Posted on 04/04/2006 6:41:25 PM PDT by HAL9000
Excerpt -
LAKE BUENA VISTA, Fla. — In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation."When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at the InfoSec World conference here.
~ snip ~
(Excerpt) Read more at foxnews.com ...
Great news. When did you last have to rebuild UNIX or VMS from scratch?
Well, that gives me a warm and fuzzy feeling!
ouch...
CRN: In terms of security, how do you compare security in Vista vs. security in Windows XP SP2? Allchin: SP2 was a very good system but compared to Vista, it's night and day. CRN: Is there going to be antivirus in Vista? Allchin: No, there is not. CRN: Why? Allchin: It's a complicated answer as to why not. CRN: Was the decision based on technical concerns? Allchin: It wasn't technical. CRN: Will Vista resolve security problems once and for all? Allchin: I'm not going to claim perfection or near perfection, but I think we're unrivaled in the work we've done.
In other words, there's NO technical reason to not include virus protection, BECAUSE WE MAKE MONEY FROM VIRUSES!
They offer virus protection at an EXTRA CHARGE. And it's always the NEXT VERSION which will be really, really, neat.
FYI
Truly you can't believe that. Microsoft loses money from virus. They do have 3rd party vendors that make money off viruses and they do like to keep them happy. Plus Microsoft isn't an anti-virus company. I'm not sure I'd trust their AV software. Kind of like running a windows shop with a windows firewall protecting everything. Or a unix shop with a unix firewall protecting everything. You're too open for attack by a single exploit/bug.
More likely they don't want to be sued by Norton, Macaffe, and the host of other anti-Virus makers. They went down this hard road once, with the crappy Netscape browser. BTW, you have to admit that the competion from both IE and Netscape made each much better. That is why I am glad there is Firebird or Fox or whatever out there.
I had installed the Microcrap anti-spyware software on my XP Media Center Edition box and also installed Spybot S&D and Ad-Aware.
Every single time I ran the scan in the MS product it reported no problems. I'd turn around and immediately run Spybot and Ad-Aware's scans and they found problems that the Microcrap product didn't.
Needless to say, I uninstalled the Microcrap product.
I've also noticed a process that runs when I go into Task Manager called msnchecker.exe. If I leave it running and I'm connected to the internet, the hard drive goes ape and as I'm browsing the mouse pointer turns into the hourglass about 90% of the time. This is when there is no activity whatsoever like a page loading. When I kill the process, those symptoms go away. I can run any program and do anything without that process running. So part of my boot up routine is to kill that process immediately and another one I'm not sure about called esched.exe. It seems that if I left esched.exe running, the msnchecker.exe would re-launch itself in a matter of time.
What this seems to indicate (no I haven't researched it thoroughly yet, so no geek flames please) is that Microcrap has spyware built into this version of Windoze. Windoze phone home, if you will.
Fortunately, if you configure your machine properly, it is not difficult to rebuild Windows. Programs on C:, data on D:, right?
Just wipe C: and reinstall everything.
My Windoze XP Home Edition box has over 100,000 files and God knows how many directories (folders for MS twerps) on a clean install with no other apps or data on the drive.
Bloatware at its finest.
About the same time I was able to get UNIX or VMS to run the apps that run my business.
IOW, never.
All my systems run a full, unattended image backup daily, just in case. I've never had to restore anything yet; firewalling and antivirus protections are doing the job.
WinXP Pro and Win2k Pro are reliable and perfect for our business.
I say they sell more copies of Windows < next version >, because they promise it'll be better than Windows < current version >, so Joe Average has a reason to upgrade. They will sell a whole lot of whatever AV tool they offer with Vista, simply because they kept it out of the OS.
That is all...
I'm a former IT professional. I should sue Microcrap for all the time I've wasted re-installing Windoze and/or waiting for a machine to reboot after making changes.
All total, I've probably spent days and weeks combined waiting for systems to re-boot. Probably months all total re-installing crappy bloatware.
Definitely. It usually does. But the war's over, and both sides quit playing.
My personal favorite is Window 2000 Pro as far as MS is concerned. For me and my needs it's been the most hassle-free and stable of the MS operating systems I've dealt with.
That's the minimum, but it's not enough. I want the essential unchangeable operating system configuration files, registries, etc, physically separate from customizeable and site specific and layered product (as I call them) configuration files, even if they are logically linked and stored on drive C: in a directory that I know is reserved for this purpose, and can be wiped out or corrupted safely without affecting the base functions of the OS.
This should apply not just to the OS but to these layered products. Instead, such products themselves typically intermix data, configuration files with their software and essential files. Chaos reigns...
And when did you last have to reboot UNIX? The last I recall was over the Christmas holidays when they cut the site power for maintenance.
I agree; our transaction-processing terminals are Win2k Pro, and I don't think I've seen that OS crash in almost 3 years of 24/7 uptime. We've rebooted them numerous times for app-software upgrades and mods (including OS Service Packs and updates), but the OS itself just keeps humming along.
