Hi Kelly, Back in the 1930's I had 3 Model "AP Fords. I was in high
school. money was short, but Model "A: Fords were simple of design and
any kid worth his salt could figure out how to keep it running. Today
the average car owner is stumped when the little amber light on the
instrument panel glows ans says, "Check Engine". I am sure there aare
nanuals telling the car owner how to fix the problem, but unless the
owner has completed a master mechanics course, owns an expensive set of
tools, gauges and specialized diagnostic equipment ans more
importantly knows exactly how to use these aids, he will probably have
to call a tow truck to haul it back to his car dealer and let the
dealer's master mechanic resoluve the problem. As far as flat tires are
concerned, well most any fool can slap on the puny spare tire furnished
on today's cars and linp at no more then 35 MPH and less than fifty
miles to get a replacement.
Kelly. please don't get me wrong. I love my computer and I would be
dead in the water without it. The unfortunate truth for me is: when the
computer is down for any reason; I have lost my personal information
hyway to the solution.
Thank God that wonderful 100 + year old devise is stil simple, the one
hooked to two copper wires is still in uce today, and "THEY" fix it for
me when it quits working.
Gosh, I feel much better now.
Ciao, Gordon
PS. Thanks for letting me know that many in the VICUG are just plain
users and not PC gurus.
####
Kelly Pierce wrote:
>
> It was a little disappointing to find that many in the vicug here didn't
> like reading manuals and understanding specifications of peripheral
> devices. I guess I believe in information self-sufficiency. I not only
> want to use my system, but be able to configure, install, troubleshoot,
> repair, and upgrade it too. It is like the car owner who can also change
> his oil, flush out valves, and replace his tires.
>
> Now that all many of the technology related resources, including books
> and manuals, are accessible, I am happy that I can utilize them.
>
> There are communities like vicug-l to get support and aid too.
>
> Kelly
>
> ----- Original Message -----
> From: "Gordan Wahl" <[log in to unmask]>
> To: <[log in to unmask]>
> Sent: Tuesday, August 26, 2003 11:19 AM
> Subject: Re: Microsoft Windows: Insecure by Design
>
> > Hi Peter, Thanks for the article and all the information it contained.
> > I just have one problem. Its like the Gourmet Expert on fine dining,
> > whin asked how a fine dish was prepared, replyed, "I don't Know. I am
> a
> > 'eater' mot a 'cooker'. So as a blind PC user, "I just know how to use
> > it. I don't know how to keep it well, or how to fic it when it gets
> > sick."
> > Next question. Am I the only one who has this problem?
> > Gordon Wahl
> >
> >
> > ####
> > Peter Altschul wrote:
> > >
> > > http://www.washingtonpost.com/wp-dyn/articles/A34978-2003Aug23.html
> > >
> > > Microsoft Windows: Insecure by Design
> > >
> > > By Rob Pegoraro
> > > The Washington Post
> > > Sunday, August 24, 2003; Page F07
> > >
> > > Between the Blaster worm and the Sobig virus, it's been
> > > a long two weeks for Windows users. But nobody with a
> > > Mac or a Linux PC has had to lose a moment of sleep over
> > > these outbreaks -- just like in earlier "malware"
> > > epidemics.
> > >
> > > This is not a coincidence.
> > >
> > > The usual theory has been that Windows gets all the
> > > attacks because almost everybody uses it. But millions
> > > of people do use Mac OS X and Linux, a sufficiently big
> > > market for plenty of legitimate software developers --
> > > so why do the authors of viruses and worms rarely take
> > > aim at either system?
> > >
> > > Even if that changed, Windows would still be an easier
> > > target. In its default setup, Windows XP on the Internet
> > > amounts to a car parked in a bad part of town, with the
> > > doors unlocked, the key in the ignition and a Post-It
> > > note on the dashboard saying, "Please don't steal this."
> > >
> > > Not opening strange e-mail attachments helps to keep
> > > Windows secure (not to mention it's plain common sense),
> > > but it isn't enough.
