Announcing the OBVIOUS: Puppy, Replacement - WinXP/Vista/7/8

News, happenings
Message
Author
User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#46 Post by mikeb »

Boring addition.....

I was at a clients and they had 3 machines in their office.

All identical running windows 7 ...updated and with AV in the usual fashion.

Only one of the machines had any problem with viruses and similar intrusions and it was the one used by the woman who was well known for downloading various 'freebies' off the net when she was supposed to be doing her job....

mike

User avatar
NickAu
Posts: 183
Joined: Mon 30 Dec 2013, 04:32
Location: Far North Coast NSW ɹÇ￾punuÊ￾op

#47 Post by NickAu »

We can update windows till we are blue in the face - it is still no guarantee of safety.
Correct.
Most of the time its human error that infects a pc, Most of the guys here Know pc's.
But what about the avarage mum or dad who buy a pc for little Timmy they are bombarded with the update update message. Yes antivirus is reactive,ie they need to see a virus before they can treat it but thats not always the case. Malware writers are getting more smart by the day. And finding new ways of infecting a pc everyday. Eg Cryptolocker, It comes as an email attachment, or wrapped in an exe to a known prog and it encrypts all the mapped drives on your system then wants 300 bucks to unencrypt the drives,Guess what now Antivirus picks it up and stops it, Too bad if you did not update or even have an antivirus. Oh and it installs itself in the background the first thing you know about it is you get the ransom screen.

I look at Unbuntu and all the updates it needs, Installed unduntu 12 lts from the unbuntu site after install it needed 300 yes 300 level 3 updates mostly "To prevent a remote user running this or that script"

In a few days I would like to play a little game with the Moderators permission.

I will post a few windows log scanning tools with some instructions on how to use them. Then if you guys on windows run those tools and post the logs we will see just how clean and updated your systems are.
Who wants to play? I promise you the tools are harmless and used by malware removal experts daily.
[b]Precise Puppy 5.7.1 Retro Fatty Edition. Hp Compaq 2510p 2x Intel(R) Core(TM) 2 Duo Cpu U7700@ 1.33 ghz,2 gig ram Booting from 8 gig micro USB + 32 gig SD card instead of HDD[/b]

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#48 Post by mikeb »

It comes as an email attachment, or wrapped in an exe to a known prog a
requiring user intervention then?

Yes playing with tools sounds fun....always curious. I used to visit dodgy links inemails just to see what would happen.

Perhaps start a fresh thread and post the link here

mike

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#49 Post by jpeps »

re: updating. I frequently update my own software..at least the software that I use the most. When I find a feature that could be better automated, or a bug, I write it in. That really seems like the point of writing software to begin with...you can always keep improving it.

Developers of commercial apps have to continually respond to user requests. The best developers are very good at it, and give you personal responses for intelligent requests. We can see that in Puppy with JWM, gtkdialog, etc. That's not to say that everyone will be pleased with change, but change is the nature of software.

Security is an ongoing struggle, and developers are mandated to run safe programs to every extent possible. Sorry if this sounds overly naive to some folks. Given ongoing and rapidly changing demands with hardware, etc., I can't see much need for deliberately obsoleting otherwise useful and commercially viable software. Whether we need the latest devices, clothes, cars, etc., is another issue. I know people want them and hopefully provides for my retirement.

User avatar
NickAu
Posts: 183
Joined: Mon 30 Dec 2013, 04:32
Location: Far North Coast NSW ɹÇ￾punuÊ￾op

#50 Post by NickAu »

mikeb wrote:
It comes as an email attachment, or wrapped in an exe to a known prog a
requiring user intervention then?

Yes playing with tools sounds fun....always curious. I used to visit dodgy links inemails just to see what would happen.

Perhaps start a fresh thread and post the link here

mike
In most cases mike you are right. In most cases. But there are things that need no user intervention to infect a Windows Pc, Anybody remember the Blaster worm or Sasser, When Windows Xp was first released the firewall was turned off by default and people would go on the net to get antivirus and firewall they were infected within minutes. Windows Defender( yes) and its updates were Instrumental in stopping this. Tell me how unimportant updates are now. So was the use of a firewall. To this day Defender still looks for those things.

