my non-techie friends [LWN.net]

my non-techie friends

Posted Mar 31, 2004 20:40 UTC (Wed) by jamienk (guest, #1144)
Parent article: Utah's anti-spyware law

I have a few friends who run Windows because it came with their computer and the tech support people from their ISPs etc assume Windows. I am shocked at what I see when I look at their computers. They are completely overrun by a multitude of pop-ups, desktop icon ads, shifting home pages, grabbed MIME-type associations, viruses, worms, etc. They are seriously 0wned. It gets to a point where the malwares -- including multiple versions of multiple anti-virus programs, Active X toolbars, aps running in the tray, services, Autoexec.bat entries, strangely named processes -- are in a constant battle with each other, popping up a plethora of virus warnings, gambling come-ons, gay porn slide-shows, password-prompts, and sign-up demands from a mix orf "trusted" and unknown sources. (Is it ok to act on a dialog box demand from a company called "Securityresponse?") They recieve letters of warning from Time Warner cable, bounced spam, and spend hours on tech support with a know-nothing trying to configure their Windows auto-update, which is yet one more pop-up that they sometimes decide to click "OK" for, hoping that it'll solve one of their many issues.

They are completely resigned, consider it a matter of course that their privacy can be invaded at any time by anyone, and know that no matter how well I fix everything for them, it will all go to hell again soon.

(Log in to post comments)

my non-techie friends

Posted Apr 1, 2004 7:45 UTC (Thu) by hingo (guest, #14792) [Link]

Umm... In fact Lindows seems to have copied its' security policies from Microsoft. Unless things have recently changed, the default install ends up with the user running everything as root, and root has no password anyway.

Of course, even using an unsecure Linux distro is better than Windows, since not many worms or spyware are written for Linux yet. But I don't see why we would need to recommend such an unsecure distro to anyone.

Now Mandrake on the other hand... There you have a distro that's easy to use and still does it the right way.

Lindows policy

Posted Apr 1, 2004 12:51 UTC (Thu) by grantingram (guest, #18390) [Link]

Well according to lindows.com they ask the user to specify a root password during the install, you can bypass it - but then you can do that with Mandrake too.

There is a wonderful interview (osnews.com) that is so full of enthusiasm that it almost makes me want to buy it!

However I'm already using Mandrake...

Lindows policy

Posted Apr 1, 2004 14:02 UTC (Thu) by hingo (guest, #14792) [Link]

Ok, thanks for the update. In fact it is reassuring to read that interview, I mean to see that they actually have people who know what they are doing. Even if their solution still isn't as paranoid as it could, be it's assuring to see that they know it's an issue. (Compare: I know I shouldn't use perl, but I still do occasionally, because it's often the easiest way out.)

But since you/we have brought it up, have you ever tried to log in as root in Mandrake? First of all, it's not easy, since root is not an option in the kdm login screen. And if you are still stubborn enough to get logged in (via startx or by adding root to the list of kdm users) You are greeted with an annoyingly red background and a message box telling you to immediately log out and start using a normal user account. This is more than most other distributions do. Nice to know that somebody cares about me.

henrik

Mandrake and root logins

Posted Apr 2, 2004 5:47 UTC (Fri) by Duncan (guest, #6647) [Link]

> [H]ave you ever tried to log in as root in Mandrake?
> [I]t's not easy, since root is not an option in the kdm login screen.

I'm a Mandrake user, and never had an issue logging in as root.

Of course, I very quickly set my system to boot level 3 text consoles, instead of level 5
DM, as well (yes, even as a beginner, as I'd asked for recommendations on some good
Linux books and read O'Reilly's "Running Linux" when I decided to do more than play
with Linux as a toy, which was about time MSWormOS came out with eXPrivacy..
talking about spyware.. and was compiling my own kernels even before I'd found
suitable mail and news clients in Linux, and was therefore still booting MSWormOS to
run OE!), and invoked KDE, my desktop of choice, from a logged-in user at the console.

However, I seldom log into an X session as root. I think the last time I did it was to
check what I suspected was permission issues, as I couldn't log in as a normal user. It
turned out I was right, but as soon as I'd had it confirmed by successfully logging in as
root, I logged back out, to complete the rest of my trouble shooting and fixing at the
console or with the good old mc.

I do, BTW, think Mandrake's policy is about right. Anyone not at home at the command
line NEEDS a DIRE warning if they somehow get an X session as root!

Duncan