Network News

X My Profile
View More Activity

Broken Windows: Clean-up or Rebuild?

I received a few e-mails over the weekend from readers who took issue with advice I recently gave to a Web chat participant who asked what he should do to help an elderly friend who was having PC trouble. The questioner said the woman knew nothing about computers and that her Windows machine was besieged with pop-up advertisements.

I probably get two or three variations on this question in the course of each Web chat, and I usually ignore them in favor of more targeted questions because of the difficulty in diagnosing what precisely may be ailing the questioner's computer.

In this case, I bit, and here's what I recommended: "Yes. You can spend many, many hours trying to diagnose the problem, or you can spend perhaps a bit less time backing up any documents and pictures she'd like to keep and then re-installing the operating system."

One reader wrote in to say he thought my advice was jumping-the-gun; another called it "overkill" and said I should have referred the questioner to one of the myriad online forums that try to help people in such situations.

I read both comments several times and after much reflection came to the conclusion that I would give that same advice again to anyone else who asked. But I also decided that I could have offered a bit more of my rationale behind my recommendation, and a bit more instruction on how to do it.

Allow me to explain, but with a caveat: This post represents the fruit of much personal reflection on the topic. After reading this entire entry, I hope some readers may look at the appearance of problems on their Windows machines (security related or not) as an opportunity to start fresh and set up their computers to block most online threats.

Some readers may become deeply discouraged, perhaps thinking, "If what I'm doing already isn't enough, well then I can't keep up with this anymore. The heck with Windows!" I heartily encourage those readers -- if they have the means -- to listen to that sentiment and consider buying an Apple Macintosh computer. The annoying TV commercials aside, Macs are far simpler to maintain from a security perspective. Mac users still must apply patches from time to time (even that can be automated), but they still have little -- if anything -- to worry about from spyware, viruses or computer worms (at least for now).

So why would I tell someone to re-install Windows altogether?

First, I've spent a great deal of time helping friends and relatives "clean" their machines only to find that whatever it was that I thought I'd cleaned reappear. Nowadays, most of those friends and family members are set up on "limited user accounts," which can help those who know little about keeping their machines safe by preventing them from easily installing software or changing crucial settings that can lead to a virus infestation or computer meltdown. Since I've set up each friend or family member on limited user accounts, none has reported trouble with viruses or spyware, although some do still occasionally complain about such-and-such program not working perfectly under a limited account.

But why do so many Windows machines appear to get reinfected with malware and spyware even after they've been "cleaned" by conventional anti-virus and anti-spyware tools? One answer is because many online threats now come bundled with "rootkit" technologies designed to foil attempts at discovering and removing the intruders. Some rootkits work by creating stealth copies of the malicious files, which can be automatically re-installed when the original files are deleted by security software. Other types of rootkits replace important system utilities typically used to monitor a computer's health and stability with tools that can cloak the presence of malicious files.

Some of the most prolific and successful digital marauders in circulation these days employ rootkit technologies. Take the "Storm Worm," a mass-mailing e-mail worm that arrives as an attachment in a message claiming to be a video of death and destruction wrought by the recent spate of violent weather in Europe.

Or consider the CoolWebSearch brand of "spyware," typically a piece of malicious software that serves pop-up ads, hijacks your browser and any online searches you try to conduct. But these are the very mildest of changes your machine will undergo if CoolWebSearch digs its claws into your PC. You can read up about the rootkits buried in each over at the Castlecops user forum.

In all likelihood, Windows machines that have problems with pop-up spyware infestations belong to users who are not doing one or more of the things they should be doing, such as keeping up to date with security patches, using a firewall and running updated anti-virus software. On many of those machines, unwanted software that serves annoying pop-up ads is merely the most obvious symptom of a deeper, subsurface infection that includes multiple intruders. But the person who goes to an online security forum often doesn't know to ask about the problem they're not seeing. So you fix the obvious problem, but the deeper, more pernicious threats remain. Yay! No more nasty pop-ups! Let's go shopping online now!

I also hear from Windows users who are doing all the right things but still get whacked by a virus. In most cases, you can chalk this up to someone installing something of dubious origin or opening up an e-mail attachment that the recipient was not already expecting.

You might ask, "But if they were using up-to-date anti-virus software, shouldn't that software have caught it?" The ugly truth is that if the victim was one of the unlucky masses who errantly clicked in the period between the virus first appearing and when the anti-virus companies shipped updates to protect customers' machines, then it's game over.

I'm sorry to report that the anti-virus companies are losing this war. I encourage all readers to spend a few minutes over at the real-time anti-virus performance statistics maintained by CastleCops's Malware Incident Reporting and Termination Squad (MIRT). As soon as it receives a report of a new virus or worm infecting a machine, MIRT submits each to anti-virus amalgamation service VirusTotal, which scans each piece of malware against more than two dozen of the best known anti-virus engines out there. The results are usually pretty discouraging: Most of the anti-virus tools detect between 15-25 percent of all new submissions, while a handful will catch in the 35-50 percent range.

This is not to suggest that anti-virus software is useless, just that it's no substitute for best practices. If these were standardized tests, all anti-virus companies would be flunking: The best results in the most recent scan I saw as of Sunday, Jan. 21 went to Fortinet, which detected just 61 percent of the new malicious software thrown at it.

Please don't take what I'm about to say as a slight against all of the incredibly selfless, helpful and free advice offered on the myriad Windows security forums online. But it seems to me that PC first aid forums are best for helping individuals get rid of very specific problems. The bewildered user may arrive complaining of incessant pop-ups, and he or she is usually rebuked and told to go back and read the rules, which require all visitors to -- before asking any questions -- download 3-5 different tools, run specific scans in a specific order, and then post the logs of those scans and await a response.

In most cases, if a person is willing to do the work and invest the time, he or she can get a specific problem fixed in a day or two, maybe more. If the person is lucky, the helpful folks in the forum will spot other threats resident on the victim's machine. But in the end, an online tech support forum cannot give your Windows machine a clean bill of health. Reformatting can.

After I'd written much of this entry, I rang CastleCops founder Paul Laudanski for a gut-check. I thought I was going to get an earful, but he ended up congratulating me for taking a stand.

"Clean-up on a Windows machine is no longer consistently done quickly because there are more and more procedures to run through, and a lot more tools people have to install to check -- in a step-by-step procedure -- whether things are hidden or not," Laundanski said. "It's up to the [user] whether they really want to go through this long exacerbated process of clean-up. If they can take their files off of there and get them scanned somewhere, and then just re-install the entire [operating system], that probably the quickest and safest solution. A lot of times people don't want to do that...they want to fight the infection, they want to know exactly what happened, or figure out how they got hit and fix it."

Since this post has already gotten too long, I'm going to reserve for a future post my more detailed recommendations for just how one might go about backing up and re-installing the Windows OS.

By Brian Krebs  |  January 24, 2007; 5:30 AM ET
Categories:  From the Bunker  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Sun Releases Java Security Update
Next: Apple Patches First 'Month of Apple Bugs' Flaw

Comments

You are right on the money about this. Even Microsoft recommends reinstalling every 2-3 years. Even the rare windows machine that is not riddled with malware slows down and becomes more unstable over time.

Posted by: Lee | January 24, 2007 6:25 AM | Report abuse

I've been doing IT for many years. 3 or 4 Years ago I would have said that it was possible to "clean" a PC or most adware/spyware and virus infections. Today I don't even attempt beyond a quick run through of a adware cleaner. If that doesn't do it then I rebuild. It takes too much time to attempt to clean a machine only to discover that you won't get it all. It will come back. If what you have is spyware you are better off starting over anyway.

Posted by: Andy, ITGuy | January 24, 2007 7:45 AM | Report abuse

Brian,
I have been cleaning PC's of Viruses and Spyware for years and more recently Rootkits.

There is a site called www.antirootkit.com that has a list of Anti Rootkit Programs, although some seem to be better at finding rootkits than others

I have yet to find a PC that cannot be cleaned.

Once when I reinstalled XP on a PC I connected to the Internet to get updates from MS and got infected by some worm within minutes of connecting.

Sophos has said that there is a 50% chance of getting infected within 12 mins of connecting to the Internet with an unpatched PC.

So before you reinstall get a CD that has the latest updates so that you do not have to connect to the internet until you are fully patched.

Jeff

Posted by: Jeff | January 24, 2007 7:52 AM | Report abuse

I've never been bit by a virus, rootkit, or other malware. My security practices:
When not using the PC, turn it off.
Configure the firewall on the router (between the PC and cable modem).
Use Firefox for websurfing, Thunderbird for e-mail.
Do not use HTML e-mail, use plain text.

Run Linux. ;)

Posted by: wiredog | January 24, 2007 8:47 AM | Report abuse

This week I cleaned up a computer affected by pop-ups: AVG Anti-Spyware proved very effective, and Ad-Aware and Spbot Search & Destroy both found more files and entries. After about half an hour, the computer was clean and responding well, but this was a fairly limited infection- with no rootkits that BlackLight could see anyway.

After that I spent about an hour updating the software- IE7, Flash, Java, Acrobat Reader- and putting in some protection- Spybot Immunization, SpywareBlaster, Windows Defender.

The problem with reinstalling the OS or using a recovery feature is that the reinstalled/recovered system is likely to be months, even years out of date. With computers bought after XP SP2, the firewall issue will not be a problem- the firewall is on by default- but I've seen a lot of people with XP SP1 discs, not to mention WINME. Without spending time to check that a firewall is up and that Windows and other software is up to date, a reinstalled/recovered system is a sitting duck for attack.

In the past I've cleaned up badly infected computers for people who have lost their recovery disc- it can be done, but takes all day scanning with multiple AV's, anti-spyware programs, rootkit detectors, System Explorer, AutoRuns, HijackThis! etc. It's certainly not an economical exercise, and removing a lot of malware always carries the risk of leaving some sytem instability.

I still reckon it's worth recommending AVG Anti-Spyware, Ad-Aware and Spybot, (after a full AV scan) If symptoms persist, or there are signs of rootkits, backdoors, Trojan downloaders, worms and other viruses, a reinstall/recovery is by far the safest option (particularly if the computer is used for internet shopping, banking etc.)

But that's not the end of the story. After insuring that a firewall is up, the system needs to be thoroughly updated. With a computer just a few years old, this can mean a huge download, and often requires a reboot or two along the way, just to get Windows up to date.

Secunia software inspector is an invaluable tool for checking that everything has been updated properly:

http://secunia.com/software_inspector/

Posted by: FreewheelinFrank | January 24, 2007 9:00 AM | Report abuse

I share Brian's thoughts on rebuilding Windows machines that have become compromised/infected. As another reader commented, today it is harder to simply clean machines. Nowadays there are so many different hackers/crackers creating malware and variants that have unique characteristics. Some of this is built into the software but some is sent via commands to the host from a central control and command location. Anti Virus doesn't get every copy of malware in existence so don't feel confident that something wasn't detected. How can you know what the intruder did to undo it? The basic answer is, unless you are a total security geek and take hourly snapshots of your system, you won't be able to clean the system. Even if you find one thing there may be something else there that you are not aware of.

To regain integrity of the system you just have to rebuild it.

Posted by: David Taylor | January 24, 2007 9:01 AM | Report abuse

"To regain integrity of the system you just have to rebuild it."

This is just it, which is why Microsoft putting pressure on the OEMs not to supply genuine OS discs is such pain in the neck.

You're left reinstalling off a hidden partition or of self-made "restore disks". And what if the disks are bad or you're helping someone who hasn't made them? And after all that, you'll be stuck with an infuriating non-standard OEM install with a ton of trial software and other so-called "crapware" (aka "craplets") to clean off before the machine is usable. Windows is such a bad OS that re-installation is necessary ever year or so *anyway* owing to registry bloat and "bit-rot".

Perhaps it's better to just wipe and install Ubuntu.

If you use a Mac or you use Linux, you have an OS CD. If you use Windows, you don't. But Windows is the very OS someone is most likely to want to reinstall. It's just not good enough.


Posted by: Steve | January 24, 2007 9:45 AM | Report abuse


The most important advice that BK gives in this article is to run Windows under a limited user account. It is also necessary to check the ACLs for important system directories such as Windows, System32, and Program Files to be sure that they have the minimal needed permission sets. The only way that software companies will finally get their acts together and ensure that their software runs properly in a limited user context is for Microsoft to **finally** recognize the issue, and make limited-user accounts the default under Windows. It's much more difficult for a virus to ingrain itself in your system if it cannot change key system files. Limited-user accounts are not a panacea however, because for example they won't stop a virus that exploits a flaw that allows for an elevation of privilege.

Posted by: LimitedUser | January 24, 2007 10:00 AM | Report abuse

I no longer 'clean' infected systems. I download the latest pertinent AutoPatcher updater, take the sick machine off line or behind my Linux based firewall, save what I can save, reformat and re-install the Windows OS, update it in one shot using AutoPatcher and re-load all saved personal files.

As mentioned above, lack of a true oem re-install disk makes this process very, very difficult. Occasionally, I'm reduced to having the owner purchase a retail disk.

At this point in time, I now demonstrate a working Linux box using KDE. {I find KDE is more comfortable for Windows users}. I also install Open Office org, Firefox, Audacious, VideoLan and several other FOSS projects on their newly rebuilt Windows box.

Those who stop using IE, Outlook, Outlook Express, Microsoft Office etc. have yet to come back with problems other than performance issues. {defrag, defrag, defrag -- and buy more memory}

About one in ten converted to Linux. Most of those who converted to Linux did so on the basis of my demo of Amarok. i.e. They have extensive music collections and absolutely love having an automatically generated and automatically maintained true data base {usually mysql} of their music collection. The ability to query WikiPedia regarding the currently playing artist is just icing on the cake.

Hint to musicians - be sure your WikiPedia entry exists and is up to date!

Posted by: No Tellin | January 24, 2007 10:23 AM | Report abuse

My brother's machine needed a Kevorkian upgrade but he didn't have
a bootable CD rom (he'd upgraded the
machine from Windows ME to Windows
XP Home). Fortunately the machine has a floppy disk drive, so the following solution worked: a
downloadable utility from Microsoft
that writes a bootable WinXP setup
image onto 6 floppy disks that you
supply. Details at:

http://support.microsoft.com/?kbid=310994

Posted by: little brother | January 24, 2007 10:44 AM | Report abuse

FWIW, I couldn't get the WinXP
Home CD to boot on my brother's
machine although the WinXP Pro CD
is bootable on my spouse's machine;
both CDs are retail upgrade versions.
I never figured out whether the
problem was due to an intentional
omission from the XP Home CD or
the BIOS settings on my brother's
machine but in any case, the six
floppies solution worked.

Posted by: little brother | January 24, 2007 11:04 AM | Report abuse

You know how many years writers who are recommending the Mac have said that it was safe from viruses "at least for now"? "at least for now" has been ongoing for a lot of years! I've been using Macs since 1990 and have NEVER installed "shield" software. I've NEVER had a moment when my Mac was invaded with a virus. I've never had to concern myself with hidden keyboard recorders and the like.

Posted by: Don Smith | January 24, 2007 11:11 AM | Report abuse

I'm not into IT much, I'm basically a user who knows a little about computers. I've opened up a couple of boxes and replaced a hard drive or two and that's about it. While I would agree with the basic premise of reinstalling the OS, there is a part of the story that no one seems to be talking about. Brian clearly stated "The questioner said the woman knew nothing about computers." I've reinstalled the OS once on my current computer - it wasn't a lot of fun and at least I had a vague idea of what I was supposed to do plus the ability to call a couple of people who could help me if I got stuck. If the person in question really doesn't know anything about computers, she should probably take it to a shop. Even if it costs $100 or so, the shop will spend a lot less time than the owner to reinstall the OS, and have all the necessary tools to do this properly. The owner will save herself hours or possibly days of frustration. Sometimes you have to know the limits of your abilities and proceed accordingly...

Posted by: James | January 24, 2007 11:15 AM | Report abuse

Well, it's nice to see Brian finally got half, if not an entire clue. A Mac really is a viable, excellent solution to the nonsensical, upside down world of Windows viruses, spyware and malware.

Over the long term, the Mac is much easier to operate and maintain, and thus is less expensive. And for those who think they don't have the "means" (Brian's transparent language that tries to temper and qualify his about-face recommendation), feature-for-feature, Apple's OS X-compatible Macs cost about the same as most Windows-compatible PCs. The only PCs that are cheaper than Macs are the older, nearly obsolete designs that are offered at bargain basement prices to get potential customers to stop and look at a given brand, such as a Dell.

Just be careful when comparing prices and computers. Many PC-compatibles don't match Apple's offerings feature-for-feature. Usually, you have to add hardware and software upgrades to many PCs to make it comparable to a Mac. And then you still won't have Apple's OS X operating system.

You see, computing is not just about the hardware or the software. It's all about the elegant and seamless integration of the hardware and software.

Posted by: George | January 24, 2007 11:22 AM | Report abuse

The ONLY computer system for people who are not interested in computers is Apple Mac.

Let's finally face it, you have to be a Windows loving geek, or have a friend or relative who is, to keep a Windows PC going.

An Apple Mac is the exact opposite, it's a breeze to use and fun with it.

Your advice Brian Krebbs, should be unequivocably to switch to Mac.

But then of course you won't get nearly so many 'how do I fix this' questions.

Posted by: Jon T | January 24, 2007 11:29 AM | Report abuse

Wonderful and thoughtful discussions. Having originally been a PC/Windows person that transitioned to Macs and OS X, I have the following quick bullet points for Windows users:

*Once you go Mac, you never go back;
*Apple Mail or Mozilla Firefox instead of Explorer;
*Apple Safari or Mozilla Thunderbird instead of Outlook; and
*Vista's look and feel is just a poor imitation of OS X. (Don't believe me, ask David Pogue of the NY Times...maybe even Brian Krebs too!!)

FYI: Most Windows users will find it hard to believe, but I leave my iMac on for weeks at a time and never have to reboot.

In fact, just for fun, I reboot my iMac once a month, whether it needs it or not. ;-)

Posted by: Terry | January 24, 2007 11:56 AM | Report abuse

The original mention of an "elderly friend" reminds me that when my father first asked about getting a personal computer for the first time, I decided to get him an affordable pre-owned Mac. He's been using that machine trouble-free for a few years already, even without paying much attention to security updates. Of the solutions mentioned in the blog, switching out of Windows to another platform is the only one that I have confidence in.

Posted by: Huh | January 24, 2007 12:02 PM | Report abuse

Ooops! Correction:

*Apple Mail or Mozilla Thunderebird instead of Outlook;
*Apple Safari or Mozilla Firefox instead of Explorer;

Posted by: Terry | January 24, 2007 12:03 PM | Report abuse

Hi George. Thanks for stopping by. I'm intrigued by your comment regarding my "about face." When have I ever recommended Windows computers over a Mac?

Posted by: Bk | January 24, 2007 12:14 PM | Report abuse

A year ago I gave my parents a mac mini of their own. My dad, who had been using a Windows PC at work and took to the Mac right away with very little help from me. He said he liked the fact that he didn't get "those damned sales windows" on his screen all the time.

My mother had never had her own computer before and I'm very proud of how well she has learned to use email. She didn't take too well to the whole desktop metaphor and I have to continually reminder her of what the Finder is and that the right mouse button is used for things. I just can't imagine having to teach her to use Windows or Linux over the phone - they live 1500 miles away.

It's cruel to allow elderly people to struggle with Windows. If you love your mom, you'd get her a Mac!

Posted by: montex | January 24, 2007 12:22 PM | Report abuse

I have been in the PC repair field for over a decade and am on the constant lookout for good free programs that keep my system clean and operational. CCleaner and Ad-Aware go along way but several other programs need to be part of any techs toolset; Bart PE is a must, another was written by Ryan VanderMeulenbut the program he created directly integrates all post-SP2 hotfixes, plus a few other updates allowing you to create a updated Windows XP installation CD. Long story short the tools are available you just have to find them. Can anyone think of more programs that would be a good addition for tech support toolkits?

Posted by: PhorkinSpoon | January 24, 2007 12:36 PM | Report abuse

Hey, lots of good information.
Prevention, be wary, double secruity, etc.
My PC at work is getting buggy and slower, off and on. I guess its time to flush everything and totally reload. Of course that is a REAL PAIN. I have added many applications over the years and finding everything will be a pain.

I run a spyware and virus program each month (I am behind a company firewall) and a mini spyware check every day. The monthly checks take 2.5 hours each. What a pain.

I also use a Mac. I try to reboot - (meaning turn it off at night and turn it back on the next day) at least once a week. Overall, it runs great, and I have so few problems that it takes running my PC to remind me of what you guys are putting up with.

Either way, best of luck with the flush and reloads. Sounds like the way to go.

Elder Norm

Posted by: elder norm | January 24, 2007 1:04 PM | Report abuse

I am in the PC Desktop support field for a major DOD contractor and have been since the early 90's. After suffering with Windows for years I made the leap to Apple and OS X for my home PC. It's been nearly 5 years now and I have never even loaded am antivirus program on any of my Macs. They are simply easier to use, more dependable, safer, and with iLife (included on all new Macs) amazing fun! Create, edit and manage Music, Photos, Movies, DVDs and Websites with ease (the programs are so easy to use they don't even come with manuals!) Surf the web, check your mail, Video chat (with built in camera) or connect your computer to your TV and enjoy all of your content with the included remote and the beautiful Front Row app... all out of the box!!! Just my 2 cents. Good Luck!!

Posted by: Skabeetle | January 24, 2007 1:30 PM | Report abuse

Good info here. Thanks to all who posted.
I'm wondering, however, why I'm just starting to receive full page, unrequested ads in the middle of WP "20 Most E-Mailed articles". These very expensive ads slow down my Home XP computer, cannot be easily deleted, often require my having to refind the source articles and reclick and scroll to get to where I didn't want to be interruped in the beginning. I'm sure others must wonder about the downloading of these large, often gaudy picture files without the viewers'consent. Help, y'all.
PS: I realize that the company needs ad revenue on the way to WebWonderland, but...

Posted by: evanest | January 24, 2007 1:40 PM | Report abuse

The reason there aren't a significant number of malware for Macs is due to a couple of reasons. The main one being that there aren't enough people using MacOS to make it worthwhile. Having the default account being limited helps, but it's mostly the former. The main thing that prevents people from using is the learning curve to get into OSX. A majority of people have spent a decade or more getting used to Windows and all it's quirks. Asking them to throw that out the window is an exercise in futility. Not to mention that corporations are unlikely to switch, which would lead to people using one OS at home and another at the office. Not a pleasant thought, I assure you.

Posted by: WH | January 24, 2007 1:49 PM | Report abuse

"Get a Mac!"

No - I mean that!!! I'm a former PC user but have made the switch.

