jump to navigation

Security: The Same Mistakes in 2009 1 January, 2009

Posted by aronzak in security, Virtualisation, Windows.
Tags: , , , , ,
1 comment so far

An article that was on Slashdot today shows that after the malware makers that brought us “XP Antivirus 2008” have now made “XP Antivirus 2009”, which has infected over 400,000 PC’s. Have you updated to the latest threat? Now, new and improved, this version is compatible with Vista.

The inevitable question we must ask is are users getting any smarter about security? And the real question is will computer security ever be able to defend dumb users from themselves. Probably not. You can make something as annoying as UAC and users will still get hit.

*sigh*. In other news, the results of a “malware challenge” are out, with reports produced on how malware works and what it does to computers. Using a safe virtualised environment, the top entry, by Emre Bastuz examines the changes to the Windows registry that a virus makes, and sets up a fake network to observe the virus keylogging Windows and sending data back to the ‘host’ server by IRC. Pretty cool. I was thinking, would it be possible to make an open source tool that can automate this some of process and make it easier to respond to malware in the wild? Doing something like this would be fun and could help projects like ClamAV, an open source antivirus program.

Advertisements

Windows vs Linux mk 2 26 December, 2008

Posted by aronzak in Linux, Windows, XP.
4 comments

A short while ago, I installed Windows XP on one of my computers. *horror*. It’s not so bad. It does some things quite well. Even after bloating it up with about 50 open source apps, it still seems to chug away quite merrily. I gor rid of the antivirus software, as it slowed the system down. What is this  ‘virus’ thing that everyone keeps talking about anyway? Today, a win to Linux and a win to Windows XP.

Round 1: Camera images. Winner: XP

First, I tried to copy some images off a camera. Not having a card reader handy, I used the camera itself. Plugging it into Debian did SFA. didn’t bother doing anything. Ubuntu seemed not to want to boot a few times (she can be rather tempramental) and finally, when it did, it failed. A camera icon came up, clicking on which did nothing. CentOS failed, bringing up an error that some driver or another wasn’t there. Plugging this into the XP installation, it worked straight away, with no need for any extra software. I remember the dumbed down system is terrible, so I opted to use ‘advanced mode’ and just copy the pictures straight off the machine. Worked a treat. Win to XP.

Round 2: Shell extensions. Winner: KDE

Right. THat was done. Next, I had a bizarre idea of trying to make QEMU easier to use by creating a shell extension in the context menu, so that I can double click on a disk image (.iso) and automatically virtualise it. It isn’t at all obvious how to do this. Searching for some combination of ‘context menu’ and ‘windows XP’ on the net is disastrous. Huge numbers of results come up, all telling me a very particular way of doing one particular thing. Most of them want me to install thier own crappy freeware utilities, which will pimp out some aspect of my context menu or another. After going through the registry (I remember that thing! I hate it! I really do hate it! In fact, it’s the worst thing there is about Windows. It’s worse even than shared dlls, which accumulate like cholesterol) in several different places, and hoping that modifying any of the different keys and values wouldn’t set my computer on fire, I achieved little. Well, now I can get a command prompt to open when I click on a folder.

After ploughing through the arcane scrolls of the Windows registry, I decide to venture into ‘Folder options’ and file associations. I have to create my own entry for .iso, as the dumb system doesn’t recognise it by default (come on!). Anyway, the long and short of all of this is that after spending over an hour loking up different things nothing worked. Amazingly, QEMU seems to like being run from a shell, and given the name of an iso after -cdrom, but using “%1” does not work. Really strange.

Then, swith to KDE to see if it is possible. I right clicked on an iso, clicked on “open with > other” and then clicked on a drop down box. I noted vlc %U, then simply entered qemu -cdrom %U. Works a charm.That took me two clicks and about ten seconds. Win: Linux.

Really, the final winner is Linux. I know that pictures have worked for me straight away with no hassles in Ubuntu before, but that was an old install. It’s the conficurability that gets me more. I mean, I wasted a whole lot of time on the assumption that operating systems are made to be configured to suit the user’s needs. With Windows, this simply isn’t true.

I think that the whole XP experience has taught me a few useful lessons.

1. Linux is not ‘vastly superior’. Many Linux people have not used Windows on a powerful computer at home. The last version of Windows that I had run before was ME, which was fairly unimpressive. I had only seen XP on an underpowered laptop (where it ran appalingly) and on school and uni machines. I think that there’s a risk of ‘setting up the straw man’. That’s when you argue against a something that you claim is an opposition’s arguement, but isn’t. There’s a risk of that if Linux people have never really used Windows for themselves, and merely rely on what other Linux people tell them. Finally, I think that it’s good to acnowledge this:

Windows XP is good but has some faults.

