
        • by Lord of Ironhand (456015) <arjen@xyx.nl> on Tuesday June 06, 2006 @11:49AM (#15480873) Homepage
          True if you know the nature of the compromise to the last detail. But otherwise, "recovering" a compromised system is taking a chance, since you can't be 100% sure that no bad stuff remains sneaking around. The quality of the system should be measured by how (un)likely it is to be compromised to begin with, not by how well it can be recovered.

          In fact should one of my Debian Stable systems ever get compromised, I probably wouldn't sleep soundly until I fully wiped & reinstalled it as well as any systems that might theoretically have been compromised through the one affected. What if someone planted an 'obvious' virus/rootkit/... as well as a small sneaky backdoor, with the former being placed mainly to distract from the latter?

          • by theLOUDroom (556455)
            True if you know the nature of the compromise to the last detail. But otherwise, "recovering" a compromised system is taking a chance, since you can't be 100% sure that no bad stuff remains sneaking around.

            If you're really on the ball, you do regular backups.

            This means that you can compare your current system to your backups and then you need only examine the files that have changed.
    • by fuzzyfozzie (978329)
      I am not a huge Linux advocate but if I thought that most Linux systems had the /home folder installed on a different partion by default. That way, it would not be that big of a deal to reinstall (Unless you're using Gentoo).
    • Connecting a Linux box to the Internet will not result in instant spyware.
    • by MROD (101561) on Tuesday June 06, 2006 @09:59AM (#15479943) Homepage
      Well, there should have been a way to clean it up. i.e.

      (1) Boot into another OS which can read and write to the infected filesystem but is immune to the malware.
      (2) Do a complete check of all the OS files and any drivers/DLLs called during boot and delete/replace as necessary.
      (3) Do a complete virus/malware scan on the rest of the files.
      (4) Clean the registry thoroughly.
      (5) Reboot the newly cleansed system.

      It's a pity that Microsoft don't produce a bootable image with a version of MSDOS containing a basic NTFS filesystem driver and some automated tools to do all of the above. It's technically possible.

      Trying to clean a compromised OS while it's running is a losing battle. It's not even worth bothering to try.
      • Trying to clean a compromised OS while it's running is a losing battle. It's not even worth bothering to try.


        s/while it's running//
      • UBCD (Score:3, Informative)

        Download Ultimate Boot CD for Windows [ubcd4win.com]. It needs a Windows XP CD to create it's ISO. You can actually run it from Wine (that's how I make mine).

        It builds on Bart's PE. Bascially it's a Windows Live CD, similar to something like Knoppix only with terrible hardware detection and support*. It includes several virus scanners and Ad-Aware and Spybot. Works quite nice for scanning an infected computer. It also includes tools for reseting passwords, etc. It's very useful if you're stuck dealing with Windows m
    • How is this any different than a kernel trojan on linux?

      Perhaps the difference is that in years of running Linux I've never encountered a "kernel trojan"? And I would need to run as root to install such a thing in any case, but running as root hasn't ever been necessary to run end-user applications under Linux.
      • I don't think anyone would bother trying to attack a kernel image as (1) they are big so supplying a trojan version is not "practical"; and (2) a live CD would cure the problem in minutes. In order for such an attack to work, so many other parts of the system would also need to be compromised to hide/keep the infected kernel in place that it may as well be a conventional rootkit.
        • by JabrTheHut (640719)
          And the fix is ridiculously easy - install or re-install the kernel. Whether by sources or just an rpm, it solves a problem that doesn't exist and may never exist. This must upset the windows fan boys....
    • Re:*over the years* (Score:5, Interesting)

      by swillden (191260) * <shawn-ds@willden.org> on Tuesday June 06, 2006 @10:04AM (#15479987) Homepage Journal

      How is this any different than a kernel trojan on linux?

      Windows spyware exists?