Anti-virus programs - what's that? Don't have one - don't need it!

Anti-spyware programs - what's that? Don't have one - don't need it!

Firewall? Oh yes Mac OS has one built-in. Don't think so much about it...

OS? The nicest and most userfriendly ever seen.

Hardware design? Cool!! And quiet! While I'm sitting here in front of my 24" iMac all I hear is a very, very quiet humming. When I turn on my old PC, which was meant to serve as an FTP-server, I go and get my hearing protection. (And my wife shouts: what's all that noise!!?)

As Terry wrote: Once you go Mac, you never go back!

Now my goal is to replace all PC's in the household with Mac's. And then I will sing along with Fleetwood Mac: Never going back again...

Posted by: Steffen D | January 24, 2007 2:02 PM | Report abuse

It's actually worse than you make it out to be. Much worse. The newest version of Windows is purposefully designed to be incompatible with older software. You cannot run, for example, SQL 2000 on it. Moreover, Microsoft is about to face a barrage of lawsuits over their use of propriatory technology for video's and other media on sites like MSNBC. I used to be a Microsoft developer and switched to Mac's about a year ago. I am encouraging my employer to switch to Mac's and MySQL for their database. It is more stable, more robust, and has none of the compatability problems associated with any of SQL, dot-NET, or the other MS propriatory technologies. And, the security nightmares pretty much go away.

Brian, while you're on the security kick, PLEASE warn people about Firefox! Without detailed instructions on how to turn things off, the average person is going to find that certain firms can troll through everything on their computer, even look at them through their video camera!

Posted by: MikeB | January 24, 2007 2:13 PM | Report abuse

MikeB -- Thanks for your perspective. The matter about Firefox and webcams, etc., is new to me. Anyway, it sounds dangerous, if improbable. Care to share some more information? Thanks.

Posted by: Bk | January 24, 2007 2:19 PM | Report abuse

I use a Mac running OS X Tiger at home and a PC running XP Pro at work. The Mac is a dream to use, the PC is mundane, to say the least. Even with Vista (we got 3 machines running it) the PC still looks dated next to my super cool PowerBook, and my PowerBook is over 2 years old.

Every time I use my Mac, I enjoy it. Every time I use a PC, I tolerate it.

Posted by: Jamie | January 24, 2007 2:50 PM | Report abuse

"Once when I reinstalled XP on a PC I connected to the Internet to get updates from MS and got infected by some worm within minutes of connecting.

Sophos has said that there is a 50% chance of getting infected within 12 mins of connecting to the Internet with an unpatched PC.

So before you reinstall get a CD that has the latest updates so that you do not have to connect to the internet until you are fully patched."

My God, you Windoze PC users are masochists!

If you bought a car that broke within 12 minutes of starting it up, would you buy the same make and model next time? I don't think so. So, why not the same thinking with computers? This insanity never fails to amaze me. I bought my first (and only!) Mac 6 1/2 years ago. It still works great and never gives me any problems. We Mac users will continue to sit here in smug silence laughing to ourselves while the rest of the world pulls their hair out over their Winblows issues!

Posted by: Cubert | January 24, 2007 2:51 PM | Report abuse

Is it possible to copy XP SP2 to a CD, so if I re-install OS, I can install SP locally w/o yet getting Internet connection?

Posted by: rick | January 24, 2007 3:07 PM | Report abuse

And the attitude displayed by some of the above Mac owners are another reason why some people will not use MacOS. The smug, holier-than-thou attitude shown here and also on the rather less than tongue-in-cheek ads on the TV serve to turn more people off than the price tag of Macs. Similarly the inane comparisons of current Macs to years old PCs is a little silly. See the comment about fan noise above, or the current TV spot showing "PC" going to get new hardware for Vista.

Approximately 4% of the desktops out there run MacOS. Most of those I would be willing to be are in a corporate environment (design, rendering, etc.) so are behind at least one level of hardware firewall. The home penetration of Macs is pretty low. That makes it a very unattractive target for malware. As such, any congratulations for being "secure" are a little premature.

Posted by: WH | January 24, 2007 3:38 PM | Report abuse

Question: If you are reinstalling XP, how do you make sure that none of the files you're keeping have hidden files in them that allow the malware to reinstall itself? Can't viruses etc be written to hide copies of themselves in mp3s or pics that people are likely to save? What about MS Office files?

Completely agree with others griping about not getting an OS cd with their new pc. It's almost easier to get a pirated XP disc than to reinstall my legit copy.

Posted by: booyah | January 24, 2007 3:38 PM | Report abuse

Question for WH: If people wearing red shirts got shot (for whatever reason) and people wearing blue shirts did not (again, for whatever reason), should I choose red or blue?

Posted by: Gordon | January 24, 2007 3:54 PM | Report abuse

WH,

The premise that {$ALTERNATIVE_SOFTWARE} is not as prone to {$MALWARE_DU_JOUR} because there aren't as many crackers interested due to low numbers of users was exploded long ago.

Proof:

Microsoft Internet Information Server {IIS} accounts for ~22% of all active internet servers. Apache and related account for more than 70% of all active internet servers. MS IIS accounts for better than 95% of all exploited internet servers.

Apache, Websphere {derived from Apache} and friends account for the overwhelming majority of the webserver market and yet are involved in very few internet server exploits. Point of fact, on those rare occasions {two come to mind in the last 4 years} when Apache can be shown to be actively exploitable, it's major news. On the other hand, another spreading exploit of MS IIS? {yawn} Ho-hum. Same-o, same-o.

The "not enough market share to be of interest to crackers" excuse is not based upon any actual research or hard figures. It's simply a rather presumptuous assumption of what appears on the face of it a logical thought progression. If such an assumption were true, then Apache would have overwhelming numbers of crackers looking for exploits.

Funny thing that "intuitive logic". It almost never has anything to do with the real world. When you have actual research in hand which proof positive demontrates your assertion, then come back. Otherwise your assertion is meaningless.

Posted by: No Tellin | January 24, 2007 4:11 PM | Report abuse

My hubby wants to reinstall Windows XP on our PC. There doesn't seem to be anything suspicious, but we're having printer issues. No weird ads or anything.

Anyway, how are you supposed to get all the updates back on there without connecting to the net? Where else can you go? If you only go to the Microsoft site after reinstall, is that safe?

Posted by: Ms. Clear | January 24, 2007 4:16 PM | Report abuse

IT support tools:

AutoPatcher
Ultimate Boot CD for Windows
Ultimate Boot CD
AutoStreamer
sectools.org

Posted by: No Tellin | January 24, 2007 4:17 PM | Report abuse

Quote: "The smug, holier-than-thou attitude shown here" by WH.

Well, in my opinion the "The smug, holier-than-thou attitude" is all on your side WH - who seems to think, that Mac users are just like that, and PC users of course so much clever (and all humble). Yes we Mac users love our Macs, because they are superior in so many ways - even when it comes to security. Why is it that you love your PC so much? Because you really like the battle of fighting the hundred of thousands viruses and spyware programs?

I have had Win XP installed for some 5+ years and I have never reinstalled and I have never had a virus or a spyware program installed. Why? Because I fought the battle using all the weapons you need to succeed. For years I didn't believe when Mac owners told me about Mac security and I even kinda scoffed at them. How naive can you get? was my opinion.

But I've learned not to try to speak of something that I don't know anything about. In this case it was the Mac world. Maybe others - not mentioning any names - should realize the same thing...?

Ps. No, I haven't turned to hate Windows. I run a Windows XP installation on my Mac, using Parallels software. But of course, also in this case I'll have to protect my Windows installation and fight the same battle as before on my PC. But it is a little easier as I don't use e-mail or browser on this Win installation. For these tasks I use my Mac - of course...

