Profile Quota
Spoon PPRuNerist & Mad Inistrator
Simonta,
Back off a bit there, please. You are getting hold of the wrong end of the stick and flaming people unnecessarily. And making rather an ass of yourself.
MJ has said - quite correctly - that migrating data from an NTFS volume to a FAT volume will remove any ADS nasties lurking within before re-installing the data to a new or rebuilt computer.
You seem to believe that he is advocating running permanently with FAT / FAT32. He isn't, no-one is. Yes, you are right, NTFS is much the best way to go for Windows - no-one is disagreeing with you - which is why we don't need it rammed down our throats quite so hard!
SD
Back off a bit there, please. You are getting hold of the wrong end of the stick and flaming people unnecessarily. And making rather an ass of yourself.
MJ has said - quite correctly - that migrating data from an NTFS volume to a FAT volume will remove any ADS nasties lurking within before re-installing the data to a new or rebuilt computer.
You seem to believe that he is advocating running permanently with FAT / FAT32. He isn't, no-one is. Yes, you are right, NTFS is much the best way to go for Windows - no-one is disagreeing with you - which is why we don't need it rammed down our throats quite so hard!
SD
Official PPRuNe Chaplain
Thread Starter
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
The next time we tried, the latest Knoppix refused to write to the same external device. Google revealed this
Legal issues most likely. NTFS is still 100% property of Microsoft. A similar issue prevented Klaus from including nF2 drivers in Knoppix awhile back IIRC. If you wanted them, you had to do a remaster to include them.
Yes, she had set all the family members as Admins. When I do Win 7, I'll set her as a normal user and an Admin account for when needed.
Join Date: May 2001
Posts: 10,815
Likes: 0
Received 0 Likes
on
0 Posts
But that's the point you are not converting. You are taking suspect data and transferring it. NTFS has metadata attached which malware can and does use if your security has been compromised.
And in this case security most definitely has been compromised.
Samba is not a filesystem it is an application which allows MS clients access to UNIX system resources. Its the well proven UNIX security which does the work not samba. The fact that NTFS was designed by the open VMS chap to incorporate the security of the well proven UNIX method is fact. The fact that Microsoft decided to add features to it which allowed the security to be compromised is also fact.
It is also fact as well that given the option large% of home users will not follow best practise, will not have that 3rd sense in the back of there heads to tell them not to click on "ok". Even if the browser asks them "are you sure you want navigate away from this page" they will click "OK" where as you and I will kill the process.
Its not a fundamental problem with NTFS it is a problem that most computer users don't have a bloody clue what they are doing. Which as admin's we used to lock down, turn off numerous features to protect our systems.
And in this case security most definitely has been compromised.
Samba is not a filesystem it is an application which allows MS clients access to UNIX system resources. Its the well proven UNIX security which does the work not samba. The fact that NTFS was designed by the open VMS chap to incorporate the security of the well proven UNIX method is fact. The fact that Microsoft decided to add features to it which allowed the security to be compromised is also fact.
It is also fact as well that given the option large% of home users will not follow best practise, will not have that 3rd sense in the back of there heads to tell them not to click on "ok". Even if the browser asks them "are you sure you want navigate away from this page" they will click "OK" where as you and I will kill the process.
Its not a fundamental problem with NTFS it is a problem that most computer users don't have a bloody clue what they are doing. Which as admin's we used to lock down, turn off numerous features to protect our systems.
Official PPRuNe Chaplain
Thread Starter
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
Exactly so, MJ.
And most home users - non-techie gurus the lot of 'em - will just go with the flow on the basis they don't understand any of this stuff. Believe me, clergymen are the worst. Most of my "unscrambling" of PCs is for these fine, caring gentlemen.
I do try to explain why and what, but eyes glaze over quickly. So I set things up as best I can and tell them not to click on anything that says thus, or any e-mail from someone you don't know, and so on. They usually do so within three months.
