Gives users too much control?

  • Thread starter Thread starter Dufresne IT
  • Start date Start date
D

Dufresne IT

I'm an IT consultant, most of my clients are schools with PC labs. MS
spyware is great, but it gives the user too much control. Hopefully I am
wrong and i'm just missing a setting, but kids and teachers do not know, or
care about Spyware, only that it is my fault when the computers are slow,
and full screen movies start to play for no reason...

When spyware is detected, it pops up a dialog asking the user what to do, in
this case, the user only wishes to return to what they were doing and
doesn't care about spyware, so they randomly accept and block things which
completely kills the effectiveness of the program. The program should
simply block everything it finds with perhaps a small notification to the user.

It doesn't take a lot of UI research to observe this behavior.

Am I wrong? Hopefully... Otherwise it's worthless.
 
Well, in your type of environment, the current beta 1 release is not
specifically targetted to it. Microsoft is however working on an Enterprise
Edition of Microsoft AntiSpyware which would be more suitable for an
environment such as yours with features such as Central Management and Group
Policy support.

By the way, are those students running as Local Administrator or limited
user?

--

Andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

I'm an IT consultant, most of my clients are schools with PC labs. MS
spyware is great, but it gives the user too much control. Hopefully I am
wrong and i'm just missing a setting, but kids and teachers do not know, or
care about Spyware, only that it is my fault when the computers are slow,
and full screen movies start to play for no reason...

When spyware is detected, it pops up a dialog asking the user what to do, in
this case, the user only wishes to return to what they were doing and
doesn't care about spyware, so they randomly accept and block things which
completely kills the effectiveness of the program. The program should
simply block everything it finds with perhaps a small notification to the
user.

It doesn't take a lot of UI research to observe this behavior.

Am I wrong? Hopefully... Otherwise it's worthless.
 
-----Original Message-----
I'm an IT consultant, most of my clients are schools with PC labs. MS
spyware is great, but it gives the user too much control. Hopefully I am
wrong and i'm just missing a setting, but kids and teachers do not know, or
care about Spyware, only that it is my fault when the computers are slow,
and full screen movies start to play for no reason...

When spyware is detected, it pops up a dialog asking the user what to do, in
this case, the user only wishes to return to what they were doing and
doesn't care about spyware, so they randomly accept and block things which
completely kills the effectiveness of the program. The program should
simply block everything it finds with perhaps a small notification to the user.

It doesn't take a lot of UI research to observe this behavior.

Am I wrong? Hopefully... Otherwise it's worthless.

.
Dean,
Click to expand...
I'm just a home PC user but when I saw your post I wanted
to comment on it. I too find that MS software apps do
seem to have too many options for the general user. It
assumes the user will understand how to operate it or
wishes to spend too much time learning how to. I agree.
Glad you brought it up.
IrishEyes
 
This is an interesting thread. I often communicate with a collection of
folks who are MVPs like myself--we support Microsoft technology. Many, but
not everyone, in this crowd tend to feel that things are too dumbed
down--that there isn't enough control allowed to the user to set things
exactly the way they prefer.

I'm the opposite. I feel that Microsoft has done a masterful job of making
simple in appearance some very complex software--Internet Connection
Sharing, as an example, or the Windows Firewall.

In terms of the two sets of issues raised in this thread:

1) I hope this doesn't sound like a cop-out, but I'd suggest that for the
environment of a school lab, a managed product which can be controlled, and
the choices allowed to the user limited, would be a better fit. This beta
isn't such a product, acknowledged by this KB article which is one of the
first in the Known issues, since release:

http://support.microsoft.com/kb/892375 End users may be prompted to allow or
block administrative actions that originate from a central management tool
after they install Windows AntiSpyware (Beta) on a computer that is managed
by Systems Management Server 2003

Microsoft has announced that they will be providing an enterprise, managed,
version of the capabilities available in this product, and that it will not
be free. No more information than that (except for my guess? that it will
have a management console)--is available, however. If your workplace or
school district has a formal Microsoft contact person--that'd be the route
to inquire about whether there will be a beta of the managed product which
you could test.

2) In terms of the notifications, and the user environment for which the
program IS targetted, I believe Microsoft has heard the feedback that the
program is "too talky"--and expect that we will see some significant
behavioral changes with beta2.

(and don't ask me when beta2 will be--I don't know, and it seems to take me
many characters to say so.)
 
