Replaced previous Microsoft specific page on 27 January 2008
As you are probably aware, this page all started from a page about my gripes with Microsoft. None of this is any less valid. I still think Microsoft leave a lot to be desired.
First off, there are, fortunately, frequent updates to their products. There are so many things going wrong, or at least being discovered vulnerable security-wise, that it is no bad thing that there are so many updates. Microsoft have a large (possibly the largest) market share for the operating system on PCs, and likewise for office applications – this is a problem in that it results in their update system having rather a lot of systems it ought to be looking after. Couple to that the fact that some people don't bother to update when they should, and those on dialup would need a long time to do it, and it gets even worse.
I am in the position I am sure many people know – you are seen to know what you are talking about and get asked to do things for people. However, to the best of my knowledge, it is now difficult to get hold of Microsoft's updates in a form that can be put on CD to take to machines that are behind with updates (for whatever reason). Furthermore, there are so many updates that they need to be rationalised and “rolled up” into either new service packs or simple roll-ups far more often than currently happens – I would suggest quarterly or half-yearly as a minimum.
A lot of the problem is that Microsoft are prudent in wanting to check the validity of the software installed on systems. In a way, there is nothing wrong with this – fakes may be less secure and have far more serious problems – but when it gets in the way of keeping a perfectly valid system up to date, it is a real bind.
It is even worse that sometimes, when a major hardware change is made (such as after a breakdown), the Blue Screen of Death can be invoked. This often leads to someone having to use the Windows XP CD to do a repair. This, if the CD is not one that has been prepared, with great time and effort, with the latest updates on, will regress the machine to the service pack in use at the time the CD was made, and such CDs can only be made on systems (or emulators) running a valid copy of the relevant operating system. This, in turn, exposes the affected system to problems.
What Microsoft should do is to make it possible to prepare update CDs for systems that are having difficulty reaching the update site, or those that, for technical reasons, have had to be regressed. It would also be nice to be able to get the media if you can't find the right one for the machine on which you are working, but I can see the problem with this – although it would probably be a lot of work, someone could at least in theory get away without activating Windows. Having some way of “being trusted” by Microsoft would help, but any such way should not be expensive. I personally do not use Windows at the moment and do not feel I should have to pay just to help me maintain machines for other family members.
This point relates to a paragraph just above, in some ways, but not entirely.
There exist several system hijacking bots, that look around for Windows systems they can attack. They are designed to make it difficult to remove them, and are installed simply because of a lack of protection on the system concerned – even perhaps because the protection is being changed over. There is no knowledge or consent for such hijacking.
There also exist hijacks in among other kinds of malware, but often these are avoidable simply by not installing the affected software in the first place – this amounts to the consent lacking above, but often without the knowledge of the user at which the software is aimed. These are a lesser evil but can still be deeply evil at times.
What the creators of these ghastly programs should do is repent, and furnish those who can do something about it with a remedy that makes them ineffective.
Please do not get me wrong here – the majority of well-established real-time blocking lists are well run, effective and not over-zealous.
However, whenever a new one is set up, there are often problems with over-zealous application of blocks and poor response when it is pointed out.
In case you are not familiar with this, IPv4 addresses can be divided into many small networks by using varying lengths of mask. If we take the address 10.1.2.3, it can be considered part of 10.0.0.0/8, 10.1.0.0/16, 10.1.0.0/20, 10.1.2.0/24 and 10.1.2.0/28 among many others.
The number after the / indicates that the first that many bits of the mask are 1, the rest 0, and, like an IPv4 address, it has 32 bits. So, for a /16, the mask could be written as 255.255.0.0, and for a /28, it is 255.255.255.240.
The problem is that, when a new real-time blocking list shows up, they might detect a spam from 192.168.224.163 and block 192.168.224.0/24, blocking not just the affected system but over 200 others. Suppose that that /24 is divided into /28s – the owner of 192.168.224.80/28 would be affected, even though the spam came from 192.168.224.163, outside his allocation. He would then have to use round-about means, or even a webmail system, to send mail to someone who uses the new blocking list.
Part of the problem, of course, is that some providers allocate IPv4 numbers dynamically – meaning that it is difficult to trace the source of spam, viral activity or whatever, to a specific machine. Some RBL operators make that assumption about any range if they see that it is for dialups, DSL or cable – often without checking that this applies to the whole range and not accepting the truth when one of the affected people lets them know.
(Observers will have noticed that all the IPv4 numbers quoted above are of kinds that should not be out on the Internet – they should be confined to private networks. However, they serve as workable examples which is just what is needed here.)
If someone is determined to create a new RBL, they should take care to make sure that it is not over-zealous, or if they receive a complaint that it is, handle it responsibly. However, it could be argued that we have enough RBLs already.
The growth in popularity of wireless networking is no bad thing, provided it is done right. However, many access points are supplied in insecure mode by default. You can usually tell these – they have a network ID that tends to relate more to the make of the access point than to its owner, and no WEP or WPA enabled, meaning that if you are set up to allow roaming onto unsecured networks (as you need for public WiFi), your computer can easily wander onto these unsecured access points.
Deliberate use of such an access point without permission has been made illegal, as has using one on which you have cracked, or otherwise received from an unauthorised source, the key. However, the presence of such networks can make it difficult for someone to actually use their own network if their equipment detects better signals from one of these unsecured points.
