No, the man just wants a return to the old days. Think back to the early 1990s, when Microsoft would introduce a new version of, say, Excel. The only things that mattered were what kinds of charts people could draw and how many formulas they could embed in spreadsheets. Customers--lots of them--willingly shelled out $300 or $400 a copy for the new software. The notion of security was left to the folks in uniform who kept reporters like me away from the customer briefing rooms, where good food and strong drinks were served.
How things change. For the past nine months, Gates has spent hundreds of millions of dollars to have his best programmers build a free update to an operating system that many people still don't want.
SP2 is finally here, and it's been one rough week for Microsoft.
Well, SP2 is finally here, and it's been one rough week for Microsoft. After telling big companies that SP2 was ready to go, one of the first things Microsoft did was make it harder to get.
Microsoft said that SP2 doesn't play well with 50 or so existing programs. Par for the course as far as Windows updates go, you might say. But unfortunately, the list includes one of Microsoft's own systems management tools that big companies could use to install SP2 to their internal PCs.
So in order to keep employees within big companies from getting SP2--and immediately crashing some of those 50 programs--Microsoft temporarily put the brakes on automated distribution, which was supposed to be one of SP2's best side benefits. Users of Windows XP Home Edition are just starting to get the update, and the remainder of XP users will be able to get it before month's end. But businesses are in no hurry. Many said this week that they'll wait for the SP2 kinks to be worked out before taking the plunge.
Then, on Wednesday, security researchers said they'd found some gaping holes in SP2 that--at least theoretically--could let malicious users gain access to SP2-protected PCs.
Did Microsoft bungle SP2's debut? With my columnist hat on, I can give you an unqualified yes. That's a shame, because by all accounts, SP2 is a fine update to Windows XP, which was already the best-ever version of Windows. And rest assured that Microsoft will work out the kinks--it has to.
For Microsoft, SP2 could finally take some of the heat off of the company and its historically cavalier attitude toward security.
Perhaps SP2's greatest accomplishment will be to increase the number of Windows users who actually install bug fixes.
And let's not forget that SP2 also fine-tunes Windows XP's internals, making it less susceptible to malicious attacks (as long as you're using the latest hardware). It also delivers in one rather pudgy download many other updates, such as Service Pack 1 and the latest security patches and bug fixes.
Perhaps SP2's greatest accomplishment will be to increase the number of Windows users who actually install bug fixes. For years, Microsoft has been saying the problem with Windows security isn't necessarily with Windows but rather with users. If they'd just take the time to install the available patches, most of their PC security problems would go away.
Easier said than done. Asking system administrators to keep their company's Windows systems up-to-date is one thing. After all, that's what they get paid to do. Still, in our IT budget-constrained world, there are fewer administrators, and those who are around are responsible for more PCs than in years past.
But expecting consumers at large to keep up with the blizzard of confusing and sometimes contradictory software patches is ludicrous. Remember, computing is mainstream. Senior citizens shop on eBay. Teenagers chat on instant messaging. Do you think any of these people understand why they should apply an "Update for Background Intelligent Transfer Service (BITS) 2.0 and WinHTTP 5.1 (KB842773)"? You'd have better luck asking them to split an atom. There's got to be a better way.
And there is, Microsoft says: It's called automatic patching. By default, SP2 turns on Microsoft's automatic updating service, which funnels the latest bug fixes directly to your PC. Well, here's the true test: If Microsoft's theory holds, there should be fewer trashed Windows PCs the next time an MSBlast-size worm slithers through town.
Since most security professionals think that the next big virus will hit sooner rather than later, we shouldn't have to wait too long for an answer.
Biography
Mike Ricciuti is CNET News.com's Cambridge, Mass., executive editor and bureau chief.
60 comments
Join the conversation! Add your comment (Log in or register)
as well as a PC can without Unix or Linux. I don't use Internet
Explorer, or Outlook Express, or MSN-anything. And since my
PC's all run on remote from my Macs, SP2 is a total waste of
time, and interest.
It also appears that it is close to a total waste of time and
interest for any PC. For every 'hole' MS filled, it appears that
more have been created.
MS is well behind the power curve in adapting Unix for it's OS
structure. And Windows is so burdened with legacy requirments
that it's a wonder it even runs at all. I think that SP2 is an
unneeded band-aid on a terminal patient.
