Dr. Jerry Pournelle

Email Me


Why not subscribe now?

Chaos Manor Subscribe Now



Useful Link(s)...

JerryPournelle.com


Hosting by
  Bluehost


Powered by Apache

Computing At Chaos Manor:
The Mailbag

Jerry Pournelle jerryp@jerrypournelle.com
www.jerrypournelle.com
Copyright 2008 Jerry E. Pournelle, Ph.D.

September 15, 2008

We begin with a warning for Mac users: Beware the Trojan

Dealt With a Real Life Mac Trojan Horse Tonight

Jerry,

We all know that Macs are more secure than Windows PCs by virtue of the design of the operating system. That said, the only computer that cannot be compromised is the one that's powered off, disconnected from any networks, and locked away in a box. Case in point: tonight I helped a colleague with a Mac that was infected with the OSX.RSPlug.A Trojan Horse.

A Trojan Horse is different from a virus. Unlike viruses, Trojans aren't self-replicating, and require some user intervention to install. They frequently are designed so that they trick and unsuspecting user into installing them. For example, going to a website and being prompted to download a video codec from the site to play content.

It started off with this email:

"My brothers DNS on his mac keeps going to 85.225.113.131 for his DNS setting regardless of what is in his DHCP server."

Googling that IP address didn't turn up anything. However, Googling for "mac dns trojan" came up with this gem:

http://www.intego.com/news/ism0705.asp

This described the symptoms perfectly. Doing a little more searching, this time for "remove mac dns trojan" led me to this:

http://www.ehow.com/how_2128387_remove-osxrspluga-trojan-horse-mac.html

Lessons to be learned:

1. Macs are generally very secure. That doesn't mean they are perfectly secure.

2. Only install software from trusted sites. If you're surfing the web and a site prompts you to install something, take a moment to seriously consider whether you really need to do so, especially if it prompts you for your administrative password.

--
Dave Markowitz

Of course that applies no matter what operating system you are using. Trojans for Macs are not as common as those for XP or Vista, but a Trojan is a program; it can be written to run on any operating system you like, and a smart bad guy might well write the same Trojan for more than one OS.

Macs are not necessarily more secure by virtue of the OS design. That may be true, but it's more likely that there are fewer attacks on Macs because there are fewer Macs to attack and therefore they aren't as tempting a target.

The Internet world is a dangerous place, and it's not getting a lot safer.


Comments and discussion of the last mailbag:

Managing Editor Brian Bilbrey:

This is why using ONLY online storage is bad:

Loss of customer data spurs closure of online storage service 'The Linkup'

...
"The Linkup CEO Steve Iverson says at least 55% of the data was safe. How much of the remaining 45% was saved is not clear, he says. "

So. Do real backups on media you control. Or take your chances, spin the wheel. Everyone's a winner!

.brian

Rick Hellewell adds

Agreed. Using *only* on-line storage is the same as using only the hard disk in your computer to store important files.

But using on-line storage as a backup for your hard disk ensures that your important data is in two places. There would be a very small chance, I'd think, of failure of both data storage places. If Carbonite goes 'south', I'll still have my data on my local hard drive. I'll be out the $50/year, of course. But if my local hard drive fails, I'd think of that $50/year as a very worthwhile investment. Especially given my personal inertia on remembering to do backups.

A method of backing up data to another computer in the same physical location is less 'secure' from data damage. A sudden house fire (etc) will destroy all copies of your data. If you have an off-site copy (DVD's, Carbonite, whatever), data is saved.

...Rick....

My practice remains: I copy everything important to several networked machines, using XCOPY C:\winword T:\winword /e/s/d/y where C: is the current machine and T: is a mapped disk on a networked machine. The switches make the transfer happen without attention, and copies all but only those files with a later date. This takes care of all my current creative work, which gets saved into project folders under the winword folder. I use "winword" because some early version of Word used that as default, and now I change Word to use that default as the "files" location.


Aug 15 mailbag - My Documents

I must agree with Dr. Ed Hume.

I too learned the hard way about saving my data files in My Documents and having a windows reinstall blow the directory away. Mind you this was years ago and things may have changed. I always set up at least two partitions - one for windows and one for data. My solution has been to redirect My Documents to the data drive (right click->properties->change target). This works well enough for me although there are a few programs that seem to ignore the redirection.

As always, YMMV. Its great to hear that you are doing much better!