Windows Vista is good but has many faults.

Mac OSX is good but has some faults.

Linux is good but has some faults.

In some tests, Linux will vastly outperform Windows. But that;s just propaganda. In reality, both have their strong points and substantial weak points. Windows is mainly weak on letting power users get on with what they want to do. Linux is extremely weak at helping new users, but is getting much better.

2. Open source is best marketed on the Windwos platform.

There are hundreds of open source applications that are cross paltform and will run under Windows. More people downloaded Open Office 3 Windows executables than Linux packages when it came out. Yes, many Linux people will use their distribution’s own software updating system to get a new version, but still, it says something. I think that trying to get people to use open source programs will be more successful if you offer them new applications, rather than a whole new operating system. People are generally afraid of breaking their system, and having to ‘learn something new’. Keep a few installers on a USB stick, as well as a live Linux distribution.

The Open Disk 5 December, 2008

Posted by aronzak in Windows, XP.
Tags: , , , , , ,
2 comments

Microsoft is getting slightly desperate. Smart students can use Linux for free, making universities a free software heartland. In response, they run a program called MSDN academic alliance, allowing Computer Science and Software Engineering IT people to give out free copies of XP Professional, Vista 32 bit and a whole lot of other Microsoft tools. These departments have to pay $2000 every three years, and can give out as many copies as they like. Effectively it’s free, paying for itself with ten copies of XP, which could be given out in no time.

Installing my free, and indeed legal copy of XP was easy. Unlike with bootleg versions, I haven’t had any problems. In fact, my desktop’s mainboard had a driver CD that means that I actually have working integrated 3D graphics, something I haven’t managed in Linux.

The first thing that you will notice when you move from Linux to Windows is that Windows comes without any useful software (whatsoever). Though it has just enough to make your computer usable. To do this, open up Internet Explorer, go to firefox.com and proceed to download. This is IE’s most useful feature. Next, Download 7-zip, and download the Open Disk.

The Open Disk is a CD that has a collection of useful open source software for Windows, including Firefox and OpenOffice along with Inkscape, the GNU IMP, and a whole lot of others. This makes it a great tool for yourself, but the best thing is that you can burn a whole lot and give them out.

While, according to NetApplications, Linux has less than 1% OS market share, Firefox has 20% browser share. If you credit some figures, that’s as much as 30% in some areas, such as Europe. When people hear about cool software, they are more likely to install an application than install a whole OS. I think using the Open Disk for FOSS advocacy will be more successful than trying to give out whole Linux distributions. But that’s just me.

One final thought, what about all of the others like me that are installing Windows using MSDNAA? They are a prime target for FOSS advocacy, as they probably already know about Firefox, and don’t have much software on their computers to start with. I think this page should be used as a hit list.

Promised NSW Laptops: Linux in the wings? 30 November, 2008

Posted by aronzak in Linux, Netbooks, Open Office, Windows.
Tags: , , , , , , ,
add a comment

In the 2007 Australian Federal Election, the incoming Labor leader, now Prime Minister, Kevin Rudd, promised federal spending on the state’s education systems, particularly to increace access to computers, calling it an ‘education revolution’. Reading the Sydney Morning Herald this morning, it turns out that the New South Wales (NSW) Government will spend money by buying netbooks, probably 10″ models, for secondary school students.

A prize phrases in the article is

“NSW stands ready to deliver teenager-friendly, custom-built laptops to the nation,”

What does the phrase ‘teenager friendly’ mean? It is likely to refer to the design, being lightweight and portable. But when I read it, it just sounded like the OS. There’s another interesting phrase here:

These custom-made laptops are … powerful enough to support all the IT needs of our high school students.

Just what are the IT needs of the high school students? Facebook? MySpae? But I digress… If you consider the needs of a student to be working on documents in an office suite, then Linux should be fine. In fact Linux may be an advantage, given that it will be harder for students to install games. Unfortunately, OpenOffice is not percieved to be fully compatible yet. Students typing out a document in OO then wanting to work on in on their school computer, that has MS office, there will be problems. Will there be pring servers set up to work?

So, I think that Linux is a good posibility, but the education department probably isn’t that smart. They don’t understand Linux, and that’s a problem. If they go Linux, MS will probably come along and lobby. Nothing is beneath them. When I first heard this issue discussed, over a year ago, the only $500 netbook was the Linux EEE. Now there are plenty of XP models for less.