The last time I ran Ad-aware and Spybot they found NOTHING. Zero, zip, nada, zilch, and I hadn't run either of those programs for over a month. Why no spy/adware? I'm not running IE.
At this point I have no intention of installing SP2 as I don't see the benefits outweighing the possible drawbacks. (Over at the SANS website close to 1000 people have given their feedback regarding the installation of SP2. Less than half of them (47%)have successfully installed it with "no problem".)
RayG
ps. I'm NOT a Linux or Unix developer, don't even have those installed on my systems. Yet. Not a Mac user either. I've been using various incarnations of Windows since 3.1.
If Microsoft designed a home, it would have no walls so your living experience would be "seamlessly" integrated with the outdoors. But burgulars would have easy access to steal your stuff.
And you had to advise your employees not to upgrade to SP2?
Why does that sound fishy?
...maybe because most Fortune 500 companies have better control of their computing infrastructure than to put employees in a situation where they can install any software in the first place...?
Yeah... that's it.
If you really do work for a F500 company that has deployed Windows XP on its workstations, trust me, you'll be on SP2 before too long.
The gaping hole is the end user in both of these scenarios and not the Operating System. If I can get someone to exploit these I can get them to send me their credit card and SSN as well.
And more importantly, the truth of the matter is this, there will always be security holes in software. As long as your computer is connected to a network where others can see it or get to it, then there will probably be some way for malicious users to hack that system. The goal is to make the holes as small as possible, and as difficult as possible to take advantage of.
The only thing Microsoft can do (since they are the target of just about every evil hacker in the World) is to fix those holes as quickly as possible. And today they do an extremely good job of fixing security holes very quickly.
Like many technologist, I think that users are partly to blame. There are still many, many home users running outdated operating systems that were NEVER designed to withstand the vicious attacks by the world of hackers. This is where we as technology folks & Microsoft can help our friends and neighbors by educating them on the problems, getting them to upgrade to Windows XP with SP2 and making sure they have AntiVirus software and even in most cases make sure they have at least a hardware firewall, but also recommend a more full-featured software firewall as well (if they can't afford it, at least they have the bare bones firewall in SP2, but users really should consider a full featured firewall if they have a broadband connection).
I also tell most of my family and friends to turn off their computers when not in use.
But the real underlying message I'm making is that users need to be educated on what the risks are and how to defend themselves. This is where we can all help. Microsoft acknowledges this is a huge problem and has begun putting together a campaign to educate the masses on security measures they can take at home.
In this day and age, being a good Boy Scout or neighbor is more about helping our family, friends and neighbors become educated regarding online security measures, rather then helping them carry groceries or getting accross the street :) So do your part and be a good deed, save someone's PC/MAC/etc...
-il2rb
It's not that we're beeing payed to do this your're getting it wrong, My team and me could be doing a LOT of things instead of loosing a lot of time to patch constantly many insecure systems.
One of the things that we could be doing is testing linux in order to save money, time and have more secure computers
Think it many more ways my friend.
Greetings from Mexico
Augusto Ayala
"...have to hire an extra IT geek just to manage patches and fix problems related to them."
"My team and me could be doing a LOT of things instead of loosing a lot of time to patch constantly many insecure systems. One of the things that we could be doing is testing linux..."
Greetings from Singapore.
We have been testing SP2 since beta 1 and think it is the best OS upgrade ever offered by Microsoft--not patch, OS upgrade.
Sure, people will complain. People love to complain, about change, about lack of change, about Microsoft doing nothing, about Microsoft doing something. But let's see someone step up and offer a solution (and don't start in about linux being a panacea--I am a system engineer, I use linux, I hold several linux certs AND linux has just as many holes as Windows)
I really feel better with a hardware firewall (embedded on my small router) where I can control the ports taht are open or closed, my antivirus software helps me a lot in stopping Outlook viruses that in other way they'ld have killed my entire network (as it happened before I had AV),
I'm setting up my mailserver with tools to temporarily block the file extension I CHOOSE and can be analyzed by me case by case, not like the Outlook Express solution to block everything or show everything inluding PDF files( this is just fool and useless as if you don't want to have a risk of an accident never use your car and stay home forever, it's the same idea).