Regards,
Steve McKenna


Best reason not to put files where Microsoft expects them to be

Dear Dr. Pournelle:

I have, and will, always strive to keep and organize my information somewhere different from where Microsoft or any other software maker wants to put it. First because I paid for the damned stuff and its my decision how I keep it. But there is another, less pig-headed reason.

When a bad guy, or a bad program, seeks to steal, modify, misuse, or delete one of my files -- or a haywire program updater decides to overwrite a perfectly valid configuration or template file -- then it's my guess that they will start by looking for files named and located exactly as Microsoft -- or whoever -- decided to name them, and put them. I figure that the failure to find the targets in the obvious places may foil the attack or, at least, lead to a deal of time wasting, and readily detected, disk thrashing while the criminal searches other, less obvious, drives and folders.

This does cause a little extra effort for me when loading and saving data files, and updating programs, but I think it's worthwhile. Of course, I could reduce this effort by changing the default locations specified in the Registry, or by placing shortcuts in the default folders pointing to the actual locations, but this would seem to be like locking the jewels away, and then printing the combination on the door of the safe!

Alun Whittaker

You will note from my responses above that I have not changed my documents location to where Microsoft expects to find them. I may go over this another time because there are apparently some advantages to doing things the way Microsoft expects.

I tend to be a creature of inertia: if something is working, I am not anxious to change it. I am not a "reviewer" in the usual sense of the word even if I am editor in chief of Chaos Manor Reviews. What I do is use these computers and software to get my work done. Part of this is writing Chaos Manor Reviews columns and answering the mail, but I also write fiction, pay taxes, collect enormous files of research for novels, play games, and try to keep up with the world.


Good PDF Plugin for Firefox on Mac

Jerry,

I just learned about this plugin for Firefox on Mac OS X, hosted by Google:

http://code.google.com/p/firefox-mac-pdf/

It uses OS X's native PDFkit to display PDFs inside of a Firefox tab, much like Safari does. Note that if you have the PDF Download Firefox extension, you'll need to disable or uninstall it for the Google PDF plugin to work.

--
Dave Markowitz

Thanks. I am having some problems with pdf files in my Vista Firefox communications system. I have looked to see if there's something similar I need for Windows Firefox but I have not found any such thing.


I mentioned over in The View From Chaos Manor that I have about 20,000 digital photographs not very well organized.

Subject: Desktop search

Hi, Jerry.

I see that there is a discussion of desktop search in your latest Chaos Manor Reviews Mailbag.

For years, I used Copernic Desktop Search, but started running into problems with memory leaks and finally gave up on the product. I now use Google Desktop Search. Results are virtually instantaneous and it indexes my email (in Thunderbird) as well as most common file formats. (Not as many as Copernic, but if you use MS Office for most tasks, you'll be covered). Total memory allocation on my machine is about 15 MB, and that's with the sidebar enabled (and you can turn that off if you don't want it).

Regards
Keith Soltys

Thanks.


Organizing thousands of pictures

Hi Dr Pournelle:

I saw you have 20,000 pix and want to organize them. Me too. What a problem.

Then I downloaded Picassa from Google. Works well, lets you crop and edit for better color balance, etc. NOT like Photoshop, and all the photos are available in a giant set of thumbnails, which you get to size. It doesn't upload your pix to the "cloud", which I wouldn't be interested in. It would take 20 years to get all my pix uploaded, even with a hi-speed connection!

Try it, it might solve your photo problems.

Congratulations on your successful radiation-therapy! I was worried for a while, but it sounds like you now have a good-looking future. Best of luck to you and yours!

JR


Batch processing photos

This might be useful

Namexif Batch Renames Digital Photos by Date

see also

http://www.geosetter.de/en/index.html

Which is also nifty, and allows coordination of data with Google Earth, etc.

see also

http://www.sno.phy.queensu.ca/~phil/exiftool/

Michael

I will be trying several photo organizing programs for both Windows and the Mac. Something has to be done here: there are just too many photos and it's too hard to find particular shots. The particular occasion was the 6th Birthday of Sable, our red Siberian Husky; I was looking for some of her puppy pictures, and had a great deal of trouble finding them...


The Windows &mdash Mac discussions continue:

Subj: Once a pig... always a pig.

