Re: Is there anything that actually gets users to fix their computers?
http://www.wired.com/news/digiwood/0,1412,60613,00.html When students first register on the network, they are required to read about peer-to-peer networks and certify that they will not share copyright files. Icarus then scans their computer, detects any worms, viruses or programs that act as a server, such as Kazaa. Students are then given instructions on how to disable offending programs. Kinda' does some of what you want done? s - Original Message - From: Sean Donelan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, October 02, 2003 10:12 PM Subject: Is there anything that actually gets users to fix their computers? Short of turning off their network access, why won't users fix their computers when the computer is infected or needs a patch? The University of Massachusetts posted bulletins, sent an email to all incoming students, included an alert when they connected. Nevertheless, almost three months after Microsoft released the critical patch and almost two months after the first Blaster worm was released over 1,600 students failed to patched their computers. Eventually, the University started shutting off network access for the students and charging $3 for the CD with the patch and $25/hour for support to clean the student's computers. http://www.dailycollegian.com/vnews/display.v/ART/2003/10/03/3f7cfeb12c8c2 Some students told the staff that they thought the University gave their systems a virus. By no means was this a UMass internet problem, said Fairey. People were probably infected before they got to campus. One student threatened to sue OIT, arguing that the offices did not have the right to turn off her port. We have policies that clearly state our right to shut off systems, mentioned Fairey. It's not something that we want to do. It's a nightmare.
Re: Is there anything that actually gets users to fix their computers?
At 3:26 PM -1000 10/9/03, Michael Painter wrote: http://www.wired.com/news/digiwood/0,1412,60613,00.html When students first register on the network, they are required to read about peer-to-peer networks and certify that they will not share copyright files. Icarus then scans their computer, detects any worms, viruses or programs that act as a server, such as Kazaa. Students are then given instructions on how to disable offending programs. Kinda' does some of what you want done? s Icarus. Just sort of scares me that some students might use a hair dryer on his wings.
Re: Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
Sean Donelan wrote: The difference being campus machines are null routed rather than disconnected, and they are not reconnected until checked and clean. And once again, the question: how do you know the machines have been checked and cleaned before they are reconnected? Do you take the customers word, or do you perform some other check yourself? If it's in the campus we take their word for it the first time (local/dept IT personnel only). Dialups/externals we take their word for it the first time. Second time for campus machines they are usually checked over by a member of the ITS security team. Second time for dialups/externals again take their word for it, however warn strongly about the 3rd time. Third time externals/dialups don't connect with us again. Campus machines - I have yet to have this happen. Network security is high priority here and it doesn't matter what machine is compromised, they are all disconnected in one way or another, and yet we still have to nuke machines occasionally because of suspicious (DDoS/scanning etc) traffic. Seems like a re-active policy. Why don't you check the computers before they start exhibiting suspicious behavior, such as when they are first connected to the network? Waiting until after the computer is compromised is too late. Already doing this... except we are also actively scanning (new policy) all computers connected periodically. It has taken a lng time to get the train of thought that scanning is a good thing. (FYI using Nessus) Should commercial service providers have the same policy when new customers connect to the network? That is still reactive here, but I see no real reason why it shouldn't be. Or is it considered a bad thing to warn customers about vulnerabilities in their computers in advance. Instead waiting until after your receive a complaint about something exploiting those vulnerabilities before taking action? Personally I feel there are 3 problems 1/ Some people are already security concious and will give you merry hell over security scans (filling logs, false positives etc) 2/ Some poeple consider it an invasion of privacy - personally I'd tell these people to go else where if it was upto me. 3/ People install software after installing the machines and getting them connected. / Mat
Re: Is there anything that actually gets users to fix their computers?
