Bob Bartlett, Director, Enterprise Network Services & Security for The University of Chicago has posted the University’s “Policy on Windows Networking in the dorms.” It is illuminating, to say the least:
From: Bob Bartlett, Director, Enterprise Network Services & Security
To: 2004-2005 University House System residents
Date: September 8, 2004
Subject: Policy on Requirements for Computers on University House System Networks
Background:
As you may be aware, computers running Microsoft Windows are being broken into at a higher rate with each passing year. This is very much the case on corporate networks, but it can be an even larger problem for university networks, which tend to be more open to attack. The University of Chicago’s network is no exception. At Chicago, over 3,200 computers running some version of Microsoft Windows were broken into last year, and we estimate that the 2004-2005 school year will be even worse. Last year the most frequently compromised computers belonged to students in the University’s housing system, even though the computers in the housing system are a minority of the Microsoft Windows computers on the University’s network.
Networking Services & Information Technologies (NSIT) has done several things to try to mitigate the damage caused by worms and viruses that target Microsoft Windows, including blocking some traffic at the edge of the campus network. Unfortunately, in a network as large and as open as the University’s, this does little good. Once a single computer infected with a worm is brought inside the University’s network, the worm will run unchecked within the campus network. One compromised computer will turn into hundreds within a few hours.
Solutions:
The only two ways to solve this problem are to keep every Windows system on the network completely patched at all times or to put firewalls in front of every computer. While we strongly encourage all students to patch their Windows operating systems automatically at least once a day, NSIT has purchased a site license for ZoneLabs Integrity Firewall for Windows. This firewall will be distributed with the University’s Connectivity Pack v.11, and is available for download at https://firewall.uchicago.edu . There is no charge for this software.
Policy:
Starting with the 2004-2005 school year, for both your protection and that of the rest of the campus network, we no longer permit computers running remotely accessible Windows Networking services to use the networks in the housing system.1 Since the University has made this software available at no cost to all students, a firewall which blocks Windows Networking traffic will now be required on all hosts in the housing system This applies to computers running all versions of Microsoft Windows, and some systems running Mac OS X (those explicitly configured to share files with Windows computers).
More info here.
MacDailyNews Take: Patch Windows at least once a day?! So, multiple times per day would be better? How about doing it hourly? This isn’t a joke, it’s a nightmare, and it’s sad. Is this really any way to live your personal computing life? For our Windows-only readers, it’s time. There most definitely is a better way. For information about smoothly adding a Mac OS X machine to your computing arsenal, please click here.
Related MacDailyNews articles:
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
BusinessWeek’s Haddad gets it wrong; thinks low market share spares Macs from viruses – August 28, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Fortune columnist: ‘get a Mac’ to thwart viruses; right answer for the wrong reasons – September 02, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 1, 2003
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Mac OS X has no viruses; what’s wrong with Windows? – February 11, 2004
Spyware, adware plague Windows users online; Mac OS X users surf freely – April 19, 2004
Gartner: Worms jack up the total cost of Microsoft Windows – May 07, 2004
Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected – June 26, 2004
Tired of patching patches to patch Windows patches? Writer suggests getting a Mac – August 03, 2004
Millions of Windows PC’s hijacked by hackers, turned into zombies; Macintosh unaffected – September 08, 2004
Security is top priority in Apple’s Mac OS X – September 12, 2004
Windows XP worm speaks to users as it deletes their files; Macintosh unaffected – September 13, 2004
How many man-hour lost to be the nurse behind a Windows running PC?
M$ should just start releasing patches in virus form and all the patching would get done automatically.
LOL!!!!
I estimated that I spent 8 hours a week troubleshooting my Windows PC, and this is after work time. That works out to 516 hours a year spent doing nothing but diagnosing, upgrading, fixing, troubleshooting, scanning/removing spyware, adware and malware, and of course reinstalling Windows. Now, keep in mind, I’m also an ISP Technical Support tech, so I’m helping to fix computers for 40 hours a week, anyhow.
Since I switched to Mac, I think I have spent roughly 12 hours in 2 1/2 years doing regular maintenance, upgrades, patches, and general troubleshooting. I have never had a major issue requiring more than 15 minutes at a sitting to resolve. This is a HUGE difference. This isn’t scientific by any means…but it proves to me that switching to Mac made my life much easier, and I have been able to do more than I ever could on my PC, because I’m not constantly trying to fix my Mac.
