I think I won a major battle over spyware this week, but I can’t really claim victory because I nuked before I really had time to verify my success.
The story is that a coworker’s computer was badly infected with spyware. She is close to a technical illiterate, and so it was a bit of a puzzle in itself to try to find out what was wrong before I actually sat down at the machine and started looking around. It was also a puzzle figuring out what had caused the problem in the first place.
As far as I can tell, she got a popup one day saying that she either had a virus, or that she should install some program. She apparently hit the window and installed whatever came up. She thought she was installing her ISP’s anti-spyware package, and instead whatever she installed had a distinctly pro-spyware agenda.
There were dozens of different spyware packages running on her machine, but that didn’t turn out to be the problem. I could remove those easily enough, partly with the help of anti-spyware programs (legitimate ones downloaded from their respective authors) or by manually removing their startup keys and executables. This required booting to Safe Mode and sometimes to BartPE (thanks Jake for motivating me to make a disc last week).
When I thought it was all clean, I tried running Windows update, and suddenly the popups were back, along with a fresh load of spyware, only this time they were accompanied by the installer for MS Office (yeah, what the heck!?). All that work, and things hadn’t improved. So, I uninstalled Office and tried to refresh the IE files (MS doesn’t make this very easy). But there still were a couple of programs starting up that I couldn’t even find. The files just weren’t there, and neither were the registry keys, and yet they were there.
Eventually, I found them, and then promptly formatted the whole thing and install a (legitimate this time) copy of XP Home. So, the thing’s fixed and it’s out of my hands. I did what I could, and it was quite an adventure, even though in a way it was a tremendous waste of time. The point is that I learned a lot. And I think I’ll get a lunch out of it.
Friday, July 15, 2005
Monday, July 11, 2005
The Case of the Wardriver
Last April, in Florida (why does almost every news story these days happen in Florida?), a man was arrested for accessing a residential wireless network without the permission of the owners. He will soon be going to trial, and I am interested to find out how this case turns out.
On one hand, the guy admits to using network resources that did not belong to him. The owner of the network that he connected to had paid for the network hardware, internet connection, and other associated maintenance costs. Depending on the wording of the law, the guy may be unarguably guilty of unauthorized access to a computer network.
That said, I do not expect him to be found guilty. Aside from the unfairness of punishing one person for an act that is so ubiquitous these days, it is not altogether clear that he was an unauthorized user of the network. If an individual makes some extraordinary effort to connect to a network (splicing wires, stealing passwords, circumventing security measures), then the access would clearly be unauthorized. In this case, the network connection was being broadcast to anyone within range of it. The man charged in this case was in a public place (on the street), and (most likely) had not circumvented any security measures to access the network.
My point is that having an unsecured wireless network is an open invitation for anyone within range to connect to it. In fact, most wireless enabled computers will automatically connect to an unsecured network within range, with little or limited action from the user, making such “illegal” activity unavoidable. It is akin to having something on a web page that doesn’t require authentication to log on (most web pages are like this), except that the range from which it can be accessed is much, much smaller (100 feet, versus world wide).
I worry that this will create an undue state of paranoia among the technically illiterate. Already people are talking about how people use unsecured networks to perpetrate terrible things, like distributing child pornography or sending threatening emails. While this certainly happens, it is unlikely for any specific wireless network to be so abused. The limited physical range of a Wi-Fi network makes it difficult for malicious users to take advantage of it. But most people don’t know enough to realize this, and are likely to be driven by fear of prosecution for something they didn’t do.
I fear that, instead of leading people to be more diligent about securing their wireless connections, this will drive people to create legislation making innocuous war driving a specifically criminal offense. This will not make the naïve technophobes, or their data, any safer, but it will occasionally save them from having people leech indiscernible amounts of bandwidth from their high speed web connections that they barely use. (Seriously, what good is a connection faster than 256 Mb/s if you never download any big files?)
