back to article Rarest, strangest, form of Windows saved techie from moment of security madness

It's Monday once again, dear reader, and you know what that means: another dive into the Who, Me? confessional, to share stories of IT gone wrong that Reg readers managed to pretend had gone right. This week, meet a reader we'll Regomize as "Declan" who describes himself as "a designer working with CAD to design machines" – …

  1. UCAP Silver badge

    Reading that gave me flashbacks to a much earlier era in my career. There but the grace of <deity of your choice> goes I!

    1. MyffyW Silver badge

      The contrarian in me would probably say that the rarest form of Windows was probably Windows NT on MIPS, a thing that I have yet to see but I believe was a possibility.

      And of course these was NT on PowerPC, although that I have seen if not used in either jest or anger.

      1. KittenHuffer Silver badge

        And there I was thinking that the rarest form of Windows ..... was one that worked reliably!

        1. ttlanhil

          Not that rare - if you barely used it for anything and it wasn't left running for long, even older versions of windows would work reliably

          e.g., for all of the executives who had to have the most expensive computer because it was expensive, and it only got turned on when they summoned a new pleb to install upgrades in order to keep it expensive...

          I dare say that could have been much more common than WinNT/Alpha...

          1. jake Silver badge

            "for all of the executives who had to have the most expensive computer because it was expensive"

            Free hint to all consultants: ALWAYS ask the secretary about the Boss's computer knowledge. You can save a lot of time and trouble for a lot of people over the long haul.

            I know of several CEO-types of Fortune-500s who make a big show of "checking the computer", even though their network cable was "accidentally" never installed.

            I can't count the number of times I've swapped the Boss's top of the line CPU, gathering dust and spiderwebs under his credenza/return, artfully changing screensavers every couple minutes, for his secretary's underpowered kit ... without the Boss noticing.

            1. Anonymous Coward
              Anonymous Coward

              I have reason to believe you don't know what a CPU actually is. CPUs rarely are under anything other that a cooler.

              1. deadlockvictim

                Here CPU = Computer

                In days gone by, computers (as in the boxes) were sometimes referred to as CPUs. I never liked it myself but that's the way it was.

      2. John Riddoch

        We had a couple of the SGI MIPS Windows workstations when I was doing IT support for a Uni department. I didn't do much on them, but I recall they weren't particularly reliable, even worse than regular Windows NT; given their peculiarities and rarity, they probably didn't get much attention from MS for patches & support. I don't believe they got much usage either, they'd been bought to do some kind of 3D stuff for someone's PhD IIRC, but didn't work that well for the job.

        1. Doctor Syntax Silver badge

          MIPS was fine running Unix. Better to have stayed with that.

        2. Anonymous Coward
          Anonymous Coward

          I remember going to one of the launch events for those at University of West of England (UWE) in Bristol c 1999. The lab I worked at had mainly Sun Ultra 5, 10 and 60's and various SGI boxes O2's, indigo's. Funny enough we didn't buy and SGI NT boxes! We started to ditch the SGI boxes soon after, then the Sun boxes went as it was far cheaper to buy DELL Precision workstation running Linux.

        3. Lennart Sorensen

          The SGI workstations running windows were x86 based, not MIPS, although they were not compatible with standard PCs, they had their own weird firmware. Well the first two models at least. Later ones were just standard PCs.

          1. Anonymous Coward
            Anonymous Coward

            yep the dual slot1 pentium based 320 and the quad slot2 Xeon based big brother the 540

          2. cosmodrome

            Yes. ARC architecture, non-PC but x86. I had one of them, long ago.

          3. nintendoeats Silver badge

            I think they may have been referring to a machine running Windows NT on MIPS. Remember that SGI owned MIPS at that time, so "SGI MIPS" could refer to the CPU architecture as well as an actual SGI box.

          4. Michael Wojcik Silver badge

            There were those weird Sun Ultras with x86 CPUs from the early 2000s, too. I don't know why Sun didn't reserve the Ultra name for SPARC machines and use a different name for the x86 line. I guess that would have been too sensible for Sun.

            (Before SPARC, there were the 68k Suns, of course. I used those for a couple of courses in college, if memory serves.)

      3. big_D Silver badge

        We had a client with Alphas, so I got to see and use that. I saw the PowerPC, but, like you, I never saw it running on MIPS.

        A shame, I always loved the Alphas, especially when they were running VMS or UNIX...

