A UTC faculty member brought me her computer after it had been reformatted by a locally-owned computer repair shop. Although I've had no direct dealings with this shop, they had not impressed me in the past: they took a brand new drive (still under warranty) that they said failed--it's very possible since even new drives can fail--and charged the customer for another one without mentioning the warranty. Somebody got cheated there. Strike One. Then, on their website they named one brand of computer they definitely did not recommend because they'd had "bad experiences": a little company called Dell which I know from a decade of experience and thousands of computers is top tier. Well, that was two strikes against them, but then I took a look at the faculty computer.
The problem was that it wasn't connecting to the network when it got home. In about ten seconds I knew why: the shop had reformatted, all right, but had not bothered to reinstall any drivers! The PC couldn't see the network because so far as Windows knew, there was no network card installed. I absolutely could not believe it. I mean, reinstalling drivers is about as basic as it comes, step two in what I consider a ten step process (and if you don't do step two, you can't do anything else on the list). I don't know what they had charged, but basically they had done about five minutes worth of work at most, and probably more damage than good. Installing Windows 7 takes about four or five clicks of the mouse, and if that's all you're going to do, without even checking to see if things such as the network card or the audio work, it's a pretty sweet gig that a six year old could routinely accomplish.
So why do I spend several hours on each and every computer I touch, making sure that every file is saved and every driver installed, updating Windows, installing antivirus, copying back all the customer's files, making sure the computer is absolutely clean and safe and working? Is PC Liferaft the only company that goes to these lengths? I honestly don't know. Does the Geek Squad install drivers? I'm sure they do, but do they save your files and reinstall your apps? If they make a mistake, do they eat the cost or just pass it along? I think I'm the only one crazy enough to do these things.
This particular shop--and in their defense I'm sure they have done good work for somebody, or they wouldn't still be in business--has been expanding, so they evidently are making money. Is it possible to make money and do the job properly? I hope so. One thing's for sure: I'm no businessman. My business model--and it's not one I'm willing to change--just might lead to the poorhouse. But it's the right way to do it, and that's the road I'm going to drive.
Thursday, October 20, 2011
Thursday, February 4, 2010
The Myth of Disinfection
A co-worker at the university where I work part-time fell victim to malware on her office PC, and called tech support. They arrived quickly, took the machine away, and then returned with it later that same day--amazingly fast. Too fast, I thought. Based on the behavior the computer was exhibiting on the network previously, they knew exactly what bit of malicious code to find and eliminate in a surgical strike. Once disinfected, the machine exhibited no immediate signs of infection, so they put back on my colleague's desk.
I wasn't surprised today when she told me she had lost network access again because her computer was infected. The problem is not, as I was told, that my friend took a cleaned computer and carelessly got it reinfected. The problem is that "disinfection," particularly one performed in just a couple of hours, is a complete crapshoot. Yes, there's a chance whatever tools you take time to run (and those scans can take hours) will be able to remove all the nasties--but if just one remains, the game is over. In my experience, the very first thing much of the world's malware is programmed to do is to download other malware (I suspect they get paid to do so). The infection you remove, the one that triggered the problem, may well be just one of the children of something hidden deeper. Assuming you take a day or two to scan with various tools, I'll give you 50-50 chances that the computer is clean and it's not sending credit cards or social security numbers to Croatia. Is that good enough for you?
Not all criminals are stupid, just the ones who get caught. The very best malware, the ones you can't see and the tools can't detect, are the ones we should fear the most. Bottom line: anyone who tells you that they can use one or two tools to disinfect a computer in a couple of hours and know for certain that it's not still compromised is incorrect. It just isn't so.
My co-worker's computer? Tech support has collected it again, and this time they are going to reformat it, like they should have done in the first place. She'll have it back in a day or two. Will tech support learn anything from her adventure? I hope so, but first they'll have to stop blaming the user for a problem that--this time at least--they caused.
Any job worth doing is worth doing right. Right?