For the record, I have a wireless network, and have at times been responsible for another one. I am very careful about making sure that my networks are secure. As long as most people don’t secure their wireless networks, passing people looking for an easy Wi-Fi fix will not bother with my network. It’s not worth the trouble of breaking into Fort Knox when the bank next door doesn’t ever lock it’s vault or post any guards.
On one hand, the guy admits to using network resources that did not belong to him. The owner of the network that he connected to had paid for the network hardware, internet connection, and other associated maintenance costs. Depending on the wording of the law, the guy may be unarguably guilty of unauthorized access to a computer network.
That said, I do not expect him to be found guilty. Aside from the unfairness of punishing one person for an act that is so ubiquitous these days, it is not altogether clear that he was an unauthorized user of the network. If an individual makes some extraordinary effort to connect to a network (splicing wires, stealing passwords, circumventing security measures), then the access would clearly be unauthorized. In this case, the network connection was being broadcast to anyone within range of it. The man charged in this case was in a public place (on the street), and (most likely) had not circumvented any security measures to access the network.
My point is that having an unsecured wireless network is an open invitation for anyone within range to connect to it. In fact, most wireless enabled computers will automatically connect to an unsecured network within range, with little or limited action from the user, making such “illegal” activity unavoidable. It is akin to having something on a web page that doesn’t require authentication to log on (most web pages are like this), except that the range from which it can be accessed is much, much smaller (100 feet, versus world wide).
I worry that this will create an undue state of paranoia among the technically illiterate. Already people are talking about how people use unsecured networks to perpetrate terrible things, like distributing child pornography or sending threatening emails. While this certainly happens, it is unlikely for any specific wireless network to be so abused. The limited physical range of a Wi-Fi network makes it difficult for malicious users to take advantage of it. But most people don’t know enough to realize this, and are likely to be driven by fear of prosecution for something they didn’t do.
I fear that, instead of leading people to be more diligent about securing their wireless connections, this will drive people to create legislation making innocuous war driving a specifically criminal offense. This will not make the naïve technophobes, or their data, any safer, but it will occasionally save them from having people leech indiscernible amounts of bandwidth from their high speed web connections that they barely use. (Seriously, what good is a connection faster than 256 Mb/s if you never download any big files?)
For the record, I have a wireless network, and have at times been responsible for another one. I am very careful about making sure that my networks are secure. As long as most people don’t secure their wireless networks, passing people looking for an easy Wi-Fi fix will not bother with my network. It’s not worth the trouble of breaking into Fort Knox when the bank next door doesn’t ever lock it’s vault or post any guards.
Sunday, July 10, 2005
Whoa, that moved fast...
Lots to catch up on.
There was the LAN party, back on June 24-25. I think it's fair to say that everyone who attended had a good time, and went away very tired. I went away very, very tired. We did in fact stay up all night (except for Leon...he slept twice), and alternately played Half-Life, played billiards, and watched our movie, "Poolhall Junkies."
Eric gave "Poolhall Junkies" a thorough panning, even though he hadn't seen the movie before, and then admitted that it was pretty ok afterward.
We never did get to Slurpees. There were times that a couple of people wanted to go, but the rest of the group didn't, and then an hour or so later a couple of other people would want to go, with the majority still reticent. No biggie.
Overall, it was a fun party between a pretty tightly-knit bunch of friends. And the food was really good. And I'm pretty sure that no one will die of heart break if we don't do an overnighter again. At least not like that. It was pretty rough at the end.
Independence Day and my birthday came and went, and oh my, did I have a good time.
First, we went to Logan for USU's annual firework show there. Leon and Jeff and I went early to get good seats, and of course, eat at Logan's old-timey A&W beforehand. I've eaten at other A&Ws, but they never seem to be as good as that one. We also wanted to visit Willow Park, but there simply wasn't time. So we drove up to USU stadium and staked out a place in line. Leon and Jeff passed the time by beating up their Gameboys, and I listened to an audio book.