Posted by: Steffen D | January 24, 2007 4:22 PM | Report abuse

To Gordon,

Lemme answer that one. I think WH's only point is that the blue shirt wearers shouldn't go around proclaiming that their shirts are somehow bullet-proof because they're not getting shot.

Posted by: A. John | January 24, 2007 4:26 PM | Report abuse

People thaink that when they keep getting viruses that they have to reinstall. I have found that a lot of rootkits stop anti virus programs from finding viruses. I downloaded some programs from http://antirootkit.com/software/ and it they found a rootkit. Then my antivirus found a virus that was on the PC for some time.
I find that some anti-rootkit programs find the rootkit and some do not.
Do not re install your pc if you have lots of viruses. It is a waste of time.
thank you.

Posted by: J Novak | January 24, 2007 5:01 PM | Report abuse

"The reason there aren't a significant number of malware for Macs is due to a couple of reasons. The main one being that there aren't enough people using MacOS to make it worthwhile."

WH, you must be kidding?

I do not get how some windows users believe this persistent fable that the only reason MacOS X is virus-free is because of lack of use.

After being a very devoted Microsoft user every since Windows 3.1, I switched to Mac when OS X first came 6 years ago. In the past two years I have switched over almost all of my siblings and my mom to OS X.

One of my brothers went out and got a cheap Dell machine (this was back in the Windows 2000 days) during the installation of his internet service, his machine got infected in the first five minutes of being on the internet (he was trying to get the Microsoft site to download the latest security patches --- he did not make it on his 56k modem).

Since OS X, none of them have ever had a virus. Nobody knows (or cares) about malware, keyboard scanners, root-kits and the like. And my tech support call load to my family's computer ill's has dropped to almost nothing (mostly calls about how to do something new --- never "it's not working" calls).

However, back the fable about Security through obscurity.

If you do the math, you will see that the argument makes NO sense.

Let's say that (hypothetically) Windows has 99% of the desktop market. Let's say for argument sake that Mac has only 1%.

Let's say that windows has 9,900 pieces of viruses written for it.

This means that Mac should have AT LEAST 100 viruses.

So how many viruses does the Mac have in the wild?

100?, 50?, 25?, 10?, 5?, 1?

NONE! By the way, Apple real U.S. marketshare is about 5.1% (they sold 1.6 million Mac's just last quarter!) which makes the virus numbers even more ludicrous. PCs got 114,000 viruses last year. Macs got zero. You do the math WH.

http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=196901645&cid=CRNBreakingNews

There are four theoretical viruses (created in the lab but never released into the wild) and Apple has already patched the vulnerability that exposed made these viruses work.

And these were mostly spread by social engineering (which is VERY hard to stop in any OS).

Most Mac users run with NO virus checkers and minimal firewall protection other than what comes out of the box. Just ripe for the poaching.

Do you think the there is at least ONE teenage, pimply-faced, Mountain Dew slurping, locked in his room with his computer, can't get a girlfriend, hacker who would LOVE to claim the fame of "Breaking OS X"?

I think there are MANY who have tried --- and failed.

Why? because no nobody's using it?

No, it's because it is VERY, VERY HARD TO WRITE VIRUSES FOR OS X. Mostly because OS X's UNIX/BSD kernel is very well designed (security-wise) and does not allow the tom-foolery that the Windows kernel winks at which lets the virus writers run rampant on Windows.

Mac is more secure because it is designed and thus easier to support. PERIOD.

http://www.macdailynews.com/index.php/weblog/comments/shattering_the_mac_os_x_security_through_obscurity_myth/

By the way, do you think that Vista solves the Windows security problems?

Keep dreamin......

http://www.itpro.co.uk/news/102716/malware-more-compatible-with-vista-than-antimalware-products.html

Wanna not worry about viruses and live a careful computing life?

The answer is always the same....


Get a Mac!

Posted by: Mr. NoKiddin | January 24, 2007 5:21 PM | Report abuse

I just think its funny that Mac and Linux users talk about uptime, and Windows users talk about downtime...

Posted by: Matt | January 24, 2007 5:25 PM | Report abuse

"Approximately 4% of the desktops out there run MacOS. Most of those I would be willing to be are in a corporate environment (design, rendering, etc.) so are behind at least one level of hardware firewall. The home penetration of Macs is pretty low. That makes it a very unattractive target for malware. As such, any congratulations for being "secure" are a little premature."

WWWWOOOOWWWWW

This is the first time I have read such a big spin. So now Macs are secure because they mostly are used in corporate environment?
Amazing, what is that make you Windows user so willing to twist everything so to convince yourselves that there is no such thing as a better OS that Windows.

Which is true I wonder
a) There are too few Macs around (over 20 millions, Apple is 4th manufacturer in continental USA)

b) Macs are used in corporate environment mostly (most Apple sales are to consumers, corporate presence is a blip on Apple radar)

c) Macs are NOT used in corporate environment and mostly home users but too few (Apple presence in Web statistics hoovers around 12% of all internet access worldwide)

d) Macs are not safer than Windows (Month of Apple Bug, supposedly to release a major threat on Mac OS X every day in January is falling flat on its face. Actually having to resort to flaws in third party applications to show problems. Those found so far have either been fixed already by Apple or are problems that could not allow remote exploitation. Wow, big deal.

e) OS security is a function of the number of machines around. Macs are fewer than Windows hence fewer problems (Macs have ZERO problems not fewer. If security was a function of number of machines it should have at least 4% of malware around. In addition, believing that no one in the world EVER had the idea to try to break into Macs is the most "mud-in-your-ears-and-eyes" kind of belief. Not even for money? Money have been offered (5 digits amounts) to people to break into Macs. Money never been collected.

Mac OS X guts are FreeBSD Unix and Mach-O , both with stellar record security wise. Stop deluding yourself. Security is matter of design, not how many machines are online at any time. Windows is easy to break into, hence best target. The fact that there are so many is icing on the cake. Mac OS X is at least as secure as any other *BSD Unix platform: light years ahead of Windows, whatever flavor, Vista included (PS, current Windows worms run on Vista and security companies currently reports over 38% of existing malware as been already adapted to affect Vista platforms. Welcome to the same old soup guys.

Posted by: Max | January 24, 2007 5:26 PM | Report abuse

I also don't care if only 100 people use Macs versus 100 billion - it works, its easy, and its not Windows, which is why I use it.

What is the deal that because few people use something it must not be good, anyway?

Posted by: Matt | January 24, 2007 5:33 PM | Report abuse

I can download off the net literally thousands tools and application that automate creation of malware for Windows. I do not need to be a programmer, just understand written instructions and select options. It is also the reason crackers on Windows are usually pimple-faced teenagers, not geeks.

Can't do that with Linux, Unix, Mac OS X. I truly would need to be a heck of a programmers, with years and years of experience under my belt and knowing the APIs and KPIs by heart. By then, I would have outgrew stupidity and actually contribute to the OpenSource community.

Oh wait, I da that already. Silly me.

Posted by: wannabecracker | January 24, 2007 5:40 PM | Report abuse

I switched just over a year ago. Best thing in my life. I now use the computer for my benefit, not for the computer benefit, to keep it safe and working.

It has been like stopping to be the nurse of my PC to be the user of my Mac. I realized it was like Stockholm syndrome: you end up being unable to leave your persecutor, you suffer, you hate the thing but can't leave it and find all excuses not to leave it. Even the most absurd and repeating yourself everything and the opposite of everything, depending on the need of the moment in order to not leave the hate-relationship.

Today you may even install Windows on a Mac and do the transition smoothly rather than in one big jump. For some it is reassuring but direct comparison is such an eye opener.

