[Air-l] [cc]Microsoft's really hidden files

Frank Schaap architext at fragment.nl
Sat Aug 11 10:25:21 PDT 2001


<snip>

Bob wrote:
> The author makes a big deal about *not* being able to find various
> "well-hidden" folders and files using Windows Explorer (he doesn't specify
> the Windows product or build that he's using).  But on the contrary, I am
> able to see all the worrisome "hidden" temporary folders and files using
> Windows Explorer in both Win98 and WinME.  So I don't perceive the need to
> boot to DOS as the author suggests;

I originally posted the message to the Cyberculture list. Of course I had
checked the claims first, as had the Dutch webzine I referred to. I have a
Win2k SP2 and a Win98 SE box and both fail to show the files in the Windows
Explorer. The files _do_ show up in a DOS-box (which isn't real-mode DOS) and
they _do_ show up when using the Windows search on those directories. Windows
Explorer is set to show _all_ files, including hidden and system files, so
when these files don't show up in a plain vanilla directory listing, I suppose
Microsoft doesn't want them to show up. Why they do show up for you, I have no
idea, maybe a difference between certain releases, a fluke or maybe the
earth's magnetic field, but...

The same half-baked hiding of these files applies to Microsoft's general
approach of security and disclosure about just what their programs do and
don't (especially towards programmers, think API's). Security by obscurity is
a bad idea.

> when I followed his instructions, I
> found
> nothing on my machine that I didn't already know about, and unless I've
> made
> a terrible mistake, I fail to see just what the fuss is all about.

If you didn't find anything you didn't already know about, you probably are
well informed about the general working of the stuff that goes on in your
computer. Commendable, but I'm afraid not really exemplary of the general
public.

Remains the fact that the files in question _don't_ get deleted when your
order those Microsoft programs to delete _everything_ in the cache. Remains
also the fact that these files contain a complete log of everything that went
through your browser or Outlook client.

In a reply to Jeremy you say that a lot of people find Microsoft's added
features very useful, but a major problem here is that Microsoft by default
enables a lot of features that pose serious security risks. Instead of
choosing the safe path and disabling all features such as macros, scripting
and file-sharing etc. by default, so that the user has to consciously turn
them on if s/he wants to use them, Microsoft just turns everything on by
default and exposes the unknowing user to all kinds of dangers.

It used to be that you only had to disable filesharing in the TCP/IP settings
to eliminate one of the worst security holes, nowadays AFTER disabling
filesharing, you have to dig deep into 5 layers of advanced settings to _also_
disable Netbios over TCP/IP to plug the same hole. Instead of learning from
their mistakes, Microsoft just leaves the old security problem as it is and on
top of that creates another one. That, to me, is something to fuss about.

> The
> author gives us a hint by alluding to possible embarrassment if one's sly
> visits to pornographic sites were to be discovered, and to the possibility
> of
> personal information being retrieved from one's machine over a network.
> There are ways around those problems which do not involve rants directed
> at
> the authors/vendors of particular operating systems and other software
> tools.

Given Microsoft's position and the fact that hundreds of millions of not so
informed people use their programs, the only option here is to rant about it.
The more informed people will indeed use other programs and/or operating
systems.

You're machine being vulnerable to attacks over the internet isn't so far
fetched. Please have a read through the message I have appended at the end of
this message and use the programs/services to check your machine on
vulnerabilities or spy-ware programs that have managed to install themselves
on your computer.

When I send this message to the Cyberculture list a while back, several people
told me they ended up plugging a couple of holes and removing up to 12
spy-ware programs from their computer. I'd say proof that a lot of people have
no idea what's going on in their computer and would be better of with a more
secure system instead of more bells and whistles in the next equally insecure
release.

<snip>

> Back up the registry before you edit it, because an editorial mistake
> there can cause the most exquisite of migraines ;>).

and that's some very good advice :)

Cheers,

Frank.


---excerpt from a message posted earlier to CC---

<snip>

on the other hand, a lot of nastiness is going on at all times of the day and
the logs of my firewall of people testing just about any imaginable port on my
system are testimony to that. right now, I even had to disable the logging
function of my firewall because some idiot is hitting my IP address about 4
times per second with Gnutella requests... and has been doing so for that past
week, which needless to say creates rather huge logs. this is a relatively
benign annoyance and for the most part the internet seems to route around
trouble fairly okay.

<snip>

...which reminds me: even if you're just dialing up, there's a lot of you can
do about your own safety. if you're using a Windows system read this section
of Practically Networked (a great site):

http://www.practicallynetworked.com/sharing/securnet.htm#Not

follow their links to check yourself with the ShieldsUp! service of GRC.com:

https://grc.com/x/ne.dll?bh0bkyd2

people sharing their internet at home will find the whole of the Practically
Networked site interesting, lots of details how to secure your LAN.

then, install the free ZoneAlarm personal firewall:

http://www.zonealarm.com

it's the best thing I can recommend safety wise. this firewall not only blocks
incoming traffic, but regulates which programs you ALLOW to connect to the
net. this means that at first you will have to grant every new application
that wants to connect to the net permission to do so, but once your trusted
applications have permission, you don't even have to think about it anymore...
it just works. ZoneAlarm actually caught one shareware program installing 2
different spyware programs on my computer when they tried to 'phone home'.

spyware? yes, the latest annoyance. these are little programs that a lot of
shareware/freeware authors succumb to getting paid for installing them on your
computer, where they monitor all kinds of traffic, sometimes taking care of
presenting you with personalized ads, sometimes sending back to homebase all
kinds of information about you.

think you might have contracted some spyware? use Ad-Aware to cleanse your
computer:

http://www.lavasoft.de/eintro12.html

then use the SpyChecker database every time before you install a new program:

http://www.spychecker.com/

and you should be relatively safe...

have a safe day on the net :)

Frank.


--
The Cyberculture, Identity and Gender Resources
==> http://fragment.nl/resources/






More information about the Air-L mailing list