> > >
> > > The vulnerabilities built in: Security starts with
> > > closing doors that don't need to be open. On a PC, these
> > > doors are called "ports" -- channels to the Internet
> > > reserved for specific tasks, such as publishing a Web
> > > page.
> > >
> > > These ports are what network worms like Blaster crawl in
> > > through, exploiting bugs in an operating system to
> > > implant themselves. (Viruses can't move on their own and
> > > need other mechanisms, such as e-mail or floppy disks,
> > > to spread.) It's canonical among security experts that
> > > unneeded ports should be closed.
> > >
> > > Windows XP Home Edition, however, ships with five ports
> > > open, behind which run "services" that serve no purpose
> > > except on a computer network.
> > >
> > > "Messenger Service," for instance, is designed to listen
> > > for alerts sent out by a network's owner, but on a home
> > > computer all it does is receive ads broadcast by
> > > spammers. The "Remote Procedure Call" feature exploited
> > > by Blaster is, to quote a Microsoft advisory, "not
> > > intended to be used in hostile environments such as the
> > > Internet."
> > >
> > > Jeff Jones, Microsoft's senior director for "trustworthy
> > > computing," said the company was heeding user requests
> > > when XP was designed: "What customers were demanding was
> > > network compatibility, application compatibility."
> > >
> > > But they weren't asking for easily cracked PCs either.
> > > Now, Jones said, Microsoft believes it's better to leave
> > > ports shut until users open the ones they need. But any
> > > change to this dangerous default configuration will only
> > > come in some future update.
> > >
> > > In comparison, Mac OS X ships with zero ports open to
> > > the Internet.
> > >
> > > The firewall that's down: A firewall provides further
> > > defense against worms, rejecting dangerous Internet
> > > traffic.
> > >
> > > Windows XP includes basic firewall software (it doesn't
> > > monitor outgoing connections), but it's inactive unless
> > > you use its "wizard" software to set up a broadband
> > > connection. Turning it on is a five-step task in
> > > Microsoft's directions (www.microsoft.com/protect) that
> > > must be repeated for every Internet connection on a PC.
> > >
> > > Mac OS X's firewall isn't enabled by default either, but
> > > it's much simpler to enable. Red Hat Linux is better
> > > yet: Its firewall is on from the start.
> > >
> > > The patches that aren't downloaded: Windows is better
> > > than most operating systems at easing the drudgery of
> > > staying on top of patches and bug fixes, since it can
> > > automatically download them. A PC kept current with
> > > Microsoft's security updates would have survived this
> > > week unscathed.
> > >
> > > But hundreds of thousands, if not millions, of Windows
> > > systems still got Blasted, even though the patch to stop
> > > this worm was released weeks ago.
> > >
> > > Part of this is users' fault. "Critical updates" are
> > > called that for a reason, and it's foolish to ignore
> > > them. (The same goes for not installing and updating
> > > anti-virus software.)
> > >
> > > The chance of a patch wrecking Windows is dwarfed by the
> > > odds that an unpatched PC will get hit. And for those
> > > saying they don't trust Microsoft to fix their systems,
> > > I have one question: If you don't trust this company,
> > > why did you give it your money?
> > >
> > > Microsoft, however, must share blame, too. Windows XP's
> > > pop-up invitations to use Windows Update must compete
> > > for attention with all of XP's other, less important
> > > nags -- get a Passport account, take a tour of XP, hide
> > > unused desktop icons, blah, blah, blah.
> > >
> > > Microsoft's critical updates also are absent from retail
> > > copies of Windows XP, forcing buyers into lengthy
> > > Windows Update sessions to get the fixes since last
> > > year's Service Pack 1 upgrade. At least the version of
> > > XP provided to PC manufacturers is refreshed once a
> > > quarter or so -- and Microsoft says it's working to
> > > shorten this lag.