      Excuse me if there actually is some sort of trojan kernel floating around, but I've never even heard of such a thing. It's an interesting concept, though... seems like it would be hard to write a script to automatically install it, given the wide variety of boot configurations (lilo/grub, kernel params, boot partitions that may be unmounted at runtime, etc.). It might be easier to trojan some module in a part of the kernel with a very stable ABI. Or maybe not.

      Compromising userspace seems much easier.

      Getting back to your point, I agree that the safest thing to do with a compromised machine is wipe it and reinstall, particularly if it's infected with software that actively tries to prevent its removal.

      • Re:*over the years* (Score:4, Informative)

        by WhiteWolf666 (145211) <(sherwin) (at) (amiran.us)> on Tuesday June 06, 2006 @10:56AM (#15480433) Homepage Journal
        Kernel trojan? Probably not.

        Unix rootkits? They most certainly do exist. Most have patches out there, or take advantage of "social" hacking. It doesn't always take a remote exploit to get root access, you know; sometimes the best exploit is the "user" exploit.

        Don't even come close to thinking I'm saying that running Unix systems are risky. However, it is an _excellent_ principle that if your Unix system is compromised, you _must_ boot from read-only known-good media, and either reinstall, or verify MD5 sums of all your executables.

        As Windows anti-malware tools do neither, they are not reliable, and should not be trusted.
      • Re:*over the years* (Score:4, Informative)

        by InsaneGeek (175763) <slashdot@insaRASPnegeeks.com minus berry> on Tuesday June 06, 2006 @12:21PM (#15481148) Homepage
        Kernel rootkits have been around for many years, they aren't self replicating but all you've got to do is install a kernel module. That kernel module will then intercept syscalls to hide itself and any other rootkit programs (ps will now lie to you and not show you a hacked irc daemon is running, ls now won't show certain directories, lsmod won't even list the kernel module as running). Started to get notoriety ~5+ years ago, they tend to not be automated install (that could be debated, if you've got kernel source & compiler on the box it's pretty easy to "one-click" install it) but they are very effective on a compromised box.
    • How is this any different than a kernel trojan on linux?

      Well, 'linux' is a little unspecific, but using debian as an example, I can boot from a CD, and use dlocate / dpkg -S / -L to check that md5 sums of binaries on the system & compare them to the md5 sums they should have.

      You're left with a small number of binaries of items you've installed by hand or compiled yourself. These can be checked/replaced with known good items by hand.

      Personally, I would reinstall 'cause it's a little easier - but its cer
  • And... (Score:2, Funny)

    Ballmer got the last laugh by beating said spyware with a flying chair.
  • Man, I can't get enough of these Microsoft execs. Gawd they're funny! Why the heck aren't they on NBC's "Last Comic Standing"?

    The story would be more interesting if there were a time frame for the "amusing" (ha ha ha) anecdote. It's important to know as it likely exposes the lie that is Microsoft's improved security.

    Consider that the "amusing" (ha ha ha) incident was fairly recent -- it probably was sometime in the last couple of years. That being the case it puts the time frame well past Microsoft's

  • obligatory (Score:5, Funny)

    by Supersonic1425 (903823) on Tuesday June 06, 2006 @09:47AM (#15479819)
    You can't remove spyware from a computer by throwing a chair at it.
  • by TripMaster Monkey (862126) * on Tuesday June 06, 2006 @09:47AM (#15479827)

    ...in 3...2...1...

    But seriously, If you must stick to Windows, the only way to insure your safety is to make an image of your clean system, and periodically restore from that. I used to remove malware from systems for a living, and unless the infection was trivial, the solution was always back up the data and reinstall the OS and apps fresh. It's amusing that Ballmer and his boys had so much trouble with that malware-laden system, but it's not terribly surprising. What is surprising is that Ballmer and his boys actually tried...knowing what they know, they must have known they were on a fool's errand...

    • If you must stick to Windows, the only way to insure your safety is to make an image of your clean system, and periodically restore from that.