To the guy saying Apple has no home penetration. All my friends are now on Macs and no one is looking back. Read that Apple is growing consistently at 20% ~ 30% every quarter. I believe it: it is like smokers who recently quit. At first no one was doing, now at every party I find switchers. Yes, we quit for good and more every day. Amazing the time I wasted on Windows.

Posted by: Switchers | January 24, 2007 5:50 PM | Report abuse

When downloading the latest patches as part of reinstalling Windows, make sure you are behind a router with an on-board firewall. The router will protect you from unsolicited threats like worms, while you're patching. And don't surf anywhere else until the Windows updates are done.

Some cable/DSL modems may have routers built-in but don't count on it. Get your own router if you're unsure.

Even if you only have one PC to manage, get a router. They're inexpensive, $30-50 for a basic one. 99% of unsolicited attacks will hit your router and die, thus reducing the workload on your software firewall (Windows).

If you value security over convenience, get a non-wireless router or turn off the Wi-Fi features.

Don't try to do a reinstall with dial-up internet access. The files are just too big. Haul your machine to a friend or relative who has broadband (and a router).

If you still want to try dial-up, install a software firewall before you connect; beg a friend with a working machine to download a free firewall, like Zonealarm, onto a CD for you.

Posted by: Ken L | January 24, 2007 5:57 PM | Report abuse

What I find revealing with all these debates Mac vs Windows is that Mac users always post about how nice is their experience on it, the things they can do so easily, the pleasant interaction with the machine, hw and sw likewise.

Windows users post to say that it can't be true, that Mac users are fanatics, that Steve Jobs have corrupted. I still have to find a Windows user posting to say how nice is his experience on it, the things that they can do so easily, the pleasant interaction with the machine, hw and sw likewise. Never happens, usually it is like the discussions of Alcoholics Anonymous, how bad things went, how they recovered, share the pain to try suffering a bit less.

If I knew nothing about computing I would not hesitate a second about which computer to buy: enough to read users comments and perceptions.

Posted by: Revealing | January 24, 2007 6:00 PM | Report abuse

OK so first unless there's a supplier of discount Macs out there that I don't know about, all hardware being equal a Mac is way more expensive than a PC. I can build the equivalent of a PowerMac (2.8 Gig processor, 1Gig RAM, 250 Gig HD, 256MB Video Card) for < $1000 (add $100 for XP and Open Office is free), and you can buy one for ~$1500 vs. $2400 for the Power Mac. You can get a little closer in price with an iMac but it's not nearly as expandable.

Second, until Windows defaults to having users log in with limited privileges and allows them to supply and administrative password to run admin functions (without having to log out or "switch users") it will be inherently less secure than Mac or Linux boxes.

Because Windows cleans its system dir like a 14 year old boy cleans his room, spyware or not it will grind to a halt after 3-4 years of heavy use. Yes rebuilding your system is a pain, but it's cheaper than buying a new box that you may not need. A few things Microsoft could do to make it easier is allow users to log in to their site, confirm that they have a legal copy of Windows then download an image of an installation disk for the current fully updated OS or at least a delta iso that they can run all updates from after the reinstall. That way they don't need to spend half a day repeatedly running Windows Update to get back up to speed. The windows installer could be kinder to partitions as well. MS needs to get over the idea that by default the OS should take up an entire drive and should you decide to partition it every partition needs its own drive letter. I mostly run Linux (openSuse) and since I have my OS on one partition, my home dir on another, and still other partitions for data sharing with a Windows partition, I can run a new Linux installation without trashing my data files (not that important files shouldn't be backed up). It's theoretically possible to reinstall Windows without reformatting the entire drive, but Windows really feels like it should. If you want to emulate this on a Windows box you're better off installing a second drive and keeping your data on that.

Oh and if you don't think Mac users are a little fanatical just ask Steve Jobs about a right mouse button

Posted by: Norm | January 24, 2007 6:32 PM | Report abuse

Great idea by "Norm" on Microsoft creating a fully-patched image of the operating system. Even a 'differential patch' which includes all critical fixes and security updates rolled into one big download and made available to fresh operating system installations would be a very welcome thing.

Of course, there is also the option to load the operating system, commonly used programs and then capture a binary image of the hard drive to an secondary disk, flash memory or an optical disc via Norton Ghost or another commercially available product. That method can simplify machine recovery and cleansing in a major way, especially if the recovery process is automated in some fashion.

I'll take a clean image install over a questionably cleansed machine any day. Plus, I'd rather spend my time increasing my users' literacy on productive computer/Internet-related activities rather than bury my head in forums hunting down registry hacks that *might* bring a machine back to a safe state.

Cheers!

Posted by: C.B. | January 24, 2007 7:25 PM | Report abuse

One of the people in the camp that says to reinstall from scratch is on Microsoft's web site.
http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

Posted by: Beryllium Sphere LLC | January 24, 2007 11:05 PM | Report abuse

Norm claims he can build a PC:

". . . equivalent to a PowerMac (sic) (2.8 Gig processor, 1Gig RAM, 250 Gig HD, 256MB Video Card) for < $1000 (add $100 for XP and Open Office is free), and you can buy one for ~$1500 vs. $2400 for the Power Mac."

Although Norm's comments seems to be from a time warp... about a year or so out of date on the top-of-the-line Mac... I think he is talking about his mis-conceptions of today's Macs.

That would mean he is saying he can build a PC equivalent to a MacPro for under $1000... or buy one for under $1500.

Quite frankly I doubt it. The retail price of the two Intel® Xeon® 6150 "Woodcrest" processors included in the Mac is $1,545.92.

http://www.pcnation.com/web/details.asp?affid=305&item=K12408

I just visited Dell's online store and configured a Dell Precision 690 (the only Dell desktop that has a big enough P/S and as many or more expansion bays as the MacPro) as close as possible to the MacPro Dual Core 2 Duo that sells for $2499.00 with 2 GB RAM(+$299) - $2798.00 .

The Dell configuration:
- Dell Precision 690 Tower
- 1000W P/S
- 2 Intel® Xeon® 6150 "Woodcrest" processors
- 2 GB ECC FB DDR2 SDRAM
- 1 250G HD 7200 RPM SATA, 8MB Cache
- Windows Business Vista ($10 extra to make it closer to OS X "Tiger")
- Dual layer CD/DVD+/- burner.
- 128MB PCIe x16 nVidia Quadro NVS 285, Dual DVI or Dual VGA Capable-

(Note - Dell hints their default card listed above might be unsuitable for Vista Ultimate and recommends a card $515 more expensive. The default card in the MacPro can handle Aqua, Core Graphics, and MS Aero.)

The price on January 24, 2007 for this package "deal" is $3717.00.

The Dell is $919 more expensive than the MacPro.

And, that's without the suite of integrated iLife software that comes with every Mac.

So much for buying a Mac equivalent PC for under $1500.

How about building one for under $1000?

Remember, we still have to start with that over $1500 for just the processors!

Anandtech's attempts to even buy the PARTS to make an MacPro equivalent PC totaled $2390 before adding a case, OS, and P/S (probably adding another $500).

http://www.anandtech.com/mac/showdoc.aspx?i=2816

Finally, about Norm's two button mouse comment... OS X Macs have supported multi-button mouses since their first release and every Mac today ships with a multi-button scroll ball Mighty Mouse.

Posted by: Swordmaker | January 25, 2007 12:47 AM | Report abuse

jeff wrote " Once when I reinstalled XP on a PC I connected to the Internet to get updates from MS and got infected by some worm within minutes of connecting. " Linux systems only open one port to one site to update systems after installation and before final config. why can not M$ learn to secure first and open second.

to the user who says he has not found a computer he could not clean. How much time do you spend for a client before it is cheaper to just redo the box? Ever have a customer threaten to sue cause you did not get that last rootkit and the custormer lost his savings account?

