[OPLINTECH] FW: Microsoft decision puts public libraries at risk [Newsletter Comp Version]

Thu Apr 8 08:49:35 EDT 2010

I guess it’s official. No Steady State for Win 7. 

Dan

From: Windows Secrets [mailto:Editor at WindowsSecrets.com] 
Sent: Thursday, April 08, 2010 2:30 AM
To: willda at oplin.org
Subject: Microsoft decision puts public libraries at risk [Newsletter Comp
Version]

If your software garbles this newsletter, read this issue
<http://WindowsSecrets.com/links/j3gw3205fuftd/33b581h/j3gw3205fuftu/43014-1
6583r/?url=WindowsSecrets.com%2Fissue%2F100408%2F%3Fu%3D%24P20>  at
WindowsSecrets.com.

<http://WindowsSecrets.com/links/j3gw3205fuftd/ef9081h/1i/?url=WindowsSecret
s.com> Windows Secrets

<http://WindowsSecrets.com/links/j3gw3205fuftd/ef9081h/?url=WindowsSecrets.c
om> Home 

<http://WindowsSecrets.com/links/j3gw3205fuftd/93820bh/?url=WindowsSecrets.c
om%2Finfo%2F> Newsletter 

<http://WindowsSecrets.com/links/j3gw3205fuftd/428c5fh/?url=Lounge.WindowsSe
crets.com%2F> Lounge 

<http://WindowsSecrets.com/links/j3gw3205fuftd/364c06h/?url=WindowsSecrets.c
om%2Fsearch%2F> Search 

  <http://WindowsSecrets.com/polls/> Polls 

<http://WindowsSecrets.com/links/j3gw3205fuftd/11da7ch/?url=WindowsSecrets.c
om%2Fcontact%2F> Contact 

<http://WindowsSecrets.com/links/j3gw3205fuftd/33b581h/j3gw3205fuftu/43014-1
6583r/?url=WindowsSecrets.com%2Fissue%2F100408%2F%3Fu%3D%24P20> This issue 

<http://WindowsSecrets.com/links/j3gw3205fuftd/591b6dh/j3gw3205fuftu/43014-1
6583r/?url=WindowsSecrets.com%2Flibrary%2F%3Fu%3D%24P20> Library 

<http://WindowsSecrets.com/links/j3gw3205fuftd/7d30e8h/j3gw3205fuftu/43014-1
6583r/?url=WindowsSecrets.com%2Fupgrade%2F%3Fu%3D%24P20> Upgrade 

<http://WindowsSecrets.com/links/j3gw3205fuftd/bf9256h/j3gw3205fuftu/43014-1
6583r/?url=WindowsSecrets.com%2Fprefs%2F%3Fu%3D%24P20> Preferences 

<http://WindowsSecrets.com/links/j3gw3205fuftd/278c4dh/willda@oplin.orge/?ur
l=WindowsSecrets.com%2Funsubscribe%2F%3F> Unsubscribe 

  _____  

TOP STORY 

Microsoft decision puts public libraries at risk 

 Yardena Arar
<http://download.WindowsSecrets.com/images/wsn/Yardena-Arar-1.jpg> By
Yardena Arar 

Millions of Americans depend on libraries, Internet cafés, and other public
locations for their connection to the Internet, and keeping these points of
access safe from hackers is especially difficult.

Recently, however, Microsoft has made that challenge even more difficult for
many public libraries.

The company announced it would not upgrade the free application,
SteadyState, to Windows 7 compatibility, angering many of the folks who
manage public-access PCs. People who manage library PCs say they don't have
money to pay for third-party products that protect public PCs from malware
and malicious users.

People who manage public computers face daunting security and anti-malware
threats. Microsoft acknowledged this fact when it introduced Windows
SteadyState, an add-on for Windows XP and, later, Vista.

SteadyState essentially resets a computer whenever a user signs off, thus
protecting his or her identity and data. It lets administrators restrict how
users can interact with the computer — administrators can, for example,
block access to programs, Web sites, the Control Panel, and disk drives.

SteadyState can also set time limits on user sessions and import user
accounts (so that once you've set up an account on one PC, you don't have to
start from scratch on the others you manage). And when a user logs off, a
feature called Windows Disk Protection erases all changes, ensuring a
consistent user interface.

However, not only is SteadyState incompatible with Win7, Microsoft says it
has no plans to introduce a Windows 7-compatible version. That's leaving
some IT managers scrambling for replacement technology and others vowing not
to upgrade to Windows 7 at all.

Microsoft declined a request for an interview about the future of
SteadyState (or to discuss dropping Guest Mode, a somewhat similar feature
that appeared in early Windows 7 betas). Instead, the company provided, via
its public relations firm, an e-mail response attributed simply to "a
Microsoft spokesperson."

§  "Microsoft is always investigating customer requirements and continually
explores opportunities to meet customer needs in product offerings. Part of
that process is prioritizing features we put into our products and making
tradeoffs on what to support.

"For many organizations, the use of Group Policy and System Restore
functionality provides the ability to manage and reset their PCs as needed;
as a result, Microsoft will not be updating Windows SteadyState to support
Windows 7. Organizations that require the extended functionality beyond what
is offered within Windows 7 should explore third-party products which
provide comparable functionality to Windows SteadyState."

Using Group Policy and System Restore is not practical in a public, kiosk-PC
setting. SteadyState treats each computer as a self-maintaining, autonomous
system.