        1. TiptreeGeek

          Alpha based hardware was amazing - I was lucky enough to be contracting at DEC in the early 90s, when these things turned up it was a quantum leap, continued to work on them running VMS (BEST OS EVER!), DECUnix & Windows NT.

          Actually had a couple of Alpha 2100's running NT at home, the emulation for the apps was great - especially with 4 processors & 2Gb of RAM, but they were a bit big & power hungry.

          Wish I still had them now.

          1. Vometia has insomnia. Again. Silver badge

            You were at DEC and you actually saw one?! Blimey. We were told if we wanted them so badly we'd have to lease them from an external supplier and there was no budget. I think the first time I finally saw one in the flesh was in the late '90s after I'd left DEC... and that one was running Windows. D:

            During DEC's Alpha Famine years, ISTR some manager was telling customers that the likes of the CHEFS:: "super"cluster was all Alpha but AIUI it was and remained a collection of ageing early-era Vax 6000s with random odds and sods bolted on probably over ethernet; the performance was often commented on and the comments tended to suggest it was anything but super. As was the branding: "what shall we call it? Something catchy like Alpha eVAXPng!" and giving potential customers a moving target. I still have my "Imagine being the one without AXP!" horse-racing pen. It's so crap that I've treasured it for decades.

            1. big_D Silver badge

              I worked at software company that finally turned off its last VAX 8000 in 2015 - they finally got their last customer to migrate from VAX to a Linux server...

          2. Jotrav

            Dec & Alpha, great shame they died.

            There was a time that a desktop Alpha was technically considered to be a supercomputer (those rules soon got changed). That model never actually shipped, DEC slowed the clock by 10% so it didn't need a supercomputer licence & sold it as (I vaguely recall) a DEC pc AXP 150.

            A major marketing screwup, imagine a slogan 'Supercomputer on your desktop, only $100k (or so), or 90% of the performance & no licence for a lot less'. Then, DEC & good marketing was an oxymoron...

            I still have most of the bits of one, but the PSU died a long time ago. Nostalgia!

      4. This post has been deleted by its author

      5. MJI Silver badge

        NT on Power PC

        Was very common in fact, Windows 2000 (NT 5).

        Not quite as common though as BSD on Power PC.

        But neither of these two devices advertised the fact, but there are millions out there.

        Device one in the XBox 360, running on a 3 core (I think) Power PC

        Device two is the Playstation 3, running on a 7 core (I think, may be 1 + 7) Cell processor (part of Power PC family)

        1. ZX8301

          Re: NT on Power PC

          More than 300 million powerPC-based game consoles have shipped. The PPC-602 set the ball rolling when it was designed for the 3D0 M2, though that only shipped as a Devkit.

          Microsoft’s original Xbox 360 devkits were actually Apple dual-processor G5 towers, with a software downgrade, of course. The 134 million-odd Nintendos ran nicely on derivatives of the much-simpler Mac G3 CPU.

          Here are the total PPC console sales, in millions.

          PS3 87

          Xbox 360 86

          GameCube 22

          Wii 102

          Wii-U 14

          TOTAL 311

          After that Microsoft switched to AMD, got trounced by Sony, and no longer release Xbox sales figures.

    2. elDog

      Yup - thems were the days. When the news articles had to explain what viruses and worms were

      along with analogies to those pesky things that infect our bodies.

      I actually worked on Windows NT on a DEC Alpha - trying to port a graphics editing program to that hardware. The big/little-endian stuff was a complete nightmare.

      1. Lennart Sorensen

        Re: Yup - thems were the days. When the news articles had to explain what viruses and worms were

        Every windows version is little endian. The Alpha was always little endian, and the MIPS and powerpc versions ran the CPU in little endian mode too. Windows source code can not work on big endian. The code is simply not designed to handle that.

        1. nintendoeats Silver badge

          Re: Yup - thems were the days. When the news articles had to explain what viruses and worms were

          That is certainly true, but I suspect that the graphics software OP was porting was originally written for a big-endian platform...such as IRIX...

  2. Pascal Monett Silver badge
    Thumb Up

    Security through incompetence

    Declan's lucky day was because Borkzilla couldn't be arsed to do a proper CPU version, and couldn't be arsed to make emulation work properly either.

    So, a sigh of relief, a restart of the VMs (or similar) and the problem is over.

    One of the rare cases where Redmond incompetence saved the day.

    1. Korev Silver badge

      Re: Security through incompetence

      I guess Declan could be considered an Alpha male...

    2. rajivdx

      Re: Security through incompetence

      It's easy to blame MS, but I think NT4.0 was an awesome product - probably their best yet considering the time it was released in. They had the foresight to support multiple architectures (x86, Itanium, Alpha, MIPS, Sparc, PowerPC) - and they supported emulation of x86 DOS applications, Win16 and Win32 applications using WoW. Remember other companies like Apple would just ditch the previous architecture completely - AFAIK you could not even run OS9 apps from OSX.

      NT4.0 was so well architected that you could even compile a version of Linux (CoLinux) to run natively on top of NT Kernel without emulation.

      Sadly MS dropped all the other architectures with WinXP and had to do it all over again with Windows 10.

      Most of the problems with NT had to do with GUI components and libraries imported from Win95 as they were developed to a much lower standard.

      1. jake Silver badge

        Re: Security through incompetence

        NT4 was pretty good, but Win2K was absolute peak Microsoft. It's all been downhill from there.

        1. deadlockvictim

          Re: Security through incompetence

          Peak Microsoft doesn't mean that it is good, just that it is the best they've ever made.

          I agree with Jake: NT4 & Win2K are up there as amongst the best output from Microsoft ever. SQL Server & Excel would be in that list too.

          Whether it is the amongst the best commercial software ever released is another matter.

      2. Anonymous Coward
        Anonymous Coward

        Re: Security through incompetence

        Wow, you could not possibly be more wrong.

        NT stood for New Turd, just like the old turd but even stinkier. What a nightmare. I won't say it was the worst that MicroShit ever released, but it was absolute crap.

        And yes, you could run Classic apps on Mac OS X, all the way up through Mac OS X 10.4 Tiger. For Carbon apps, they'd run natively, for pure Classic apps they ran in the Classic environment, essentially a full copy of Mac OS 9 in a VM.

        Oh, and you can still run them today, in macOS 14, on Intel or Apple Silicon, with SheepShaver.

      3. Anonymous Coward
        Anonymous Coward

        Re: Security through incompetence

        > Remember other companies like Apple would just ditch the previous architecture completely

        You mis-remember.

  3. ldo

    What A Waste Of A DEC Alpha ...

    ... to run Windows NT on it.

    By about the mid 1990s, there were four main OSes available for the Alpha: DEC’s own OpenVMS and “OSF/1” (later to be renamed “Tru64”) Unix, Mirosoft’s Windows NT, and this newfangled “Linux” thing.

    Remember, the Alpha was a full 64-bit architecture, back when that was still a novelty. Both Unix and Linux were full 64-bit. VMS on Alpha was a hybrid 32/64-bit OS. While Windows NT ran strictly in 32-bit “TASO” mode (“Truncated Address Space Option”), pretending that the top 32 bits of each address simply didn’t exist.

    See what I mean about a waste?

    1. A Non e-mouse Silver badge

      Re: What A Waste Of A DEC Alpha ...

      We had an early Alpha at Uni. It was screamingly fast compared to the Vaxen and Suns that were the mainstay of University IT. Such a shame HP killed Alpha to save Itanic.

      1. Korev Silver badge

        Re: What A Waste Of A DEC Alpha ...

        My first Unix was OSF1 on DEC Alphas at university, first out of curiosity and then because you could always get on them (unlike the Windows 3.11 / NT4 machines).

      2. Arthur the cat Silver badge

        Re: What A Waste Of A DEC Alpha ...

        The very first Alpha chips had a bottleneck in the memory bus. While your code and data all fitted into cache they'd run far faster than Sun Sparcs. The moment you exceeded cache and had to fetch main memory they slowed down horribly. This meant they looked good running toy benchmarks but were useless for real world code. The result was that although our software ran on Sun Sparcs, IBM RS/6000s and DEC Alphas, we only sold one or two Alpha based system. The next iteration of chips solved the problem, but by that time Alphas had got a bad reputation amongst our customers so we mainly sold Sun and IBM versions.

        1. Korev Silver badge

          Re: What A Waste Of A DEC Alpha ...

          Rewind a few years and history struck again. The Intel chips of the time had an external memory controller which became a bottleneck so most scientific computing folks used Opterons (ie with an integrated memory controller) instead; Intel then borrowed AMD's idea and released the Nehalem chips and ate AMD's lunch...

      3. Anonymous Coward
        Anonymous Coward

        Re: What A Waste Of A DEC Alpha ...

        itanic was aptly named but they forgot the T

        1. collinsl Bronze badge

          Re: What A Waste Of A DEC Alpha ...

          It's right there as the 2nd letter, or did you forget typing it?

      4. Peter Gathercole Silver badge

        Re: What A Waste Of A DEC Alpha ...

        There were some problems with taking the Alpha processor onward.

        When it was first released, it was indeed very fast. I was working at IBM when it was released, and it ruffled more than a few feathers. 64 bit PowerPC was still a few years away, and although IBM and HP had been leap-frogging each other in performance terms for 18 months or so with the 32 bit POWER and PA/RISC systems, the paper figures for the Alpha put that ahead for some time.

        But the problem with the Alpha was that it was designed specifically for the chip fabrication process. Much of the speed was because normal synchronisation features between different elements of the CPU were not abstracted away from the gate switching speed, and it was very reliant on the inherent timing of the silicon. This enabled it to run very fast, as effectively each element could run at very close to the full theoretical speed of the silicon.

        But here is the problem. It made each iteration of the Alpha almost a full re-engineering operation. If they wanted to switch to a different gate size, or use a different fabrication process, it was almost a full re-design on the CPU from the ISA up, whereas there was nearly always one or more performance jumps in both POWER/PowerPC and PA/RISC designs (and also to SPARC, but I think that Sun were already feeling the financial pressures of trying to compete on performance in the '90s) by reducing gates size in the existing fabrication method and pushing up the clock speed. This gave them more time for the re-design for new features

        As a result, keeping Alpha alive was going to be a really expensive operation, and Compaq had different ideas about the way they wanted to operate (I also wonder whether they realised this when they bought DEC, although I had heard that they were really after the StorageWorks products).

        The demise of DEC was largely their own fault. They pre-released information about the fabulous Alpha before it was ready, and that killed their bread-and-butter VAX sales, as many companies put off purchasing decisions for the later systems. This was a terrible blunder by DEC marketing, and triggered a cash-flow crisis that initiated DEC's eventual fall.

    2. John Sager

      Re: What A Waste Of A DEC Alpha ...

      I had one of the small Alphas to play with for a while. I put Linux on it and it was a lovely machine - much better than the pizza-box Sparcstation which was my main machine. Because of its power I was able to run some FORTRAN antenna modelling software on it that produced answers in a reasonable time.

      It's sad that its life was cut so short by DEC's troubles. I really thought that it was a major step forward in computer architectures at the time. I still have a copy of "Alpha Implementation & Architecture" though it's now a sad reminder of what might have been.

    3. nintendoeats Silver badge

      Re: What A Waste Of A DEC Alpha ...

      Somewhat related, I'm given to understand that Alpha's memory model was...cursed...non-existent...a nightmare.

      Thus, I'm kind of glad it went the way of the dodo. If it hadn't, sed::atomic might have something much MUCH worse kicking about than memory_order_relaxed.

      1. Michael Wojcik Silver badge

        Re: What A Waste Of A DEC Alpha ...

        IIRC, there's a fairly famous long post to LKML from Linus about rejecting some change because it wouldn't work on Alpha, due to Alpha's unusual memory coherence model. He went into considerable detail about the consequences of that model and cases where the proposed change could go wrong. Someone else might remember enough detail to be able to find it.

        1. nintendoeats Silver badge

          Re: What A Waste Of A DEC Alpha ...

          I would be interested to read it.

  4. Korev Silver badge

    Declan is a fantastic bit of Regonimisation for a story involving an Alpha

    See icon as it's almost time

    1. MiguelC Silver badge

      If the story also involved networking it would be perfect

      1. big_D Silver badge

        Where do you think the email with the attachment came from? Carrier pigeon? ;-)

        1. Boork!

          Point taken, but the email clearly didn't come over the Local Area Network (because nobody else was infected) and 'Decinternet' doesnt' have quite the same ring to it as 'Declan.'

          1. Anonymous Coward
            Anonymous Coward

            It could have come via Janet.

        2. Korev Silver badge

          > Where do you think the email with the attachment came from? Carrier pigeon? ;-)

          Yes, via RFC 1149?