It is safer and cheaper to just reinstall the holy grail of M$! Do your customers and friends a favor, wipe and reinstall. Or better yet, insert linux CD!!

foot.

Posted by: lagrandefoote | January 25, 2007 8:37 AM | Report abuse

For the record, I'm writing this from my beloved 17" MacBook Pro, but I'm responsible for all Intel servers at work, Windows, Linux, Mac, or Novell...

Yesterday we spent half a day investigating how a Mac got itself cracked. "Rootkit" was originally a Unix term, after all. There are tools for cracking Unix/Linux/BSD/OSX machines, and there are vulnerable applications on those platforms as well. Sure, cracking Windows is apparently easier and there are more targets out there, but simply trusting in Macintosh is misguided. "Trust, but verify," as someone I don't often quote once said...

Posted by: Cal Frye | January 25, 2007 10:56 AM | Report abuse

Brian, I believe you were correct in your advise. Is rebuilding harder than just running a couple of adware and anti-rootkit tools? Sure, it is. But this isn't a PS2 you are playing with..and sorry to say it, but not everyone can be a "computer guy". If you think that some free anti-rootkit program totally cleaned your PC...then I would say look at the stats.

Posted by: Technocrat | January 25, 2007 11:02 AM | Report abuse

Touche', I missed that the Power Mac had 2 processors and yes you're right if I build the exact same box with the exact same overpriced hardware it'll cost about the same, but my point about Macs being more expensive is still pretty valid. If I want a traditional expandable box and a Mac, I have to buy a power Mac with an extra processor that I don't need. Plus I'm limited to Intel's top end chip and personally I think AMD makes better chips for less money. You can choose from an assortment of dual core AMD chips at newegg.com ranging form $225-$500. Yes the $225 chip is not as good as the $700 Woodcrest, but the $500 arguably is (and yes you can cobble the rest of the box together with comparable parts from less expensive vendors for another $500). All that aside I, and I suspect most people who aren't running a academic or commercial server or hard core gaming, don't need or want to pay for that much processor and Mac doesn't give me any other options short of the iMac which is far less expandable and what I do need is room for extra drives.
I like OSX and think it's a better OS than XP (and I really don't like some of what I'm hearing about Vista) and though I prefer openSuse with KDE to both, I need either Windows or Mac for digital darkroom stuff. I'm starting to look for new box and when I write down what I won't live without and go to Apple's site I'm looking at >$3000 for a Power Mac that has more power and fewer features than I want (way too much processor, no tv card, 2 500G drives instead of 3 300G drives) or building my own PC which has exactly what I want for ~$1700. As bad as MS is about dictating to the consumer what he/she needs when it comes to software, Apple is worse when it comes to hardware. (Yes Apple now has a 3 button mouse but for years the mention of one was reported to send Jobs into a raging rant)

Posted by: Norm | January 25, 2007 11:56 AM | Report abuse

An answer to the previous question woud be very appreciated: "If you are reinstalling XP, how do you make sure that none of the files you're keeping have hidden files in them that allow the malware to reinstall itself? Can't viruses etc be written to hide copies of themselves in mp3s or pics that people are likely to save? What about MS Office files?"

Posted by: Ashley | January 25, 2007 12:39 PM | Report abuse

Let me walk you through a couple of things. 1) According to a couple of quick Google searches, Macintosh market share is around ~2.5%, give or take (http://www.systemshootouts.org/mac_sales.html).

2) The iMac and Mac Mini are relatively new and have been the only machines targeted towards home users. The art and design industries are the major users of Macs, in fact penetration in those fields, especially graphic design and print is extremely high, anecdotally I would rate it as being 85%+. Take my word on that, my wife is a graphic artist, and everywhere she's worked it's been entirely Mac.

Based on those, it's probably that most of the Macs in current use are for professional/corporate use. Even the smallest company has some sort of access control/firewall between them and the internet.

As such there is almost no incentive to write general purpose malware for the Mac. Most malware these days is keylogging and botnetting. People are less likely to go places where a keylogger could record important information at work than they are at home (at least at my work), and similarly corporate environments are more likely to block things like port 25 to prevent spam from being sent out. They also tend to have more money and/or professionals to diagnose and remove malware, resources that are not always available to home users.

Does this all mean that MacOS is *not* more secure than Windows? No. I have no way of knowing that. But by the same token it isn't really possible to say that it is. What you *can* say is that you are less likely to suffer from infection with a Macintosh. There's a lot of "MacOS is better because I like it" going on in this thread. And it's your prerogative to have a preference. But believing that something is better simply because you like it better is a fallacy. I prefer Windows, personally. Does that make it better? No, it just means I *like* it better.

As far as hardware goes, the latest Power Mac is impressive. Two dual-core processors is a whole lot of power. I've seen comparisons between that and other OEM's offerings, and they are competitive. The only problem for me is I don't need that much machine. And if you don't want to get something that expensive, you're left with getting an iMac or Mac Mini. Which have a very low upgrade potential. You can increase the memory, maybe add a new fixed or optical drive ... and that's about it.

And that's part of how Apple gets away with it. They support ... maybe 4 video cards for the latest version of OSX. One Intel, a couple of ATI, and one nVidia. And that's it. They don't have to worry about anything else because they don't sell a machine with anything else.

For me, personally, I would prefer to have the freedom to add in more or less whatever I find that looks good on Newegg. But I'm a hobbyist. I'll say it, I like Windows. I like the freedom I have with it, both in hardware and software. I have my machines configured to work the way I want to work. I have the software I use, and if I need more it's readily accessible to cover more or less any need I have.

The problem I have with most Apple enthusiasts is they are firmly convinced that their way is the Only True Way(TM). When what it really is is just another way. Is it better for some people? Probably. For me? No.

Posted by: WH | January 25, 2007 2:02 PM | Report abuse

"If you are reinstalling XP, how do you make sure that none of the files you're keeping have hidden files in them that allow the malware to reinstall itself?"

Scan the files with your AV before transferring them back. Quarantine the files for as long as possible because this will increase the chance that any virus or malware will be detected- new definitions are added every day. If you can leave the files on CD for a few weeks, do that and then scan rather than copying them straight back.

Scan the files with AVG Anti-Spyware (formerly Ewido) or a-Squred (both have free versions), or another good spyware scanner like SpywareDoctor, SpySweeper or CounterSpy if you have one.

As a double check, scan the files with an online anti-virus scanner. The Kaspersky scanner has excellent detection.

Posted by: FreewheelinFrank | January 25, 2007 2:28 PM | Report abuse

I really hate this kind of discussion.

Every OS has their uses and their drawbacks. I have worked with Mac's, Wintel, Linux and even a few proprietary OS systems. All of them have their flaws and their strengths.

If you think Mac's rule...get over yourself.
If you think Linux is the be-all and end-all of OS's...it isn't.
If you think the people at MS are gods...they aren't.

Use what you know. Love your Mac, Linux or Wintel machine. I don't care. I use all of them for different tasks.

But don't come here (or anywhere for that matter) and spew off about how one is better than the other because you don't know the limitations of the OS.

I will say this about Wintel machines. Love them or hate them, there is a reason ~90% of the market uses them.


As for the discussion?

I agree with Brian. Sometimes you save time by re-installing the OS.

Posted by: Trudger | January 25, 2007 3:27 PM | Report abuse

I run an old (2002) cheap computer with Win XP Pro. I'm hooked to a wireless router then to a DSL modem. I have no anti-virus software, and don't run a firewall. Since I began working at home in April of 2004 my computer has probably averged being on 16 hours a day. I don't run any Microsoft programs unless I have to.