      Nonsense. By using alternate browsers and keeping the Windows Firewall turned on, I haven't had any spyware/virus problems whatsoever with Windows XP Professional. I run as an administrator because it's my computer and I know what I'm doing. I don't like being told what I can't do or that I need to re-enter my password, as in OS X. Of the 6 computers in our office

    • But seriously, If you must stick to Windows, the only way to insure your safety is to make an image of your clean system, and periodically restore from that.

      I guess the systems I've kept uninfested for years without reinstalling are just figments of my imagination ?

    • Doing Helpdesk work for many years at a university, I've had my ninja-like malware-destruction skills strengthened -- most of the users we dealt with don't have the neccessary cd's to install off of (we can't install Windows without a valid license and cd's) so we almost always just have to tough it out and fight the infection. I've gotten quite good at tracking down and destroying complete armies of viruses/malware. I remember one virus report from BitDefender that I captured with my cellphone -- it foun
  • by w.p.richardson (218394) on Tuesday June 06, 2006 @09:47AM (#15479831) Homepage
    Discuss the veracity of this story against that backdrop.
  • Hmm (Score:4, Funny)

    by gentimjs (930934) on Tuesday June 06, 2006 @09:49AM (#15479844) Journal
    I wonder when the last time Steve Jobs, Theo DeRaat, or Linus Torvalds had a problem with spyware was? *ducks*
  • was locked in one room for the last 5 years or they have blatently ignored all customer complaints about better security and more patches to be released quicker. How can Balmer and company not know about how big a problem sypware/malware/etc is till his PC was infected?
  • by purpledinoz (573045) on Tuesday June 06, 2006 @09:49AM (#15479851)
    You would think they would try what Microsoft support would tell them to do right away: re-install Windows.
    • Which brings me flashbacks from the early 90's when the only answer you could get from M$ was "Try to re-install".

      Nothing new here - please move along...

      So obviously there is a long way between reality and M$ Management. Considering all those commercials that M$ puts up right now about them "stopping viruses" and so on - It's on the level of almost being as good as a Monty Python play. Just consider that IE 6 (whet about earlier versions?) has been rated among the top-10 worst technologies provided to t

  • by grub (11606) <slashdot@grub.net> on Tuesday June 06, 2006 @09:50AM (#15479855) Homepage Journal

    "This really opened our eyes to what goes on in the real world," Allchin told the audience.

    Countless millions of customers have complained about spyware and viruses for years but it takes an MS exec to fumble before their eyes open? No wonder people get disenfranchised with big corporations.
  • by Anonymous Coward on Tuesday June 06, 2006 @09:50AM (#15479863)
    It "seems" to be anti-Microsoft, but it contains a "payload" spreading news of a new Microsoft product to exactly the right audience.

    Increasingly, Slashdot is suffering from more and more of this.
  • by BadAnalogyGuy (945258) <BadAnalogyGuy@gmail.com> on Tuesday June 06, 2006 @09:50AM (#15479864)
    Give that father of the bride an etch a sketch and some foam helmets because he really shouldn't be allowed anywhere near anything with a microprocessor.

    If you were asked by someone in your Linux-only organization to clean up their machine after they had installed every single program they ever ran across, including several rootkits and Gnome, you'd correctly identify the problem as a PBKAC. Same thing here with Ballmer's friend's bride's father's computer.

    Microsoft MSDN KB-1d10T. Problem: customer's computer has become unusable due to malware. Solution: sell the cusomter more support.
    • The only difference is that on Windows - the system does that *for* you, courtesy pop-ups and seamless exploit integration. And there's no privilege seperation, so you dont even need any passwords.

      On Linux you'd have to do it yourself, intentionally. And you'd have to do it as root.
  • He lumped the thing back to Microsoft's headquarters and turned it over to a team of top engineers, who spent several days on the machine, finding it infected with more than 100 pieces of malware, some of which were nearly impossible to eradicate. ...
    "This really opened our eyes to what goes on in the real world," Allchin told the audience.


