[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 12/09/12 08:18, adam.latham@xxxxxxxxxxxxxxxxxxx wrote: Ok, this is going to require a separate email, and I apologise in advance because I'm going to come across as very rude I suspect. Obviously I don't know you from Adam and you're probably a very nice guy, but well, you asked for it. >>Feel free to call me stupid then. Fine. You're stupid. People like you drive me mad: you see them on slashdot all the time as well, dumbasses proudly crowing that they're running vanilla unpatched windows XP boxes with no antivirus for 8 years and have never had a problem because they know not to do silly things on the big bad internet. Except you're even worse, because it's not just you but your entire family's computers you're utterly failing to responsibly administer. We have a term for people like you: you know just enough to be a danger, to yourself and others. You do however follow the familiar pattern of childishly using terms like "microshaft" and "internet exploiter" - really? Are you 12? So let's get this straight: you have 7 machines, and you are at least skilled enough to have dual booted all of them and setup offsite clonezilla backups (I'll give you some credit here: good job - pity you're missing the forest for the trees though). So you once got stung by a bad Microsoft update - did you notice the bit in my previous email where I pointed out that you should always check through, and ideally evaluate/test microsoft patches rather than blindly clicking through and accepting everything on patch Tuesday (coincidentally today)? You do realise that non-essential updates such as WGA alterations and undesirables such as DRM enhancements can be deselected, and many tools exist to centrally manage and deploy updates even for small networks like yours? And you lost all your data due to this bad patch - well, seeing as you apparently understand what offsite backups are, how the hell did you lose all your data? Especially as you also know what Ultimate Boot CD is, how did you not offline boot the broken box and recover your data? Well, you didn't say explicitly, but I'll do you a favour and presume you did. Yes, Microsoft updates can be tricky or broken. Which begs the question, why the hell are you still using windows at all on your 7 dual-boot boxes as you evidently don't like/trust it? The only real reason would be gaming, but there is no way you need windows gaming on every single machine. Just use linux for god's sake and stop complaining that you don't know how to manage windows machines. Did you ever think of isolating windows in a VM and rolling back to snapshot if things go wrong? Maybe, I don't know, test the updates first in a windows VM and once you're happy with them, roll them out to your bare metal machines? Apparently your family know not to do "stupid things": good for them, you've probably taught them some good practice and well done. Now please explain to me how that is going to help in the real world. Have you even looked at the CVE database recently? The modern internet is full of horrifically advanced multi-stage zero-days, APTs, crimeware (Zeus, etc) and countless other sophisticated threats that can be triggered by trivial things such as drive-by. Google's rotating banner ads have repeatedly been documented as serving up sophisticated malware. Local script kiddies with backtrack CDs can effortlessly compromise your WPS-equipped router or uncover it's hidden default factory logins (see GNUcitizen, etc). Do you use DNSSEC? Didn't think so. Well, guess what, you're eminently compromisable. With 7 unpatched windows boxes I promise you there are more attack vectors into your systems than you can count on all of your family's fingers and toes put together. All of the lessons about not visiting attack sites or opening unsolicited emails is a total waste of time in the face of the overwhelming insecurity you have willingly introduced to your network. The worst thing is, you say you've not had any problems. Well, I challenge you to prove it. How do you know? Even I can't 100% say I've not been compromised, and as you can probably tell I'm as paranoid as they come. I urge you to seriously sort your shit out. When you're pwned, which you will be, the whole internet will be rightfully very upset with you, and all because you don't know how to administer your computers properly. You owe it your family to pull your head out of your ass and learn how to either A: administer windows properly (pro-tip: it's not difficult. Technet is your friend and it's completely free) B: yank your internet connection because you're not responsible enough to have one. /END RANT Apologies again both to Adam and the list: nobody wants to read several paragraphs of what I understand is a rather unpleasant attack piece. I'm sure you're a very nice guy with your family's best interest at heart but for the love of god, you're doing it wrong. Stop it. You are failing so hard it's not funny. As all I've done is basically be nasty to you, I hereby volunteer to help you with anything you may like advice or guidance on. Best wishes -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq