There is news that a security hole in IE known since 2007 allows takeover of a PC running that other OS just by pushing the “F1″ key in response to a pop-up. It’s time to re-image all my PCs without IE. In fact, it’s time to re-image all my PCs with Debian GNU/Linux. I will propose it to the boss next time I see him. Perhaps this could be an item on the agenda at the next staff meeting. Some teachers have resources that can only be accessed from that other OS but most just use the web. They don’t require IE or XP to do their jobs.
The “F1″ key is used as a “Help” function in many applications. Users may be conditioned to pushing it whenever they need help. The pop-ups will come. Why did it take three years for this to come to mind? Could it have anything to do with M$ wanting to kill off XP? They claim “7″ is not affected…
see The Register.
It’s not a lot of work to make one little change to the images to fix this but it’s only temporary. The next big thing will come along. I am tired of working for M$. Time to write the memo.
Proposed Changes to Information Technology
This week, there is news of yet another serious breach of security by Internet Explorer, “the blue e”, on XP. This one has been known since 2007 and yet M$ is only getting around to doing something about it three years later. An innocent user is presented with a pop-up suggesting they push “F1″ for more information about a problem. Then the malicious software gets to do whatever it wants with your PC. We need our PCs to work for us, not M$ or criminals on the Internet.
A much better solution is to eliminate the XP operating system completey. With Debian GNU/Linux, I can control each PC from my desk and update its software any time of the day that it is running. I type one command and any number of PCs can be updated. This should be possible with XP but M$ tries to keep out other systems than its own so it is not easy to change them. I can install GNU/Linux on our PCs as easily as I can put in one temporary “fix” for XP. XP is old technology designed before 2001 whereas GNU/Linux is current and uptodate with all forms of malicious software. Updates take seconds. I can download the updates to a server in the school and command PCs to install them over the LAN easily. Debian GNU/Linux is Free Software. It costs nothing to use, examine, modify and distribute. That other OS prevents us from doing many things like simply copying the image to the hard drive. I have also to let it have a verification code and let it phone home. There is no such requirement in GNU/Linux. Our PCs will work for us and not M$.
* Debian GNU/Linux – http://www.debian.org
* Latest vulnerability in IE – http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/
* Long list of vulnerabilities in XP – http://www.securiteam.com/products/W/Windows_XP.html
* Short list of vulnerabilities in GNU/Linux (many related to applications, not the operating system) – http://www.securiteam.com/products/L/Linux.html
This memo can be found with clickable links on our LAN at