Is Malware Infection Likely?

Nobody knows how many computers are infected with malware, but informed estimates range from 40% to almost 90% of computers running Windows operating systems. Infection rates are lower for MacOS and Linux systems, but this is not necessarily because Windows is an easier target. Indeed, recent versions of Windows are much improved in security. Rather, more malware authors target Windows machines because an effective attack will give them control of more computers.
The risk that any given computer is infected with malware is therefore quite high unless skilled computer security specialists are putting a substantial amount of effort into securing the system. With time, any machine on which security updates are not installed promptly is virtually guaranteed to become infected. It is however overwhelmingly likely that the malware in question will be working on obtaining credit card numbers, obtaining eBay account passwords, obtaining online banking passwords, sending spam, or launching denial of service attacks, rather than spying on specific individuals or organizations.


Source
https://ssd.eff.org/tech/malware

Self-Deleting Batch File Method

The Catch22 Self-deleting Executables article discusses the self-deleting batch file method. The article states the method "works because MS-DOS batch files are able to delete themselves." All an executable has to do if it wants to delete itself is to create a batch file with code to delete its executable." Next the executable needs to spawn off the batch file using CreateProcess, and then should exit immediately". The batch script will proceed to delete the executable then itself. On a system this action removes valuable information about the infection vector.
Source
http://journeyintoir.blogspot.com.au/20 ... -file.html

Just some Light reading for you guys.
Malware removal on Windows is a Hi skill thing, as I said you need to really know what you are doing in removing malware in Windows without damaging the OS.

To train in malware removal,just as a start there are over 1000 pages of information you need to read and be tested on. Then there is the study, the reading of logs, and practice files, On avarage it will be up to 12 months before you are allowed to actually lay hands on a real infected pc.And then its under supervision only.
[b]Precise Puppy 5.7.1 Retro Fatty Edition. Hp Compaq 2510p 2x Intel(R) Core(TM) 2 Duo Cpu U7700@ 1.33 ghz,2 gig ram Booting from 8 gig micro USB + 32 gig SD card instead of HDD[/b]

gcmartin

Developers are probably weighing what to do approachin April

#51 Post by gcmartin »

As a "... Replacement - WinXP/Vista/7/8", what would you recommend for as the subsystems that a replacement should have?

My opening vote would be
SAMBA!!! (MANY of us use a NAS or a central PC which has media. To get media to that central box (or any other box) we must share it. There is no harm in LAN sharing and this has been around for 30 years. Excepting for 01Micko, everyone else who build 32bit PUPs seem to think we all exist in a singular PC world and selfish enough to never share. Maybe its time to recognize that content we create on any single PC can/should be easily shared by the content creator without having to jump thru hoops. Windows and Macs have done this, OOTB, for decades; thus, they do NOT have to install anything to share on a LAN...NOTHING!

Puppy ONLY started doing it so save in ISO size in an era when dial-up was the only way for transfers to occur. SAMBA4+ is, now, much smaller than it was a decade ago, and much more stable. Maybe the developers can add the 10-12MB to the ISO so that the community members do NOT have to constantly give up because they cant figure out how to install LAN sharing from the REPOs. This lead for them to try to figure other alternative which usually means that things need to be install on all the Windows and Macs they have in order to access content that a PUP shares using other technology. Maybe its time for PUPs to have in built-in too. 30 years and only 1 Puppy developer who ventured (or had "balls" enough) to build an XP placement with his PhatSlacko in 2013! 1 man.)

Question
What things would you like to see in any PUP you select for an XP replacement?

User avatar
NickAu
Posts: 183
Joined: Mon 30 Dec 2013, 04:32
Location: Far North Coast NSW ɹÇ￾punuÊ￾op

#52 Post by NickAu »

gcmartin Is correct in my humble opinion If Linux Any Type ever wants a fair bigger share of the market they will have to keep up with what people want.
I do not want to have to type a whole bunch of stuff to update my browser I just wanna point n click. or Having to update PPM to get the latest browser. I just wanna click Help/About update and go make a coffee.
And how the f### do I find missing kmod spi-api or what ever what ever( missing on my pc) why wasnt it included in the distro. See what I mean. Its like installing stuff in windows and then finding you need this .dll or.ocx. Normaly the software has it in the exe or its a part of windows.

Like somebody once said. " I would love a new car, But, I don't want to have to build it first." I just want to buy it and drive it. Don't care how it works.
While I understand Frugal installs and why people do it. As a Windows ( who's has pc that did not come from Noahs ark)user I do not care I just wanna Install it to HDD and have it run out of the box. I do not want to bother with bios and save files and mounting Just hit the ON button and away I go.

Windows7 and WIFI ( in most cases)
Boot up windows and a little box in the bottom right hand corner pops up telling you what WIFI networks are in range, Click on yours in that list enter the password and you are connected. (sns on puppy is easy) I dont want to mess around with frizbee or what ever for hours. I just want to get online now.
What things would you like to see in any PUP you select for an XP replacement?
I have Puppy precise 5.7.1 Fatty by csipesz and found it has just about everything a new user would need. It was easy to install and connect to the net with WIFI( After figuring out SNS). A Windows XP user would find it suits them well straight out of the box. Nice work csipesz Thank you
http://murga-linux.com/puppy/viewtopic.php?t=91425

Please note I am not disrespecting Linux or the dev's I am just saying it as I see it from a strictly I use Windows and know nothing about Linux side.
[b]Precise Puppy 5.7.1 Retro Fatty Edition. Hp Compaq 2510p 2x Intel(R) Core(TM) 2 Duo Cpu U7700@ 1.33 ghz,2 gig ram Booting from 8 gig micro USB + 32 gig SD card instead of HDD[/b]

gcmartin

#53 Post by gcmartin »

Puppy System Updates
Over the last 2 years, I have seen 2 developers take some steps in approaching a method to provides fixes to their distros. LightHouse64, when @TaZoC was healty enough to do so, and Barry on couple occasions. What each did was to build-in a facility such that when there was an upgrade, the distro would alert the user to its availability via a desktop pop-up.

I think this facility "may" be in WOOF-CE already. But, I'm sure there are some issues because the developers would have exercised this by now. Further, there is a feeling among some of the membership that providing such a subsystem would invade their system upsetting them. So, maybe the only way for updates-fixes to become aware is thru ONLY the forum unless there is some Puppy development consensus on an appropriate method of doing so. In this case, maybe it should be left to the developer to design his distro in a manner as he envisions to give the user the best possible experience in the life of a given version of their distro. But, there must be a better way than to have to search Puppyland's forum for some system fixes and the problem associated with individual attempt at installation of something found in a post. If he never follows the distro's thread, he would be unaware of fixes to something he knows is broken in the distro.

Just another idea for a "... Replacement - WinXP/Vista/7/8"

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#54 Post by jpeps »

gcmartin wrote:
I think this facility "may" be in WOOF-CE already. But, I'm sure there are some issues because the developers would have exercised this by now.
You mean issues like dependencies? :) Ideally, software is safest when it's freshly compiled to the user's setup. You can't just randomly update whatever. A minimal linux distro is one of those instances where you want to minimize updating individual components. The browser is static and should be updated (IMHO) for security reasons.

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#55 Post by mikeb »

Anybody remember the Blaster worm or Sasser,
yes... 2 minutes after installing windows 2000 and connecting to the net this bit me.
I actually fixed it by
http://www.keyfocus.net/kfsensor/help/A ... dm_RPC.php
which hacks rpcss to prevent its access to the net..solved. Since I always disabled netbios during setup those gateways were never open.
Now I have a router the hack is no longer needed. In other words nothing from Microsoft or any other 'security' company solved that one.

Perhaps if those who sit behing a wall of software trying to prevent intrusions realised what in their system is allowing the instrusions in the first place the situation might be a little different. Millions are ditching XP without ever knowing why they had a problem in the first place.
Security is an ongoing struggle, and developers are mandated to run safe programs to every extent possible.
Unfortunately this principle was not applied when Microsoft integrated a web browser with the sole aim of putting Netscape and others out of business. As part of that move they introduced active X controls, Dcom..or whatever name they tried to hide it under , the zone system and so one which caused a good decade of rampant computer chaos by making internet linked systems vunerable to anything and everything causing a massive boom in 'preventative' measures. All I did was remove those bundled software items causing the problem and replaced with decent 'secure' software usually from open source.