Those tools give ME control over my operation and doesn't depend on how good or bad MS patches are(or OS upgrades as you called it, on the practice is the same thing), how bad or worst is MS in securing their OS, how many holes does the OS has and we don't know of their existence and (more important) if they are doing something about it or they will wait for longhorn to correct those flaws just for marketing reasons.
I'm a technology & businnes guy and I know that security CAN NOT be guided by marketing issues.
Greetings from Mexico
Augusto Ayala
those thigs give ME control,
The Linux/Unix world is not only inherently more secure because of better code, but has the advantage of a wide variety of distros, configurations and hardware.
When the inevitable killer asteroid comes in the form of a devastating virus that gets past the latest Microsoft automatic updates and wipes *every* hard disk on *every* machine running XP, it won't matter whether it was from a script kiddie or a cyber-terrorist. The result will be as devastating to the Microsoft monoculture as the Chicxulub impact was to the dinosaurs. Even compassionate assistance from the survivng mammals who can gen up Linux rescue CDs is unlikely to recover much of the $billions of economic damage.
LMAO... That is the first time I've heard anybody seriously suggest that endless splintering of an OS is a worthwhile advantage.
What little security benefit you get from running every variant of Unix known to man is greatly overshadowed by increased administration costs. This has been proven so many times, its not even funny. Even in the Unix and open-source world people try to stick to standards for a reason... limiting the differences between systems results in increased usability and lower maintenance/administration costs. Drop the word "monoculture" from your vocabulary. It may be a little too big for you to fully understand.
In my opinion there is not exactly a monoculture of Windows installations. Some machines still run their 3.11s or 95s, others their NTs of all flavours (NT 4.0, 5.0, 5.1 and, finally 5.2).
The problem with WindowsUpdate arose only on the verge of ServicePack 3 for Windows 2000 (NT5.0Sp3) which also made thoroughy impossible to get rid of such goodies like, first and foremost, InternetExplorer, MediaPlayer, OutlookExpress and other OS-unrelated applications.
There is _no_ problem if you still use your older WinNT-Installation. However, you have to strip the operating system of IE first, and probably of other 'extensions' which are prone to phone home as well.
If you do that, you can run Windows NT for years. Many of my colleagues do.
However, things changed completely with the Edition of ServicePack3 for Windows 2000. Upon this ServicePack the operating system has been hardened to an extent which renders any future de-installation of all invariantly insecure code virtually impossible.
NT 5.1 aka. Windows XP is even worse in this respect. There is hardly any clear control of what the system is doing, mostly without ever being asked to.
Some work has been done on NT 5.2 aka. Server 2003 in order to stop getting the machine infected within minutes after it is connected. As a result, the newly installed OS prevents any connection whatsoever - all connectivity is disabled by default.
Though this approach has been grossly ridiculed
<a class="jive-link-external" href="http://thedailyfarce.com/technology.cfm" target="_newWindow">http://thedailyfarce.com/technology.cfm</a>
it seems to be still the foundation of the current and future ServicePacks. Microsoft tries hard to convince the customers that it's a feature, which they deserve. Most probably it is true.
Therefore, if you'd like to stay away from the cracking business of those haX0r3 who try to 0wn your machine, you have got to pick a decent operating system first.
Of course, this could be a flavor of Windows NT, as well as BSD or MacOS-X, LinuX-Kernel GNU, AIX, Solaris, or yet another famous UniX.
If the former is your choice, then use your brains and apply the contemporary advice on security
<a class="jive-link-external" href="http://www.technewsworld.com/story/34984.html" target="_newWindow">http://www.technewsworld.com/story/34984.html</a>
which means that you should by no event use WinXP.
It means precisely that you are not allowed to use Win2000 if it is equipped with SP3 or later. To put it plain: don't use InternetExploder or any other technology which wouldn't run without it.
This could mean you will be better off dumping Windows alltogether in favor of a better system. If you played with a thought of getting a Mac or Linux box - just go and get it, test it, try it out a nd switch only if you are completely convinced you get there more bang for your buck
<a class="jive-link-external" href="http://www.novell.com/news/leadstories/2004/aug16/index.html?sourceidint=homepage_solutionsatwork" target="_newWindow">http://www.novell.com/news/leadstories/2004/aug16/index.html?sourceidint=homepage_solutionsatwork</a>
Otherwise you will be probably better off if you tried to make your Windows boxes as secure as possible, by means of a NAT-router, for example.