The first indication that there would be no Windows 7 version of SteadyState
came in a March 10 post on Microsoft's Windows SteadyState forum
<http://WindowsSecrets.com/links/j3gw3205fuftd/9d42a0h/?url=social.microsoft
.com%2FForums%2Fen-US%2Fwindowssteadystate%2Fthread%2Fb8bfc01d-0202-4ab1-a98
9-dc4bce1e449e>  by moderator Sean Zhu. Responding to a forum member's
query, Zhu wrote: "I'd like to inform you that currently, there is no plan
to develop a compatible version of Windows SteadyState for Windows 7." Zhu
did not elaborate.

Microsoft still maintains the SteadyState Web site, which lauds the tool's
virtues for shared Windows XP and Vista PCs — not just in libraries but also
in Internet cafés, schools, and even homes.

A product developed in the public's interest 

SteadyState is descended from the Public Access Computer security software
developed in the early 2000s by the Bill and Melinda Gates Foundation. It
was part of the foundation's ongoing drive to put computers into schools and
libraries.

In 2005, Microsoft picked up the torch with the release of the Shared
Computer Toolkit and then followed with SteadyState in 2007 for Windows XP.

Ironically, news of Microsoft's decision not to support SteadyState in
Windows 7 arrived in the same month as a Gates Foundation–funded, University
of Washington study
<http://WindowsSecrets.com/links/j3gw3205fuftd/03966bh/?url=www.gatesfoundat
ion.org%2Fpress-releases%2FPages%2Fopportunity-for-all-library-compuer-use-s
tudy-100325.aspx> , which reported that some 77 million Americans used a
library computer or Wi-Fi network to access the Internet last year.

As Microsoft's statement on SteadyState suggests, there are other tools
available for managing shared computers. At least one forum poster said he
was able to install SteadyState on Win7 systems by using the new operating
system's Vista or XP compatibility mode. But at this time, it's not known
whether all features — particularly Windows Disk Protection — will work.

Third-party solutions, such as Faronics' Deep Freeze, don't appeal to
cash-strapped educational institutions, which are already spending
considerable money upgrading to Windows 7. Faronics does offer libraries and
non-profits discounted volume licensing rates that lower the $45 price to
about $30 for each PC.

"I think it's worth it," says Philip Boccia, Systems Librarian for the Long
Beach, N.Y., Public Library. "But in these times a lot of libraries can't
afford it."

IT consultant Michael Jurayj of Saint Paul, Minn.-based House Calls
Technologies thinks he can re-create some of SteadyState's features in Win7,
but he's not happy about it. Jurayj wrote in an e-mail:

§  "I can probably lock it down through the Group Policy editor and the
Registry, but it will be more labor intensive and therefore more expensive
[for customers]. Unfortunately, it will not be as elegant and because of the
expense will be less likely to be used."

As a result, Jurayj said, he's thinking of offering his customers the option
of rolling their machines back to Windows Vista so they can use SteadyState.

At least one forum member said lack of SteadyState support is a deal-breaker
for Windows 7 upgrades. The poster, identified as Syb111, manages 200
computers. Syb111 wrote:

§  "We have decided to stay with XP and notify users that until Microsoft
updates WSS to run with Windows 7, we will stay with XP and advise them to
do the same. It's simply not viable, especially in this economy, to spend
the extra tens of thousands of dollars on the extra staff that would be
needed to support an OS that we have come to the conclusion that even
Microsoft isn't prepared to support fully."

Protecting yourself when using public PCs 

What about people who use PCs in public places? Long Beach's Boccia says a
lot depends on what the PC will let you do — which you might be able to
determine only by trial and error. Boccia states, "Unfortunately, there is
no visual cue to alert the user of what type of security the machine is
using, unless the person is pretty tech-savvy and knows what to look for."

Tips for using public PCs include:

§  Check how the PC is set up. What operating system is it using? (XP is
obviously better for the reasons given above.) It shouldn't let you poke
around in the system settings such as the control panel and user accounts.
Ironically, the less you can do on the PC, the better — it's well-locked
down.

You might even look behind the machine for any keylogger devices attached to
the keyboard cable, where it plugs into the PC. For more on keyloggers, read
the Bright Hub article
<http://WindowsSecrets.com/links/j3gw3205fuftd/3ef9f1h/?url=www.brighthub.co
m%2Fcomputing%2Fsmb-security%2Farticles%2F1631.aspx> , "Risky business,
using kiosk computers."

§  Avoid tasks such as online banking and credit card purchases that might
leave sensitive information behind. But if you must do so, uncheck any box
offering to remember your information and change your passwords as soon as
you are on a PC you know is secure.

§  If you have access to browser options that let you clear the cache and
wipe out cookies, you should use them. The best systems warn you that they
will clear stored information such as cookies when you exit.

§  If you need to save a document, it's up to you to bring a flash drive to
store it on — or e-mail it to yourself and then delete it from the public
PC. Be sure to empty Windows Trash.

Take similar precautions when using public Wi-Fi networks. For example, log
into a user account without administrative rights when browsing on a public
Wi-Fi network, Boccia says. "You don't need admin rights just to browse the
Web, create a document, and do e-mail, especially at a public wireless
hotspot (or as I call it, surfing with sharks)."

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.oplin.org/pipermail/oplintech/attachments/20100408/e684b2af/attachment-0001.html