Robert Pogson

One man, closing all the windows.

Daily Archives / Tuesday, March 2, 2010

  • Mar 02 / 2010
  • 0
Linux in Education, technology

Helplessness

There is news that a security hole in IE known since 2007 allows takeover of a PC running that other OS just by pushing the “F1″ key in response to a pop-up. It’s time to re-image all my PCs without IE. In fact, it’s time to re-image all my PCs with Debian GNU/Linux. I will propose it to the boss next time I see him. Perhaps this could be an item on the agenda at the next staff meeting. Some teachers have resources that can only be accessed from that other OS but most just use the web. They don’t require IE or XP to do their jobs.

The “F1″ key is used as a “Help” function in many applications. Users may be conditioned to pushing it whenever they need help. The pop-ups will come. Why did it take three years for this to come to mind? Could it have anything to do with M$ wanting to kill off XP? They claim “7″ is not affected…

see The Register.

It’s not a lot of work to make one little change to the images to fix this but it’s only temporary. The next big thing will come along. I am tired of working for M$. Time to write the memo.


Proposed Changes to Information Technology
Robert Pogson
2010-3-2

This week, there is news of yet another serious breach of security by Internet Explorer, “the blue e”, on XP. This one has been known since 2007 and yet M$ is only getting around to doing something about it three years later. An innocent user is presented with a pop-up suggesting they push “F1″ for more information about a problem. Then the malicious software gets to do whatever it wants with your PC. We need our PCs to work for us, not M$ or criminals on the Internet.

This is the latest in a long list of vulnerabilities in IE on XP. We need to stop using IE which was designed to have all these vulnerabilities as features as far back as 1995 when M$ wanted to exclude NetScape from the market for browsers because its javascript threatened M$’s monopoly. A browser is complex software and has no place tied into the operating system as IE is. I can delete IE icons from the disc images I use to refurbish PCs but this is a lot of work. It takes me 20 minutes or so for each of four kinds of PCs and then 20 minutes for each PC in the building. The list of vulnerabilities for GNU/Linux is half as long and most of the vulnerabilities are in applications and not the operating system. Bugs in open source software such as GNU/Linux are often fixed in days while M$ may take years. GNU/Linux is a UNIX-type operating system inherently secure even with multiple simultaneous users. XP was designed before 2001 with only one user in mind so the other user, the malware gets to do what it wants.

A much better solution is to eliminate the XP operating system completey. With Debian GNU/Linux, I can control each PC from my desk and update its software any time of the day that it is running. I type one command and any number of PCs can be updated. This should be possible with XP but M$ tries to keep out other systems than its own so it is not easy to change them. I can install GNU/Linux on our PCs as easily as I can put in one temporary “fix” for XP. XP is old technology designed before 2001 whereas GNU/Linux is current and uptodate with all forms of malicious software. Updates take seconds. I can download the updates to a server in the school and command PCs to install them over the LAN easily. Debian GNU/Linux is Free Software. It costs nothing to use, examine, modify and distribute. That other OS prevents us from doing many things like simply copying the image to the hard drive. I have also to let it have a verification code and let it phone home. There is no such requirement in GNU/Linux. Our PCs will work for us and not M$.

Links:

* Debian GNU/Linux – http://www.debian.org
* Latest vulnerability in IE – http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/
* Long list of vulnerabilities in XP – http://www.securiteam.com/products/W/Windows_XP.html
* Short list of vulnerabilities in GNU/Linux (many related to applications, not the operating system) – http://www.securiteam.com/products/L/Linux.html

This memo can be found with clickable links on our LAN at

http://192.168.0.127/upload/memo.html