Slashdot Mirror
Windows XP SP2 Beta Reviewed
worm eater writes "Ars Technica has a characteristically thorough review of Windows XP Service Pack 2 Beta, with plenty of screen shots. In a nutshell, it's all about security fixes, including a seriously beefed up firewall. The final release is expected this summer." The review concludes: "Overall, Microsoft has made a step in the right direction with this service pack. The increased focus on security will be good not only for the average user who does not spend much time thinking about security her system, but also for 'power users' and those who work supporting end users."
I'd tolerate all the exploits if this thing would make me toast and coffee in the morning.. meh.
http://www.babysmasher.com
http://www.openingbands.com
A review of a service pack? What's next, A screenshot of RTPatch? I can see it now...
"Here we see the patch process at 37% complete. Note that the progress bar is roughly one third filled in with a nice blue color."
Please!!
popup blocker in IE. Finally!
:D
It ASKS YOU before installing random crap in the background and at least notes that "Some software could be harmful"
Good. Step in the right direction.
You can download the service pack here
"The increased focus on security will be good not only for the average user who does not spend much time thinking about security her system, but also for 'power users' and those who work supporting end users."
The only security improvement that I would characterize as being "good" for those who work support end users is one which prevented them from using the computer in the first place.
Please, God, take me now....
(been a long day)
-- "Government is the great fiction through which everybody endeavors to live at the expense of everybody else."
Is this available for download now? where?
Does it default allowed or denied? The screenshot shows it checked (allowed) but did it come that way?
'power users', 'Windows'... in the same sentance.. what are you smoking? :P
moo
Overall, Microsoft has made a step in the right direction with this service pack. The increased focus on security will be good not only for the average user who does not spend much time thinking about security her system, but also for 'power users' and those who work supporting end users."
We still have a couple of W2k and XP boxes that we'll probably keep, but the damage over the past couple of years with poor security has been done. We have been migrating many of our Wintel systems to OS X for a whole variety of reasons. I really hope that this service pack works as advertised as I still own some Microsoft stock, but I am afraid that Microsoft needs to completely re-engineer the OS like they are doing with Longhorn to resolve the security problems with Windows. Unfortunately that will be in what....2006?
Visit Jonesblog and say hello.
Wait , OMG... I must format my Gentoo build now, and install this superior Operating system.
Electronic Music Made Using Linux http://soundcloud.com/polyp
i personally advise customers to *never* update their windows systems.
i receive many calls regarding windows computers that are no longer working and when i ask when the system last worked they say before they updated. then they express their confusion at having been told to keep their system up to date.
part of the problem is that (beyond the initial service pack for any particular microsoft product) not enough people install the updates so that the bugs in the updates are not addressed.
the "never install software from..." button.
Microsoft must be trying to bankrupt Gator / GAIN / THAT COMPANY THAT MAKES a product remarkably simliar to SPYWARE. They'll be filing for name changes once a week now.
There are some people that if they don't know, you can't tell 'em.
Yes, but it is not good to combine bug fixes with new features! Also, we need those bug fixes now! There are hundreds of them.
I hope this does not slow down or complications to my system like other updates from microsoft have.
Shouldn't these features have been part of XP from the beginning though? That's like saying the brakes on my Ford are a new "feature". I suppose......
All-in-all a good review. I wonder if this will raise any new "monopoly" charges though with everyone from Norton Internet Security to Pop-up blocker companies' business going down the drain - virtually overnight.
I am generally pretty critical on Microsoft but I like how you can Slipstream a service pack into the base OS. Well, not enough to use Windows but I like it.
Praise Jebus the service pack is in beta stages! So when will we see the final release, or is longhorn the final release? Woo hoo! Updated security, does that mean i can finally hook up my laptop. How exciting.
I work in tech support for an ISP, and quite a few calls come in where the ICF is blocking DHCP, DNS, HTTP, or SMTP requests. Does this mean that we will stop having calls about this? I doubt it, because most of the users will just assume that if they hit the 'Close' button in the alert about the app, it will be allowed automatically. Also, I'm sure that most users won't be able to figure out the 'Configure' dialog box that is there.
Crushing dreams at the speed of sarcasm
How much of the beta will still be in its original shape when its available to the public? I for one still use XP at work and home and still find it useful for all of my needs *gaming*. I applaud MS for getting this out quickly because it should clear up the long mess that is in my add/remove programs list.
Sweet! My windoze computer is finally protected from the outside world... oh wait, nevermind.
Why is it so huge if it's mostly just fixes to security flaws? Were there really that many or something?
who cares...
Several years ago mentioned that windows will look more and more like unix every version. I would imagine they would go with a similar implimentation on the backend eventually.
I work with a group that has to automate all kinds of system operations. Both Unix and Windows. I find the windows guys complaining about simple things all the time.
