[OPLINTECH] FW: Microsoft decision puts public libraries at risk [Newsletter Comp Version]
Eric Maynard
emaynard at holmeslib.org
Thu Apr 8 16:09:13 EDT 2010
SteadyState is not the only reason I (Holmes) decided to stay on XP, but
kind of glad I did now since we also use SS hard drive protection.
Curious if anyone using Win 7 has tried this SS-like product?
Comodo Time Machine:
http://www.comodo.com/home/data-storage-encryption/data-recovery.php
Eric Maynard
Head of Information Technology,
Holmes County District Public Library
Millersburg, OH 44654
Email [emaynard at holmeslib.org]
Phone [330.674.5972 x.224]
Fax [330.674.1938]
"Failure is only the opportunity to begin again more intelligently"
On Thu, Apr 8, 2010 at 8:49 AM, Dan Will <willda at oplin.org> wrote:
> I guess it’s official. No Steady State for Win 7.
>
> Dan
>
>
>
> *From:* Windows Secrets [mailto:Editor at WindowsSecrets.com]
> *Sent:* Thursday, April 08, 2010 2:30 AM
> *To:* willda at oplin.org
> *Subject:* Microsoft decision puts public libraries at risk [Newsletter
> Comp Version]
>
>
>
> If your software garbles this newsletter, read this issue<http://WindowsSecrets.com/links/j3gw3205fuftd/33b581h/j3gw3205fuftu/43014-16583r/?url=WindowsSecrets.com%2Fissue%2F100408%2F%3Fu%3D%24P20>at WindowsSecrets.com.
>
>
>
> [image: Windows Secrets]<http://WindowsSecrets.com/links/j3gw3205fuftd/ef9081h/1i/?url=WindowsSecrets.com>
>
>
>
>
>
>
>
>
>
>
>
>
> *Home*<http://WindowsSecrets.com/links/j3gw3205fuftd/ef9081h/?url=WindowsSecrets.com>
>
>
> *Newsletter*<http://WindowsSecrets.com/links/j3gw3205fuftd/93820bh/?url=WindowsSecrets.com%2Finfo%2F>
>
>
> *Lounge*<http://WindowsSecrets.com/links/j3gw3205fuftd/428c5fh/?url=Lounge.WindowsSecrets.com%2F>
>
>
> *Search*<http://WindowsSecrets.com/links/j3gw3205fuftd/364c06h/?url=WindowsSecrets.com%2Fsearch%2F>
>
>
> *Polls* <http://WindowsSecrets.com/polls/>
>
> *Contact*<http://WindowsSecrets.com/links/j3gw3205fuftd/11da7ch/?url=WindowsSecrets.com%2Fcontact%2F>
>
>
>
>
>
>
> *This issue*<http://WindowsSecrets.com/links/j3gw3205fuftd/33b581h/j3gw3205fuftu/43014-16583r/?url=WindowsSecrets.com%2Fissue%2F100408%2F%3Fu%3D%24P20>
>
>
> *Library*<http://WindowsSecrets.com/links/j3gw3205fuftd/591b6dh/j3gw3205fuftu/43014-16583r/?url=WindowsSecrets.com%2Flibrary%2F%3Fu%3D%24P20>
>
>
> *Upgrade*<http://WindowsSecrets.com/links/j3gw3205fuftd/7d30e8h/j3gw3205fuftu/43014-16583r/?url=WindowsSecrets.com%2Fupgrade%2F%3Fu%3D%24P20>
>
>
> *Preferences*<http://WindowsSecrets.com/links/j3gw3205fuftd/bf9256h/j3gw3205fuftu/43014-16583r/?url=WindowsSecrets.com%2Fprefs%2F%3Fu%3D%24P20>
>
>
> *Unsubscribe*<http://WindowsSecrets.com/links/j3gw3205fuftd/278c4dh/willda@oplin.orge/?url=WindowsSecrets.com%2Funsubscribe%2F%3F>
>
>
>
>
>
>
>
>
>
> ------------------------------
>
> TOP STORY
>
> *Microsoft decision puts public libraries at risk *
>
> [image: Yardena Arar]By Yardena Arar
>
> *Millions of Americans depend on libraries, Internet cafés, and other
> public locations for their connection to the Internet, and keeping these
> points of access safe from hackers is especially difficult.*
>
> Recently, however, Microsoft has made that challenge even more difficult
> for many public libraries.
>
> The company announced it would not upgrade the free application,
> SteadyState, to Windows 7 compatibility, angering many of the folks who
> manage public-access PCs. People who manage library PCs say they don't have
> money to pay for third-party products that protect public PCs from malware
> and malicious users.
>
> People who manage public computers face daunting security and anti-malware
> threats. Microsoft acknowledged this fact when it introduced Windows
> SteadyState, an add-on for Windows XP and, later, Vista.
>
> SteadyState essentially resets a computer whenever a user signs off, thus
> protecting his or her identity and data. It lets administrators restrict how
> users can interact with the computer — administrators can, for example,
> block access to programs, Web sites, the Control Panel, and disk drives.
>
> SteadyState can also set time limits on user sessions and import user
> accounts (so that once you've set up an account on one PC, you don't have to
> start from scratch on the others you manage). And when a user logs off, a
> feature called Windows Disk Protection erases all changes, ensuring a
> consistent user interface.
>
> However, not only is SteadyState incompatible with Win7, Microsoft says it
> has no plans to introduce a Windows 7-compatible version. That's leaving
> some IT managers scrambling for replacement technology and others vowing not
> to upgrade to Windows 7 at all.
>
> Microsoft declined a request for an interview about the future of
> SteadyState (or to discuss dropping Guest Mode, a somewhat similar feature
> that appeared in early Windows 7 betas). Instead, the company provided, via
> its public relations firm, an e-mail response attributed simply to "a
> Microsoft spokesperson."
>
> § "Microsoft is always investigating customer requirements and
> continually explores opportunities to meet customer needs in product
> offerings. Part of that process is prioritizing features we put into our
> products and making tradeoffs on what to support.
>
> "For many organizations, the use of Group Policy and System Restore
> functionality provides the ability to manage and reset their PCs as needed;
> as a result, Microsoft will not be updating Windows SteadyState to support
> Windows 7. Organizations that require the extended functionality beyond what
> is offered within Windows 7 should explore third-party products which
> provide comparable functionality to Windows SteadyState."
>
> Using Group Policy and System Restore is not practical in a public,
> kiosk-PC setting. SteadyState treats each computer as a self-maintaining,
> autonomous system.
>
> The first indication that there would be no Windows 7 version of
> SteadyState came in a March 10 post on Microsoft's Windows SteadyState
> forum<http://WindowsSecrets.com/links/j3gw3205fuftd/9d42a0h/?url=social.microsoft.com%2FForums%2Fen-US%2Fwindowssteadystate%2Fthread%2Fb8bfc01d-0202-4ab1-a989-dc4bce1e449e>by moderator Sean Zhu. Responding to a forum member's query, Zhu wrote: "I'd
> like to inform you that currently, there is no plan to develop a compatible
> version of Windows SteadyState for Windows 7." Zhu did not elaborate.
>
> Microsoft still maintains the SteadyState Web site, which lauds the tool's
> virtues for shared Windows XP and Vista PCs — not just in libraries but also
> in Internet cafés, schools, and even homes.
>
> *A product developed in the public's interest *
>
> SteadyState is descended from the Public Access Computer security software
> developed in the early 2000s by the Bill and Melinda Gates Foundation. It
> was part of the foundation's ongoing drive to put computers into schools and
> libraries.
>
> In 2005, Microsoft picked up the torch with the release of the Shared
> Computer Toolkit and then followed with SteadyState in 2007 for Windows XP.
>
> Ironically, news of Microsoft's decision not to support SteadyState in
> Windows 7 arrived in the same month as a Gates Foundation–funded, University
> of Washington study<http://WindowsSecrets.com/links/j3gw3205fuftd/03966bh/?url=www.gatesfoundation.org%2Fpress-releases%2FPages%2Fopportunity-for-all-library-compuer-use-study-100325.aspx>,
> which reported that some 77 million Americans used a library computer or
> Wi-Fi network to access the Internet last year.