Dear Jerry:

Based on your recommendation I decided to throw a whole new class of laptop hardware resources at Windows Vista and purchased a Gateway P-7811FX at Best Buy earlier this week. This machine sports a (Montevino) Centrino 2 chipset, 2.26Ghz 2-core CPU, 4GB of DDR 3 (1066Mhz) memory, 3MB cache, nVidia 9800 GTS video with 512MB dedicated DDR3 memory, and a Seagate Momentus 7200 RPM 200GB SATA drive, etc.

Surely that should be enough? But when people think of the word "pig" they usually think of "fat as" in front of it, and that's STILL the way Windows Vista feels (Home Premium 64-bit): fat as a pig. Pigs aren't known for their quickness or industry either, and again this very much applies even on this souped up hardware.

Loading is S-L-O-W. Sometimes it can take 3+ minutes on reboot for Vista to find and connect to my wireless N network. Multitasking is, to be kind, "inefficient" - app A slows noticeably when I start running app B.

All the graphical goodies of Aero are pleasant to look at but "lipstick on a pig" remains an apt description. Compared to any of my Macs - even the underpowered Air - Vista feels like I'm swimming in molasses.

And to close out my pork metaphor Vista remains a tremendous resource hog. My little ASUS Eee 1000H with XP on it has about 18 items it requires to start on boot; this Vista system has well over 60!

As boaters like to say you can get even a cement block onto a plane if you put enough horsepower behind it, but why would you bother? Doesn't it make a TON more sense to invest in a hull that is efficient, light, and easily driven in the first place?

The bottom line is I believe you are doing your readers a disservice by recommending Vista even on top dollar state of the art hardware: for those on a budget Ubuntu Linux is more than good enough on even minimal hardware, and for users who want a top quality experience Apple continues from strength to strength.

The idea that Moore's Law will "save" Vista in the long run is just as wrongheaded as thinking some new fuel will make the Space Shuttle a good system for the 21st century: it just ain't gonna happen.

All the best

--
Tim

Your experience is not mine, but I have not attempted to use Vista on a laptop. If I thought I had to do Vista on a laptop I would probably use Boot Camp to boot a Mac Book Pro into Vista &mdash and indeed I intend to do that, now that I am back in shape to get some of this work done.

I run Vista 64 on Bette, a Core 2 Quad 6600 and it works quite well. I have had some problems with transferring photos over the network in FrontPage 2003; the work around is to copy the photos to Bette outside FrontPage, then bring the photos into the web page. If I don't do that, the system may lock up with a "not responding" message. I've waited a couple of minutes before closing FrontPage when that happens, and that application stays locked. Nothing else is affected; the problem is local to FrontPage, and when I close FrontPage no other applications are affected.

I have had some other problems with Vista 32 on a Core 2 Duo system, but not many. We are about to replace that machine anyway, so I haven't dug too deep on these matters. The new machine, for games and writing and everything except communications, will be an Intel Extreme Quad with Vista 32 Ultimate.

As to speed of rebooting, I don't think anyone has claimed that Macs are all that much faster than comparable Windows hardware. I am fond of my Mac, and I am beginning to move more operations to the Mac, but I have to confess that my Core 2 Quad 6600 Vista system works well enough that I haven't been in any great hurry on this.

Incidentally, I have had a couple of inexplicable iMac 20 failures that could only be cured by using the power switch. They are not repeatable: the symptom is that I've been working on some other machine for a day or so, and come back to find the Mac turned on but unresponsive. All my efforts to revive it fail, but power cycling it works just fine. It hasn't happened often enough to be alarming, and I can tell horror stories about Vista as well, so I continue to look into Mac software. I confess my enthusiasm for the Mac will be greater when Microsoft puts the Macro capabilities back into Word 2008...

Managing Editor Brian Bilbrey adds:

Tim wrote: "Pigs aren't known for their quickness or industry either..."

I dunno about industry, but pigs can be damn quick (speaking as someone who has actually worked on a pig farm in an earlier part of this life). They are extraordinarily food-focused animals (which pleases me, since I like my bacon), but I've been around pigs that weighed upwards of half a ton, and while their acceleration isn't Porsche-like, they move a LOT faster than you or I would at that weight. And you should see a mother pig go after a rattlesnake that might threaten her brood. And yearlings are flat-out fast! Nothing to do with Vista, of course. Right?

Which reminds me that I raised a 700 pound boar as part of my 4H project back when I was about 9 years old. Pigs can be very fast indeed. They can also be rather likable, which can be a problem given their ultimate destiny...


