[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Wednesday, September 12, 2012 05:43:20 PM bad apple wrote: > On 12/09/12 08:18, adam.latham@xxxxxxxxxxxxxxxxxxx wrote: > > Ok, this is going to require a separate email, and I apologise in > advance because I'm going to come across as very rude I suspect. > Obviously I don't know you from Adam and you're probably a very nice > guy, but well, you asked for it. > > >>Feel free to call me stupid then. > > Fine. You're stupid. > > People like you drive me mad: you see them on slashdot all the time as > well, dumbasses proudly crowing that they're running vanilla unpatched > windows XP boxes with no antivirus for 8 years and have never had a > problem because they know not to do silly things on the big bad > internet. Except you're even worse, because it's not just you but your > entire family's computers you're utterly failing to responsibly > administer. We have a term for people like you: you know just enough to > be a danger, to yourself and others. You do however follow the familiar > pattern of childishly using terms like "microshaft" and "internet > exploiter" - really? Are you 12? > > So let's get this straight: you have 7 machines, and you are at least > skilled enough to have dual booted all of them and setup offsite > clonezilla backups (I'll give you some credit here: good job - pity > you're missing the forest for the trees though). So you once got stung > by a bad Microsoft update - did you notice the bit in my previous email > where I pointed out that you should always check through, and ideally > evaluate/test microsoft patches rather than blindly clicking through and > accepting everything on patch Tuesday (coincidentally today)? You do > realise that non-essential updates such as WGA alterations and > undesirables such as DRM enhancements can be deselected, and many tools > exist to centrally manage and deploy updates even for small networks > like yours? And you lost all your data due to this bad patch - well, > seeing as you apparently understand what offsite backups are, how the > hell did you lose all your data? Especially as you also know what > Ultimate Boot CD is, how did you not offline boot the broken box and > recover your data? Well, you didn't say explicitly, but I'll do you a > favour and presume you did. > > Yes, Microsoft updates can be tricky or broken. Which begs the question, > why the hell are you still using windows at all on your 7 dual-boot > boxes as you evidently don't like/trust it? The only real reason would > be gaming, but there is no way you need windows gaming on every single > machine. Just use linux for god's sake and stop complaining that you > don't know how to manage windows machines. Did you ever think of > isolating windows in a VM and rolling back to snapshot if things go > wrong? Maybe, I don't know, test the updates first in a windows VM and > once you're happy with them, roll them out to your bare metal machines? > > Apparently your family know not to do "stupid things": good for them, > you've probably taught them some good practice and well done. Now please > explain to me how that is going to help in the real world. Have you even > looked at the CVE database recently? The modern internet is full of > horrifically advanced multi-stage zero-days, APTs, crimeware (Zeus, etc) > and countless other sophisticated threats that can be triggered by > trivial things such as drive-by. Google's rotating banner ads have > repeatedly been documented as serving up sophisticated malware. Local > script kiddies with backtrack CDs can effortlessly compromise your > WPS-equipped router or uncover it's hidden default factory logins (see > GNUcitizen, etc). Do you use DNSSEC? Didn't think so. Well, guess what, > you're eminently compromisable. With 7 unpatched windows boxes I promise > you there are more attack vectors into your systems than you can count > on all of your family's fingers and toes put together. All of the > lessons about not visiting attack sites or opening unsolicited emails is > a total waste of time in the face of the overwhelming insecurity you > have willingly introduced to your network. > > The worst thing is, you say you've not had any problems. Well, I > challenge you to prove it. How do you know? Even I can't 100% say I've > not been compromised, and as you can probably tell I'm as paranoid as > they come. > > I urge you to seriously sort your shit out. When you're pwned, which you > will be, the whole internet will be rightfully very upset with you, and > all because you don't know how to administer your computers properly. > You owe it your family to pull your head out of your ass and learn how > to either A: administer windows properly (pro-tip: it's not difficult. > Technet is your friend and it's completely free) B: yank your internet > connection because you're not responsible enough to have one. > > /END RANT > > Apologies again both to Adam and the list: nobody wants to read several > paragraphs of what I understand is a rather unpleasant attack piece. I'm > sure you're a very nice guy with your family's best interest at heart > but for the love of god, you're doing it wrong. Stop it. You are failing > so hard it's not funny. As all I've done is basically be nasty to you, I > hereby volunteer to help you with anything you may like advice or > guidance on. > > Best wishes Quite a tirade, but in fairness, expected and invited so no-need for you to feel any regret. No harm, no foul. I have no problem with your view, or your advice. However, I don't do drone and I enjoy treading the path less travelled. I'm not an IT worker (thankfully!!) just someone who doesn't subscribe to hysterical corporate ravings, and has enough knowledge to use my computer for what I want. I don't hold any fear of the internet. I applaud your security consciousness and can utterly appreciate that people who don't take it as 'seriously' as you (for want of better words) would drive you nuts! My response is simply this: your diatribe may well be entirely accurate and justified - who am I to argue? However, if my driving instructor fom many years ago decided to illuminate me with such a critique, I would tell him where to get off. My car, my license, my problem. I bought my computers, I know 'just enough to be a danger to myself and others', I pay for my Broadband, my problem. The thread was originally about a Windows Update breaking a debian install/partition/dual boot. Shall we stick to that and move on? The bit about not knowing me from adam was very funny - I had a loud chuckle! I agree entirely with you in everything you say. But I'm happy plodding on regardless, old pal, just the way I like it, and I shall be utterly ignoring your very informative, thorough and accurate advice. The path less travelled, dear friends. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq