Internet and e-mail policy and practice
including Notes on Internet E-mail


2012
Months
Jan

Click the comments link on any story to see comments or add your own.


Subscribe to this blog


RSS feed


Home :: Internet

08 Jan 2012

Reset, Refresh, Reinfect? Internet

The upcoming Windows 8 will include new features to Reset or Refresh your computer. Reset wipes out your entire disk and restores it to they way it was when the computer was new, Refresh keeps some files and settings, but wipes and restores everything else. Given the propensity of Windows machines to become overrun with malware, rogue toolbars, cramware, and other unwanted annoyances, a way to get rid of it all quickly seems like a great idea. But ...

They also include a program called recimg.exe, which replaces the reset image with a copy of the current state of the computer. The plan is that you load up your new computer with all the software you've bought then use recimg to create a reset image including all that software. Later, when you Reset, you'll still have all your software installed.

I don't claim to be an evil genius, but if I were writing malware, my malware would run recimg after it was installed, so now the malware is a permanent part of the computer, helpfully reinstalled every time you Reset. I expect that recimg will pop up warning banners to alert the user what it's doing and ask whether to go ahead. No problem, the malware pops up its own fake warning that a serious security problem has just been patched, so the user better update the Reset system right away, and because we're so nice, we'll even run the updater, you just have to click OK on a few security warnings. (That's something all Windows users have been trained to do.)

So, what am I missing here? The ability to restore the comptuer from a known-good image is a dandy idea, but that image has to be someplace that bad guys can't mess with, like on a DVD.


  posted at: 00:47 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Internet/ms8.html

Topics


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

CAUCE
It turns out you don’t need a license to hunt for spam.
4 days ago

A keen grasp of the obvious
Italian Apple Cake
562 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse

My Mastodon feed



© 2005-2020 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.