So it's Firefox with NoScript etc, Zone Alarm, Avast, Adblock+ and so on and so on, and rely on those to look after them.
Gillian's is a different case but in the same mould. She got an e-mail about a DHL parcel and was expecting one. But the e-mail wasn't about HER parcel, and the payload was toxic.
And most home users - non-techie gurus the lot of 'em - will just go with the flow on the basis they don't understand any of this stuff. Believe me, clergymen are the worst. Most of my "unscrambling" of PCs is for these fine, caring gentlemen.
I do try to explain why and what, but eyes glaze over quickly. So I set things up as best I can and tell them not to click on anything that says thus, or any e-mail from someone you don't know, and so on. They usually do so within three months.
So it's Firefox with NoScript etc, Zone Alarm, Avast, Adblock+ and so on and so on, and rely on those to look after them.
Gillian's is a different case but in the same mould. She got an e-mail about a DHL parcel and was expecting one. But the e-mail wasn't about HER parcel, and the payload was toxic.
Spoon PPRuNerist & Mad Inistrator
Also tosh about "the way Microsoft want you to use it". Every PC is a domain member. If you are using NT, 2000, XP, Vista or Windows 7, it is a member of at least one domain - itself. A standalone PC has a domain SID generated during Windows installation.
MS define a Domain as having at least one Domain Controller (i.e. share a central directory database). The only time a single computer can be a member of a domain is when it is itself a DC.
Windows Computers standalone or networked without a DC are in a Workgroup.
Indeed, many versions of Windows CANNOT ever join a domain - WinXP Home, all Home versions of Vista and the same for Win7.
Finally, just because a SID is used doesn't make it a "Domain SID". All windows PCs use SIDs, whether they are in a Workgroup (with only one PC or several) or in a Domain.
SD
It's so easy to forget that most of the people who use PCs just use them as a tool - whether it's corresponding with friends in Oz or writing wise words for the Parish Magazine or collating their stamp collection. Small wonder that their eyes glaze over when we start talking about Administrator privileges or FAT32 or even disabled virus updates.
I'm out in a few mins (on me day off, of course) to sort such a person - or rather her computer; V. is beyond sorting - because she has a friend who knows about computers... i.e. he took a City and Guilds in about 1956 or something. When I get into trouble, it's because I think I know best, or have a senior moment, and there's no cure for either of those.
I'm out in a few mins (on me day off, of course) to sort such a person - or rather her computer; V. is beyond sorting - because she has a friend who knows about computers... i.e. he took a City and Guilds in about 1956 or something. When I get into trouble, it's because I think I know best, or have a senior moment, and there's no cure for either of those.
Join Date: May 2001
Posts: 10,815
Likes: 0
Received 0 Likes
on
0 Posts
If you are doing it that often have you had a play with a mirror application.
Build the machine up, install all the applications. Do all the good stuff putting the data on a separate partitions and getting user accounts setup, pointing all the applications to this partition
Then mirror the whole lot. If they do then kill the machine USB pen boot into linux, backup data partition onto your USB drive.
Blow the image back onto the machine. Restore the data and you should be good for another 3 months.
Just keep all the mirrors on either DVD's or on a separate drive.
If they want to install some software blow the image back on again so its a clean install the software take another image and restore the data if required.
First time you do it it will take maybe a couple of hours to set up but after that you should be able to reset to clean in under 30mins (data backup/restore time excluded)
Build the machine up, install all the applications. Do all the good stuff putting the data on a separate partitions and getting user accounts setup, pointing all the applications to this partition
Then mirror the whole lot. If they do then kill the machine USB pen boot into linux, backup data partition onto your USB drive.
Blow the image back onto the machine. Restore the data and you should be good for another 3 months.
Just keep all the mirrors on either DVD's or on a separate drive.
If they want to install some software blow the image back on again so its a clean install the software take another image and restore the data if required.