At 8:15 PM -0400 10/6/03, Jeffrey S. Young wrote: It's a difficult thing for all of us when j.random users start to discover things like personal firewall. I had one threaten me personally with 'investigation' by the FBI because my system was attempting to break into his PC He sent it to my account, no cc: to abuse. I'm quite sure these are off topic. But I have to say my favorite response came early in the wormalert hoax, when I was attempting to respond by hand to people asking them to stop sending us email. I received this reply. Gather evil into your briars Reflect negativity back to its sender all ill will or any blight Snatch from the air and send it back in flight Seek out the one who did this deed That it return to them thrice by magick's creed Hence more contact made by he spew his negativity back times three. So Mote It Be I'd never been formally cursed before. Sure beats a DoS attack. -- Kee Hinckley http://www.messagefire.com/ Next Generation Spam Defense http://commons.somewhere.com/buzz/ Writings on Technology and Society I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
On Sun, 5 Oct 2003, Suresh Ramasubramanian wrote: Kee Hinckley [05/10/03 00:57 -0400]: Bringing this back to the more relevant topic. Is there something that ISPs could do to notify users and get in their face more without shutting off their connection? Perhaps a custom piece of I have seen corporate and university networks that make every PC have PC Anywhere or its equivalent as part of the standard install, for activity to be monitored. There are some differences between private networks and public networks. In a company, the company is the owner of the PCs and employees (in the US) have little expectation of privacy using company computers. On the public network, generally the customer owns the computer not the ISP. How far should an ISP go monitoring the activities of their customers? ISPs can and do notify customers by many methods such as popups, email, mail, phone calls, knocking on the door, etc. Notification doesn't seem to be the problem, but of the customer taking action. And even if the customer is willing, its difficult for them to tell if they have actually fixed their computers. Windows XP System Restore and anti-virus programs don't get along well. Booting Windows in Safe Mode requires dexterity. Most people don't have sniffers to check what their computers are transmitting. Sometimes it takes a non-expert several attempts to completely fix things. So from an ISPs point of view, is there a way for the ISP to quickly tell the customer if the particular computer is fixed without unduly intruding on the privacy of the customer? With home networks, there may be multiple computers behind a NAT/router/firewall. So a simple network scan doesn't always work.
Re: Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
Sean Donelan [05/10/03 16:49 -0400]: There are some differences between private networks and public networks. In a company, the company is the owner of the PCs and employees (in the Very true - and that was the context I mentioned this in. So from an ISPs point of view, is there a way for the ISP to quickly tell the customer if the particular computer is fixed without unduly Isolate his IP and have all outbound http redirected to a page that says please call [escalated tech support number] to get this fixed. Seems to be the only reasonably foolproof way. -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 Manager, Outblaze.Com Antispam and Security Operations
Re: Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
On Sun, 5 Oct 2003, Suresh Ramasubramanian wrote: So from an ISPs point of view, is there a way for the ISP to quickly tell the customer if the particular computer is fixed without unduly Isolate his IP and have all outbound http redirected to a page that says please call [escalated tech support number] to get this fixed. Seems to be the only reasonably foolproof way. I think you missed the point. The problem isn't notification. Customer calls the escalated tech support number is swears the problem is fixed. Should the tech support person just take the customer's word that the problem is fixed and turn their connection back on? What happens a few hours later when you start getting complaints again about the same customer? Do you turn the connection off again. And then the customer again swears they have the problem fixed. How many times do you repeat the process? Other than taking the customer's word, is their any way for the ISP to verify the customer has fixed their computer before turning the connection on again?
