C
cquirke (MVP Windows shell/user)
I like to scope things out with various scenarios in mind - something
that is a big part of backup theory (i.e. preparation for anticipated
disasters and redeployment scenarios)
- scope out hardware-specifics in case hardware fails/changes
- scope out all possible malware
- exclude incoming material
- exclude infectable material
- scope in/out user-unique data and settings
- scope for application specificity and version independence
Doing so makes it easier to do abstract things like "I want to sell my
PC" (remove user-specific data), "I have to 'just' format ans
re-install because I may be infected" (safe data backups), "my
motherboard died and I have to rebuild", "I have a new version of a
crucial app; will my data still work?" etc.
In addition to this, a small core data set can more esily be automated
for more frequent backup with a greater depth of retained instances.
This is the main reason to exclude bulky pictures and off-the-peg
bulky music and movies from "data backups".
If "all non-trivial systems have bugs", then the only way to keep core
subsystems bug-free is to keep them trivial. For this reason, I
generally prefer a trivial file system to something more baroque and
feature-rich such as NTFS. To this day, I prefer to avoid NTFS even
though it's far more efficient where large file size and large numbers
of files per directory are concerned.
A file system is more than just the structures and basic operating
code, just as a user+PC is more than just the user and the PC. Just
as the user+PC is extended via available tech support, so a file
system must be extended to include careful repair and data recovery
tools. This is where NTFS currently still sits firmly on its ass.
It's supposed to be "easy to use" for those who are not steeped in
bookkeeping lore. I used it for a year, and it was a complete
disaster; never again, etc.
Firstly, QuickBooks drank MS's IE4-era Kool-Aid, and is massively
dependent on IE to provide its UI. So anything that re-versions,
updates, attacks, exploits etc. IE may also clobber QuickBooks.
Hmm... unavoidable richly-exploitable edge-facing IE, core
private-data-handling accounting package. Pick ONE.
Secondly, despite assurances to the contrary, QuickBook is hard-wired
to 3-month VAT accounting periods. I need 2-monthly VAT reporting,
and QuickBooks simply doesn't do that - so everything I did in
QuickBooks, I had to re-duplicate in Excel to do VAT.
So effectively, QuickBooks did nothing to reduce my dependence on
Excel, nor reduce the data input work I had to do in Excel.
Thirdly, it is nearly impossible to get data out of QuickBooks in any
sort of readily-usable form. Like most dedicated accounting apps, it
locks its data into its own proprietary format... gog forbid you
should be empowered to walk away to a competing product, and take your
data with you. "All your data belong to us!", heh.
Fourthly, many pro-IT types will tell you thay loathe QuickBooks
because it can only be run with admin account rights, making it VERY
risky to deploy in large managed environments. This is part of the
reason we have to put up with UAC in Vista right now.
So... it should be really easy to find folks who dislike QuickBooks
Yep. I just reminded myself why I still do admin in Word and Excel; I
re-visited Access 2003 and fled screaming, then dipped into Open
Office Base (their database app) and fled screaming again.
Database is still tough - and that's from someone who grew up
programming in database-orientated PICK in the DOS 3.3 era.
What I often do, is:
- find a CLI-driven engine
- wrap it in a parameter-feeding batch file
- drive the batch file from UI shortcuts containing parameters
Parameters I don't need to change, I hard-code in the .bat
Parameters that are site-specific, I define in a Set block in the .bat
Parameters that are context-sensitive, I pass from the shortcut
On-the-fly parameters can be passed via other integrations
For example, I may write generic VirusCheck.bat and VirusKill.bat
wrappers for some CLI-driven av scanner, then integrate this into the
GUI via File Types, File Folder; SentTo; QuickLaunch icons to scan
diskettes and a "suspect" subtree, etc.
Then if I change the av engine, all I have to do is change the two
batch file wrappers; I don't have to unpick all the UI points.
In this way, I can serialize a number of on-denad scanners into a
large hammer that I can easily swing at incoming material concentrated
in "suspect" subtree, or diskettes, or arbitrary files etc.
MS hasn't begun to think in this direction; for example, there's no
namespace shell folder matching the "suspect" concept as yet.