Against data loss there is only one means of choice on every OS in the world: frequent backups.
Kind Regards,
Leszek KENSBOK
The Linux/Unix world is only inherently more secure because the computer skill of the average person using them dwarf the average skill of a Windows user.
If people aren't interested in securing their Windows PC they won't have any interest in securing their Linux/Unix (that includes patching, updating, running a firewall, running anti-virus software).
Before you jump the gun and make a claim about how *nix is secure by default: *nix has to deal with security vulnerabilities the same way Windows does. Those do get fixed by vigilant patching and maintaining your system, but you can't count on the average user to want to bother with that.
When you compare Windows and *nix, both administrated by people with comparable skill on each respective platform you'll find that both can and do compare in terms of stability, reliability and security.
Your point about source code is rather besides the point and shows the main difference in use between *nix and Windows. 99.9% of all Windows users couldn't care less whether Windows comes with source code or not, they just want it to work and they want it to work without twiddling with any settings.
If some people are dumb enough to open executable attachments while running Windows with Administrator privileges, what makes you think they'd be any safer/better off running *nix and doing the same while running as root?
I'm NOT a casualty of war nor my company. And we should all fell this way AND THAT'S WHY I HAVE REASONS TO COMPLAIN. If you are ok with that point of view that means that your more worried about Microsoft than your own company.
I'm surprised that if you use Linux you don't see the difference, if I have a specific need, Linux could ADAPT TO IT and not the other way around as in the MS world.. you have to know this if you use or administrer Linux or Unix.
I'm also surprised to know that your are a Linux guy and haven't implemented one of the many Open Source Firewalls that are there for you for FREE that are tremendously more robust than the firewall that MS is installing on SP2.
A lot of surpises for me in one single message.
Greetings from Mexico
Augusto Ayala
course will be turning out this year the only one who won't
get a HND in Windows System Administrator and doesn't
care
We have both at work and we had to upgrade the Macs to the biggest fastest system they sell just to get decent performance for Photoshop, whereas the XP users are running on machines from a year or so ago and are just as fast, if not faster. After all OS/X is based on the NexT OS which was a real BEAST, even on the fastest processors of that time.
Now maybe if you were talking about Linux being more efficient, then I would agree, but Mac... No way.
Regardless, those who feel SP2 is worthless, that's an uneducated, unenlighted point of view, but so be it for you. If you want to stay unenlightened then go right ahead (there's a word for that, but that's another story). As for everyone else, it is well worth it.
Mac - that would make you both very slow and very defective.
2. OX X is not a modified NexT OS, but rather a new design
based on Darwin Unix.I thought everyone knew this, even PC
users.
3. SP2 is still an attempt to patch a sinking boat.
For a very serious bussiness decision, short term cost is not the only factor to have in mind. Maybe for now there are few sysadmin with linux skills, maybe is hard to find certification or training(let's not count IBM, Novell, RedHat and so on). It's expensive FOR NOW to have a geek to learn from him self Linux, getting info from newsgroups or websites. that's your TCO in the short run...
BUT in the long run what do you see?, installing software that helps your needs without aditional licence expenses; getting software updates an security enchancements as they appear or as you choose to have them, you won't loose people's time every time you have to reboot your server or reinstall your Windows XP/ME on the desktop?.
In the long run TCO looks very different from the TCO MS is making a BIG marketing campain.
Maybe for some cases Linux indeed is a lot more expensive than MS; but is like having a wound that hurts, in the short run it will be more expensive to get a tratment than just deal with the pain. but in the long run, the money you will lose for not beeing able to work will be more than what the tratment costed.
Greetings from Mexico
Augusto Ayala
Thanks for correcting my bad English, though I thought that we were debating technical ideas, not spelling issues :). Be a good global citizen my friend, if you posted an error in spanish I would correct you not on the posting but sending you a personal email :).
To be fair you do see a lot of bad spelling and grammar on the net but English is always their mother tongue.
A big service pack such as SP2, for an o/s that has thousands, if not millions, of applications, is bound to cause incompatibilities. Is that surprising? So companies are asking for ways to delay the installation of SP2 to make sure their existing apps continue to run. The companies cannot do that unless SP2 is released, can they? So it's not really a case of an 'update people don't want' or ms 'making it harder to get', as you so nicely put it.
As for the 'gaping holes in SP2' security researchers have apparently found, theoretically, it can appear in other o/s as well.