    So I guess their Honeymonkey project [wikipedia.org] isn't working as well as they would've liked...
  • by Douglas Simmons (628988) * on Tuesday June 06, 2006 @09:52AM (#15479880) Homepage
    For cleaning out malware, unless I was packing software with me, I'd do a scan with housecall.trendmicro.com [trendmicro.com]. It does Linux too. NOD32>/a> is the most impressive Windows scanner I've found. For cleaning out and managing the registry, you want [nod32.com]JV16 Power Tools [macecraft.com], but running msconfig's the quickest way to clean the crap out of the registry as you don't need anything to download. Now I am not sure if Vista has a similar registry setup (hopefully not), but my first move would be to fire up msconfig, go to the start up tab, and fire away at anything that doesn't look too critical while crossing my fingers. Make sure to cross your fingers!
    • The only way to "clean" a compromized system is by reinstalling it. End of story.

      I'm always amazed by people wasting their time and ignoring fundamental security practices by fumbling with hosed Windows systems.
    • msconfig sucks
      Autoruns [sysinternals.com] is THE 1337

      Oh, and btw, after removing all the malware (in safe mode!! without network!) make sure the desktop image is NOT a web page, I lost 2 hours looking where the fuck a spyware was loading after removing it. I got the hint when saw that each time windows started the desktop image sort of went blank for a second before putting the backgroudn image.

    • The problem is (Score:3, Informative)

      by Sycraft-fu (314770)
      That severe spyware infestations approach root-kit levels of problems. There's so many peices and loaders spread all over, it's hard to be sure you've got them all. I recommend a total reinstall for the same reason you'd recommend a total reinstall in the case of a rooted UNIX box: It's the only way to be sure. Sure you could probably clean the rootkit out successfully, but should you take the risk? No, reinstall to ensure a clean system.
    • by jambarama (784670) <jambarama@@@gmail...com> on Tuesday June 06, 2006 @11:52AM (#15480898) Homepage Journal
      Good plan, but sometimes malware modifies autoexec.bat to repopulate msconfig. Or they make sure your system won't boot properly if you remove the startup file, or they embed themselves in something that should run, or do any of a number of other things that make removal impossible from within the infected system.

      If you can't do a reformat, the best thing to do is pull out the drive, hook it up to a computer (externally or internally) that isn't infected and run anti-malware tools from there.

      If that isn't an option get something like Winternals ERD Commander and add some modules to it, like adaware, spybot and spysweeper. Plus some little things like stinger, hijackthis & rootkit revealer. Then an antivirus scanner - clamwin and AVG both run fine off of a live CD. All of these should be up to date. Windows defender won't run in ERD commander or off any live cd - it needs a full Windows environment. Then boot to live CD and run the tools. It works wonderfully. If you don't want to shell out for ERD commander, roll your own live windows based cd with BartsPE builder. I've heard of people doing it with Windows CE too, I just don't know how.

      If the MiniPE liveCD wasn't infringing dozens of copyrights and wasn't a highly illegal set of warez - it would be the champ IMHO. It is a highly effective and well done set of tools.

      Safe mode is good too, but a lot of scanners won't run in safe mode (like windows defender) and more imporantly, some malware embeds itself in system files. As such they often get locked (you can't delete them) even if safe mode.

      Linux live CDs can handle viruses pretty well with clamAV, but they really can't find other sorts of malware very well. Plus they can't touch the system (if it is NTFS), so they aren't terribly useful for anything other than backing up data before a clean sweep (which is the best option after all anyway).