Re: Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
Sean Donelan [05/10/03 17:44 -0400]: What happens a few hours later when you start getting complaints again about the same customer? Do you turn the connection off again. And Sure, turn it off again. And again. Sooner or later, it will dawn on the customer that no, his system is not fixed. And in the meantime, both his bandwidth quota (if any) and the ISP's pipes avoid getting saturated with worms. -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 Manager, Outblaze.Com Antispam and Security Operations
Re: Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
Suresh Ramasubramanian wrote: Sean Donelan [05/10/03 17:44 -0400]: What happens a few hours later when you start getting complaints again about the same customer? Do you turn the connection off again. And Sure, turn it off again. And again. Sooner or later, it will dawn on the customer that no, his system is not fixed. And in the meantime, both his bandwidth quota (if any) and the ISP's pipes avoid getting saturated with worms. We have a better way - first time they get turned off. Second time they get turned off and told if it happens again you will be told to get service elsewhere. Third time their account is deleted. I am yet to have one that has reached the third time - 85k users here. / Mat
Re: Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
Matthew Sullivan [06/10/03 11:38 +1000]: Third time their account is deleted. I am yet to have one that has reached the third time - 85k users here. Let me guess - that'd mostly be dialup users, right? Or maybe simply email users? Not (say) T1 and larger users? -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 Manager, Outblaze.Com Antispam and Security Operations
Re: Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
On Mon, 06 Oct 2003 02:43:48 -, Suresh Ramasubramanian said: Matthew Sullivan [06/10/03 11:38 +1000]: Third time their account is deleted. I am yet to have one that has reached the third time - 85k users here. Let me guess - that'd mostly be dialup users, right? Or maybe simply email users? Not (say) T1 and larger users? If it is mostly dialup users, it's all the more remarkable, as conventional wisdom has home users as being even less security-clued than the SOHO crowd or corporate sites... pgp0.pgp Description: PGP signature
Re: Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
Suresh Ramasubramanian wrote: Matthew Sullivan [06/10/03 11:38 +1000]: Third time their account is deleted. I am yet to have one that has reached the third time - 85k users here. Let me guess - that'd mostly be dialup users, right? Or maybe simply email users? Not (say) T1 and larger users? That's: Dialup, ISDN and analog (ISP) Hosted Servers (ISP) Gigabit/100M Connected Networks (Uni Campus/Colleges) Counting the campus colleges machines there are a lot more than 85k. The difference being campus machines are null routed rather than disconnected, and they are not reconnected until checked and clean. We have one machine that within 2 weeks got trojaned twice, 4 months later it's still null routed because the machine owner cannot guarentee that it won't get trojaned again. Network security is high priority here and it doesn't matter what machine is compromised, they are all disconnected in one way or another, and yet we still have to nuke machines occasionally because of suspicious (DDoS/scanning etc) traffic. / Mat
Re: Is there anything that actually gets users to fix their computers?
At 12:57 AM 10/5/2003, you wrote: At 2:11 AM + 10/5/03, Suresh Ramasubramanian wrote: For more fun, consider that you are [EMAIL PROTECTED], and get those It's the anti-virus ones that drive me nuts. Someone in your domain sent us a virus which always forges the from line, but we're going to tell you anyway because we'd like you to buy our software... What gets me is the moron admins who track down every attack they see. Attacks such as ICMP echo requests, Port 80 connections, etc. If they get huge logs that's one thing, but for four pings from a windows box or a mistyped IP address in a URL and they are worried about our attack These bogus reports outnumber legitimate complaints 4:1. -Robert Tellurian Networks - The Ultimate Internet Connection http://www.tellurian.com | 888-TELLURIAN | 973-300-9211 Good will, like a good name, is got by many actions, and lost by one. - Francis Jeffrey
Re: Is there anything that actually gets users to fix their computers?
On Mon, 06 Oct 2003 00:12:07 EDT, Robert Boyle [EMAIL PROTECTED] said: What gets me is the moron admins who track down every attack they see. Attacks such as ICMP echo requests, Port 80 connections, etc. If they get huge logs that's one thing, but for four pings from a windows box or a mistyped IP address in a URL and they are worried about our attack These bogus reports outnumber legitimate complaints 4:1. My favorite: ntp-1.vt.edu is portscanning me very slowly with source port 123 The really sad ones are the ones who 3 days earlier dropped me a note to tell me they'll using our NTP server. pgp0.pgp Description: PGP signature
Re: Is there anything that actually gets users to fix their computers?
Robert Boyle [10/6/2003 9:42 AM] : What gets me is the moron admins who track down every attack they see. Attacks such as ICMP echo requests, Port 80 connections, etc. If they get huge logs that's one thing, but for four pings from a windows box or a mistyped IP address in a URL and they are worried about our attack These bogus reports outnumber legitimate complaints 4:1. 99% of them autogenerated by personal firewall products. That include *screenshots* of attack reports. Those can be safely auto-trashed, 99.999% of them are completely bogus stuff like your DNS server is hacking me srs -- Suresh Ramasubramanian [EMAIL PROTECTED] gpg# EDEDEFB9 Security and Antispam Operations Manager, Outblaze Limited
Re: Security v. Privacy (was Re: Is there anything that actually gets users to fix their computers?)
