You’ve got XP

It sounds like a venereal disease when you say it like that.

Whereas your health is not endangered by Windows XP (yet!), the latest numbers from security services around the world are out and they agree that:

“[20 minutes is] how long your average unprotected PC running Windows XP will last once it’s connected to the Internet … before it’s compromised and effectively 0\/\/n3d.”

Infected in 20 minutes (The Register) takes you through the by-now familiar drill of security problems with Microsoft’s flagship operating system. The part that’s less familiar is the conclusion that “20 minutes is not long enough to update your Windows PC before it is too late”.

That’s right. The average user has no chance whatsoever of keeping an XP machine clean because it’s mathematically impossible to download all of the necessary patches before the machine is infected. The latest Service Pack (2) from Microsoft “may be as small as 70 megabytes (MB) or as large as 260 MB”. No way you’re getting that installed inside of 20 minutes … I don’t care how fat your broadband pipe is.

That’s if you even try. Most people don’t know that their machine is going to be hijacked, so they want to, God forbid, actually use their computer, rather than spending hours maintaining it when they just got the damned thing out of the box! Instead, they’ll:

“…head over to eBay to look up auctions for Precious Moments figurines … [a]nd soon enough, Grandpa and Grandma’s new Windows computer is spewing out email ads for offshore casinos, and SUPERLOW!!! mortgage rates, and \/1@gra and (1@li5, and God knows what else.”

There is a free document published by the SANS institute, called Windows XP: Surviving the First Day. (sounds so encouraging, doesn’t it? Makes you so happy you decided that that sleek, cool Macintosh was too expensive, no?) It’s pretty good and filled with screenshots to help you stabilize your computer before connecting it to the virus/spam highway formerly known as the Internet.

In Microsoft’s defense (a phrase you’re probably surprised to hear), the latest service pack finally turns on the firewall, by default. But the damage for over 100 million PCs has already been done. Apparently, 25% of the Windows world is still using Windows 98. None of those installations can be saved if they’re already connected to the internet. They are likely already infected and filling your inbox at this very moment. To save them, they will have to be decontaminated, a process which very few users are capable of.

If you do maintenance for less-well-informed members of your family, who come to you wondering why they can’t browse the web (it’s so slow) and why their modem lights are always blinking like crazy (it annoys the cat) and why they have little to no resources and/or memory free and where did those toolbars come from and why does it take forever to startup? … the article has some sound advice.

Hijack their machines right back.

1. Set Windows Update to automatically update the computer, without asking questions.
2. Install a personal firewall that blocks almost everything by default.
3. Buy a 2- or 3-year subscription to an anti-virus program and set it up to automatically download all updates.
4. Buy an anti-spyware tool and set it up to automatically update, scan, and remove spyware.
5. Replace Internet Explorer with Mozilla or Mozilla Firefox*, and then hide that blue E so it’s not on the desktop.
6. Replace Outlook Express with Mozilla Thunderbird.

*For step 4, I heartily recommend Opera, even though it’s not free, because it’s a better browser as far as I’m concerned.

Tell them it’s the latest service pack and save them from themselves.