Next time you put the columnist hat on, don't bother, it doesn't make a difference.
Secondly, Apple sucks. They are letting their systems die a slow death again, as in the 80's. Why would anyone purchase a closed system that cant easily/if at all be upgraded? a operating system the company loathes to patch after a year/have to purchase another operating system? or a system that is a couple of years behind in most popular software, ie games? (Before anyone goes off about the games comment, I will wager anyone that more kids own computers than adults. You cant tell me that the computers are not primarily used to play games. If you bring up companies, for every 1 Apple system you find, there will be over 1000 Window based sytems.)
Third, linux will never catch on in most of our lifetimes unless forced upon society by a country. Brand name is everything, when people shop for computers, they want microsoft windows/ie/office, not Linspire/Red Hat/KDE. No one knows linux, it is not user friendly, and the learning curve is too steep for most people.
Last but not least, I dont care how many fanboys there are for Apple & Linux, why would anyone waste their time on writing a virus/adware/spyware for something that no one uses. What kind of accomplishment is that? Where is their fan fare? Why do you think that people are writing viruses for cellphones now? a huge audience/ user group
Your Point 1. "kudos to MS for finally bringing SP2 out..." I will give them kuduz as well as they have a large target audience to please; with multiple target platforms, with largest scale of users (very dumb to very intelligent) and having marketing on there butts to push a product out that might not be ready. Microsoft is not a great software company, there an awesome marketing company.
Your Point 3. "Linux will never catch on..." I believe you may be wrong there. Linux is catching on in a big way, but probably were you do not see it, In the Server Room. Linux is replacing a large amount of MS servers, because of there lack of security, scalability, and just being dog slow. I think you might need to do a little more research and now more about your statements before you post something so un-informing.
Point 2. "Apple Sucks...." To give you a little insight. I have never owned a MAC, nor have I thought to buy one until when the moved over to OSX. Why, because they are doing it better. I would have never been the one to think that, but they are. I believe you fail to realize. Apple is targeting another set of users for now. The are not after the Corporate Business users at work, but more of the Home user that has a lot of Computing knowledge, and want to get the most out of there computing experience.
Don't get me wrong I appreciate Microsoft, They have keep me employed over the last 14 years with all there bugs, security updates, targeted virus attacks, and lastly Service Packs!!!!
All I ask, Just look at other options, because one day Microsoft will be beat and there want me the following of groupies As I see today!!!!
--out--
to make large updates. Point here is that none of Linux
distributors have resources to make an update of size of whole
OS. Everyone is using incremental approach: updating
component after component, introducing new feature one by
one.
Still it is important to make versioning transparent for ISVs. I
believe this is approach taken by Sun in Solaris: after some
amount of small updates, they are released as one big updated
with bumped version number. If customer already have had all
updates installed - software update utility can just install one
little update which will simply correct version number.
Seems to me, that here again MS is victim of its own gargantua
posture.
As my last post stated, we have not rolled out SP2 yet because of software conflicts. We would rather deal with the security issues (and we've done so extremely well) than have our tens of thousands of associates create extra software problems for us to get under control.
If SP2 works for you and your needs, then fabulous, that's what it's there for. But if it just creates a whole new list of headaches to deal with, then hold off.
Either way, let's please keep this professional. This is an intelligent tech discussion, not an "über newb battle".
I use a PC because I know how they work and I can build my own to my exact specifications and budget. It runs all the software that I need and the OS is OK and getting better in every incarnation.
There was a time when if you wanted to do desktop publishing you had to have a Mac. In it's early years the Mac had all the killer applications so you had to have one. Now the PC has Photoshop and DTP so you do not have to buy a Mac.
If Linux can become a bit more user friendly and gain a bigger desktop user base then companies like Adobe will start to write for it. You might then be faced with a secure, free operating sytem that is easy to use with all the top end apps that you need. I would certainly consider moving to Linux if that happens.
Last time I installed Linux on a machine I could not spend the time getting to grips with mounting drives, the file structure and all the (to me) arcane problems of installing software - tar balls anyone. However, I am fairly sure that Linux will become a major player for desktop PC's. There are a LOT of servers out there running Linux so it will be a matter of time.
