Re: If you used to use Windows or now used Windows less because of FreeBSD why?

From: jpd (read_the_sig_at_do.not.spam.it.invalid)
Date: 10/15/05 

Date: 15 Oct 2005 15:40:44 GMT

Begin <3r86beFi9tghU1@news.dfncis.de>
On 2005-10-13, Matthias Buelow <mkb@incubus.de> wrote:
> pachl <clintpachl@gmail.com> wrote:
>
>>I used to help her keep her computer clean, but it took way too much
>>time and effort. She wishes she didn't have to run XP, but needs to be
>>compatible with her office. That's just too bad.

Much can be done with a little bit of strategy. Normally not running with
admin privileges, for one. Nobody ever does that.

> I always wonder how people get their Windoze machine loaded with spyware
> and viruses so badly; I've been using Windows since Win2k on several
> machines over the years (the DOS-based WinXX were too shoddy to even
> consider), although I don't use it much since I prefer an X11 desktop,
> but I've never had any virus or other malware on it. I don't use IE
> (Mozilla instead) and I don't use Outlook etc.,

Recently heard about why somebody used outlook: ``I just want my mail.''

> and I regularly update,
> and after the machine has been set up, I rarely install anything,
> especially not some crap I just found in some web-browser popup.

But it's fun!!!1!

This seems to be important to people, for some reason.

Updating, by the way, definately is *not* fun, and it's dangerous too,
for everytime you install *something* a virus might pop up or whatever,
and this is installing *something*, right?

Clicking on popups probably isn't installing, right?

> Maybe simply teaching people not to click on everything (especially
> with IE), and not to try out every stupid "funny screensaver" that
> they find on the web would make a difference?

``Teaching not to click'' somehow often doesn't take hold of people.
I'd say start with teaching them to use the right tool for the job, and
that whatever may be the right tool, the standard internet thingummies
micros~1 won ``their internet war'' with *is not* and *will never be*
adequate for any job other than hosing your system.

BTW I'm still wondering why people glaze over so much whenever they get
near a computer. I mean, true, *we* know all the details, and we know
them so well we easily forget there are so many little details that other
people can instantly glaze over. But that doesn't justify the observed
behaviour that people glaze over even before you said anything at all.

I think this is another instance of ``learned helplessness''. They've
been told ``computing is easy'' (nevermind this is patently not true)
and so as soon as it looks like it might be hard they glaze over until
it sounds easy again.

``Not clicky do'' is not as easy as it sounds for you can't give clear
directions when to click and when not to click (like: if the icon is
red, it's bad, hmkay?[2]) and on top of that, all they ever *can* do is
click, so telling not to click is too cripling for their ``internet
experience'', or something.

The bottom line is probably that if you want to teach, because at least
theoretically people are teachable (when they're young, that is, older
people need to open themselves to it), you'll have to start at the
bottom. The absolute worst you can do is say you don't need to know
anything to use a computer. And this has been the mantra for quite a
while already.

> In a company, I would expect the whole
> network to be behind a firewall, and e-mail getting virus-filtered, and
> people forbidden to browse the web for leisure (downloading "funny
> screensavers") or attaching their own (virus-infested) notebooks to the
> network (it'd be easy to set up a quarantined network for that).

In a bog standard network, yes. In a sensible network, you'd start out
with not so much standardizing on s/w but on functions and protocols,
then build a recommended s/w suite on that. Sometimes you must allow
people to deviate for some task or other, but that's besides the point.
Sometimes, you can allow people to deviate as long as they do not ***
up. I'd put budgetary penalties on hosing the network by unapproved
software. Hosing anything results in a fresh rollout of the recommended
s/w suite. There are larger shops where this happens every night
regardless of need, and all machines are locked down tight anyway. The
remaining usefulness of such a setup I'd think questionable, but then
I'm a unix user and admin.

Virus scanners should not be needed and aren't that swell an idea
anyway. I point to the recent ``enumerating badness considered
clueless'' paper[3]. What you can do is block all attachments except,
say, .pdf. For other reasons[4] I would not want to allow proprietary
*and especially not micros~1* formatted documents to cross the company
boundaries. The flipside is that you'll then have to provide another
means for transferring files[5], and that all windows machines need
their own virus scanners[6][7]. Laptops and such need that anyway, and
the un*x boxen do not.

I'd also offer unix user and other courses to get away from the ``less
learny, more clicky'' mindset[1]. But as pointed out above, while this
is the only viable approach unless we are willing to turn all computers
into toaster-like appliances[8], I don't expect much interest in those
courses with the status quo.

[1] catchy term, no?
[2] This sounds ridiculous, but it is the consequence of our teaching
    that all you need to be able to do to use a computer is move a mouse
    and move your finger less than a cm to click a button.
[3] http://www.ranum.com/security/computer_security/editorials/dumb/
    I think he might have shown better taste in talking about crackers
    and not hackers, but the ``default deny'' and ``don't enumerate
    badness'' are useful mantras.
[4] Information leakage, for one.
[5] ftp/ssl or sftp sounds good to me. Takes multimegabytes of crap
    out of the mailspool too.
[6] So what if that slows them down. Speed doesn't seem to be a honest
    argument for a windows user anyway.
[7] There are quite nifty remote management solutions for clusters of
    desktops with virus scanning s/w.
[8] This is not a potshot at NetBSD, quite the contrary. I want un*x on my
    toaster, not very expensive crap computers made to be less useful than
    a toaster. And I do apologize to the toaster for the comparison. 

-- 
  j p d (at) d s b (dot) t u d e l f t (dot) n l .