On 28 Mar 2008, at 16:43, 7v5w7go9ub0o wrote:
Stroller wrote:
<snip important, informative stuff>
Be aware that sometimes Windows isn't cleanly fixable. Although I
try to avoid it until I've exhausted avenues for a clean repair,
sometimes the best thing to do is simply to back-up & reinstall.
Think this is a great write up.
The last paragraph seems most important - given today's
professionally-authored compromises, the best thing to do may be
presume
that you've been rooted with redundancy, and simply be prepared to
quickly rebuild the box from scratch.
Especially if you use the computer for business or other sensitive
matters.
Certainly. I have a number of machines which use roaming-profiles on
a Windows domain, mail stored on an IMAP server, and I would have no
hesitation in reinstalling if I thought it necessary.
So arguably, one should use the second OS (Linux or Windows) as a
diagnostic tool to determine if it's compromised or not, and except
for something simple (e.g. an infection vector caught before
activation by an AntiTrojan scanner in a browser cache, mail
letter, etc.), one should simply rebuild the box.
I take your point on board - it depends upon how paranoid you want to
be over the particular PC and its use.
I don't mean paranoid in a negative way, here, of course.
So to the above, I'd add a "have a rebuild strategy" i.e. copies
of data (not executables), addresses, passwords, etc. that can be
quickly returned to a rebuilt OS. Windows benefits greatly from
rebuilding - a rebuilt box will seem quicker and faster than ever
before, and won't have lingering "relics" from earlier maintenance
levels.
Yes, this is great if you can. Unfortunately many of the most-hosed
Windows PCs tend to come from home users who have no backup regimen
in place. How can one be sure that _all_ data is restored? Many times
my customers - those that use Outlook or Outlook Express - have no
idea of their email password or wireless-network key, having had the
"remember" box ticked since they set the machine up 2 years ago.
I would attribute most of the breakage I see not to sophisticated
viruses, but to poorly-written "sponsorware". to "adware" removers
that may delete files arbitrarily, to Windows bugs and to filesystem
corruption (for instance: because the user likes to switch their PC
off at the wall-socket, and was too impatient when it was shutting
down!).
Oftentimes, a Windows reinstall gives as much performance improvement
as buying a new PC would do, and many users are very glad to get a
"new" machine that is so clean and fresh (this is characterised by
the reduced number of icons on the desktop - from 30+ to about 5!).
But this has to be compromised against disruption to the user's
environment - they may be very familiar with the way everything's set
up, and all their favourite software is installed. With a not-booting-
but-otherwise-fairly-clean PC this may tip the balance. Unfortunately
one often cannot tell whether reinstall or repair is the best
solution until one has already made a good attempt at repairing the
system!! And you often don't discover which software - amongst all
the crud of different p2p, photo programs and whatnot - that users
depend on, until you after return the machine and they complain "my
icon is missing" (with usually only a very generic description of
what the icon does).
One of my biggest bugbears against reinstalling is drivers. Dell &
Sony are wonderful! You just enter the tag or model number on their
website and the correct drivers are listed. Advent - and here, in the
UK, other "brands" of computer which are only available "exclusively"
from PC World - can be a royal PITA, and once every month or two I
encounter a machine for which it takes HOURS to find the correct
drivers for all devices.
Stroller.
--
gentoo-user@lists.gentoo.org mailing list