> > >
> > > The lack of any limit to damage: Windows XP, by default,
> > > provides unrestricted, "administrator" access to a
> > > computer. This sounds like a good thing but is not,
> > > because any program, worms and viruses included, also
> > > has unrestricted access.
> > >
> > > Yet administrator mode is the only realistic choice: XP
> > > Home's "limited account," the only other option, doesn't
> > > even let you adjust a PC's clock.
> > >
> > > Mac OS X and Linux get this right: Users get broad
> > > rights, but critical system tasks require entering a
> > > password. If, for instance, a virus wants to install a
> > > "backdoor" for further intrusions, you'll have to
> > > authorize it. This fail-safe isn't immune to user
> > > gullibility and still allows the total loss or theft of
> > > your data, but it beats Windows' anything-goes approach.
> > >
> > > Because Microsoft blew off security concerns for so
> > > long, millions of PCs remain unpatched, ready for the
> > > next Windows-transmitted disease. Microsoft needs to do
> > > more than order up another round of "Protect Your PC"
> > > ads.
> > >
> > > Here's a modest proposal: Microsoft should use some of
> > > its $49 billion hoard to mail an update CD to anybody
> > > who wants one. At $3 a pop (a liberal estimate), it
> > > could ship a disc to every human being on Earth -- and
> > > still have $30 billion in the bank.
> > >
> > > Living with technology, or trying to? E-mail Rob
> > > Pegoraro at [log in to unmask]
> > >
> > > __________________________________________________________________
> > > McAfee VirusScan Online from the Netscape Network.
> > > Comprehensive protection for your entire computer. Get your free
> trial today!
> > >
> http://channels.netscape.com/ns/computing/mcafee/index.jsp?promo=393397
> > >
> > > Get AOL Instant Messenger 5.1 free of charge. Download Now!
> > > http://aim.aol.com/aimnew/Aim/register.adp?promo=380455
> > >
> > > portside (the left side in nautical parlance) is a
> > > news, discussion and debate service of the Committees
> > > of Correspondence for Democracy and Socialism. It
> > > aims to provide varied material of interest to people
> > > on the left.
> > >
> > > Post : mail to [log in to unmask]
> > > Subscribe : mail to [log in to unmask]
> > > Unsubscribe : mail to [log in to unmask]
> > > Faq : http://www.portside.org
> > > List owner : [log in to unmask]
> > > Web address : <http://www.yahoogroups.com/group/portside>
> > > Digest mode : visit Web site
> > >
> > > Your use of Yahoo! Groups is subject to
> http://docs.yahoo.com/info/terms/
> > >
> > > VICUG-L is the Visually Impaired Computer User Group List.
> > > To join or leave the list, send a message to
> > > [log in to unmask] In the body of the message, simply
> type
> > > "subscribe vicug-l" or "unsubscribe vicug-l" without the quotations.
> > > VICUG-L is archived on the World Wide Web at
> > > http://maelstrom.stjohns.edu/archives/vicug-l.html
> >
> >
> > VICUG-L is the Visually Impaired Computer User Group List.
> > To join or leave the list, send a message to
> > [log in to unmask] In the body of the message, simply
> type
> > "subscribe vicug-l" or "unsubscribe vicug-l" without the quotations.
> > VICUG-L is archived on the World Wide Web at
> > http://maelstrom.stjohns.edu/archives/vicug-l.html
> >
>
> VICUG-L is the Visually Impaired Computer User Group List.
> To join or leave the list, send a message to
> [log in to unmask] In the body of the message, simply type
> "subscribe vicug-l" or "unsubscribe vicug-l" without the quotations.
> VICUG-L is archived on the World Wide Web at
> http://maelstrom.stjohns.edu/archives/vicug-l.html
VICUG-L is the Visually Impaired Computer User Group List.
To join or leave the list, send a message to
[log in to unmask] In the body of the message, simply type
"subscribe vicug-l" or "unsubscribe vicug-l" without the quotations.
VICUG-L is archived on the World Wide Web at
http://maelstrom.stjohns.edu/archives/vicug-l.html
|