I was also wondering how a school pc lab is getting overrun with spyware. I
think the solution is further upstream from a tool like MSAS. I have the 90
machines I support configured such that we don't need MSAS corporately -
yet. I don't think we will either but it's nice to know a tool will be
available to me in the future that can help me keep malware under tighter
control should I need it.

From my observation point on this globe, computers are complex and it amazes
me how many millions of combinations of hardware and software MS can get to
work successfully together. Unfortunately even the slickest software
produced can become confusing to many people. I remind myself sometimes
that millions of people still sit at home with their VCRs flashing 12:00
because they have no idea how to set the clock. Meanwhile I just watched a
program on my DVR, recorded it to a dvd, ripped it and converted it to a
streaming wmv file for a friend at work who can't always catch the live show
and doesn't know how to do any of what I just wrote.

I have found myself asking people why they didn't just buy a PS2 for games
or a set top box that allows you to surf and do email.

The real mystery to me is how these people are going to survive if/when they
switch to Linux for their desktop. If they think Windows can get
complicated...

Now where is my Mac OS9 disk?


JohnF.
 
JohnF. said:
I was also wondering how a school pc lab is getting overrun with spyware.
I think the solution is further upstream from a tool like MSAS. I have the
90 machines I support configured such that we don't need MSAS corporately -
yet. I don't think we will either but it's nice to know a tool will be
available to me in the future that can help me keep malware under tighter
control should I need it.

From my observation point on this globe, computers are complex and it
amazes me how many millions of combinations of hardware and software MS
can get to work successfully together. Unfortunately even the slickest
software produced can become confusing to many people. I remind myself
sometimes that millions of people still sit at home with their VCRs
flashing 12:00 because they have no idea how to set the clock. Meanwhile
I just watched a program on my DVR, recorded it to a dvd, ripped it and
converted it to a streaming wmv file for a friend at work who can't always
catch the live show and doesn't know how to do any of what I just wrote.

I have found myself asking people why they didn't just buy a PS2 for games
or a set top box that allows you to surf and do email.

The real mystery to me is how these people are going to survive if/when
they switch to Linux for their desktop. If they think Windows can get
complicated...

Now where is my Mac OS9 disk?
Click to expand...

LOL!

Corporate culture makes a difference. I work with one small office--it has
about 20 machines or so, and sublets to a smaller organization which has 4
machines. The smaller organization's network is routed through the same ISA
server and DSL connection that serves the larger one.

I've yet to see a single legitimate spyware removal on the larger
organizations machines. These folks know not to open attachments, in
general--through some experience with what happens (or I make happen!) when
they make a mistake.

The smaller office, on the other hand is pretty much computer-naive, and
every machine had substantial spyware loads--the directors machine least of
all, but there were a few things even there.
 
-----Original Message-----
I'm an IT consultant, most of my clients are schools with PC labs. MS
spyware is great, but it gives the user too much control. Hopefully I am
wrong and i'm just missing a setting, but kids and teachers do not know, or
care about Spyware, only that it is my fault when the computers are slow,
and full screen movies start to play for no reason...

When spyware is detected, it pops up a dialog asking the user what to do, in
this case, the user only wishes to return to what they were doing and
doesn't care about spyware, so they randomly accept and block things which
completely kills the effectiveness of the program. The program should
simply block everything it finds with perhaps a small notification to the user.

It doesn't take a lot of UI research to observe this behavior.

Am I wrong? Hopefully... Otherwise it's worthless.

.
Click to expand...

Maybe someone will write a program that will do it all,and
only with one button that says "fix".
 
Interestingly enough, the people I have the most danger from are my
executives. One of those Netsky viruses slipped through the server screen
one day during the summer and the boss wondered what this attahcment could
be. So, he opened it. Fortunately, I run a script to update the desktop AVs
with rapid release definitions so his desktop AV stopped the virus from
spreading. The server AV app was just updated now to also get the rapid
release defs automatically. I strip all emails containing forbidden
attachments - that's why the newest viruses are also using zip extensions. I
use XWall for our Email filter/firewall and I use the "block double
extension" exploit as well where a file will be named file.exe.zip or some
other double extension. We are not using a web filtering policy yet but I
have sufficiently warned, threatened, and put fear in the hearts of the
regular users to behave or else. I have the browsers locked down by group
policy and I also do not allow Outlook to launch ANY application from the
temporary file space. The only IM allowed to be used is Trillian and I have
SpywareBlaster loaded on all machines that are open desk machines where
browsing mischief could occur.

So far, so good - but I'm not at work yet today either!