And a problem with Windows Home and VPN:

Jerry,

I read your columns infrequently so important stuff first....congrats on surviving treatment! Both of my parents died of cancer so I can understand a small bit of what you are going through. And thanks for (real soon now) another book.

My point. While like you I really like Vista, my new (two weeks) HP came with the 64 bit home premium version and it WILL NOT run Cisco VPN client, something I didn't discover until trying to load the program. I, and probably many, many others, use (in my case used to use) the VPN client to get into work systems remotely. Now I cannot. Cisco's website says there will be no 64 bit VPN client anytime (?) soon, so I'm stuck. But now I know why HP offers 32 bit Vista to business customers and why I will have to run an XP machine (either absolutely or virtually) to get paid without greatly annoying the (east coast) secretary with emailed timesheets and travel docs. I think we all learned from Dilbert not to annoy the essential office staff.

Oh well.

Michael Schuck

The solution is probably to use Vista Ultimate 32 bit, but let me look into this a bit more. And I continue to be upset with Microsoft for having all those versions of Vista. It may make more money, but it annoys users and undermines user loyalty. If Microsoft sees customers as sheep to be shorn, the sheep may wander off in search of someone who pays them more attention...


Another view of Vista:

Windows Vista Performance

Hello Dr. Pournelle,

First off, congratulations on your clean bill of health. I'm sure that it is a weight off your shoulders to hear that news.

I know that you are using a mixture of Vista and XP on your various Windows machines around Chaos Manor, and so I wanted to share an experience I had lately that has changed my Vista experience. I started running Vista on my machine early in 2007 (an AMD 64 X2 4200 with 2GB of RAM), not because there was a compelling reason to switch, but because as a consultant, my customers ask me for advice, and I need to be informed.

Something that I have struggled with is the odd slowdowns and disk-thrashing sessions that would make my machine unresponsive for a minute or two. During these times the processor was never more than 3 or 4% used, so I struggled with determining what was hanging things up. I don't have a lot of memory-heavy applications open (such as Photoshop), but I do keep Outlook 2007, Firefox (with a dozen or so tabs open), mRemote (an RDP application), and a couple of other apps open. Task Manager never showed more than about 60% of RAM used.

Up until recently, I have just lived with the slowdowns, but after a particularly bad day, I decided to investigate further what was causing this behaviour. I came across the following article (http://windowshelp.microsoft.com/windows/en-US/Help/596FB57F-CC9D-4AC5-A813-5C0830E9156A1033.mspx) which describes the various performance-enhancing technologies that Vista has built-in in a very succinct and clear manner. The key is to use Resource Monitor to watch your system. Specifically, it has a Memory graph which tracks not only physical memory in use, but also hard faults per second (where a memory block requested has been swapped to disk). What I found using this tool was that my hard faults would spike ridiculously high for long periods, which is when I had the disk thrashing and unresponsiveness. After reading the article and monitoring my machine with Resource Monitor, it became clear that although my physical memory seemed not even close to being totally used, I would benefit from increased memory.

I am now running Vista x64 (to avoid the 4GB memory address limit) and have upgraded to 8GB of RAM, and the machine is just absolutely smooth as silk. I can fire up any program, and it doesn't matter what else I have running, it starts quickly and is very responsive. I am currently running the same program load, and using ~3GB of RAM. So it seems that we can't read the results of Task Manager as we did in Windows XP, and we need to use Resource Monitor to gauge the performance of the hardware. It seems that Microsoft has _severely_ understated realistic RAM requirements in Vista.

Glenn Hunt
Hunt Data Services Inc.

Your experience is much closer to mine. Outlook 2007 can still eat all the resources of a Quad 6600 if a long enough message comes in and a number of rules are triggered, but it happens rarely and never causes more than a .2 second hesitation.

As I have said, my Vista experiences have not caused me to neglect converting many of my operations to a Mac, but the urgency is gone. All our hardware is getting better faster than our software. We now have the resources to run several virtual machines to speed things up and get some work done, and as the hardware gets better that will become more common. My suspicion is that I'll end up with a big Mac Pro capable of running both Mac OS and a couple of virtual Vista machines, but we'll see.

We'll know a LOT more about all this after the Microsoft Professional Developer Conference and the Windows Hardware Engineering Conference, both in Los Angeles later this year. I'll be at both and I'll take extensive notes.