  5. trevorde Silver badge

    Tortoise & the hare

    IIRC, the CAD program was SolidWorks & had an integrated FEA package, CosmosWorks. Analysis on DEC Alpha was, according to users, an order of magnitude faster but DEC stood still & watched while Intel crept past them.

  6. Bebu Silver badge

    Almost alternate reality...

    I had forgotten this byway of IT history

    Back in the late 90s we had quite a bit of DEC Alpha hardware (being 64 bit) running DEC OSF/1 (ultimately became Tru64) - mostly low end servers but a few Alphastations (200,400,500) - one model of which would habitually boot into ARC or Alphabios (definitely not SRM) so did not boot into the installed DEC Unix.

    When I had one of these on my desk to upgrade to 4.0G my curiosity got the better of my judgement and I tried to install the Alpha version of Windows 2000 - I have no idea why we had a copy of the install media* but there were crates of media for the menagerie of Sun, SGI, IBM, HP servers and workstations etc...

    In any case the install went as smoothly as on a PC. At the time it seemed to me from the informational messages that the Alphabios was also emulating an x86. Once installed I had a fiddle for a few days and appeared quite fast compared to the standard windows desktops the polloi were using.

    Quick install and configuration of DEC Unix and returned to the owner.

    Back to reality but probably not to normality. :)

    * The standard NT4 install media had non x86 architectures (eg MIPS risc) but I don't recall whether the Alpha was one.

    1. Lennart Sorensen

      Re: Almost alternate reality...

      As far as I remember the NT4 CD had x86, alpha, mips and powerpc on it.

  7. Killfalcon Silver badge

    I have once been saved from an infinite loop sending emails because Azure Information Protection (a plugin that lets you mark office docs "Confidential", "Top Secret" or whatever) didn't let Excel VBA set the status on Outlook mailitems, so there was an error to click-through before the code could progress.

    It should have! It worked with all other Office format documents I tried, but not emails. And while it did save me some bother with that email loop, I did still have to work out a fix. The fix was to create a new excel workbook, mark *that* Confidential, attach it to the draft email, wait a split second for AIP to automatically grade the email Confidential (because it inherited the sensitivity from the highest of it's attachment's), then remove the template, boom, email is marked Confidential and will send without further complaint.

    About four years later (that'd be now), Microsoft finally integrated the feature properly. I only last week got done stripping out that dodgy workaround!

  8. Michael H.F. Wilkinson Silver badge

    Reminds me of the old "I love you" virus

    I was working at the Centre for High Performance Computing of our university at the time, on an RS6000 running AIX, from which I could access the Cray J932, when several infected emails were received. On this and other UNIX boxes the payload was totally harmless. Windows users were less lucky. We all received an apology from the system administrators that, alas, automation of tasks was not as "advanced" on UNIX machines as on Windows, so to experience the true joy of the "I love you" virus, please randomly delete some important files on your system, and send the mail to a random selection of people in your inbox (manually, of course). They ended with a repeat of the apology for the inconvenience.

    It's nice to have sysadmins who are competent and come fully equipped with a sense of humour.

    1. Christoph

      Re: Reminds me of the old "I love you" virus

      And there was the story of the tech support who didn't open it because NOBODY tells tech support "I love you".

      1. Evil Auditor Silver badge

        Re: Reminds me of the old "I love you" virus

        Not as tech support, but when I, uber nerd, received the "I love you" from the cutie in the dean's office, I knew something was fishy. My first suspicion was not a worm but rather a fellow prankster. Either way, other than emotional, it couldn't do much damage on my side with linux boxes.

      2. MiguelC Silver badge

        Re: Reminds me of the old "I love you" virus

        In the software house I was working for at he time, I received it from our beloved IT director, whose lack of IT literacy was legendary. He rose to be the butt of our jokes for some time, probably until someone else's fuck-up...

    2. Doctor Syntax Silver badge

      Re: Reminds me of the old "I love you" virus

      "It's nice to have sysadmins who are competent and come fully equipped with a sense of humour."

      But don't mention the Morris worm.

      1. jake Silver badge

        Re: Reminds me of the old "I love you" virus

        How about Creeper?

        And Reaper, of course.

      2. Stevie

        Re: But don't mention the Morris worm.


        Hot potato

        Off his drawers

        Pluck will make amends <tweaks nose, hard>

        1. collinsl Bronze badge

          Re: But don't mention the Morris worm.