ReactOS; a free alternative to Windows 26 November, 2008

Posted by aronzak in Windows.
Tags: , , , , , ,
6 comments

“For every action there is an equal and opposite reaction” is where ReactOS, what is essentially an attempt at a free Windows clone, derives its name. The project aims to be ‘binary compatible’ with Windows NT, which XP, Vista and the upcoming 7 are based on, meaning that users will be able to run native Windows applications without forking out for a licence from Microsoft, or turning to Bittorrent. It’s an ambitious goal, which, understandably, will take a long time to reach. It’s still in alpha, and aims to be 50% compatible with the NT kernel in version 0.4. But, despite being in the alpha stage of development, it can run some programs without a hitch. You can download .iso images from the main website, or prebuilt disk images for VMware or QEMU. The OS should only be installed on test machines. Virtualising is safer and easier.qemu

Running ReactOS in QEMU seems to work quite well. The system boots up fairly quickly, but then runs slightly sluggishly, possibly because I have not set it up optimally. After the boot, you are confronted with a Windows 2000 look that just seems out of place in today’s operating system shells. There are no programs bundled with it (as one would expect from Windows), but you can use an inbuilt downloader that should automatically install programs from the project’s subversion repository. I didn’t have any luck with it. So, I quickly make an iso with programs from Portable apps on my USB stick. These run with a varying degree of success.

TrueCrypt, AbiWordPortable, Notepad++Portable, PortableAppsBackup, WinSCPPortable and 7-ZipPortable all seem to work.

PortableAppsMenu opens, and can spawn other applications, but it’s image is out. Otherwise it works.

ClamWinPortable opens a window, but does not have any icons, and freezes the OS after it successfully brings up a configuration dialogue.

VLCPortable cause the whole OS to crash in version 0.3.6, but running the latest build it starts. Icons are missing, however, and the logo seems to be upside down and blue (Inversed colours?) (???), some icons are missing, and trying to open a dialogue to open media causes the program to crash. Might be a long day tomorrow on IRC.

Both SunbirdPortable and PuTTYPortable had some errors and did not start.

So, as you see, there’s quite a range. But generally, there is a lot of programs that seem to be able to run fine. There’s a fair bit of testing going on, to establish application and driver compatibility, and to address issues. ReactOS is a neat collection of software that you can download and try out with virtualisation. But it’s not an OS to install on your computer, and probably never will be. One of the main premises behind the OS is that Linux is too complicated for most uders and they will never be able to use Free software that is diffrent from Windows. I think that this is wrong, especially given Linux’s long history of development. Also, doubts are handing in the air as to weather or not ReactOS really is a clean reverse engineering process, or weather code was stolen from the Windows kernel. There are no real IP threats to Linux.

XO 18 November, 2008

Posted by aronzak in Windows, XP.
Tags: , , , , ,
add a comment

The New York Times is running an article on how media groups are going to donate advertising space to help OLPC. This is intending to sell the pathetic ‘give one, get one’ campaign. I wanted to write a longer post, but I can’t be bothered and there’s no need. First, one of the main problems with OLPC is that they didn’t let countries order a small shipment of the XOs to do pilot testing. Major flaw.

Second, in the rough words of Hans Rosling; you know about two kinds of countries; developed and developing. I know about 200 kinds of countries. While a customised version of Linux with no printing support or interoperability is great in a few of the deepest, darkest corners of the world, you are forgetting the rest, especially Newly Industrialised Countries (NIC’s). There are vast regions of the world that already have power, internet, printers, etc. Think of the number of poor people across China, SE Asia, Middle and South America, and even Europe. Mexico has power. THey also have a lot of slums. Why would you make a computer that needs to be hand cranked? The first thing that Egypt said was something like ‘will these computer work with our WinXP xomputers?’ And the answer is no. Score 0 OLPC.

Third, if the computers are’nt really that great in NICs, they’re crap in developed countries. What can you do with them. FSJ frequently made fun of the freetard idiots that went out to buy ones.This sums it up:

olpc

And Finally, a quote from FSJ:

it was never about education or poverty or helping kids and was, rather, all about a bunch of amateur techies trying to prove that they could make a better computer than Microsoft and Intel?

Guess what, freetard morons. You couldn’t. You didn’t.

Check out more of his rants here.

Also check out OVPC.(One Velociraptor Per Child)

Edit: If you want a gift to give at Christmas that isn’t useless junk and will actually help children in developing countries, consider something like usefulgifts.org. Lots of charities do these things.

Why Flock is no good. 3 November, 2008

Posted by aronzak in Cloud Computing, Linux, Social Networking, web, Windows.
Tags: , , , , , , , , ,
7 comments

After selling out to the man and getting a wordpress and facebook account, I was reminded of Flock, a web browser focused on social networking. My conclustion is that it is no bloody good (NBG) after less than five minutes. Here’s why:

1. The flock website automatically prompts me to download a windows executable (.exe) unless I allow javascript. The installation instructions are for the windows one to. Linux users are just expected to know how to extract the program themselves and run it (and make their own links).