      Malware is tricky, but you can get it if you try hard enough. Come on Ballmer you can do better, I'm not even an MCSE!
  • Bend over please ... (Score:5, Interesting)

    by TheGreatDonkey (779189) on Tuesday June 06, 2006 @09:55AM (#15479906)
    At a recent auto expo, Ford CEO William Clay Ford Jr. spoke of how fellow company officer Derrick Kuzak was asked to rid his car of all the annoying squeeks, quirks, and failing parts that had made the product highly unreliable over the few years he has owned it. As the story goes, neither Kuzak nor top Ford engineers could fix the car. The article goes on to discuss and compare Ford's newest automotive protection program and solution to such a problem, the Ford PayUsForever program.

    If you wouldn't accept this as an adequate solution for an unreliable car, why would you accept this as an adequate solution for something many of us arguably spend more time in front of? Why not try switching car brands to something more reliable if your current vehicle is so problematic?

    * Ford was just used as an example and have nothing against the company itself.
    • by drsmithy (35869) <drsmithy@nOSPam.gmail.com> on Tuesday June 06, 2006 @10:14AM (#15480070)
      At a recent auto expo, Ford CEO William Clay Ford Jr. spoke of how fellow company officer Derrick Kuzak was asked to rid his car of all the annoying squeeks, quirks, and failing parts that had made the product highly unreliable over the few years he has owned it.

      However, Mr Kuzak had never performed any basic maintenance tasks on his vehicle, nor taken it for regular servicing, always left it parked outdoors in conditions ranging from sub-zero cold to fry-an-egg heat and sandstorms, never locked the doors (often leaving the key in the ignition), used incorrect sized tyres, was unable to operate the clutch, regularly drove the car (a small hatchback, approximately twenty years old) over kerbs, through hip-deep water and down heavily-rutted offroad trails, and didn't even hold a driver's license.

  • Though one could probably have a lot of fun putting Balmer through various "trials", I really don't find this funny. The fact that people of average competence and experience cannot control their own machines (or what runs on them) is a huge problem. It's almost infuriating that Microsoft considers this a simple matter of offering another service, as opposed to backporting changes. They could have made some *very* basic changes earlier in the life of Windows.

    But Windows (Vista) is still implementing thes
  • by Moby Cock (771358)
    Windows Live OneCare

    Seriously, just switch from Windows and you'll have NoCares.

  • The PC got a rootkit [wikipedia.org]. It's not hard to figure out, because viruses often open backdoors to get even more infections, and the latest worms like phatbot use rootkit stealth techniques. I just wonder what botnet [wikipedia.org] the PC ended up belonging to.

    On the other hand, I stumbled upon Microsoft's Shared Computer Toolkit [microsoft.com]. It seems you don't need Vista to get your registry sandboxed after all.
  • by br0ck (237309) on Tuesday June 06, 2006 @09:57AM (#15479922)
    I remember before Windows 95 was announced, I was astonished that Bill Gates started talking about how bad Windows 3.1 was. After 95 was announced I finally realized that they were just badmouthing their old version to drum up interest for their new version. As I read this article it seemed to me that this could simply be another case of bad mouthing XP to get people motivated to buy the less spyware-prone Vista.
  • And the point is? (Score:4, Insightful)

    by Moraelin (679338) on Tuesday June 06, 2006 @09:58AM (#15479935) Journal
    Ballmer is a manager, not a computer guru. It's not his job to clean spyware off a computer. Whop-de-fucking-do. So someone is good at his job, not at yours. This just reeks of the kind of "only my job is important, and if you can't hack the registry with a hex editor, you're an idiot" arrogance that gives geeks a bad name.

    Second, the mention of "Microsoft's top engineers" makes the whole thing look very fishy to me. I seriously doubt that MS actually got their top stars just to fix some guy's computer. That a bunch of top engineers would also be utterly unable to save a computer -- if nothing else, just backup all the important files and reinstall -- ranks up there with belief in Santa or the Tooth Fairy.