I run WinXP Pro on my office system; it's up 24/7 as well and almost as reliable as Win2k Pro.
Great program. Trouble is, back when I was doing IT consulting I'd have new clients with hosed systems that I couldn't very well do that with.
A lot of them were the type of clients who were too cheap to buy a tape backup or a ghosting program and I didn't have the resources to keep a ghosted image of every single client's systems on a hard drive somewhere.
I run my SPARCstation for 6-9 months without rebooting. I recall running a VMS host for close to 2 years without a reboot. But let me tell you, without mentioning any names, not all UNICES are as solid as Solaris.
May not be so easy depending on what 'everything' is, then the programs have to be configured to the way the user likes them again. If they are not sophisticated enough to have made copies of *.ini and other config files, backed up their IE or Firefox settings, etc., that can be very time consuming. Then there are also files like custom dictionaries that will have to be reconstructed unless backed up, which very people even know how to do.
I'm with you on that, too. It's maddening when you have tons of apps intermingled with OS directories.
At least back in the DOS days, you could have a separate dir for each app and there was no intermingling.
Life was much simpler back then.
I've got to get off of this thread because I don't even do IT anymore, but I can tell you stories about clients who bitched at me because so and so was 'missing' after I had to re-do their systems. Some of the time was my fault for not asking the right questions or checking things I should have, but most of the time it was not.
I meant Media Center edition. I wouldn't waste my time with XP Home Editon.
"you have to admit that the competion from both IE and Netscape made each much better.
Definitely. It usually does. But the war's over, and both sides quit playing."
MS has IE 7 beta 2 out. Maybe MS is trying to play, but IE 7 beta 2 is pathetic. Anyone eles try it out yet? IE 7 beta 2 has been banished from my collection of computers, total crap.
Just Damn.
Hey thanks. I knew I shouldn't have let my McAfee license expire.
I feel like a total dumbass after talking about doing IT work.
This has just made my sh*tty day even sh*ttier.
That's what I get for being too lazy to research stuff.
Thanks again.
You don't want to miss any upgrades.
Thanks for getting me to laugh at myself, I sure needed it today.
Since the machines are getting aged we decided to just replace them instead of spending numerous hours trying to clean them up.
One of the worst weeks of my life!! If I ever find the little toads that write these I will personally invite everybody I know to a stoning.
Ha-ha. I feel vindicated - me and my ghost b-u's.
What's malware?
/laughter off
- John
I want the first ticket.
I don't trust "system restore", it works for a lot of situations.
If u wanna be sure u can get your system back to life without a re-install... it only takes $50-100 bucks per machine, an external USB 2.0 HD Enclosure Drive (or u gotta open up the machine to get to the IDE/SATA), & A Ghost Image of your Drive is sure & quick.
I can even get some of my clients complete HD onto 1 Dual Layer DVD per machine...
And if you're a consultant, probably most all of it billable. Windows is a money maker. ;-)
Of course it wasn't techinical, the reasons are entirely LEGAL.
They know McAffee and Norton would sue the crap out of them if they embedded it into the Operating System. Much easier to just sell it as another separate product and avoid the whole expensive mess.
This is not news. Any knowledgeable information security professional knows that the only reliable solution for dealing with intrusions and compromises on a system is to reformat and rebuild from original media. This goes for every flavor of Windows, Mac OSX, Linux, Unix, everything. There is no 100% method for detecting root kits and such.
I use a small, free utility called XP-AntiSpy on every install of XP that I do. I lets you plug/configure all of those "phone home" holes and let's you neuter all MSN Messenger prosesses as well.
I'm on a Mac, and my office desktops are both Linux boxes. (Sincker)
I've heard there is this plague Windoze users have to deal with, but I've only seen one case of it--my son's gaming computer came down with it, and had to have the hard-drive wiped. Fortunately the only data lost were old saved games.
Actually it's not just statility issues that keep me off Windoze machines: I've got a 'guild loyalty' to the Free BSD kernel and secondarily to Linux. The Free BSD kernel was written by a mathematician of my own field (category theory) who want over into CS, and Linux was scaffolded on Minux, a reduced version of Unix written as the basis for student exercises by another category theorist who went into CS.
Right. Get your tinfoil helmets on because it is a widespread, grand conspiracy. The fact that Microsoft does not sell antivirus tools should be completely kept out of the equation because it is only a malthusian plot to distract us from Bill Gates' plan to conquer the earth.
Trolling much?
I saw the light a few weeks ago and no longer do old style backups (i.e. fulls and incrementals) on external media.
I set up my system to do snaps and clones with Norton Ghost.
With the PC DOS startup disk, I don't need Windows to do anything.
When a HDD craps out, pop in a new one and restore a clone or snapshot image to it. All done, up and running in one hour. Sweet.
"Fortunately, if you configure your machine properly"
Thats assuming you arent running pirated software. Which of course nobody ever does.
Dang. I hate Tripod.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.