The difference being campus machines are null routed rather than disconnected, and they are not reconnected until checked and clean. And once again, the question: how do you know the machines have been checked and cleaned before they are reconnected? Do you take the customers word, or do you perform some other check yourself? Network security is high priority here and it doesn't matter what machine is compromised, they are all disconnected in one way or another, and yet we still have to nuke machines occasionally because of suspicious (DDoS/scanning etc) traffic. Seems like a re-active policy. Why don't you check the computers before they start exhibiting suspicious behavior, such as when they are first connected to the network? Waiting until after the computer is compromised is too late. Some companies require all new computers to pass a network scan (e.g. ISS, Nessus, Retina, etc) before getting assigned a routable address. Should commercial service providers have the same policy when new customers connect to the network? Or is it considered a bad thing to warn customers about vulnerabilities in their computers in advance. Instead waiting until after your receive a complaint about something exploiting those vulnerabilities before taking action?
RE: Is there anything that actually gets users to fix their computers?
At 8:02 PM -0400 10/3/03, Terry Baranski wrote: Obviously, this is by no means specific to computer patching. People are either busy, lazy, apathetic, etc. Most don't pay attention until I've played the user-notification game myself in fighting hoaxes (do a search on [EMAIL PROTECTED] sometime--and consider what happens when tens of thousands of people add it to their address book and then forward the latest joke/hoax/virus to everyone in their address book). I used to send auto-replies debunking the hoax--but then they'd report them as spam to their ISP, and their ISP would block my domain. Others would just delete them. Often the only way to get their attention was to send mail to everyone they'd cc'd, and ask *them* to contact the offender. There is no question that people don't understand their computers. It's all magic to them. The idea that the energizer bunny will appear on their screen when they send mail to five friends is no less likely than the idea that dropping a file on their email icon will bring up a compose window. But in fairness to the users, this isn't all their fault. They've been told right and left not to open mail from strangers (a completely bogus concept, given that viruses tend to come from friends). What I found was that they take that quite literally. Mail from mailer-daemon (now there's a scary name), mail from postmaster, mail from anybody they don't personally know; gets deleted. And that includes mail from their ISP. They can't tell spam from purchase receipts from viruses from fake warnings from legitimate warnings. Consider the latest microsoft patch virus. That was a professional looking job. Do you really expect the user to know not to open that, but to know that the notification from their ISP about their machine being infected is legit? They either need to be contacted out of band, or their email software needs to support a secure channel of communications that they can really trust. -- Kee Hinckley http://www.messagefire.com/ Next Generation Spam Defense http://commons.somewhere.com/buzz/ Writings on Technology and Society I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: Is there anything that actually gets users to fix their computers?
Kee Hinckley [04/10/03 13:01 -0400]: I've played the user-notification game myself in fighting hoaxes (do a search on [EMAIL PROTECTED] sometime--and consider what happens when tens of thousands of people add it to their address book and then forward the latest joke/hoax/virus to everyone in their address book). I used to send auto-replies debunking the hoax--but For more fun, consider that you are [EMAIL PROTECTED], and get those horrible automated notices sent out by SpamKiller (now Norton [something], since NAV 2003. The one that generates complaints with subject UCE Complaint (Original Subject) and I have received the attached unsolicited email ... boilerplate in the body. Reply to that and you will, as likely as not, get your reply sent back to you and your upstreams as a spam complaint. Sending autoreplies to anything that the teeming mass of lusers out there send out is practically guaranteed to produce such an effect. then they'd report them as spam to their ISP, and their ISP would block my domain. Others would just delete them. Often the only way to get their attention was to send mail to everyone they'd cc'd, and ask *them* to contact the offender. First, you'd get your email address added to a whole lot of other cc everybody on my address book type lists. Another thing is that you stand a good chance of mailing a significantly non trivial number of people who are on that cc list for the same reason that you are - Outlook Express being set up to add all people that you reply to, to your address book. been told right and left not to open mail from strangers (a completely bogus concept, given that viruses tend to come from friends). What I found was that they take that quite literally. Say what? I have received virii from people I don't know from Adam, from countries where I don't know anyone at all. They either need to be contacted out of band, or their email software needs to support a secure channel of communications that they can really trust. Hotmail, for example, clearly marks mail from hotmail staff (service announcements etc) with a different colored text in the inbox ... I guess if you control the client your user uses (using a custom built web interface is one way, a customized browser / mail client is another way) ... But other than that, you could well ask for the moon. srs
Re: Is there anything that actually gets users to fix their computers?