          And you have to do that, every time someone says Morris Worm?

    3. jake Silver badge

      Re: Reminds me of the old "I love you" virus

      The funny thing about "I Love You" is that the first time around (in early 1999), it was a HOAX, and flooded the mail system with massive quantities of people passing along a phony message. IT staff all over the world spent a good deal of time reassuring their users that it was fake, and that there was nothing to worry about.

      The message in the email was "don't open or pass along anything with "I Love You" in the Subject line, it's a virus that will send your CPU into an n-dimensional loop that'll burn out your computer" or some such bullshit. The subject line invariably contained the string "I Love You". AOL was hit particularly hard with the hoax, their tech support group (anybody remember "tech live"?) was flooded with questions about it, and people forwarding the phony warning to all and sundry crashed the AOL email system a couple of times from the sheer bulk of it.

      It was the first non-threat email that I wrote nuke-on-sight filters for and built them right into Sendmail in what we would now call a milter. In the first weekend that I went live with it (at a couple Unis and six or eight companies), it was rejecting almost 60% of all email with no false positives. On Monday morning, that number jumped to over 80%. That's pretty good penetration, for a hoax with no payload that relied solely on social engineering to propagate.

      The real virus (worm, actually) came along around a year and a half later (May 2000). The name came about because the author was mocking the people who had passed along the hoax. And remember all those AOL users? They were quite confident that it was a hoax, because the AOL tech folks had said so the year before. So naturally, they opened the attachment. I fixed over 300 household computers in and around Silly Con Valley after that one ... at $150 per. The impact on corporations varied with the cluefulness of the folks in charge of the email system.

    4. swm

      Re: Reminds me of the old "I love you" virus

      I was running Interlisp for my work (mail, text editing etc.). The virus showed up as a text file. I looked at it and thought to myself that we, in research, could write a much better virus.

  9. Prst. V.Jeltz Silver badge

    for no reason other than to spread further.

    Wasn’t the world nice before ransomware?

    Those were the days! I still have my "Dr Solomon's virus encyclopedia" c1995 that documents the fun hijinks and how they worked.

    It took Microsoft far too long to introduce blindingly obvious security measures that go a long way to combatting macro and exe viruses

    1) stop the auto run on CD drives (&usb) - probly done 15 years too late just before they went obsolete

    2) stop macros editing in spreadsheets by default , done eventually

    3) stop hiding file extensions by default enabling exe peddlars to disguise their malware STILL. NOT. DONE. :(

    1. ttlanhil

      > 1) stop the auto run on CD drives (&usb) - probly done 15 years too late just before they went obsolete

      CD/DVD would be obsolete. USB thumbdrives are now approximately uncommon, but not obsolete and will be a security concern for a while yet...

      1. Prst. V.Jeltz Silver badge

        yes yes I just added usb as an afterthought becasue they used to have auto run .

        They dont now , so thats one obvious step taken

        but not obsolete and will be a security concern for a while yet

        ... but they dont auto go anymore

        You will always have idiots clicking on everything they can but thats not the point here - at least MS isnt clicking for them - like it used to .

    2. Arthur the cat Silver badge

      blindingly obvious security measures

      4. Show the From: header address (and the envelope from address if it differs) and not just the "display name"

    3. James O'Shea

      It's worse than you think. Way back in the Daze of Olde, 1998 to be precise, there was a bit of Mac malware called the AutoStart Worm. [] It used the Mac version of AutoRun to propagate itself.It also created a few invisible files with specific names. Apple fixed the problem by turning off AutoStart by default (it had been turned on by default) and adding code to nuke with extreme prejudice invisible files with the known malicious names. Without AutoStart, it couldn't install. Without the invisible files, it couldn't travel. With the next security update Apple created a more elegant fix. This fix was built into Mac OS 9, killing the worm at the source, and a fix was available for Mac OS 8.6.x. It wouldn't run, period, under OS X, of course. It was dead, dead dead by 1999.

      The worm was launched in 1998. I repeat, 1998, and was killed permanently by 1999, I repeat, 1999. How long did it take for Microsoft to just turn AutoRun off by default? Hint: look in the Windows Knowledge Base for 967715.

