MetaChat is an informal place for MeFites to touch base and post, discuss and
chatter about topics that may not belong on MetaFilter. Questions? Check the FAQ. Please note: This is important.
Great. Looks like my first day back at work tomorrow is going to lots of fun.
One thing that I'd recommend to everyone, and that's rarely done, is to disable inline images in your e-mail client. There have been so many exploits that use image files lately that it seems foolish to continue to display them. And that's not even going into the implications of spam.
Now we'll have lots of people calling up saying their computer doesn't work. Then they bring in a computer just crawling with spyware and viruses and packed full of porn, mp3s and pirated movies.
It's always fun being tactful while asking them if they've been downloading. I have a set speech I give about not doing things like walking down the alley behind Railroad Ave. and picking up used syringes and jabbing them in your neck. I often use the safe sex metaphor.
"I'm sorry, miss. Your computer is broken because you are a round-heeled slut who can't keep her legs closed."
"Ya know, buddy, if you weren't spending so much time trolling for porn and wanking off, you wouldn't have these problems. Get a girlfriend."
Then there are the moron engineers from the refineries who have totally hosed their machines because they are intellectually challenged by anything more complicated than a piece of pipe and too stupid to know when they are in over their heads. They're easy to spot by their Texan accent. They frequently call up trying to get me to repair their stupid computer over the phone for free by pretending they are technical wizards. Cheap bastards.
I hate the telephone. It's never anyone with good news or money. Telescopes are far superior because they don't fucking ring. Don't they realize I'm trying to concentrate on this stupid SQL problem?
FWIW: Mac users are often more clueless than Windoze users. I think this is because Apple advertised the Mac as the computer for people who are too stupid to own a computer.
They say things like "I'm right-brained" as if that made any difference or anybody cared. They are particularly annoying because the answer is "Bring it in and we'll fix it" but they just keep talking and talking and talking about their emotional relationship with an inanimate object.
I suppose people should be endlessly grateful I'm not a priest. Imagine what I'd be saying then...
OK, pardon my ignorance on this kind of thing, but: does this exploit affect Windows 98? (Running Win 98 SE at home.) And if it does, does this patch/hotfix also work for 98?
All of the info seems to be geared to Win XP (for obvious reasons), so I don't know if I'm at risk or not. I know most current e-mail worms and the like will NOT work in Win 98.
whoah - harsh, warbaby. I guess if you are doing it as a job, it's difficult not to be contemptuous, but... jeeze. Every person I know who is pretty much clueless about computers knows how to do things that I don't. That's sorta why we all need each other.
Yeah, boring: as selfnoise said, it definitely does affect 98, but I haven't seen anything about what 98 users should do. First of all, I guess disabling images in your browser (and email, as dodgy said) would be a good step for the moment.
Clueless is OK by itself, but add rude, demanding, cheap and annoying and things get a little rough. I'm a database analyst and we're short-handed so I have to answer the phone for the technicians a lot.
I'm working for clients that I like and billing them out at $60 an hour. So the annoying people start cutting into nice people's billable time. I'm not going to fix their damned computer, I'm just playing receptionist on the telephone. When these malware storms happen, I don't get any work done and don't wrack up any billable hours.
Since this current mess is strictly the fault of the creeps from Redmond, I think it's about time we nuke that godforsaken yuppie scum suburb and turn it into a lake of glass. Bill Gates is eating my lunch.
Our business has repeatedly been hammered by a) Apple's predatory business practices that shut us out and b) a succession of cheap fly-by-night operations who undercut our prices (and set up false expectations of pricing) and then fold up and vanish. Likewise, our engineering business went tits up when the refineries went to evergreen contracts with the big boys and forced every small job engineering firm to close. The last three years have been a race to the bottom. And this year doesn't look any better. Plus I just got a letter from Social Security saying they lost my records and as a result my SS check will be $450 a month if and when I'm put out to pasture.
Oh, and God Bless George Bush. The world is run by and for morons, bigots and assholes.
Happy new year, for real, and bless metafilter/metachat for looking out for our collective personal safety on this.
I've downloaded the patch, but I have a question -- I don't use Outlook (always *was* suspicious of it) but with patch in place, do I need to disable any settings in gmail? I've checked all the settings but don't see anything I can configure for inline images.
Also, I'm a FF 1.5 user and I run AVG, which I've been manually updating like every 5 seconds. Reading the MeFi thread, esp. loq's account, is frankly scaring the pants off me.
Well then pray for us sinners, dodgy -- at work we are mailed and deal with images constantly. I won't be in again till next week, but everyone (including my husband) will be, and there's simply no way any of us can function without constantly handling images.
Un-register the Windows Picture and Fax Viewer (Shimgvw.dll)
1. Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll"
(without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded.
Click OK to close the dialog box.
Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started
when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.
To undo this change, re-register Shimgvw.dll by following the above steps.
Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll” (without the quotation marks).
A successful virus attack needs to do three things well: exploit a sucurity hole, deliver the payload and then spread itself. What we're discussing here is the first element: an exploit.
Now if virus writer out there uses this exploit, creates the right kind of payload and finds an efficient way to spread his handiwork (and creates and deploys this quickly before a patch becomes widespread) then we could be in for a very rough time. That virus may have already been written and spreading as I type, but that remains to be seen.
Writing an effective virus is hard. It requires that your payload isn't too destructive that it prevents spreading but so ineffective that no-one notices it exists. It needs an effective way of spreading which can require a broad knowledge of user behaviour and social engineering. And sometimes the writer just needs to be lucky.
So I guess what I'm saying is that the future of this is far from certain yet - but it's very wise to be cautious.
Unfortunately, I can confirm that there are exploits in the wild. As you may or may not know, I own an email services company (stopping viruses/spam/etc). We've already seen some of the slimier networks sending out image-based trojan horses.
I don't know what they all do offhand, but it's safe to assume that you really, really don't want to read your spam without applying one of the available hotfixes.
Oh sure, I know there are already exploits but my point was that we don't know yet how wide spread it'll be yet.
It's too early to predict a Windows apocalypse but it is right that folk should protect themselves now. Hopefully Microsoft will hurry up with a patch.
I've done the "plain text only" thingie in OE and unregistered the dll thingie in start/run/etc. I've told gmail to forward email to an email address that I access through OE (that way I can read it in plain text).
Questions:
Does having a firewall/router help at all in stopping stuff like this?
It's now okay to download SP2 for XP?
Anything else I should do (besides downloading a third-party patch, which I'm reluctant to do)?
deborah, I also hate installing stuff willynilly, but this guy has credentials out the wazoo, and the threat seems serious enough to take every possible precaution. I installed it.
That's the link taz. Also if you install the patch you do not need to do all that "Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll"" stuff
Hexblog won't load at the moment, but I'll keep checking and I'll download SP2 now.
Thanks for the info!
PS: downloading stuff willy-nilly - I've been online 7 years and have had very few problems and would like to keep it that way. However, I trust y'all and will comply.
photo by splunge
photo by TheophileEscargot
photo by Kronos_to_Earth
photo by ethylene