I wasn't surprised today when she told me she had lost network access again because her computer was infected. The problem is not, as I was told, that my friend took a cleaned computer and carelessly got it reinfected. The problem is that "disinfection," particularly one performed in just a couple of hours, is a complete crapshoot. Yes, there's a chance whatever tools you take time to run (and those scans can take hours) will be able to remove all the nasties--but if just one remains, the game is over. In my experience, the very first thing much of the world's malware is programmed to do is to download other malware (I suspect they get paid to do so). The infection you remove, the one that triggered the problem, may well be just one of the children of something hidden deeper. Assuming you take a day or two to scan with various tools, I'll give you 50-50 chances that the computer is clean and it's not sending credit cards or social security numbers to Croatia. Is that good enough for you?
Not all criminals are stupid, just the ones who get caught. The very best malware, the ones you can't see and the tools can't detect, are the ones we should fear the most. Bottom line: anyone who tells you that they can use one or two tools to disinfect a computer in a couple of hours and know for certain that it's not still compromised is incorrect. It just isn't so.
My co-worker's computer? Tech support has collected it again, and this time they are going to reformat it, like they should have done in the first place. She'll have it back in a day or two. Will tech support learn anything from her adventure? I hope so, but first they'll have to stop blaming the user for a problem that--this time at least--they caused.
Any job worth doing is worth doing right. Right?
Tuesday, October 20, 2009
Upgrading to Windows 7
We have two recently-purchased computers in the household that are eligible for upgrades to Windows 7 from Dell. I was able to register one of them (an Inspiron 537s desktop) for the upgrade but not the other (an Inspiron 11z netbook). Evidently Dell has changed their website so that the 11z is no longer listed as eligible, although at the time we purchased (Sept 3) it definitely was listed as such--in fact, Google still has it indexed with the phrase "eligible for free Windows 7 upgrade!" Interesting! I've e-mailed Dell in an attempt to get a straight answer (and, of course, an upgrade).
I've looked at Windows 7 in the "release candidate" edition and it seemed to work well. Word on the street is that it will run well on slower processors (like the Celeron in our netbook) where Vista tends to be sluggish. Actually, I haven't found Vista to be all that problematic once I've turned off the fancy bells and whistles (such as the Aero interface) that look cool but consume too many resources.
If you're happy with Vista (or for that matter, XP), I wouldn't rush out and spend the $100 plus that an upgrade to Windows 7 will cost you unless you see a compelling reason to do so. The upgrade from Vista should be fairly painless but jumping up from XP will require a "clean install" which means all your documents will need to be moved and all your software reinstalled. If you've got your software organized and your documents backed up (Seagate 1 Terabyte external drives are just $109 at Walmart!) then you're good to go, either way.
--Rodger Ling
I've looked at Windows 7 in the "release candidate" edition and it seemed to work well. Word on the street is that it will run well on slower processors (like the Celeron in our netbook) where Vista tends to be sluggish. Actually, I haven't found Vista to be all that problematic once I've turned off the fancy bells and whistles (such as the Aero interface) that look cool but consume too many resources.
If you're happy with Vista (or for that matter, XP), I wouldn't rush out and spend the $100 plus that an upgrade to Windows 7 will cost you unless you see a compelling reason to do so. The upgrade from Vista should be fairly painless but jumping up from XP will require a "clean install" which means all your documents will need to be moved and all your software reinstalled. If you've got your software organized and your documents backed up (Seagate 1 Terabyte external drives are just $109 at Walmart!) then you're good to go, either way.
--Rodger Ling
Saturday, October 17, 2009
A euphimistic tale of Rugby, blood, gore, flat tires and the stormy waters of cyber space
I never cease to be amazed at the phone calls: “My PC is simply not running anymore. It just sits there.” On arrival, I glance at the tray (the tiny icons near the clock on the lower right) to discover the customer running Skype, a camera, a TV card, Yahoo, MSN & AOL instant messenger, often with video on more than one of the IM installations. There will be three or more browser windows open, always with YouTube and either a CD playing or an online radio station. The browsers seem to never have less than three tabs each opened; today each page opened stays busy with constantly changing ad content. Oh, that background: the 32million color 600 mega pixel shot of a rugby save. There’s the computer owner, my customer, at the bottom of a mud pit covered in muck, slime, grime, blood, uprooted grass and angry opponents. That picture is a must-have, even if it does consume precious resources to look good.