Ok they have cleaned things up now apparently but it is a little sad that a rank amateur like me with at the time little computer experience could harden windows 98, 2000 and XP to the extent of not having one infection over this time period when all the 'professionals' seemed to offer were often at best placebos.

Agreed the situation will be changing now as older systems get thrown out and real hacking begins as apposed to using the systems that MS provided to stuff up yer machine. In that sense I am probably heading into security by obscurity by sitting in a time bubble.

My resistance to updates more centers around to me the bloated growth of some applications....I updated firefox with every release since 0.6...I stopped at 3.6...at some point I will have to make a change forced by the grewsome nature of the devolving internet :D


Well this thread grew and SAMBA appeared...the descendant of netBIOS does not fill me with awe.... ever heard of NFS ...you can even use on windows. Theres always sshfs too...quite a neat fast option.
If the thread is about replacing windows then using windows centric methods seems a little out of place.

OK where are these security tools to play with...please do scrutinise...


Mike

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#56 Post by jpeps »

True, getting rid of automatic "features" in the browser can make it far safer. Turning off JavaScript, running a NoScript pluggin, etc, etc, also help. Most people, however, won't tolerate the extra burden of configuration. They just want everything to work.

No argument regarding browser wars and tactics to prioritize software. Efforts to mandate use of IE didn't appear to work out very well. :) Ultimately, the best business model is to give people what they want, which is quality at a low cost.

User avatar
greengeek
Posts: 5789
Joined: Tue 20 Jul 2010, 09:34
Location: Republic of Novo Zelande

#57 Post by greengeek »

If the thread is about replacing windows then using windows centric methods seems a little out of place.
There might be a relatively simple way to make Puppy more familiar to Windows refugees - would it be possible to write a script that brings up an xdialog saying "Please wait while the system installs 74 security updates. Do not shut down your PC during this process". The script wouldn't need to install anything meaningful - just delay the shutdown by 12 minutes or so.

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#58 Post by jpeps »

greengeek wrote: just delay the shutdown by 12 minutes or so.
Or a different question: How many are willing to add a few seconds to their boot time with fsck?

User avatar
NickAu
Posts: 183
Joined: Mon 30 Dec 2013, 04:32
Location: Far North Coast NSW ɹÇ￾punuÊ￾op

#59 Post by NickAu »

Please wait while the system installs 74 security updates
As a Windows user this is normal. Those that use Unbuntu or 1 of its off shoots Mint or Zorin will be familiar with this also.
You can set Windows to do updates at any time you want . Even set the PC to sleep and wake up to do what ever tasks then sleep again its what I do.

Oh yes.
Try installing Unbuntu and then see the updates for it. There are over 300 level 3 updates.
Get the new iso from Unbuntu site. And try it. Almost make Windows seem secure LOL I SAID almost.

My question.

If puppy is the son of who is the son of.... and they all use the same kernel wouldn't puppy be just as vulnerable as the rest of the distros that use the same kernel? eg kernel xx.x has a flaw in this or that . And that flaw may allow this or that to happen remotley.

This kinda thing.
http://www.linuxsecurity.com/content/view/161078/


PS
I actually manually Updated my flash player, By downloading it from adobe unzipping it and copying the lib to my usr/lib/mozila/plugins folder.I was so proud of myself LOL.

I have Windows 7 on a laptop I need it to run my diabetes control software.
For the last 2 years I have only used Internet Explorer and Microsoft Security essentials behind the Windows firewall. And I have not been infected by anything. This may be due to 1 or all or none of the reasons I give.

1 My Windows OS is kept fully updated. So Is Microsoft Security Essentials.

2 My surfing habits.

3 I never download attachments. All my friends and family know this and do not bother sending me anything as they know i will just delete it.

4 I never run any software from untrusted sources. If I need to examine a file that I am unsure about I sand box it. Or. Put my pc into a frozen state.