We created a set of RAS filters that we can call up in the user's RADIUS record - Block ICMP request, Block SMTP outgoing, etc. When the user has a virus we just set the filter. They can still get on without doing any damage, yet still download fixes, etc. They might call if they need to use SMTP instead of webmail. - Original Message - Short of turning off their network access, why won't users fix their computers when the computer is infected or needs a patch?
Re: Is there anything that actually gets users to fix their computers?
At 2:11 AM + 10/5/03, Suresh Ramasubramanian wrote: For more fun, consider that you are [EMAIL PROTECTED], and get those It's the anti-virus ones that drive me nuts. Someone in your domain sent us a virus which always forges the from line, but we're going to tell you anyway because we'd like you to buy our software... Reply to that and you will, as likely as not, get your reply sent back to you and your upstreams as a spam complaint. When I moved somewhere.com to a new ISP, the very first thing I did was contact the abuse desk there and warn them what to expect. That was helpful when Universal Studios tried to come after me because someone at somewhere.com (literally :-) had posted a stolen movie on usenet. (Only one?) on that cc list for the same reason that you are - Outlook Express being set up to add all people that you reply to, to your address book. been told right and left not to open mail from strangers (a completely bogus concept, given that viruses tend to come from friends). What I found was that they take that quite literally. Say what? I have received virii from people I don't know from Adam, from countries where I don't know anyone at all. Those of us who post widely get that. But your average just use email to talk to friends and family is more likely to get it from friends--unless of course they forwarded a joke to everyone in their address book, who forwarded it They either need to be contacted out of band, or their email software needs to support a secure channel of communications that they can really trust. Hotmail, for example, clearly marks mail from hotmail staff (service announcements etc) with a different colored text in the inbox ... I guess if you control the client your user uses (using a custom built web interface is one way, a customized browser / mail client is another way) ... But other than that, you could well ask for the moon. Bringing this back to the more relevant topic. Is there something that ISPs could do to notify users and get in their face more without shutting off their connection? Perhaps a custom piece of notification software that only took signed messages, and made some attempt to keep its bits secure? Unfortunately I don't see much way to keep it from being subverted without OS support. If it became common enough, then the virus writers would just simulate messages from it and disable the real one. -- Kee Hinckley http://www.messagefire.com/ Next Generation Spam Defense http://commons.somewhere.com/buzz/ Writings on Technology and Society I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Is there anything that actually gets users to fix their computers?
Short of turning off their network access, why won't users fix their computers when the computer is infected or needs a patch? The University of Massachusetts posted bulletins, sent an email to all incoming students, included an alert when they connected. Nevertheless, almost three months after Microsoft released the critical patch and almost two months after the first Blaster worm was released over 1,600 students failed to patched their computers. Eventually, the University started shutting off network access for the students and charging $3 for the CD with the patch and $25/hour for support to clean the student's computers. http://www.dailycollegian.com/vnews/display.v/ART/2003/10/03/3f7cfeb12c8c2 Some students told the staff that they thought the University gave their systems a virus. By no means was this a UMass internet problem, said Fairey. People were probably infected before they got to campus. One student threatened to sue OIT, arguing that the offices did not have the right to turn off her port. We have policies that clearly state our right to shut off systems, mentioned Fairey. It's not something that we want to do. It's a nightmare.
Re: Is there anything that actually gets users to fix their computers?
On 03.10 04:12, Sean Donelan wrote: Short of turning off their network access, why won't users fix their computers when the computer is infected or needs a patch? Hey, it's working! If it ain't broken Related question for network engineers: When did you have your last medical check-up? To what extent do you follow your physician's recommendations? Daniel
Re: Is there anything that actually gets users to fix their computers?
