Was just repairing a clients Windows machine yesterday. The spyware infection reminded me more of a cancer than anything else. If you don't get every last bit you'll get reinfected. The worst part is this malicious code puts itself in the registry, and with the ability to hide registry entries and to hide files from the file managers, cleaning may not be possible unless you know how to unhide this stuff. While the same can be done with Linux by replacing certain system tools, there is no registry to deal with. This is itself a great boost to cleaning an infected Linux system. There is no need to scour a registry looking for cryptic keys, that have no relationship to the infecting program(s). This is a great asset, since this particular system had been infected since July! Hence even were he to have kept backups of the registry, it is unlikely he'd still have a pre-infection copy of the registry. While it is a nice idea to have a central database where one can configure everything on the system, it was an extremely bad idea to make it so cryptic and accessible for abuse.
Anyway that's my thought for the day. Avoid the cancer that Windows has become, use Linux.
P.S. This one spyware program made over 200 entries in the registry, had over 1600 copies of bits of itself hidden in various locations (each of which were enough to spawn a new infection), and was running about 40 copies of itself in memory (thus maxing out the CPU whenever the infected user logged in).
Brian JD
Jack wrote:
registry, it is unlikely he'd still have a pre-infection copy of the registry. While it is a nice idea to have a central database where one can configure everything on the system, it was an extremely bad idea to make it so cryptic and accessible for abuse.
Anyway that's my thought for the day. Avoid the cancer that Windows has become, use Linux.
as with most good ideas they were pushed beyond logicle and reasonable limits. I find way to much CRAP is put in a registry like icq# and misc information that realy needs to reside with the program incase of emergency.
On 11/5/05, Kendrick kulua@linux2themax.com wrote:
as with most good ideas they were pushed beyond logicle and reasonable
limits. I find way to much CRAP is put in a registry like icq# and misc information that realy needs to reside with the program incase of emergency. I'm with Hans Reiser on this. The Registry per se exists because MS filesystems do a horrible job of storing small snippets of information. For example, the command echo "hello" >test.txt under most Unices will generally take either 512, 1024 bytes of disk space for the inode, and a few more for the directory entry. But in MS FAT filesystems, that same file is going to use up as much as 32 (or in a particularly perverse situation, 64) Kb. It's not quite so horrible under NTFS, but FAT was the norm when the Registry was invented. Of course, reiserfs will stash the file into the directory entry itself, and use very little space. Why does this matter? Because it allows the user-specific configuration for ${foo} to be in ${HOME}/.${foo}rc, and system defaults to /usr/local/${foo}/, or something awfully similar to that.
When I decided to install Ubuntu on this laptop, because I'd made a separate /home partition, which the installer didn't mess with, when I opened Firefox for the first time it not only had all of my preferences exactly as they were, it reopened the same tabs I had opened before. Contrast this to what happened when The Bride of Monster's computer went Tango Uniform a while back. It had some corrupted files essential for getting XP booted. I was able to boot her from a Knoppix CD, thence use Samba to move her "My Documents" and desktop directories over to my computer, then run the restore CDs that put her computer back to the exact configuration it was in when she bought it. At that point, I was able to move her -=DATA=- back, but because confguration data are scattered throughought the Registry, there was nothing to do but reconfigure every application (after reinstalling some of them).
--- "Monty J. Harder" wrote:
When I decided to install Ubuntu on this laptop, because I'd made a separate /home partition, which the installer didn't mess with, when I opened Firefox for the first time it not only had all of my preferences exactly as they were, it reopened the same tabs I had opened before. ...
I wholeheartedly agree ... almost.
I've done this same thing, and also done the saving of "data" from a 'Doze machine. However, if you install a new Linux to a system with an old /home partition, you may may have issues with some programs that have newer versions and newer config files. I've done this, too. Then had to sometimes import the old configs into the new versions. Doesn't always work, but much improved over Windows. One can avoid the copying back and forth of data with Windows systems by partitioning the drive and sticking the My Documents files on a partition away from the OS. Or even on another drive.
Brian JD
-
Jack -
Kendrick -
Monty J. Harder