2. According to Wikipedia, Flock collects usage information, passed back to the company, but it is possible to turn this off during installation. I got no option, because I had no windows installer. I also couldn’t find any options in ‘preferences’. I don’t mind this, but as a matter of principle, the informed user should be able to choose.

3. The first thing after opening it up is you are confronted with buttons. Everywhere. It’s just like FF3, except that there are heaps of extra (useless?) buttons.

4. While the learning curve is high (for a browser), you get a constant stream of patently stupid notifications of the bleedingly obvious. Like, for example, if I didn’t notice that a big blue button turned orange after I clicked on it.

5. While it is good that many websites are supported, the browser is full of advertising, for the sites it supports, as well as some specifically. Stuck striaght into the main bar, in a place where it seems impossible to remove, is a bright orange link to digg.

Why is this elevated above an ordinary link? Who knows? There’s also a button to email a link to a friend. Just in case you weren’t on top of copy and paste.

As well as digg, there are plenty of links to the main Flock site. Also, the browser seems to choose to use Yahoo over Google as a default. This is annoying and counterintuitive to me given that the FF default is to use Google.

4. As well as the search bar, the web address bar by default incorporates searches from Yahoo. Great, you can’t even type a URL without it being passed to a third party. Clearly, this is a sensible default for idiots that cannot remember web addresses.

5. Flock guides you to their own extensions site, ignoring the main Mozilla addons site (many FF addons work). This is a good idea, except that there are 4 addons. Good one.

All of these annoyances are poorly justified by the features available. No, I haven’t subscribed to 26 social networking sites. While many of the features available are interesting, I didn’t find any particularly useful as essentially I don’t get control over them. And yes, I’d rather just rite up my blog posts in a browser window. That’s what google gears are for.

So, all in all, Flock undermines your privacy and irritates you for seemingly little benefit.

Antivirus XP 2008 28 October, 2008

Posted by aronzak in security, Windows.
Tags: , , , , ,
1 comment so far

Are you prepared for the latest security threat (singular)?

Buying Antivirus XP 2008 you protect yourselves from all Trojan and backdoor programs, viruses of the original and the Internet-worms which actually extend now.

That made a lot of sense. I dunno what the original viruses are, but they’re lurking, And those worms just keep extending through the internets. They’re unstoppable; they might just gobble up your own personal internet. Probably because of all the Internet-worm extenders they buy from reputable spammers.More on the chain of “scareware” here.

In other news, I’m surprised at how well google and firefox implement the stopbadware.org warnings. Google with a polite warning, FF by making your screen turn blood red. Pity it’s useless as Debian couldn’t have been hit.

Emergency! Emergency!

Emergency! Emergency!

Linux: Let’s have a threesome 28 October, 2008

Posted by aronzak in Linux, Windows.
Tags: , , , , ,
1 comment so far

This proves that there is a (substantial) difference between mental age and maturity level. I might make a new one with newer logos.

Over 50,000 PCs in Government and Business Running Ubuntu 4 October, 2008

Posted by aronzak in Linux, Windows.
Tags: , , ,
add a comment

The site WorksWithU is a site that shows, with a limited degree of accuracy, the number of PCs knwon to be running Ubuntu in business, bovernment and educational settings. This lists at least 45,570 PCs (or far more, I took the bottom level for some) and 676 servers running Ubuntu Linux. Impressive. The rael number may be much higher, and will continue to grow.

The number of total Linux machines must be far higher.  I can remember a few occurances of other events in the news that show great Linux adoption. Japan has replaced Windows 9x with Dream Linux in some areas, and schools may switch to Linux entirely. In Germany a tax authority moved 12,000 desktops to SuSE Linux. And the BBC has suggested that two thirds of computers in Latin America may be running Linux. And here’s a reason why:

“(Microsoft) are the big monopoly and they come from America. The xenophobic mentality in Brazil actually is what drives people towards open source software in some cases.”

And another:

Gross National Income (GNI) per capita $44,710 $4,710
Cost of Windows Vista Business $186 $364
Cost of MS Office 2007 Standard $289 $587
Cost of Business Licenses as % of GNI per capita 1.06% 20.1%
Cost of Windows Vista Home Basic $116 $252
Cost of Office Home/Student $109 $117
Cost of Home Licenses as % of GNI per capita 0.5% 7.8%
All figures in US dollars. An exchange rate of USD$1 = R$1.70 was used to compute the cost of licenses in Brazil.