As there is usually little to identify the owner of such an access point, it can be difficult to know who to approach to ask them to secure it.
As for any advice I can offer on this, unless you have a device that is WEP only, you should at the minimum use WPA-PSK. WEP is insecure enough in that some people have come up with quick ways to crack your key – but even WEP would prevent computers wandering onto your network instead of staying on their owner's. The only exception to this, and some even advise against that, is that if you live in an area where there really is no-one else around, you might consider an open network to be at least reasonably safe.
What should be done, and I note that some manufacturers do, is that access points should be sold, at minimum, secured with WEP by default. Another good idea would be for there to be a web page on an access point whose purpose is for people who have discovered it by chance to report to its owner that it is insecure and causing a problem.
Once again, please do not get me wrong here. Done right, a company can have its calls answered by staff in a different part of the world, and it can be highly efficient. However, done wrong, it can really go wrong.
Companies, particularly telephone companies, using such facilities should make sure that calls only go to people who have sufficient grasp of the relevant language (English in my case) to deal with any enquiries they might get, whilst remaining civil, not repeating the same irrelevant response, and having someone they can refer a query to, preferably back in the home country of the company, on request.
For example, if you are trying to update your directory entries, you should be able to get through to someone who can at the very least advise you as to costs and availability. It should not be automatically assumed that the customer wants all the existing directories recalled – this is unreasonable anyway. It should not take more than the customer saying “You clearly have not understood me and I would like to speak to someone else.” for the call to be referred to someone back in the home country of the company. Of course, there should perhaps be a rule that the overseas agent tries twice to understand the situation and then automatically, on it being made clear that they have misunderstood the customer, put the call through to someone elsewhere.
Also, if you call up with a specific query about something, especially where a mistake in the company's own documents is involved, details of the query should be taken – the agent should not disappear before it and then come back, 20 or more minutes later, with an answer to the wrong question because he never took the right one.
Of course, this situation does not arise in the first place if a company ensures that all its calls are answered in the home country. I do appreciate how having call centres elsewhere makes things more efficient, but only if it is done correctly. Done badly, it can, in complicated situations, prove to be a complete waste of time, an obvious waste of the customer's money and highly frustrating for all concerned.
I'm sure some of you are now saying “IRC is full of idiots anyway” - and perhaps it is. What I can't stand is the terminology used by many to refer to IRC operators. For those of you unfamiliar with the term, an IRC operator is someone authorised to carry out administrative tasks on an IRC server, for the purpose of maintaining it and, in a small way, the network. If you want to shorten the term, the preferred abbreviation is “oper” - consider them to be like telephone operators who can help with administrative and technical matters. The alternative, “IRCop”, has a problem – some idiots see the “Cop” and think of them as some kind of police. This is untrue. They cannot “bulldoze” a channel just because it is being used, in the opinion of some ordinary user, abusively. They may be technically capable of removing people, but not “en masse” and they never do for matters which are not clearly against server or network rules. They don't use the capability for nicknames, and trying to use it for channels would be like trying to fight a forest fire with a water pistol.
The term “IRCop” needs to be firmly shown to be not the one to use, and that “oper” is preferred. It should also be realised that opers do NOT refuse to do things out of spite or for similar reasons, but because they either simply can't or because it would be counterproductive.
You may wonder, again, what leads me to know anything about AIM – but I have friends who use it as a preferred means of communication, and my partner also has friends who use it. For convenience, we have our own Jabber server and that handles all our onward connections to other messenger systems – also meaning we have a single consistent interface for all instant messenger services.
Recently, after using the official AIM client, my partner started to be plagued by some of AIM's bots, always trying to get his attention when he connected. Try as we might, nothing either in the official client nor the Jabber side of things would shift them.
The answer was in fact to use Trillian to remove the bots from his roster, and go straight back in via Jabber afterwards. This seemed to be the only way to get these bots out of the way.
These bots pestering a user constantly with no easy way to stop them are a nuisance! As they only descend on people who use the proper software, this is a good reason why freedom to choose the software you use is a good idea. This freedom needs to be maintained, at least as long as these messenger systems are independent.
Arrangements for parking your car if you are towing something, when visiting a motorway-style service area, are often confusing, and even then, often abused. They may also fail to meet the needs of all on board at some service areas.
Ideally, there should be signs at every possible turning point along the way showing which way to go. The sign should have a picture of a caravan on it, and an arrow. At some, after the first sign there are no more and the road leads directly to the exit.
Failing that, a sign showing a caravan, “follow” and another symbol, provided that is adequately signposted, would do.
There should be a penalty for parking inappropriate vehicles in caravan bays. Appropriate vehicles should be cars towing anything and possibly motorcaravans and other vans too large for car bays. Other vehicles should be required to display a permit, showing that day's date, indicating permission to park there.
Where the sign points to a row of spaces and some are restricted to coaches only, others open to caravans, signs should make it clear which are which.
It is sometimes found when you get there that there are steps, or worse, whole flights of stairs, between the caravan bays and the facilities. If one of your passengers cannot use these, then it can be necessary to park elsewhere on the site. This somewhat frustrates not only the caravanner but the correct user – if any – of the space taken.
Above all, what is really needed is consistent signage, appropriate enforcement and, where possible, level access.
My web form is open for comments on all of the above points.