Five minutes later, the property page of MY COMPUTER finally populates to reveal Windows XP Home, Service Pack 3 on a Pentium 4 dual core with 2.86 Gig with 800mhz bus speed and 512 meg of RAM. You might as well drive a sports car on flat tires (or play that rugby match in bare feet).
PCLifeRaft is fully capable of purging your PC of viruses, spyware, malware and every flavor of services which do not need to run. But without RAM, you will never fill your sails on the high sea of cyber surfing and enjoy true performance. Most every Pentium 4 dual core or newer PC will accept 2 to 4 gig of ram. Wait, let me take that back, I didn’t mean it. Here is what I meant to say: “most every Pentium 4 dual core or newer PC will DEMAND 2 to 4 gig or ram.” If you do not have it installed; you will visit with me and say: “My PC is simply not running anymore. It just sits there.” As I have detailed above. we never cease to see the biggest and best computer; cheaped out on the single most critical component; the supercharger of computing: RAM. Today, you will spend more on tickets to a NASCAR race than you will on that RAM.
So ask us to expand your RAM. We will assist you in ordering all your PC will hold. When it arrives in a few days, we will swing by and have it installed in minutes. Often, it takes three times longer to drive over than it does to put this in. Grab a cup of coffee and it won’t be cold before we are gone. But that tiny investment will leave you smiling at maximum speed as you navigate the stormy waters of cyber space.
--Jim Bowman
Friday, October 16, 2009
The latest in malware: Security Tool is Impressive!
The "ransom-ware" application Security Tool impresses me--and that's a really bad thing. This rogue application is quite slick. Although it doesn't pretend to be part of the official Windows notification process as Antivirus 2009 and its ilk do, Security Tool would be quite convincing if it weren't so "over the top" and overbearing. Once infected, your computer will bombard you with fake scans and messages that you're infected and need to purchase the full version of their product immediately. My favorite is the taskbar balloons that say things such as, "malware.trojan is attempting to send your bank account information to a remote site! Click here to prevent this."
Like most modern malware, Security Tool is not easily removed. I used a combination of booting from BartPE, Spybot, Webroot, and Hijack This to slow it down and eventually (I believe) stop the little bugger. Sadly, a reformat remains the only method of knowing with 100% confidence that all traces of the beast are gone.
After years of disinfecting computers, I finally witnessed a rogue app in action on my own computer a couple of weeks ago. No, we didn't get infected, but it was close. Annie clicked to allow a little app in Facebook (something I've done myself a dozen times or more) and it threw a little alert box up on the screen telling her the computer was infected--click OK to disinfect. Annie didn't fall for it but called me over to see. Now, if that can happen on my computer, which is fully patched and protected, it can happen anywhere. I always knew that, but somehow it's different when you see it with your own eyes.
--Rodger Ling
Like most modern malware, Security Tool is not easily removed. I used a combination of booting from BartPE, Spybot, Webroot, and Hijack This to slow it down and eventually (I believe) stop the little bugger. Sadly, a reformat remains the only method of knowing with 100% confidence that all traces of the beast are gone.
After years of disinfecting computers, I finally witnessed a rogue app in action on my own computer a couple of weeks ago. No, we didn't get infected, but it was close. Annie clicked to allow a little app in Facebook (something I've done myself a dozen times or more) and it threw a little alert box up on the screen telling her the computer was infected--click OK to disinfect. Annie didn't fall for it but called me over to see. Now, if that can happen on my computer, which is fully patched and protected, it can happen anywhere. I always knew that, but somehow it's different when you see it with your own eyes.
--Rodger Ling
Welcome to the Liferaft Blog!
Although I'm not certain how much time I will have to put into this effort, I thought it would be interesting to create a blog about my day-t0-day experiences in technology support. Wish I had done this--not that it would have been easy or even possible--years ago, since I've been in tech support since long before the Internet was a reality.
This blog is directly related to my business partnership, PC Liferaft. See www.pcliferaft.com for the public view of this venture.
Subscribe to:
Posts (Atom)