An example would be that there are several things that don't kick off or operate properly in windows until someone logs in. So you can't just schedule a task like you could in 'cron' and expect the same results. So they have to physically log into hundreds of machines every day after they've been rebooted to make sure the tasks will run corretly.
I've been running 2003 as a desktop for a couple of weeks now. Haven't found one thing that ran on XP that couldn't be made to run on 2003. Everything is locked down until expressly opened. All the eye candy and useless dross from XP is turned off or MIA. Seems much peppier as a desktop and webserver than XP or even 2000. IIS 6 almost (almost) makes you forget all the crap MS released in the past.
IE has been updated with some good things, but does anyone know if they have fixed the numerous issues that standards oriented web developers have to work around? The png issues, box model issues, absolute positioning issues, etc?
Microsoft is holding back many websites from doing some amazing designs because of their lack of standard compatibility.
"BEHOLD, CORN!!" - Dr. Weird, ATHF
Try saying that 5x fast.
What I'd like to know is, are there any forced lock-ins -- such as "you only get these nice security patches which you need to avoid worms if you also install our new version of DRM, which locks you out of things you could previously do".
Not something you could easily tell in a first review -- but it's what I suspect will be more and more common, especially as MS loses the digital battle with ITMS/ITMS-wannabes
(and what's with the "wankerdesk" in the URL? :) )
where is the cyborg bill icon?
Found this article from Microsoft, might be of interest to some, "This document contains preliminary information about the security technologies in Windows XP SP2."
Windows XP Service Pack 2: A Developer's View
Nah. There is always SOMETHING to complain about!
Manipulate the moderator system! Mod someone as "overrated" today.
IE now has a popup blocker.. thereby making Telnet the last (by my count) internet-related application that does NOT have a built-in popup blocker. Are companies still paying for that shit? I can't imagine them getting anything approaching a good return on investment for popup ads these days. Unless they can get them free in specially-marked boxes of cereal, or something. On an unrelated note, why are they giving XP users a firewall? Any XP user that needs a firewall should be on 2000, if not Linux/Unix. XP is for media and third-graders. :(
Nothing forces a company like microsoft to improve their products than a little competition. I like how they focused on security this time. If linux for desktops wasn't gaining market share as fast as it is now, I doubt we would have seen this service pack this soon and this full of security updates. Microsoft isn't stupid, they understand why a lot of people switch to linux. They give up that "secure feeling" of windows for actual security. I don't know if this will bring back converts, but I think it will slow down the acceleration of linux adoption for those "regular folks".
I wish MS would implement Service Packs as a way to add other bug fixes to the OS (generally SP's are security only), new add-ons and more features. Additionally, listening to what users want and adding these changes/features into the Service Packs would be nice.
One of the things that make 'Nix based distros, and OS X attractive is that each new development cycle (and they tend to be quick) brings more apps and more features to increase productivity. Granted Linux depends on the developer community and OS X upgrades cost money, MS is comparatively stagnant on technology and OS improvements. MS relies on major development cycles which are generally every 3 to 4 years (e.g. 95 --> NT 4 --> 2000/XP).
For one thing, a major upgrade to IE, Outlook Express and Windows Explorer (make it crash less) are needed. Given all the websites on "Tweaking" Windows 2000/XP, MS should give more thought into making GUI and other OS improvements before Longhorn comes out -- since that will probably be another 2 or 3 year away. In the meantime, OS X should probably be OS XI and RH (for instance) will be at version 11 or 12.
Congratulations! You've been posting that same shit all day, and finally got a couple of mods to pay attention! Do you feel better now?
Sure it is about time that IE gets a popup blocker, but one thing I'd like to see improved about IE would be its horridly aged quirky, standards-violating rendering engine. It is the "Netscape 4" of today.
But of course at about 95% of the global browser market share Microsoft see no need to improve that vital component of the browser.
Internet Explorer's browser monopoly is hurting the progress badly by locking the majority to legacy HTML that we should have left behind in the 90's already.
while true; do eject; eject -t; done
Good god, you must really be pissed off. Looks like someone has a case of the Mondays here.
Of course, all the focus on security didn't seem to help them with their grammar. On the wireless connection screen, it reads "Automatically connect to this network when its in range." Everyone knows that its supposed to be an it's. Quoth the bard: Ohhh, if you want to be possessive, it's just I-T-S, but if it's supposed to be a contraction than it's I-T-apostraphe-S, scalawag
Question about the firewall: The "exceptions" dialog indicates that the checked programs "will be allowed to receive connections from other computers." What if I simply want to prevent a program from making outbound connections, the way I can with ZoneAlarm?
Knowing M$ the firewall in this SP will probably be preconfigured to block all access to competing products (Linux, OpenOffice, ...). That is, if John/Jane Doe ever finds his/her way out of the MSDN version of the web...