JohnF.
 
Well - How far is Microsoft Antispyware from that, anyway?

It's true that there are a few more buttons--but if I had a nickel for every
post here that goes:

"I installed your spyware and my firewall now does not load and I can't
connect to the Internet"

Clearly those folks only saw the Fix button. (and, of course, the fix
doesn't work very well, but that's in progress--I'm quite sure!)
 
Hi,
<I'm an IT consultant, most of my clients are schools with PC labs.>
Start with a couple of Tylenol and keep reading.

<MS spyware is great, but it gives the user too much control.>
OK, what OS are you running in the labs? What are the users running as?
Admin perhaps??? I hope not!

<but kids and teachers do not know, or care about Spyware,>
Agreed.
Time to get them educated eh??
Let's start here with some FREE posters that they can relate to:
http://www.microsoft.com/Education/SecurityPosters.aspx

Then we swoosh them along to
http://www.microsoft.com/athome/security/default.mspx for best practices.
Make them watch the video!

Next stop is http://security.msn.com/ > If you need, I can send you an
address to get some very nice, free and reproducible brochures.

<only that it is my fault when the computers are slow, >
I get blamed daily.

<and full screen movies start to play for no reason...>
Depending on the movies, local culture and age of the students, we may have
a serious problem here. You don't want to see someone hurt, nor do you want
the school slapped with a hostile work environment charge either.

May I suggest making your life easier? Go to http://www.faronics.com and
read up on Deep Freeze. Protect yourself, your students, the school, and
the machines with it. You can run the Enterprise version from a console, and
enjoy springtime. I have about 150 units running it and it's a lovely
program. The students can do just about anything they want to the
machine.....until it reboots.

Ron Chamberlin
MS-MVP


I'm an IT consultant, most of my clients are schools with PC labs. MS
spyware is great, but it gives the user too much control. Hopefully I am
wrong and i'm just missing a setting, but kids and teachers do not know, or
care about Spyware, only that it is my fault when the computers are slow,
and full screen movies start to play for no reason...

When spyware is detected, it pops up a dialog asking the user what to do, in
this case, the user only wishes to return to what they were doing and
doesn't care about spyware, so they randomly accept and block things which
completely kills the effectiveness of the program. The program should
simply block everything it finds with perhaps a small notification to the
user.

It doesn't take a lot of UI research to observe this behavior.

Am I wrong? Hopefully... Otherwise it's worthless.
 
Hi Irish Eyes,

A most lovely name you have!

<I too find that MS software apps do seem to have too many options for the
general user.>
It's not a walk in the park generally, but you can pick up the finer points
fairly easy. As an example, the default install of the MS AntiSpyware
product is pretty straightforward, and following the default setup settings
should keep you out of the morass of trouble.

Now, if there is anything we can help you with, or straighten out, please
ask, and we'll do our best to help guide you along.

Ron Chamberlin
MS-MVP
(Webmaster http://www.bosemsoc.com but don't tell the others)
 
Bill,
1) I hope this doesn't sound like a cop-out, but I'd suggest that for the
environment of a school lab, a managed product which can be controlled,
and the choices allowed to the user limited, would be a better fit.>
Click to expand...

You betcha! MWAS isn't the cure all for the ills OP has in those labs.

Ron Chamberlin
MS-MVP
 
Hi John,
I was also wondering how a school pc lab is getting overrun with spyware.
I think the solution is further upstream from a tool like MSAS.>
Click to expand...
I think you are onto something. :)

< I have the 90 machines I support configured such that we don't need MSAS
corporately - yet.>
That's one of the things I'm learning about in these NG's. I have about 2K
pc's, with nearly 100% of users running as Power Users, and I am literally
amazed at the request for Enterprise level fixes. Sure, we've got a few
users who will click on anything, but overall I am in 7th heaven.

< I remind myself sometimes that millions of people still sit at home with
their VCRs flashing 12:00 because they have no idea how to set the clock.>
Piece of cake! Ask your kids to do it for you. It works for me!

< Meanwhile I just watched a program on my DVR, recorded it to a dvd,
ripped it and converted it to a streaming wmv file for a friend at work who
can't always catch the live show and doesn't know how to do any of what I
just wrote.>
Yeah. Sometimes it easier to just do it for them, but how are they going to
get educated if we don't teach them to stumble on their own?
Now where is my Mac OS9 disk?>
Click to expand...
Danny put it in the toaster.

Ron Chamberlin
MS-MVP
 
Back
Top