    It's, again, the stuff crap elitism is made of: the belief that surely you're the smartest guy out there, and even MS with all their money couldn't hire someone smarter. And funnily enough, the less skilled one actually is, the more he loves to believe that kinda crap. People who once wrote a 5 line script, or once even managed to compile Linux... using someone else's script, love to pretend that verily, they're so cool that they could singlehandedly re-write XP _and_ Vista in a week and make it better than all those MS monkeys.

    Basically even as MS bashing goes, this kind of fairy tale is a new low.
  • by swschrad (312009) on Tuesday June 06, 2006 @09:59AM (#15479941) Homepage Journal
    but there are so many patches and convolutions in MSware that doesn't work any more. when my 98se machine got horked up and I couldn't restore from my tapes any more, because windows kept throwing up in the process due to mixed versions of stuff, I gave up and went Mac. if I can't get MY machine back, why try? the MSmeisters allowed it in the past, but all the patches made it impossible.

    now, I just RESTORE my drive to an external periodically. when the internal drive died, I just booted off the system DVD and did a RESTORE back to the newly-installed drive. presto, had MY machine back.

    those of you who rotate three disks into two bays on a machine set up for RAID mirroring have a chance in MSland. nobody else does.
  • Either they (Ballmer and the Microsoft engineers) are really, really dumb/inexperienced, because it's pretty much impossible to remove all the spyware that accumulates on a Windows system, other than with a wipe, restore image/reload OS, apps, data from backups - or they are pathetically trying to show their sympathy for people who deal with Windows machines and all the crap that accumulates on them.

    Hmmm, clueless execs & engineers or a OS that is impossible to maintain. I don't think either scenario m
  • by billybob2001 (234675) on Tuesday June 06, 2006 @10:00AM (#15479948)
    There's no such thing as "OneCare"

    You mis-overheard someone talking about Ballmer.
  • Maybe this will open the eyes in the upper echelons of the MS exec space what the REAL problems in the REAL computer world are. Not clippy that dances over your spreadsheet when you're trying to work. Not three dimensional user interfaces. It's trojans. It's viruses, it's malware, it's spam.

    It's very blatant that Balmer (and, I'm sure, a good deal of his managers close to him) is by lightyears out of touch with the reality of computer problems, and what really moves and shakes, what really bothers and annoy
  • I wonder how much Steve Ballmer charges for this
  • by bokmann (323771) on Tuesday June 06, 2006 @10:08AM (#15480023) Homepage
    I got 2 things out of this article:

    1) If Steve Ballmer can't even go to a friend's wedding without getting the "Hey - you know a lot about computers, can you help me?" tired old line, then I don't feel so bad when it happens to me (and it happens to me a LOT).

    2) So, the whole jist of this article is how neither Steve nor some of the best minds at Microsoft could fix a malware infected computer... So they create Microsoft Live OneCare? And this is suppost to be some kind of great thing? What a horrible endorsement of the service, "Use Microsoft Line OneCare... our best engineers can't really fix it either..." I guess when they sign up customers, Steve Ballmer will be running down the hallway saying, "Hey! We've got a Live one!"

  • Windows is reasonably secure against viruses and spyware as long as you don't use it on the internet. There are so many ways that Windows is vulnerable on the internet, though, that it's doubtful that it can ever be really secure if you want to use Internet Explorer. If you need to do IE, just use a clean, patched install behind a firewall and reinstall it from clean images periodically. Oh, and don't use any apps or keep your data on that install either, of course.
  • They could have fixed the PC in a good 2 to three hourse with a liberal application of the following:

    Spybot SD

    Adaware ...and a bootable Knoppix CD-ROM.

    When the first two snag everything they can snag, reboot the PC with Knoppix and if you know what you are looking for, start deleting the spyware DLLs, hidden folders and other nastiness from the spyware makers.

    Reboot the PC and things could be fine.

    It has worked very well for my job
    • When the first two snag everything they can snag, reboot the PC with Knoppix and if you know what you are looking for, start deleting the spyware DLLs, hidden folders and other nastiness from the spyware makers.

