Plea for a locked down client PC operating system
In this blog I wanted to share some my recent .Net development experiences. Unfortunately, my .Net development today has been regularly interupted today by friends who have rung me up after being infected by MSBlast virus. I sure everyone who writes blogs here keeps there machines up to date and installs patches as soon as they become available. Sadly that seems to atypical. A lot people in Basel have broadband internet connections and don't install patches, have no idea what a firewall and don't realise that if they don't patch their systems that will have problems. The cable internet provider does not tell people that without a firewall that they are leaving themselves open for attack.
I helped a friend remove the virus from their machine, by walking them throw editing the registry, deleting the executable from the drive and using the task manager to kill the process. Easy stuff if you are technical person but most people aren't. Within 3 minutes of reconnecting to the internet his machine was infected again. I was trying to support over the phone...I did not realise that he had not even configured the internet firewall that comes with XP. At least with XP he had that possibility. What about the system administrator I know who installed the patch a week ago on an NT 4 machine only to find that Groupshield, the program they were using for virus protection with their Exchange Server, stopped working.
I think that Microsoft needs to start selling locked down client operating systems where the absolutely minimum number of ports are open and all services that are not required are not run. Also critical patches on home systems should be install by default. I don't want to wait until Longhorn until I see that, I want it now. Everytime one these jokers distributes on these virus it progressively reduces the confidence that people have in computers. If it breaks some backward compatibility I sure it is worth it.