      Note that the AutoStart Worm did manage to travel worldwide before Apple nuked it. What seems to have happened is that someone in Hong Kong saw Stevie Jobs' ads about how the PowerPC chips in Macs were twice as fast as Intel CPUs, and wrote some code to cut PPC speed by half. Seriously, some Windows fanboi was so butthurt by Stevie Jobs' marketing skilz that he had to Do Something. And Apple then stepped on him in passing. He does have a spot in history, though; the AutoStart Worm and SevenDust were the last Mac viruses so far. All Mac malware since has been something other than a virus, usually some variety of a trojan.

    4. jake Silver badge

      "stop hiding file extensions by default enabling exe peddlars to disguise their malware STILL. NOT. DONE. :("

      What they REALLY should have done was get rid of meaningful filename extensions. The concept should have died with Digital Research's CP/M.

      1. Prst. V.Jeltz Silver badge

        would that help?

        how would that help?

        I realise most other OS' dont have meaningful filename extensions so it must be a thing , but personally I really like knowing what kind of file it is and what windows is going to do with it.

        Hows this handled in linux and mac etc ?

        1. Random person

          Linux uses magic numbers at the start of the file header. The numbers are defined within the OS. This method is an direct inheritance from Unix.

          Mac so far as I can tell the OS uses file extensions by default but falls back to the magic numbers in the file header. I presume the use of magic numbers comes from the BSD userland that it is based on.

          1. Jou (Mxyzptlk) Silver badge

            Calling it "magic numbers" is an exaggeration term for "File header", a marketing trick to get some attention.

            PK = ZIP

            7z = 7 zip

            (three zeros and 0x18) + ftypmp42 = .mp4

            MZ = .exe (and .DLL etc)

            .PNG = guess


            And it was used before unix as well, unix did not do everything "as first" - it is built upon shoulders of its predecessors too. And they are as easy to exploit as the file extension, but just not as visible.

            There were something that could be called magic numbers: A few additional bytes that were carried along with the file. You could call it "second file extension". That that got lost on the way of many file systems either not using them, or doing them differently, and the intransparency behind it.

            1. Prst. V.Jeltz Silver badge

              ok , so they are even more hidden from the user than Windows file extensions.

              How does the user know what type of file it is and what the OS is going to do with it ?

  10. Tim99 Silver badge

    Simpler times

    In the mid-to-late-80s a service engineer doing routine maintenance on one of our analytical instrument told the operator that his previous customer in the US had let him copy "Leisure Suit Larry", and he had the disk with him. After they had installed it, people noticed that other networked PC based instruments were "running funny". A couple of days later, after I had got everything cleared and working, "keeping viruses off the computers" was added to my job specification...

    1. Arthur the cat Silver badge

      Re: Simpler times

      Catching something nasty off Leisure Suit Larry is singularly appropriate.

      1. Boork!

        Re: Simpler times

        The pirated versions of Leisure Suit Larry were notorious as a vector for malware.

      2. Evil Auditor Silver badge
        Thumb Up

        Re: Simpler times

        Catching something nasty...

        So, you also didn't buy the correct items at the Quikmart first time?

  11. This post has been deleted by its author

  12. Gene Cash Silver badge

    "Then he realized that he was about to take the company down by doing exactly what he warned everyone else not to do. Oh, the shame! The humiliation!"

    See also "MITRE admits 'nation state' attackers touched its NERVE R&D operation"

  13. Grogan Silver badge

    The first time I ever infected a computer by accident I was so pissed off at myself. It hurt my pride badly. Back in the 2000's malware was incredible... my phone rang so much I couldn't even take all the gigs. I got really good at removing malware without having to blow away windows. I even had good procedures for removing rootkits (working off system, I had bootable CDs with utilities on them etc.)

    I used CCleaner (formerly, "Crap Cleaner") on a lot of machines because it made removing things from all startup locations easy, it made removing browser hooks easy without having to hunt and poke with regedit etc. Well, guess what. One fine day, CCleaner was compromised. On Windows, an unsigned installer pops up a dialog with a bit of yellow to that effect. So what? It usually just means somebody couldn't be bothered to jump through Microsoft's hoops, or they just neglected to sign their application correctly this time. Complacent click-through.

    It actually overwrote the MBR. It didn't do any harm, because it wouldn't boot after (and that's easy to fix with bootrec) but I was pissed off that I'd been had and dutifully clicked through the one thing that could have prevented it.