The audio book was "A Walk In The Woods", by Bill Bryson, narrated by the author, and not, as I first thought, by John Malkovich. Yes, really. They sound exactly the same, weird cadence and all. Y'all know by now that I don't link to products that don't impress me. "Walk In The Woods" was a really great listen. I highly recommend it.
And John Malkovich, if you're idly Googling yourself and you stumble on this post, please do consider looking into voice work for audio books. An unusual voice helps keep the audio book interesting, and it certainly helped an already excellent work in this case.
Logan, sadly, has Homeland Security Paranoia Shit (hereafter referred to as HSPS) going on. You can't bring in a glass bottle in a cooler, but I wore a knife on my hip right through the gate, and it could very well have been a gun and no one would have noticed. Granted, the knife is my treasured Leatherman, and not really an ideal choice if you're looking to let massive amounts of blood, but the airlines are afraid enough of my Leatherman, so you tell me.
Folks, when can we start to be clueful about this again? Searching people does not make me feel more secure, it makes me feel less secure. And your plainclothes guys walking around, trying not to look conspicuous? Yeah, right. Can you tell me what's more secure than a stadium full of law-abiding citizens packing weapons (be they knives, guns, or broken bottles)? I bet you can't.
The Logan show is sponsored annually by Fireworks West, a Utah outfit that designs for and supplies professional fireworks shows. Fireworks West likes to show off their new stuff at the Logan show, and this year we saw shells burst into giant smiley faces. I know, not that impressive, but they've debuted more exciting things in the past.
The long and short of it is that the Logan show has been declining in the last few years, and I'm not sure that I'll keep the family tradition next year and attend. For one thing, tickets are now $6 per person, for a show that's been shorter every year for the last five shows.
The entertainment is getting more, well...unbearable. They've clearly been spending as little as possible to get someone on stage who at least knows what a guitar is, and invariably, this person also tries to hold and play a guitar, which is a big mistake. They also did away with the sky divers. I liked that part as a kid, and they just don't do it anymore.
Here. Take the Clearfield show as a study in contrasts.
On the nights between the Logan and Clearfield shows, Jeff, Krys, Andrew and I lit big floral shells in my back yard. We had four tubes running at a time, and with great effect. I found a way to stake down the tubes, so we didn't have to worry about them knocking each other over this year. Last year, we had a tube fall from the force of its launch. It knocked over the tube next to it, and that tube launched its shell about 3/4 of a second later...at my house. Fortunately, the shell bounced off of the roof and broke over the road in front of the house. No harm done, but scary.
The PVR Build Log over at PhischX will have momentous news when I next post. Here's your preview if you read this first: The PVR works. It records, it rewinds, it pauses live TV, and it's all good. There's still work to do, and of course there are details to write about, but that's the gist of it.
And speaking of previews, Does anyone here read Cringely? Well you should. He was blogging long before anyone (even himself) knew what that was. These days he's the resident technology writer for PBS, and he's about to launch something that you will hear about, and probably be part of.
So go here and read about it.
There was the LAN party, back on June 24-25. I think it's fair to say that everyone who attended had a good time, and went away very tired. I went away very, very tired. We did in fact stay up all night (except for Leon...he slept twice), and alternately played Half-Life, played billiards, and watched our movie, "Poolhall Junkies."
Eric gave "Poolhall Junkies" a thorough panning, even though he hadn't seen the movie before, and then admitted that it was pretty ok afterward.
We never did get to Slurpees. There were times that a couple of people wanted to go, but the rest of the group didn't, and then an hour or so later a couple of other people would want to go, with the majority still reticent. No biggie.
Overall, it was a fun party between a pretty tightly-knit bunch of friends. And the food was really good. And I'm pretty sure that no one will die of heart break if we don't do an overnighter again. At least not like that. It was pretty rough at the end.