You think that's pissed off? That's nothing! You just wait until I've got my case of the Tuesdays going on!
After reading the article I thought I would ask the question I thought about for a while. Whey can't we ( The opensource community) patent our ideas. Then we can allow them only of opensource projects. A good example would be the pop up blocker (It probably isn't patentable from proir-art but for argument sake). We could take a good idea and patent so others couldn't use it unless they had a opensource product. We could even fund the patent process with a non-profet orginastion.
I didn't use the preview button, so get over it!!!!
Mike
I almost get the sense that some folks don't want Microsoft to "take a step in the right direction" on security.
After all, if their operating systems are actually just as or more secure, proponents of alternative operating systems can no longer use that as ammunition, can they?
Is it worth it that systems be broken into as a demonstration of Microsoft's insecurity, so the masses and companies "wake up" (as they were supposedly already doing), just so people migrate to Linux? Necessary evil? No. No data loss is a necessary evil.
The coolest voice ever.
This is good news. I like the new exceptions dialog in the ICF. Maybe now programs that require port ranges instead of just one port will be automagically handled by Windows and not require 50 billion entries in the list. Yes, I know, 65535 blah blah...50 billion makes my issues seem more important :D
slightly slow...lets be nice to his bandwidth.
archive.
see you guys in chapter 7!
Once, I booted WinXP for a couple of hours to do one specific thing. I didn't use a firewall because it was only for a couple of hours. Before I shut down, my machine had Blaster!
Two days ago, I installed a small XP partition in preperation for a LAN party. My system already seems to be infected with something that hijacks Google's links.
A deep unwavering belief is a sure sign you're missing something...
Speaking as a phone tech support drone for a large university, many of these changes will be most welcome. The "Blaster" incident cost our university thousands of dollars in overtime and set back all of the activities that were going on at the beginning of the school year.
However, i'm not so sure that the fancier firewall will be such a good thing unless it is implemented properly. Ever since the newer version of AIM that came out in August or September 2003, we have been flooded with calls of it blinking on and off. These problems have been traced to ZoneAlarm - another free firewall that many people use because the one in XP was insufficient. If the new firewall has trouble with an application that is as popular as AIM is among our college students, it could create more problems then its worth for IT departments everywhere.
It may sound as if i'm overreacting for such a simple thing, but try working in IT for a few weeks and receiving over 150 phone calls a day from disgruntled students cussing you out because they can't chat with their friends.
Overall, its long past due that Microsoft focus on security instead of whizz-bang features that serve to slow down the O/S and cause it to be more unstable. XP Professional was a step in the right direction as far as stability, but the security issues are most definitely a large concern, especially to those of us with a phone to our ear.
"To strive, to seek, to find, and not to yield." - Tennyson
woah... maybe its laced?
As one wit at my company likes to call it...
look it up
Yay me!
What exactly defines the "power users" who need this new-and-improved-maybe-this-time-it-won't-suck version of Windows?
Let's look at the word...
Power and User come together. Obviously, this implies that the user has some kind of power. However, this user is using Windows, which gives no power to its users. Thus, this mysterious user must actually WORK at Microsoft. Now why would the staff of MS need a version of Windows with security that doesn't suck?
the answer: to cover their asses for making crappy software.
Esoteric reference.
LOL hahaha; thanks a lot for that one!!!
From the article's last page:
One major change in the core is the addition of support for hardware-enforced no-execute. CPUs that support this feature can protect application code from data, which will help prevent attacks from viruses that work by attacking memory marked for data.
Unfortunately the only known XP-compatible processors that support this feature are the Athlon 64/Opteron family.
I like the blurb that appears on the screen shot too: You can disable the built-in protection that helps prevent incompatible and non-secure software from running on your computer. I wonder what gets deamed incompatible or non-secure. At least they offer the ability to disable it at the moment. It'll be hard to trust Microsoft with such a technology. Execution control would be a nice feature for a OS, but as we all know, with great power comes great responsibility, and MS seams to be responsible for one thing: profit.
Cthulhu Saves.
Ok, I don't have a very current nightly build, but since when does Mozilla magically know which popups you want and which you don't?
--
the strongest word is still the word "free"
The one problem with developing useful 3rd party apps under MS is that its just a matter of time.. Of course this is something that Microsoft had to do eventually, especially now that people are getting infected before they get a chance to download security updates. 3rd Party Windows software companies of basic utility sw can now only protect their investments by (ab)using patent law... (eg The One Click Firewall, One-Click Unzip etc...) or having a better support infrastructure (not easy)
Now, I want you to think very carefully about this... You are installing a beta version of a service pack?
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
In fact, your post made me laugh so hard for the last 15 minutes that this idiot computer science student from the next room came over and asked me what could possibly be so fucking funny that I had to wake him up.
Yeah. I'm a foreign troll, you know. It's already late here.
Guess I'll stop posting 'til tomorrow. You win.