First time you do it it will take maybe a couple of hours to set up but after that you should be able to reset to clean in under 30mins (data backup/restore time excluded)
Official PPRuNe Chaplain
Thread Starter
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
I tried that a couple of times, MJ. Then came the plaintive plea "Where's the e-mail with all the bookings details of my holiday and the print-your-tickets?"
I'm resigned to it being a two to three hour job most times - and to needing to use Knoppix and my FAT32 external drive on about one in ten. I use the Windows Installer Repairer on about one in three - and that does a fair job.
Gillian's is the first in a long time that's been so bad it's come down to wipe-and-reinstall the lot. But we get rid of six accounts (all admins) and leave her with two - hers and Admin. And she goes from XP Pro to Win 7.
Jimtherev - you seem to have the same "client base" I do. Mine's Diocese of Chelmsford, Southend area.
I'm resigned to it being a two to three hour job most times - and to needing to use Knoppix and my FAT32 external drive on about one in ten. I use the Windows Installer Repairer on about one in three - and that does a fair job.
Gillian's is the first in a long time that's been so bad it's come down to wipe-and-reinstall the lot. But we get rid of six accounts (all admins) and leave her with two - hers and Admin. And she goes from XP Pro to Win 7.
Jimtherev - you seem to have the same "client base" I do. Mine's Diocese of Chelmsford, Southend area.
Join Date: May 2001
Posts: 10,815
Likes: 0
Received 0 Likes
on
0 Posts
Aye that's why you have to put in a bit of work making sure the applications all point towards the data partition.
Most folk forget to shift the profile storage to the data partition as well, which causes the problems with that awful disease spreading email client outlook.
That's another nasty habit people get, dumping everything on the desktop and then wondering why the machine is so slow.
Most folk forget to shift the profile storage to the data partition as well, which causes the problems with that awful disease spreading email client outlook.
That's another nasty habit people get, dumping everything on the desktop and then wondering why the machine is so slow.
Join Date: Jan 2008
Location: Bracknell, Berks, UK
Age: 52
Posts: 1,133
Likes: 0
Received 0 Likes
on
0 Posts
Microsoft did nothing to 3rd party vendors about NTFS, they just tightened further the security surrounding it and added extra functionality - the problem being that Knoppix et al didn't put in the legwork to fix their connectors to NTFS. It's happened twice before in my memory.
Incidentally, NTFS (as part of Windows NT etc) gained, and still has, US military C2 security clearance.
Incidentally, NTFS (as part of Windows NT etc) gained, and still has, US military C2 security clearance.
Keef: 'Jimtherev - you seem to have the same "client base" I do. Mine's Diocese of Chelmsford, Southend area.'
Mine's Norf London non-conformist - much smaller than yours, by the sound of it... but persistent and determined to make the same mistake more than once. Got to admire that.
And resourceful, too. I've never before yesterday met anyone who could trash a motherboard by installing a modem. Still don't understand that one. to be continued, I expect...
Mine's Norf London non-conformist - much smaller than yours, by the sound of it... but persistent and determined to make the same mistake more than once. Got to admire that.
And resourceful, too. I've never before yesterday met anyone who could trash a motherboard by installing a modem. Still don't understand that one. to be continued, I expect...
Join Date: May 2001
Posts: 10,815
Likes: 0
Received 0 Likes
on
0 Posts
Jim try pulling the BIOS battery and letting it sit unplugged for 10 mins then installing it again.
Reboot and see if it is still fried.
This is of course presuming there isn't evidence of burnt circuity.
I suspect they have tried to install it with the power on and in sleep mode
You might have to reblow the BIOS if the battery trick doesn't work.
Reboot and see if it is still fried.
This is of course presuming there isn't evidence of burnt circuity.
I suspect they have tried to install it with the power on and in sleep mode
You might have to reblow the BIOS if the battery trick doesn't work.