On 03.10 10:36, Erik-Jan Bos wrote: Hey, it's working! If it ain't broken I doubt this. Recently, I worked with a couple of people that each had their PCs infected. Their own virtual neighborhood complained to them, and they surely were embaressed about the situation, but... They just did not know how to fix it, i.e. where to start. Call it cluelessness, call it lack of education. There is that too; but I have frequently observed people not doing it even when provided detailed step-by-step instructions. On the other hand they would proceed relatively quickly once it stopped working, e.g. the Internet plug was pulled. Some of them would use the instructions provided, others would get help; but not before it stopped owrking. The most successful tactic I have seen is for providers is to block all Internet access except the one to the site containing the instructions and the fix. Of course that is often not a viable business proposition Daniel
Re: Is there anything that actually gets users to fix their computers?
On Fri, 3 Oct 2003, Erik-Jan Bos wrote: I doubt this. Recently, I worked with a couple of people that each had their PCs infected. Their own virtual neighborhood complained to them, and they surely were embaressed about the situation, but... They just did not know how to fix it, i.e. where to start. Call it cluelessness, call it lack of education. Newspapers have published How-To instructions. In the US, even USA Today published How-To instructions. The USA Today newspaper is known as McPaper for a reason. ISPs sent out step-by-step directions, complete with pictures and screen shots. In addition to full-page newspaper ads Microsoft has an easy 3-steps to protect your computer. Ok, not everyone is a computer expert. If their TV, VCR or car started belching smoke and flames, and they didn't know how to fix it, what would they do? Take it to a repair shop? If you get a flat tire, pull off to the side of the road and either repair the tire or call the auto club for help. You don't continue drive down the highway on the tire rims hoping the noise and sparks will just go away.
Re: Is there anything that actually gets users to fix their computers?
Sean Donelan wrote: On Fri, 3 Oct 2003, Erik-Jan Bos wrote: I doubt this. Recently, I worked with a couple of people that each had their PCs infected. Their own virtual neighborhood complained to them, and they surely were embaressed about the situation, but... They just did not know how to fix it, i.e. where to start. Call it cluelessness, call it lack of education. Newspapers have published How-To instructions. In the US, even USA Today published How-To instructions. The USA Today newspaper is known as McPaper for a reason. ISPs sent out step-by-step directions, complete with pictures and screen shots. In addition to full-page newspaper ads Microsoft has an easy 3-steps to protect your computer. I have not seen much information on this in Dutch newspapers, but perhaps I am not reading the right papers. I surely think that news papers worldwide should publish on this. Ok, not everyone is a computer expert. If their TV, VCR or car started belching smoke and flames, and they didn't know how to fix it, what would they do? Take it to a repair shop? If you get a flat tire, pull off to the side of the road and either repair the tire or call the auto club for help. You don't continue drive down the highway on the tire rims hoping the noise and sparks will just go away. Perhaps an auto club for PC-users: You call and within the next 24 or 48 hours, depending on your subscription, an expert would dial in or come by to get you on the virtual road again. __ Erik-Jan.
Re: Is there anything that actually gets users to fix their computers?
On 03.10 10:59, Erik-Jan Bos wrote: Perhaps an auto club for PC-users: You call and within the next 24 or 48 hours, depending on your subscription, an expert would dial in or come by to get you on the virtual road again. If this was a viable business proposition, it would exist. My experience is that the product to be maintained is both too complex and too badly designed and engineered to be readily maintainable. In other words: This is more viable for cars than for personal computers and more viable for MacOSX than for WIntel. I speak from 10+ years of experience as friendly computer expert for the virtual and physical neighborhood. Daniel PS: The health question in my original contribution was serious. Digression 1: Cars have become less maintainable by the auto club because of added *proprietary* complexity too. Digression 2: I also help maintaining computers at the primary school my kids attend. When I started this, the soloution that could be maintained by professionals was all new WIN NT servers and all new WIN 2K workstations. Luckily (sic!) the school could not afford this by a fair margin. The mainenance offer was all-in for a periodic fee. Now the professionally maintainable soloution is based on Linux servers. This is moving in the right direction both from an enginieering and cost view point. However the maintenance offer is now buy blocks of support hours at a discounted rate. My guess is that the substance of the maintenance deal has not changed; they have just become more honest in selling it. :-( ;-) So even for a small business this option does not really exist yet. Back to work Daniel
RE: Is there anything that actually gets users to fix their computers?