Independence Day and my birthday came and went, and oh my, did I have a good time.
First, we went to Logan for USU's annual firework show there. Leon and Jeff and I went early to get good seats, and of course, eat at Logan's old-timey A&W beforehand. I've eaten at other A&Ws, but they never seem to be as good as that one. We also wanted to visit Willow Park, but there simply wasn't time. So we drove up to USU stadium and staked out a place in line. Leon and Jeff passed the time by beating up their Gameboys, and I listened to an audio book.
The audio book was "A Walk In The Woods", by Bill Bryson, narrated by the author, and not, as I first thought, by John Malkovich. Yes, really. They sound exactly the same, weird cadence and all. Y'all know by now that I don't link to products that don't impress me. "Walk In The Woods" was a really great listen. I highly recommend it.
And John Malkovich, if you're idly Googling yourself and you stumble on this post, please do consider looking into voice work for audio books. An unusual voice helps keep the audio book interesting, and it certainly helped an already excellent work in this case.
Logan, sadly, has Homeland Security Paranoia Shit (hereafter referred to as HSPS) going on. You can't bring in a glass bottle in a cooler, but I wore a knife on my hip right through the gate, and it could very well have been a gun and no one would have noticed. Granted, the knife is my treasured Leatherman, and not really an ideal choice if you're looking to let massive amounts of blood, but the airlines are afraid enough of my Leatherman, so you tell me.
Folks, when can we start to be clueful about this again? Searching people does not make me feel more secure, it makes me feel less secure. And your plainclothes guys walking around, trying not to look conspicuous? Yeah, right. Can you tell me what's more secure than a stadium full of law-abiding citizens packing weapons (be they knives, guns, or broken bottles)? I bet you can't.
The Logan show is sponsored annually by Fireworks West, a Utah outfit that designs for and supplies professional fireworks shows. Fireworks West likes to show off their new stuff at the Logan show, and this year we saw shells burst into giant smiley faces. I know, not that impressive, but they've debuted more exciting things in the past.
The long and short of it is that the Logan show has been declining in the last few years, and I'm not sure that I'll keep the family tradition next year and attend. For one thing, tickets are now $6 per person, for a show that's been shorter every year for the last five shows.
The entertainment is getting more, well...unbearable. They've clearly been spending as little as possible to get someone on stage who at least knows what a guitar is, and invariably, this person also tries to hold and play a guitar, which is a big mistake. They also did away with the sky divers. I liked that part as a kid, and they just don't do it anymore.
Here. Take the Clearfield show as a study in contrasts.
- It's free. Did I mention it's free? This is a big deal. My whole family went and the only expense was dinner. Free.
- There are firemen and police everywhere, but they're there to help instead of stare at you and pretend they're not staring at you.
- They allow vendors in for a reasonable price, giving the event a well-rounded selection of food and other crap to buy (I didn't, but I like choice).
- Nobody searches anything. But if you do something stupid, the cops will be there in a heartbeat (see my post about cops for a fun story involving this show).
- There are no damned "entertainers" to fight to ignore, so I can talk to my family, or ponder the sky, or listen to my audio book in peace.
- Grass. Bare feet and grass and a warm day and my own, comfy folding chair. AHHHHHHHhh.
- Room (and grass, mind you) for my kids to run around and have fun.
- A huge fireworks show. Longer, bigger, and better in every way that matters than the Logan show. For free.
- They put fireworks down on the grass in the stadium, and that's cool, but I'd rather sit down there, where it's cool and soft, than in a hard seat up above. Either open up this area to seating, or bring back the sky divers and let them land there again.
- Get real on vendor prices. How do I know anything about this? Do you remember the first five years you had light ropes? That was my family you contracted with, and you raised the commission on us every year until we couldn't afford to do it anymore. It was fun and we didn't mind paying for the privilege, but you've got to ease up on the greed quotient.