Thanks, MJ. I'll certainly try that when Mrs JTR is elsewhere: she's getting a bit tetchy just now about all the hardware about. And this certainly ain't the weather for the workshop. (Read garden shed.)
Join Date: Jan 2006
Location: UK
Posts: 130
Likes: 0
Received 0 Likes
on
0 Posts
M_J. My unreserved apologies. Saab Dastard is right. I did get the wrong end of the stick. I read your posts as suggesting that taking data to FAT and back to NTFS would somehow stop NTFS using meta data and ACLS. I was wrong and was also in a foul mood (the worst excuse ever) when I posted.
I should have used my own advice which I often give to others. If you are writing any electronic document which is anything other than devoid of emotion and could be construed as a flame or similar, draft it then take a look at it the next day. Then decide whether to post/send.
My sincere apologies again. Regards
Simon
I should have used my own advice which I often give to others. If you are writing any electronic document which is anything other than devoid of emotion and could be construed as a flame or similar, draft it then take a look at it the next day. Then decide whether to post/send.
My sincere apologies again. Regards
Simon
Official PPRuNe Chaplain
Thread Starter
Join Date: Apr 2001
Location: Witnesham, Suffolk
Age: 80
Posts: 3,498
Likes: 0
Received 0 Likes
on
0 Posts
Well, the sequel - for those who like dramas
Knoppix read Gillian's hard drive, and copied off her "stuff" to the external FAT drive. Or so we thought - the messages on screen were right. I plugged the drive into my laptop and told Avast to check it, and off it went.
I then wiped her hard drive and set Win 7 to installing. When that was done, I installed Avast, Firefox, Thunderbird, and MS Office. Then plugged in the external drive ... and her stuff wasn't on it. Whether it failed to copy (likely), or was so infected that Avast zapped the lot (less likely) we shall never know.
And then, of course, her Win 7 Home Premium Upgrade edition wouldn't "validate" online because it wasn't installed on top of a previously licenced copy. I phoned the MS activation line and got a charming Indian call centre person who told me I would have to wipe the lot, reinstall XP Pro, then install Win 7 over that. We didn't, and aren't going to. Next time she and I are in the same county we will phone MS and hopefully get the UK helpdesk who will give us the validation code to enter.
Or I may just use the registry tweak I've been sent.
There followed an "interesting" hour or two recovering stuff from various places. We recreated most of her e-mail address book from the past two weeks' incoming mail on her server, plus my address book (we share many friends).
Next session will be about an external backup hard drive (or maybe a memory stick).
She now knows never to open an e-mail with an attachment, and not to turn off Avast.
The good news is that the machine is dramatically faster than it was before the procedure.
Knoppix read Gillian's hard drive, and copied off her "stuff" to the external FAT drive. Or so we thought - the messages on screen were right. I plugged the drive into my laptop and told Avast to check it, and off it went.
I then wiped her hard drive and set Win 7 to installing. When that was done, I installed Avast, Firefox, Thunderbird, and MS Office. Then plugged in the external drive ... and her stuff wasn't on it. Whether it failed to copy (likely), or was so infected that Avast zapped the lot (less likely) we shall never know.
And then, of course, her Win 7 Home Premium Upgrade edition wouldn't "validate" online because it wasn't installed on top of a previously licenced copy. I phoned the MS activation line and got a charming Indian call centre person who told me I would have to wipe the lot, reinstall XP Pro, then install Win 7 over that. We didn't, and aren't going to. Next time she and I are in the same county we will phone MS and hopefully get the UK helpdesk who will give us the validation code to enter.
Or I may just use the registry tweak I've been sent.
There followed an "interesting" hour or two recovering stuff from various places. We recreated most of her e-mail address book from the past two weeks' incoming mail on her server, plus my address book (we share many friends).
Next session will be about an external backup hard drive (or maybe a memory stick).
She now knows never to open an e-mail with an attachment, and not to turn off Avast.
The good news is that the machine is dramatically faster than it was before the procedure.