    The machine was a shitting mess from other things, I could have fixed it, but I was discouraged. It was an Acer brand PC, so it had a factory restore. Again, I was discouraged so I said fuck it and just used that. (Normally I'd blow away a recovery partition too, repartition and reclaim the space, and set up Windows from scratch). Guess what? There was a cloud with a silver lining. It was the wrong image. It wasn't Windows 8, but Windows 7! The drivers were wrong in the image and I had to fix it after, but man was the owner ever glad to have Windows 7. Acer's act of unprofessionalism was a boon.

    1. Doctor Syntax Silver badge

      "I got really good at removing malware without having to blow away windows"

      Does not compute.

      1. jake Silver badge


        Cognitive dissonance is strong among the Windows admin set.

  14. t245t Silver badge

    Prevention was superior to cure :o

    Declan received an email which contained an Excel spreadsheet. Thinking it looked legit enough, he double-clicked to open it.

    • How does one determine a file is safe without opening it?

    • How about by default opening such files with the document viewer?

    • How about making the auto-run macros read-only.

    1. An_Old_Dog Silver badge

      Re: Prevention was superior to cure :o

      how does one determine a file is safe without opening it

      By reading rhe file with a virus/malware scanner, a checksummer, or via strings then piped through grep. These last two useful Unix programs have free-as-in-beer Linux and MS-Windows versions.

      1. t245t Silver badge

        Re: Prevention was superior to cure :o

        > .. a checksummer, or via strings then piped through grep ..

        Where do I click /s

      2. Anonymous Coward
        Anonymous Coward

        Re: Prevention was superior to cure :o

        Just a quick point: reading the file requires opening it.

        1. jake Silver badge

          Re: Prevention was superior to cure :o

          In a sane operating system, displaying the file is not the same as executing the file.

  15. 0laf Silver badge

    I'm starting to think that misconfigurations and borks actually save quite a few ar$es.

    I know of at least two ransomware attacks on a previous employer that were dodged because of fecked up networks and EUD configurations.

    That will teach those pesky ransomware flingers to trust that we've got competently setup networks for tehm to exploit

  16. Stevie


    In the Badole Dayz of NT I once listened sweetly to a unix "expert" rant about how he had to install cigwin to get anything done because he only knew how to do things the correct, POSIX-compliant way.

    When he paused for breath I said "So you don't remember about the POSIX API in Windows NT?"

    It was dropped because it was never really popular, but the look on said expert's face was worth the wait. He and I had sat together in the NY course but he was so busy asking "Can you turn off the GUI?" at every new topic he had obviously missed most of the content.

    1. nintendoeats Silver badge

      Re: Bah!

      Because obviously anything not involving one specific API must be crap.

    2. Peter Gathercole Silver badge

      Re: Bah!

      The Posix subsystem gave NT the Posix application programming interface, not the command set.

      Cygwin gave Windows both a UNIX API layer, and also the user-land tools that a UNIX expert would like to use.

      The two do not do the same thing at all. Your UNIX 'expert' may have been being a bit short-sighted, but like many such people (including myself), they probably found the native Winsows/DOS CLI pretty limiting.

      It really took until Powershell for Windows to get a functional CLI (I'm deliberately ignoring MKS) , and Powershell does it in a very extreme way that is clever, well integrated into a Windows Object model, but just as foreign to a UNIX person as the Windows/DOS interface. But the clue is in the name. Windows was always intended to the a Graphical User Interface, and as such a CLI was always deemed a second-class feature right up until the time Microsoft decided it wasn't.

  17. J. Cook Silver badge

    Sadly, the closest I ever got to dealing with NT on Alphas were a couple servers that ran them expressly for extremely large image processing as front end rasterizers for full bleed, photo grade press units that could do billboard sized output.

    For it being back in the late 90's / early 2000s, it was the first place I ever did work for that could regularly saturate a full Gigabit ethernet connection.

  18. mickaroo

    I Was The Antivirus

    Many years ago, I was on a project with half a dozen colleagues. They were all running Windows; I was running PC-LinuxOS on an ageing Compaq. We had no Ethernet, we had no Wireless, so file sharing was sneaker-net using flash drives. And someone had a virus…

    I’d be given a flash drive with work files on it. I’d open the flash drive, see the “hidden” Windows virus files and delete them. Then I’d do whatever I was supposed to do with the work files, and return the drive.

    After about three days of this, one of the ladies on the team put together that when I returned a drive, it was virus-free. And promptly refused to accept a drive from anyone else until Mickaroo had scanned it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like