- Find a better way to entertain us before the fireworks, if you must. I remember when the organizers of a fireworks show would broadcast the program on an FM radio station. Perfect. Give us a choice whether or not to listen.
- Finally, trust your public and trust your public servants. Get the damned surveillance van out of there. Be clear about what you expect and have your cops take care of it if a few people mess up.
On the nights between the Logan and Clearfield shows, Jeff, Krys, Andrew and I lit big floral shells in my back yard. We had four tubes running at a time, and with great effect. I found a way to stake down the tubes, so we didn't have to worry about them knocking each other over this year. Last year, we had a tube fall from the force of its launch. It knocked over the tube next to it, and that tube launched its shell about 3/4 of a second later...at my house. Fortunately, the shell bounced off of the roof and broke over the road in front of the house. No harm done, but scary.
The PVR Build Log over at PhischX will have momentous news when I next post. Here's your preview if you read this first: The PVR works. It records, it rewinds, it pauses live TV, and it's all good. There's still work to do, and of course there are details to write about, but that's the gist of it.
And speaking of previews, Does anyone here read Cringely? Well you should. He was blogging long before anyone (even himself) knew what that was. These days he's the resident technology writer for PBS, and he's about to launch something that you will hear about, and probably be part of.
So go here and read about it.
Wednesday, July 06, 2005
Send in the Pundits
Saturday, to celebrate his birthday, I watched recorded TV shows with Jake. It was fun, especially since I got to watch some recent Daily Show episodes. I’ve missed Jon Stewart’s coverage of world events, which I used to watch regularly back in my college days (it was a great way to start my night).
One guest we watched was Howard Dean, the former Governor of Vermont and Presidential Candidate, as well as the current DNC chairman. I have never liked that man. I’m not sure why anybody trusts him with anything, or why they talked about trusting the country to him (I suspect that it was a complicated ruse to draw attention away from the legitimate candidate until later in the campaign, while drawing attention to the party). (I also admire his ability to draw people to him, especially since I don’t understand what it is that draws them.) I’m not sure just where Jake stands, politically, although I know that he very much wanted Bush to lose the last election (I think it was due to Michael Moore’s feature length editorial), but he definitely has right wing leanings too.
I digress. The point is that I wanted to give some answer to every thing that came out of his mouth, and the only thing keeping me back was a desire to not offend my friend and host. I was thinking about this, and how during the last election I spent all evening, into the night, watching the punditry and commentary on CNN (a respectable, but decidedly left-leaning group), and I realized that I like this sort of thing. I like addressing the vague statements, overgeneralizations, straw men, and demagoguery that comes out. In all fairness, I don’t just tackle liberals. I’ll take on O’Reilly’s bull too. I just enjoy it, that’s all.
One guest we watched was Howard Dean, the former Governor of Vermont and Presidential Candidate, as well as the current DNC chairman. I have never liked that man. I’m not sure why anybody trusts him with anything, or why they talked about trusting the country to him (I suspect that it was a complicated ruse to draw attention away from the legitimate candidate until later in the campaign, while drawing attention to the party). (I also admire his ability to draw people to him, especially since I don’t understand what it is that draws them.) I’m not sure just where Jake stands, politically, although I know that he very much wanted Bush to lose the last election (I think it was due to Michael Moore’s feature length editorial), but he definitely has right wing leanings too.
I digress. The point is that I wanted to give some answer to every thing that came out of his mouth, and the only thing keeping me back was a desire to not offend my friend and host. I was thinking about this, and how during the last election I spent all evening, into the night, watching the punditry and commentary on CNN (a respectable, but decidedly left-leaning group), and I realized that I like this sort of thing. I like addressing the vague statements, overgeneralizations, straw men, and demagoguery that comes out. In all fairness, I don’t just tackle liberals. I’ll take on O’Reilly’s bull too. I just enjoy it, that’s all.
Subscribe to:
Posts (Atom)