>
> As Microsoft's statement on SteadyState suggests, there are other tools
> available for managing shared computers. At least one forum poster said he
> was able to install SteadyState on Win7 systems by using the new operating
> system's Vista or XP compatibility mode. But at this time, it's not known
> whether all features — particularly Windows Disk Protection — will work.
>
> Third-party solutions, such as Faronics' Deep Freeze, don't appeal to
> cash-strapped educational institutions, which are already spending
> considerable money upgrading to Windows 7. Faronics does offer libraries and
> non-profits discounted volume licensing rates that lower the $45 price to
> about $30 for each PC.
>
> "I think it's worth it," says Philip Boccia, Systems Librarian for the Long
> Beach, N.Y., Public Library. "But in these times a lot of libraries can't
> afford it."
>
> IT consultant Michael Jurayj of Saint Paul, Minn.-based House Calls
> Technologies thinks he can re-create some of SteadyState's features in Win7,
> but he's not happy about it. Jurayj wrote in an e-mail:
>
> § "I can probably lock it down through the Group Policy editor and the
> Registry, but it will be more labor intensive and therefore more expensive
> [for customers]. Unfortunately, it will not be as elegant and because of the
> expense will be less likely to be used."
>
> As a result, Jurayj said, he's thinking of offering his customers the
> option of rolling their machines back to Windows Vista so they can use
> SteadyState.
>
> At least one forum member said lack of SteadyState support is a
> deal-breaker for Windows 7 upgrades. The poster, identified as Syb111,
> manages 200 computers. Syb111 wrote:
>
> § "We have decided to stay with XP and notify users that until Microsoft
> updates WSS to run with Windows 7, we will stay with XP and advise them to
> do the same. It's simply not viable, especially in this economy, to spend
> the extra tens of thousands of dollars on the extra staff that would be
> needed to support an OS that we have come to the conclusion that even
> Microsoft isn't prepared to support fully."
>
> *Protecting yourself when using public PCs *
>
> What about people who use PCs in public places? Long Beach's Boccia says a
> lot depends on what the PC will let you do — which you might be able to
> determine only by trial and error. Boccia states, "Unfortunately, there is
> no visual cue to alert the user of what type of security the machine is
> using, unless the person is pretty tech-savvy and knows what to look for."
>
> Tips for using public PCs include:
>
> § Check how the PC is set up. What operating system is it using? (XP is
> obviously better for the reasons given above.) It shouldn't let you poke
> around in the system settings such as the control panel and user accounts.
> Ironically, the less you can do on the PC, the better — it's well-locked
> down.
>
> You might even look behind the machine for any keylogger devices attached
> to the keyboard cable, where it plugs into the PC. For more on keyloggers,
> read the Bright Hub article<http://WindowsSecrets.com/links/j3gw3205fuftd/3ef9f1h/?url=www.brighthub.com%2Fcomputing%2Fsmb-security%2Farticles%2F1631.aspx>,
> "Risky business, using kiosk computers."
>
> § Avoid tasks such as online banking and credit card purchases that might
> leave sensitive information behind. But if you must do so, uncheck any box
> offering to remember your information and change your passwords as soon as
> you are on a PC you know is secure.
>
> § If you have access to browser options that let you clear the cache and
> wipe out cookies, you should use them. The best systems warn you that they
> will clear stored information such as cookies when you exit.
>
> § If you need to save a document, it's up to you to bring a flash drive
> to store it on — or e-mail it to yourself and then delete it from the public
> PC. Be sure to empty Windows Trash.
>
> Take similar precautions when using public Wi-Fi networks. For example, log
> into a user account without administrative rights when browsing on a public
> Wi-Fi network, Boccia says. "You don't need admin rights just to browse the
> Web, create a document, and do e-mail, especially at a public wireless
> hotspot (or as I call it, surfing with sharks)."
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> OPLINTECH mailing list
> OPLINTECH at oplin.org
> http://mail.oplin.org/mailman/listinfo/oplintech
> Search: http://oplin.org/techsearch
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.oplin.org/pipermail/oplintech/attachments/20100408/c3dc9067/attachment-0001.html
More information about the OPLINTECH
mailing list