Where's that "easily accessible system menu"?
Can it be reached if the mouse has failed?
Can it be reached if the system is "busy"?
Is the access consistent across all distros and OS versions?
What batch language?
Where can I see the batch file syntax?
Can I get syntax help on the fly, e.g. "CommandName -?"?
How to invoke them?
How to have them accessible via "the Path" <- old DOS concept?
Once its set up. But on first entry to a dual-boot installation, any
volumes in an extended partition that one might intend to use for
shared data access are simply not visible at all.
And once again, to fix this obvious Day One need, one has to grope
around with guessware CLI syntax, assuming you can find somewhere to
type in such commands. Remember, we are talking about Day One here,
i.e. things we need to do right away, not after two weeks of learning.
Good and bad sides to that, but the immediate problem is that one
doesn't know how to do this. Functionality inaccessible is
functionality denied, and functionality more accessible to attackers
is a menace (hence my problem with "let's build a network client OS,
treat the Internet as just another network, drop this into
consumerland as the new Windows, and see what happens")
O..K..
That's cool; there are some things (Virtual CD, Daemon Tools) that do
the same for Windows, but mileage can be rocky when changing OS
versions, dealing with "protected" disks etc.
Great. So the most dangerous file types are the ones that can't be
identified, and can pass themselves off as anything else. This is as
bad as Windows is becoming, once you combine:
- .pif, .exe etc. can set their own icons
- file name extensions are hidden by duhfault
- raw code in .pif is run as if it were in an .exe
- .pif extension is never shown even if extensions set to show
Eww... I'd hoped Linux would be better there, but it seems as if it
never had the safety that Windows is steadily losing.
OK. So if a file is called blahblah.TXT, can I trust it not to run as
raw code if I "open" or otherwise evoke it?
IMO, the notion that user account rights are effective protection
against malware is absurd, given that even the most limited user
account will allow editing of that user's data - and thus any malware
with the same rights can steal or destroy that data.
If you don't care about user data, and just want to avoid the support
hassle of getting the oS running again, then account rights are fine
for that - but you're serving your own agenda, not ours.
There are two levels to that:
- how the system is designed to work
- how the system actually works
Through DOS, Win3.yuk, Win95 and inteo Win98, almost all (if not all)
attacks were at the first level. But in the XP era, the second level
has become so important that we no longer treat the system in a purely
deterministic manner.
For example, in the "old days", I'd have no safety problem with a
thumbnailer delving into content to create a small representation of
the file, or Windows Explorer doing this automatically when listing
files, or an indexer reading files in the background while I work.
This is no longer the case - any unsolicited handling of complex
material is a risk to be avoided.
Right now, Linux has yet to attain the combination of complexity and
exposure that has put Windows to this particular sword - and I fear
there's a lot of "it can't happen here" blindness at work.
By design, content can't escalate for XP/Vista account rights to admin
or system rights. By exploit, this can happen at any time, all over
the world, within a day, if a suitable malware is mass-released.
That suddenness and resource-swamping scale is why I've taken malware
as seriously as I have, since the last century. It's impossible to
meet SLA promises if 20 clients need 6 hours work from one tech within
the same 24 hours - and malware can demand that, out of the blue.
I think I was playing in the 5.x era of Ubuntu.
Heh... I remember reading wads of verbage on whether ubuntu was a true
enough Debian for Debian installation techniques to be expected to
work. There are masses of per-distro details, when it comes to
predicting whether something "written for Linux" will work in your
Linux, and that's without considering compiling from source.
So I wouldn't tilt at that particular windmill, if I were you ;-)
I don't think that's proven until both have been tested equally.
It's like "Communism *will* work, it's just that it can't work unless
the whole world is Communist so we don't have to compete with more
efficient economies that wave shiny things at out citizens", but in
reverse, i.e. "Linux can be assumed to be malware-free only as long as
it remains a niche market".
I'm not sure how interchangeable they are, in terms of what DirectX
was designed to be, i.e. a highly-efficient gaming platform. For
starters, DirectX spans graphics, sound, LAN, HIDs whereas OpenGL is
purely a graphics API.
But that's another debate...
Saws are too hard to use.
Be easier to use!