The only pop-ups that I can remember were from a recent update from RealPlayer, which took me 20 minutes to figure out how to get rid of. I scan occasionally--like, once or twice a year--using online AV and anti-spy software, which only find problematical the sorts of commercial that are apparently total legal, and relatively harmless. I have yet to note a serious problem with this computer that I didn't ameliorate with more memory, or a larger hard disk.

Some of us just, well, have it. Some of you obviously don't.

Posted by: WhatMeWorry? | January 25, 2007 5:07 PM | Report abuse

In my previous life as a Windows enthusiest, I, like WH, loved the ability to tinker with the machine, change hardware at will at be able to find drivers that work with windows.

I could then setup a dual boot configuration and then install Linux, and tweak with the kernel until I got everything perfect. If I had to totally rebuild the machine (windows or linux) my computer science masters degree and some time would enable me to get everything running again quite quickly (without any calls to tech support).

This worked well for me until my non-computer science degreed relatives started getting windows machines (around win98) and started surfing the internet, using email, downloading songs and movies, double-clicking on attachments and letting their teenaged children use their machines.

Every manner of windows problem possible would happen to my relatives machines. With six siblings (and my mother), I started to spend large amounts of my personal time running around reinstalling, debugging, disinfecting and rebuilding windows machines.

They would ask me how the windows machine got busted and then I would try explaining root-kits, viruses, Trojans, windows registry, DLL hell and other windows computer sciency concepts to non-computery people.

Their eyes would quickly glaze over at my explanations and they would NOT understand how they got themselves in trouble making it impossible for them to avoid making the same mistakes over again and again. Mistakes that I would have to repair over and over again. If I could have started charging for computer service calls, I would have made quite a pretty penny. But being my relatives, this struggle was done totally pro bono.

After switching my siblings (and Mom) to Macs, we do not talk about computers at all!

Mostly, because the Macs just work and keep working; no matter which website or email attachment they use. This has not only made my life immensely simpler but has allow them to actually get much more DONE with their computers (isn't that the point anyway?)

In my personal case, the Mac's UNIX/BSD foundation still let's me get my coding/opensource itches scratched and then a simple quitting of the Terminal application, I am back in the sanity and beauty of OS X.

So, it's not us Mac folks think that the ONLY way to carefree computing is the Mac. I think most of MUST believe that there is more than the 5.1% of computers out there that are Mac (most of us work on Windows machines at work during the day).

No, for the "true hobbiest", windows, linux and commodity hardware are a joy to tinker, reconfigure and optimize on any piece of frankenstiened hardware that you choose to cobble together. For you folks, "choice" is not an option, it is the starting point to your computing experience.

However, for the apparent small minority of us computer users who just want to "use" a computer and are totally unqualified to perform surgery on hardware or software, the Mac represents a way for us to perform the very large majority of tasks that are possible on the windows platform WITHOUT the complexity and support overhead of windows. In fact, I do not think we are a small minority at all. I just think that many, many hapless windows computer users suffering in dumb anguish (as me and my relatives were) until we discovered the easy life of the Mac. The fact that Apple reports that over 50% of the 1.6 million Macs that were sold to "windows switchers" is testament that our minority is growing.

This entire thread examined whether it was easier to fix or rebuild and infected windows machine and many of the solutions proposed in this thread represent concepts and techniques far beyond the "casual personal computer user".

It has been said that windows is a computer platform designed "BY computer folks FOR computer folks" where Macs are designed "BY computer folks FOR the rest of us".

Speaking for the rest of us, the Mac represents a much simpler, more carefree and enjoyable way to compute.

No smugness or piety, just a vote for nearly carefree computing.


Posted by: Mr. NoKiddin | January 25, 2007 8:10 PM | Report abuse

This thread is topical.
Two weeks ago, I re-installed xP on my laptop that had slowed down to a crawl; CPU and memory was out of whack. The box works fine now and I took the time to set my wife and I up as "limited" users.
I believe it is a better use of my time to do that over the course of a long evening then try to find the hidden problem. Even if I did find it, how would I know something else wasn't lurking?
As long as the installer is protected behind a hard firewall, I say go for it.
RE: OS
Years of tinkering in order to protect myself has become tiresome.
I recently started rebuilding donated boxes for a local charity and I went Linux all the way. This project has led me to the conclusion that Windows is flawed-not evil-and my next PC will be Linux. I have fought the good fight and I am tired of it all.

Posted by: bok | January 26, 2007 12:42 PM | Report abuse

Instead of hijacking this forum to the perpetual OS debate...

One of the problems I run into frequently in reformatting a user's machine and reinstalling Windows is the lack of driver support... particularly on laptops (Dell and Toshiba come to mind)
Weird proprietary hardware drivers can waste you several hours tracking down, only to find that the drivers are not offered by the hardware company (think Dell and Toshiba again).

So you may be able to install WindowsXP, but you can't get a driver to work with the built-in Atheros NIC so you can't go online to download the drivers...

Service Pack 2 has long been available for a separate download (Google it)and multipatch updaters (AutoPatcher) are a godsend. I wouldn't go anywhere without my burned copy of XP/SP2.

The "infected in 12 minutes" syndrome is easily countered with a $50 router, which I demand all clients who do not have one get before I will deal with their internet problems.

The overall best solution I have found is to immediately Ghost (9) the client's machine upon setup/config and regularly update that image after major software or hardware changes.
Making a self-booting dvd with cd, dvd and usb drivers, Ghost and the client's image insures that I can reimage their machine in about 30-60 minutes.

"image partitions" suck for being an adequate substitution for a system disk; if you have partition problems on the disk you are SOL. Never depend on that tripeware.

Posted by: relayer | January 26, 2007 5:24 PM | Report abuse

Ashley

You got a partial answer to your question. It was a good one. Having said that, if the file is an executable (*.exe, *.bat), or is for an application where the data file can contain macros like MS Word, Spreadsheet, Windows Media File, etcetera, then it DOES have the capability to reinfect your machine. There is a slight possibility that a normal data file that doesn't have macro capabilities can re-infect your machine but the probability is very low. It CAN happen though. The longer you wait and scan before using, the better.

I agree with the idea of reinstalling. It is a good idea except for one thing, take the disk to your friendly Linux friend to blow a megabyte of zeros onto the start of the disk. It makes for a much nicer clean install with no possibilities for boot sector malware. Your friendly Mac owner can also do it IF they have enough room in their box to stuff another hard drive onto the cable. The question of whether or not the Mac user will do it has already been answered for me - they won't do it. I WILL do it for the people I know that use Windows. Most of the people I know can't afford the expensive machines you people are talking about. Neither can I. As a computer and network security researcher, my needs are rather simple though.

Posted by: Henry Hertz Hobbit | January 27, 2007 6:10 PM | Report abuse

@ relayer:
>>One of the problems I run into frequently in reformatting a user's machine and reinstalling Windows is the lack of driver support... particularly on laptops (Dell and Toshiba come to mind)
>>Weird proprietary hardware drivers can waste you several hours tracking down, only to find that the drivers are not offered by the hardware company (think Dell and Toshiba again).
>>
>>So you may be able to install WindowsXP, but you can't get a driver to work with the built-in Atheros NIC so you can't go online to download the drivers...

You sound like you could use WinDriversBackup, before wiping the drive:
http://www.google.com/search?hl=en&q=WinDriversBackup

Posted by: Mark Odell | January 30, 2007 4:22 PM | Report abuse

Cleaning a win box is not that hard .. in fact it'll take you about 20 minutes.
Tools of trade:
- sysinternals process explorer(pslist/pskill)
- sysinternals tcpview(tcpvcon)
- sysinternals autoruns
With those awesome tools you will clean 99% of the possible adware/spyware/trojans
If you want to clean viruses too get IDAfree and your box will become 100% clean.

Posted by: ctg | February 13, 2007 9:08 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company