5 I made a few minor adjustments to my browser.

6 I hardly ever go online with the Windows 7 pc unless its in deep freeze, This excludes doing updates.

And yes I have java and flash on it.
Last edited by NickAu on Wed 12 Mar 2014, 03:12, edited 1 time in total.
[b]Precise Puppy 5.7.1 Retro Fatty Edition. Hp Compaq 2510p 2x Intel(R) Core(TM) 2 Duo Cpu U7700@ 1.33 ghz,2 gig ram Booting from 8 gig micro USB + 32 gig SD card instead of HDD[/b]

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#60 Post by jpeps »

NickAu wrote:
And yes I have java and flash on it.
It's the java pluggin that's a problem. You can use a flash blocker so it's there only when you need it.

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#61 Post by mikeb »

http://www.murga-linux.com/puppy/viewtopic.php?t=92543
this shows a complete lack of understanding of security or operating systems in general...please do not further mislead anyone.

I don't profess to be an expert...only reporting my personal experiance..you should stick to that.

mike

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#62 Post by jpeps »

mikeb wrote:http://www.murga-linux.com/puppy/viewtopic.php?t=92543
this shows a complete lack of understanding of security or operating systems in general...please do not further mislead anyone.

I don't profess to be an expert...only reporting my personal experiance..you should stick to that.

mike
I think you make two excellent points here. Maybe it would be to everyone's advantage to post supportive articles from experts on the security advantages of running windows without updates and without antivirus protection.

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#63 Post by mikeb »

I think you make two excellent points here. Maybe it would be to everyone's advantage to post supportive articles from experts on the security advantages of running windows without updates and without antivirus protection.
I hope you realised my last post was not a reply to yours :D

Hmm well there are sites with info on the changes I made, BUT I don't think I recall saying that there are any security advantages in not updating or running antivirus.
What I did say is that by removing or disabling certain items I appear to not require updates or antivirus. Without those items I have run for 10 years without any intrusions...that suggests a decent level of security but yet I have not taken any security measures. By not utilising such things I do get a benefit in terms of how well the system runs.... no start up or shutdown delays, no performance hit with drive scanning and heavy cpu/memory usage and in the long term less wear and tear on the hard drive and battery if portable and systems that run as well as the day they were installed.

When I first removed IE on windows 98 I went from a system that needed rebooting every 30 minutes and was pretty unuseable on the internet to something fast and reliable within the constrains of 16 bit DOS...security was just a side benefit at the time...removing insecure software would be more akin to the nature of what was done....some consider Outlook Express as a virus spreading program..I certainly do having had it do exactly that to me.

I can only draw comparisions...I appear to enjoy the same level of immunity as using say puppy as root...many here run in a considered dangerous manner and have yet to have their first encounter with malware. This again is not quantifiable and no one suggests this is a security measure ... it just seems to be as it is. (note I never started using Linux for security reasons...only out of curiosity)

If a mechanism for virus intrusion is removed or simply not present in the first place then adding additional protection seems mute. There is no harm in terms of security in doing so...thats up to the user.
If I was running a public server or cybercafe then additional steps would be prudent since you are either high profile on the net or at the mercy of strangers.
I have never taken any steps with regard to additional security when running linux...I regard it as inherently safe..so do others...I suspect so do you. I also never had to when running NT4.

Not exactly a technical reference but might be of interest to some
http://en.wikipedia.org/wiki/Removal_of ... t_Explorer

mike
Last edited by mikeb on Wed 12 Mar 2014, 17:12, edited 2 times in total.

User avatar
greengeek
Posts: 5789
Joined: Tue 20 Jul 2010, 09:34
Location: Republic of Novo Zelande

#64 Post by greengeek »

Some of the most persistent security threats began life as tools from the intelligence community (Mossad, CIA etc etc) and operate less at the OS level and more on programmes such as Word etc.

http://nakedsecurity.sophos.com/advance ... ew-normal/

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#65 Post by jpeps »

greengeek wrote:Some of the most persistent security threats began life as tools from the intelligence community (Mossad, CIA etc etc) and operate less at the OS level and more on programmes such as Word etc.

http://nakedsecurity.sophos.com/advance ... ew-normal/
Scary to think you need their patch assessment tools. I'd be more convinced hearing it from an independent source.

"Even though the "A" in APT stands for Advanced, 91% of the boody-trapped documents in our reports from January and February 2014 would have been rendered harmless by just two Microsoft patches, issued two and four years ago."

Post Reply