I really do not see what all the moaning about Windows is about. Fair enough, earlier incarnations in the Windows 95/98/ME family could be unstable. Windows 2000, based on NT and with the NT file system I found very stable but not too user friendly. Windows XP combines the stability of 2000 with user friendliness.
I am in no way an expert but I built my own PCs, installed XP and networked them together, upgraded them etc with the greatest of ease. Mac users would have me believe my system would soon be crashing and infested with viruses and adware. Not so. I have never had any problems with viruses or adware. All you need to do is follow a few simple rules. I have AVG antivirus and Adaware (both free) which have prevented any problems. Periodically I check what's running at start up against the list at www.answersthatwork.com. With my PCs I can upgrade them, shuffle bits round and choose from a vast array of programmes and cracks (most of them free!) that are never found for Macs. I really don't see what the fuss is about.
To cap it all of course an equivalent system of Macs would have cost several times more.
Oh and if you're worried about it looking 'boring' get a stainless steel or perspex case with cold cathode lights to mod it if you must!
I have to wonder if Mike Ricciuti ever even read the knowledge base article concerning all those programs that SP2 "breaks". If he had, he might have noticed that there is no mention of anything "crashing", but that the programs simply won't work well with the default settings of the Windows Firewall.
Which is something that anyone who has actually ever used/installed a hardware or software firewall or router knows about.
The title "Some programs seem to stop working after you install Windows XP Service Pack" might have been poorly chosen by Microsft, but it's the way they have been naming KB articles for years so nothing there to get excited about either.
The firewall can easily be turned off if needed, or exceptions can be set, just like on any other firewall like ZoneAlarm.
Someone here mentioned that Microsoft would do well to look at the way open source software is distributed. That again shows a complete lack of perspective. Microsoft announced that it expects 100 million downloads of SP2 in the first month and with all respect to Linux, I don't know of any Linux distro capable of handling 8000 terabytes of data transfer in a month (estimating an average 80Mb/download).
Instead of scaring the ones who don't have the expertise or knowledge to know better away from installing SP2, they should be encouraged to.
Instead of critizing Microsoft for delaying the release of SP2 through Windows Update, critize all the companies who did nothing for the past months when SP2 was available for public download as a release candidate.
I would except any decent software development company or major coorporation to have trial tested and releasd updates or have a company strategy on the update long before it became RTM.
There was plenty of time to communicate with Microsoft or peers concerning SP2 when it was in the RC stage. Anyone who isn't ready for it now has only him- or herself to blame.
SP2 is a much needed critical update to Windows XP. Microsoft was critized for making the default setting insecure, then when they implement a layer of security that is enabled by default they get pounded on because it takes some work to customize for a particular system. You can't have it both ways, pick a standpoint and stand by it.
It's also the fault of the uninformed and/or disinterested public who have used AOL (or other lame providers with proprietary software) for years and then decide to go with a standard ISP for broadband and have absolutely no clue as to what they're doing. They're the ones who keep this garbage alive, and then they blame the ISPs for their own ignorance to the licensing agreements of their stupid "WeatherBug."
Sure, Microsoft releases software with more holes than Swiss cheese. Do you know a company that DOESN'T release a service pack or updated version of their software when bugs are found? And don't even SAY Mac or Linux/Unix - OS X is up to 10.3.something (and, surprise surprise, high-speed ISPs won't support 10.0 because its configuration JUST DOESN'T WORK,) and there are too many variations of the Linux kernel to even comprehend anymore. Sure, there aren't as many viruses for these other operating systems, but that doesn't mean they're not without their own security problems. They're just so few and far between and count for such a small percentage of the online population that nobody really gives a damn.
So you can blame whoever you want. Just don't go crying to your ISP because you're too lazy to take the few extra seconds to put down the Cheetos and type in the URL for a weather website or a search engine. You don't require these so-called "free" utilities, and your ISP isn't responsible for your ignorance to the problem of spyware/adware and spam... not to mention that at least 80% of high-speed customers leave their systems on and wide-open 24/7.
These programs harvest your information - websites you visit, things you subscribe to, etc., and they get your email address as well. Your friend Stephanie at WeatherBug has to pay her bills too... and she does, 3-5 cents at a time, by dropping pop-up after pop-up onto your screen, loading up your inbox with ads, and taking a virtual dump on your computer. So think before you click. And, for everyone's sake, INSTALL A FIREWALL AND AN ANTI-VIRUS PROGRAM!