Sorry, my math sucks. 8×52=416 hours.
Reading the arcticle has me thinking about pc users, if their cars ran like their pc’s, would they want to keep them? Why keep going thru the stress of a wintel life, when there are several alternatives out there…mac, Linux, etc…!
MDN – I hardly think ‘arsenal’ is the best choice of word for any collection of computers containing a Windows-based machine. Unless, of course, the unfortunate targets for such fire-power are owners themselves . I wonder if there is a better word… perhaps hospital?
I remember at my university when the blaster worm hit the wireless network, it spreaded like wildfire.
A bloke I live with is a post graduate Software Engineer. His windows box was infected with some virus that just spewed garbage over the network. He was actually threatened with expulsion if he didn’t clean it, or remove the computer.
The wintel of our discontent.
There are three certainties in life…
death
taxes
and the ignorance of people who use WinDoze
Ajax – Hoho!
The strange thing is that so many Windoze users don’t even realize that there IS a better way. Apple needs to get the word out more.
*shakes head*
Jack A:
Most Windows users tell me that they can’t or won�t switch to a Mac because:
1. It’s too much trouble. (As if all the down time with Windows is quality time spent with their PC.)
2. It costs too much. (People who know the price of everything and the value of nothing.)
3. Microsoft is the world’s largest OS developer. (Coronary artery disease is the most common heart ailment, and the majority of people in the world lives in poverty and is illiterate.)
4. There are fewer applications for Macs vs. PC’s. (18,000 plus isn�t enough for these people.)
5. Mac’s are only good for Graphics Designers. (� and scientists, business people, students, moms and pops, etc.)
Windows users would have to overcome a great deal of ignorance, bias, prejudice, and stupidity before they switch.
A patch a day keeps the worms away… until the next day… A patch a day keeps the worms away… until the next day… A patch a day keeps the worms away… until the next day… A patch a day keeps the worms away… until the next day… A patch a day keeps the worms away… until the next day… A patch a day keeps the worms away… until the next day…
What is really ashame is that we Mac OS X users have to suffer the consequences of the viruses. Networks are closed up, and support for us is lost.
I hate Microshaft!
I really don’t know what the problem is. When Longhorn is released in 2030 it will be the most advanced OS available on the market. Viruses will still exists, but thanks to the new ‘Microsoft System Integrity Virus Definition Access, Execute & Incorporate’ application, which will only cost $99 per month to subscribe (subscriptions are the future you know) they will be eliminated before the cause any problems. Trust me, this thing is good.
Anyway, until Longhorn is released, let me do a dance for you…
What a complete waste of time.
So….. if you patch your WinDoze system…. that should take care of the current and past malware…. right ??
But it does nothing for the malware you get today… correct ??
A vicious cycle, to be sure….
Why are so many people stupid enough to put up with all this ?
what amazes me is that if a similar thing happened in any other industry M$ would be forced to recall all copies of their products
Thankfully some of us have better things to do with our time than that crap. Like doing actual work for example. I’ll just keep my PowerBook thank you very much.
Funny, last night at Monday night football:
3 friends, and myself:
One commented that he spent several hours earlier in the day completely wiping a HD and reinstalling XP. Essentially his home computer had been rendered unusable due to pop-ups and generally snail pace performance.
One of the others who knows I use macs, stated to me: “You don’t get pop-ups do you?”
To which I responded (with a smirk): “Nope, and no known viruses either.”
The coup-de-gras, however, was at half-time when the host fired up his laptop to view the Bush/Kerry parody over at jibjab.com. I’m not kidding on this: The computer took almost the entire half to boot, and then launch IE! His comment, as to why it was taking so long, was something about his anti-virus software.
It’s the Stockholm Syndrome.
Zac
mac dood: Microsoft’s mantra is “security yesterday and security tomorrow, but never security today”
Windows.
Putting the “arse” in “computing arsenal.”
Perfusionista…
I still find it funny to see / hear Micro$oft AND security .. in the same sentence…
Something about being an oxymoron….
Fitting… dont you think…for all the morons who use Micro$oft !
“M$ should just start releasing patches in virus form and all the patching would get done automatically.”
Now THAT’S funny!!!