Sean, Ok, not everyone is a computer expert. If their TV, VCR or car started belching smoke and flames, and they didn't know how to fix it, what would they do? Take it to a repair shop? If you get a flat tire, pull off to the side of the road and either repair the tire or call the auto club for help. You don't continue drive down the highway on the tire rims hoping the noise and sparks will just go away. You've put your finger on it. ISPs have to help users understand that their machines are broken in a way that makes them unable to gain access to the Internet -- then most will take them to the shop PDQ, and hopefully get them back with some protection installed. Recently my ISP, Time-Warner Roadrunner sent me a letter (in the mail!) informing me that portscans were coming from my cable modem, and asking me to respond to them within 48 hours to tell them what action I had taken. I took care of it, and complimented rr.mn.com on their service in telling me about the problem. I don't know what RR's next step would have been had I not acted, but I hope they would have suspended my service promptly. That may seem harsh to some users, but they have to realize it when their machines are broken in a way that may not be obvious to them as users, just as, in some states, people are forced by law to spend real money to clean up auto emissions. The resulting widespread outrage might eventually result in better computer software. Over the last 30 years or so, new-car reliability has improved dramatically for a similar reason. My opinion only, not my employer's. -- John Renwick
Re: Is there anything that actually gets users to fix their computers?
Speaking on Deep Background, the Press Secretary whispered: Short of turning off their network access, why won't users fix their computers when the computer is infected or needs a patch? Hey, it's working! If it ain't broken And when you DO patch it, then it REALLY breaks. And your paper is due. Now what does the average Art History major do? I have to wonder how big the support $$ would be at Farber College if they really offered the handholding Flounder and Neidermeyer need? Would it cost as much as the bandwidth? -- A host is a host from coast to [EMAIL PROTECTED] no one will talk to a host that's close[v].(301) 56-LINUX Unless the host (that isn't close).pob 1433 is busy, hung or dead20915-1433
Re: Is there anything that actually gets users to fix their computers?
John Renwick wrote: You've put your finger on it. ISPs have to help users understand that their machines are broken in a way that makes them unable to gain access to the Internet -- then most will take them to the shop PDQ, and hopefully get them back with some protection installed. While suspending service is a harsh step, sometimes it is required to get the user's attention. More than that, and as explained to my customers, their service was interrupted because their computer was insecure. The level of that insecurity is unknown by us and we try to protect our users. After all, does the user just have Virus X, or do they have Virus Y which includes a keylogger? My customers are learning what keyloggers are and what viruses are capable of. Wouldn't you want to know that your bank details can be learned despite the SECURE connection to your bank because a virus placed a keylogger on your computer? It's true. It scares them. Then again, they should be scared. Insecure systems are nothing to joke about. They can cause real damage. -Jack
RE: Is there anything that actually gets users to fix their computers?
Daniel Karrenberg wrote: There is that too; but I have frequently observed people not doing it even when provided detailed step-by-step instructions. On the other hand they would proceed relatively quickly once it stopped working, e.g. the Internet plug was pulled. Some of them would use the instructions provided, others would get help; but not before it stopped owrking. Indeed. It seems to be a motivation problem. Also, using the net registering system we posted a virus alert and made information available, said Cunningham. Most people probably skipped through it though. Obviously, this is by no means specific to computer patching. People are either busy, lazy, apathetic, etc. Most don't pay attention until they're forced to; i.e., when their system stops working because a virus broke it or because their network access is shut off. You can ask nicely or post warnings a billion times to no avail. Human nature, perhaps. -Terry
Re: Is there anything that actually gets users to fix their computers?
Terry Baranski wrote: Obviously, this is by no means specific to computer patching. People are either busy, lazy, apathetic, etc. Most don't pay attention until they're forced to; i.e., when their system stops working because a virus broke it or because their network access is shut off. You can ask nicely or post warnings a billion times to no avail. Human nature, perhaps. There may be another factor. Some people do not buy computers to run firewalls, get the latest definitions for their AV software, or download the latest patches anymore than they buy a car to check the oil, take it in for the most recent recall, or get the radio repaired again. No matter how many times they are told those are the most important things about ownership by the people that seem somehow to profit from their doing so.