      This is too bloody difficult. No, I'm not being sarky.

      Finding all this hidden/tucked away crap is far more difficult than administering a Linux system. I won't do it anymore; people tell me Windows takes less time to administer, and Apple's are too expensive;

      Well, fix your own damn computer (it doesn
  • Viral Marketing (Score:3, Insightful)

    by EpochVII (212896) on Tuesday June 06, 2006 @10:16AM (#15480079)
    This is whats called viral marketing. Whether this story happened or not is not the pointof the article. The point is to get people to read about Winblows Live Care. Well played, Microsoft.
  • Easy fix (Score:3, Insightful)

    by lord_rob the only on (859100) <.shiva3003. .at. .gmail.com.> on Tuesday June 06, 2006 @10:29AM (#15480180)
    Reformat and reinstall. Windows needs to breathe from times to times. Actually that what I was used to believe true for *any* operating system. Reformat and reinstall every six months or so...

    Now I have discovered Debian Sid, the "unstable" developpement version of Debian. Everyday an upgrade of many many programs, some programs disappear some new come in the box. Everything has been working flawlessly for 5 years thanks to a database-based packaging system (something MS should be inspired of IMHO) :). Thanks for your help Microsoft but no thanks :)
  • OneCare (Score:4, Insightful)

    by DavidLeblond (267211) <me@davidleblond.cUMLAUTom minus punct> on Tuesday June 06, 2006 @10:33AM (#15480209) Homepage
    If Microsoft's top engineers couldn't get rid of a little spyware program, why am I suppose to pay for OneCare? What would it do when faced with the spyware? "Aw hell, THIS is the spyware that our TOP ENGINEERS couldn't get rid of... better format, dude."
  • The question is... (Score:3, Insightful)

    by QuietLagoon (813062) on Tuesday June 06, 2006 @12:04PM (#15480996)
    Has Microsoft changed their way of thinking [quotedb.com], or will Windows One Care just be another facet of the continuing Windows problem?
  • by Lxy (80823) on Tuesday June 06, 2006 @12:06PM (#15481029) Journal
    Steve Ballmer has friends?
  • Missing the point (Score:5, Insightful)

    by UnknowingFool (672806) on Tuesday June 06, 2006 @12:54PM (#15481466)
    Here's the basic summary of the article:


    Ballmer was asked to clean spyware on a PC.
    Couldn't do it.

    So he took it to MS engineers who spent days trying to do it.
    Then he thought: "How do we make money off this?"

    Does anybody else here think that the thought should have been: "How do we fix this for our customers?"
    MS is clearly not thinking of benefitting the customer but only how to enrich themselves from their own mistakes.

  • by MagikSlinger (259969) on Tuesday June 06, 2006 @01:44PM (#15481917) Homepage Journal

    MagikSlinger's good lessons for Microsoft:

    1. No rootkits. Ever. Prevent at the file-system level any attempts to modify the core OS files. It needs updating? Make sure the file is digitally signed by MS before allowing to replace a core OS file.
    2. User mode. Not this weird confusing version MS offers in Vista, but proper user mode. No installations into the /Windows folder from a USER mode application. Someone wants to put something there? Prompt for the admin password and run as an admin. And if they want to fiddle with the core files, see rule #1 about rootkits.
    3. Allow admins to easily see what's getting loaded at startup and from where so they can easily delete or remove it.
    4. Kill ActiveX on the web. Just nuke the damned thing.
    5. Do not even offer the ability for Office, Outlook or IE to automatically do anything ever with executable code (even VBscript). In fact, Outlook should have the ability to connect to a service to find out if the message looks like any active worms & viruses and warn the user appropriately. A good virus checker would also be nice.

As in certain cults it is possible to kill a process if you know its true name. -- Ken Thompson and Dennis M. Ritchie

Working...