A friend purchased a brand new laptop recently (last week, very recently).. she plugged it in.. and wham.. it's infected with msblaster and won't stay up for more than 60 seconds.
How is this possible?
Simple.. windows XP comes by default with the firewall disabled and configured for dhcp.
"She should have patched it"
Well, yes, except before she had the time to open the windows update website it was already infected (hard to believe, I know..).
"She should have enabled the firewall first".
Actually.. she didn't know the damn thing was already online.. and even though virus protection was enabled, it was not up to date.. .
Ah, see, a trend.
Windows XP - not up to date.
Virus protection - not up to date.
How can computer manufacturers sell machines that are so obviously out of date on important security patches (more than a month for the patch that would have prevented msblaster from infecting the system).
"In this world of viruses and attacks people should know better"
No, you shouldn't have to spend a day patching a brand new computer you just spent $3K on just so you can take it online. That's wrong.. when will the consumers put a stop to it?
Next time you buy a computer.. and it's more than a month out of date on security patches.. call them, complain, demand a refund. If you can't use your computer thanks to a virus infection -- that's a defective product.
Someone should be responsible, and it shoudln't be the consumer paying $$$ for a product they cannot use without some serious work involved. If a car manufacturer sold a knowingly defective car.. they would be sued out of their pants.. so why is it that people put up with this crap when it comes to computers?
TrackBack URL for this entry: http://www.unix-girl.com/mt/mt-tb.cgi/901
Yup.
#Thanks for the tip. I've a friend that will be receiving a new laptop with XP on it shortly.
#Luckily the last (and only in ages) computer I got I plugged into my internal network with firewall, spent the 8 hours downloading and applying patches, getting rid of the shit on the desktop, etc. (http://arcterex.net/blog/archives/2003/08/13/buying_a_new_computer.html)
Totally agree with you though. If I had thought about it more, or cared enough, I would have bitched at them. I should have bitched at them anyway about not getting a disk with the OS and apps on it, but that's another story.
#Because consumers have not made a big enough noise, they are afraid of the technology and the companies themselves. Not until consumers stood up did we have lemon laws.
#She should have enabled the firewall before connecting the computer to a network. Either by not plugging in the network or disabling the wireless network (are these enabled by default?) in the BIOS.
>>>
If you can't use your computer thanks to a virus infection -- that's a defective product.
<<<
Not if the virus wasn't on the computer when it was sold to you. It was your friend who allowed the computer to get infected. I think you're being unfair to blame the retailer.
#Pete, would you feel the same if it was your mom that happened to?
#I totally agree with Kasia. All the retailer has to do is plug the laptop into their router and run WindowsUpdate. Downloading and installing all the patches takes less than an hour on a 512k connection.
#You know what, Kasia and Baba are right. If someone is in the business of selling PC's, they should have a means of doing last-minute software updates immediately before delivering the product to the customer. It shouldn't be hard for a retailer to have a private network with a local, private Windows Update server on it. When you're ready to buy a PC, Joe Salesperson could say "Alright Mr. Customer, let me have the techs run a last minute update on your PC and we'll have you ready to go in no time. Forget 512K connection, they should be able to do it over the LAN at 100mbps.
I seriously doubt *any* retailer does this now, but I bet all it would take is one -- as soon as someone starts doing this and promoting it as a benefit, others will follow.
#Don't buy your machine from a "Giant Retailer" where inventory has been sitting for months.
Get your new Computer from a smaller local dealer. They will install the OS, patch it etc...
Yeah it's a pain. They should update it on their own network, but they are lazy and stupid at those stores. Anyways to get the laptop working online all you need to do is "shutdown -a" in a run box and it will abort the shut-down. Then you can patch it up and remove the virus.
#Kasia, I just posted over at DSLR about this. Steve referred me to this.
I just purchased 3 new workstations through Dell and took all day to patch 2 of them. Its rediculous that a big time company such as Dell can do this for the money you pay for a top name computer.
My gf's sister bought a $400 computer from some no name .com and it came fully patched AND with SP1 installed.
With all the worms around, you'd thing a big reputable company such as Dell would give customers with little or no computer knowledge a break and patch for them.. they spent enough!
When i get a chance, im going to call and complain. As a SA, it kills some of my time to install 75 patches and kill 2 days of my time and my companys pay.
#Yeah, it would fall under Reasonably Expectation laws in Canada/US/UK wouldn't it? (ie: if you buy a car the tire should be full of air, even if you don't check it)
#Should've just bought a Mac ;-)
#Like Eric stated above, buy it from a reputable local shop, and you won't have that problem. Let's face it - the big manufacturers/retailers are not interested in taking the time to update each machine before it goes out the door. Dell particularly amazes me - I could understand perhaps being a month or so behind on patches (they are working off images for their hard drives), but there isn't any excuse for having nothing but a barebones SP1 installation. (Except laziness - that is how the OS is provided to them by Microsoft, and they don't go beyond it.)
As an owner of one of those "small local dealers", I can assure you that EVERY machine I send out is fully patched up, virusscan loaded and up-to-date, etc. Of course, I can't help it once it has left the shop (I find it utterly amazing how many people will shut off the virus software "because it kept bothering me when I was reading my email"), but I do my best to educate the consumer on proper upkeep.
I never even considered it something to promote (like Doug mentioned) - it is simply something you do. Of course, I'm also not competing against the "big box" retailers - my service is personalized, and it costs more. My customers expect a higher level of service, and aren't shopping for the lowest price, so maybe I'm a rarity?
#But Blaster is about the FIRST virus that doesnīt need any action from user-side, no opening of emails, no visiting wrong websites etc.
Iīve heard of several people that had the same troubles getting a (fresh) machine up to date.
Itīs funny that good old W98 is not affected.
And we had a lot of luck that Blaster wasnīt really a "damaging" kind of virus. Couldīve done a lot worse things than spreading itself.
#I couldn't help but notice this conversation. I feel, too, that it is the manufacturer's responsibility to ship reasonably updated PCs. The public is too aware of computer technology to allow poor security and service for much longer. Who in the world feels that such behavior is ethical, anyway?
If Dell would stop lowering prices to hold their market share they would realize better profit and more revenue to support high quality. Perhaps that quality would include updates? I am sure they would be able to get the right CD-ROMs in the box if they weren't pushing down their income to stay on top. ;-)
#But there are some very damaging viruses out there. I think the computers should be sold with all Windows updates, patches etc already installed.
#