Sure, there were things like the google toolbar and using moz/firebird, but Microsoft is actually endorsing this now, so that makes a large difference. For example, how many people would use internet explorer if it wasn't fully integrated/came with windows? What Microsoft endorses has a large affect on the computer user community as a whole.
Gosh, Microsoft is starting to sound like a government agency of its own now...
Ars Technica: Windows XP SP2 Beta first look: Page 1 -- (1/2004)
2004 pages! Now that's thorough! Oh, wait a minute...
UNIX? They're not even circumcised! Savages!
Note: THIS is the new machine killer. Having cleaned a disturbingly increasing number of affected machines lately (including to a smaller degree, my own!), I think that this should be Microsoft's New Frontier. "Stealth" installations of crapware need to be stopped... Somehow.
After all, what good is your computer if it takes you 15 minutes to boot it up and crashes every 5 mins. thereafter?
"...Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam..."
A lot of people on here give XP a bad name.
Over 40% of the computer users in the world use XP, and most have no trouble with Blaster or random spywares, or indeed security hacks.
There are a lot of posters in here who claim to have had so many problems with XP. Obviously then it is a lack of knowledge and experience on your part. Just because you can't get it going well doesn't mean it is a problem with the OS. Lots of Joe Home Users are very happy with it. I am a very happy XP user, and have absolutely none of the problems that are bleated on about here. Turn into real users.
Not affiliated with Microsoft at all!! No doubt I will be called a troll by the Linux zealots in here!
Someone mod this up as funny please. I certainly got a chuckle.
from trojaned broadband users, is welcome with me. i have to deal with this stuff, and i know a lot of you do too.
:>
wait - we all have to deal with this. the level of spam sent from trojaned users using exclusively microsoft's more modern (you may permit yourself a slight snicker at this point) operating systems is over 50%. that's more than half, for the numerically challenged.
this is a serious problem. microsoft's inattention to security has literally destabilized the fundamental mechanisms of the Net.
ok, that's pretty dramatic. but whatever
But, since I was poking fun, using the actual length of the bio, which incidentally I knew was longer than 255, allthough not exactly how long, would have decreased the audience for the joke. Since the form states 255 characters, and most folk with any familiarity with that section of their Preferences are more likely to know the stated length, not the actual.
My bad though, obviously I overlooked the large anal-retentive block of /.ers who have nothing better to do than find out the discrepancies in the /. site. Damn, after all that work to avoid the speeling and grammar, Nazis to fall to someone who is still socially at the level of potty training. My apologies.
"Talk minus action equals nothing" - Joey Shithead, D.O.A.
"Talk minus action equals
Yeah but.. Wormage. It doesn't matter if you have a firewall if someone contracts the Nachi worm on their laptop and plugs in the CAT 5. It's happened here, and it sucks.
"...Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam..."
This feature was added specifically to address buffer overflows and the execution of arbitrary code.
With the Intel x86-32 CPU and many other CPUs there are only two flags applicable to a section of memory: read or write. There is no execute flag; if the memory can be read then the instruction pointer can be set to it and it will execute.
The exploitation of a buffer overflow involves overwriting a block of memory to both fill it with code and also to overwrite the return address of the current function. When the function attempts to return to the previous function in the stack trace it instead will jump to the contents of code within the buffer and will perform whatever dastardly deed that was programmed there.
Now with XP SP2 and a supported chipset (which, unfortunately, is only the 64-bit AMD offerings) these sections of memory can be marked as "no-execute" so even if a buffer overflow vulnerability exists it could still overwrite sections of memory but the program would not be capable of executing them. That won't prevent DOS-style buffer overflow exploits (where the program crashes) but it does stop the execution of arbitrary code which is usually the foundation of worms.
Take the tinfoil hat off, this is a great idea. I just wish the Intel x86-32 line supported it.
From the ICF screenshot when a program attempts to open a port:
"Some software can be harmful. Only allow software from publisheres you trust to accept online connections"
Hmm... If you don't trust the software, why the hell are you running it in the first place? IMHO this may prevent a lot of spyware crap, but the real solution is to not run the programs in the first place. Technically, the 'programs' (spyware) can just disable the ICF feature when run (if running as admin).
On the other hand, if not run as admin, they couldn't disable the ICF and this feature should be quite useful.
I.O.U One Sig.
Dear god yes! my hosts file was given me by another- I took a few entries out, and it works for me.. and I immediately stuck it in my Mothers, Fathers, co-workers, and work computers.. (didn't tell them either) I really hope these 'never install' will be easily moved/shared/installed from comp to comp.
every day http://en.wikipedia.org/wiki/Special:Random
Duh..
=-=-=-=-=-=-=-= - The Celtic - =-=-=-=-=-=-=-=
I've been searching for the answer all over the place, from microsoft's msdn to blogs to community sites. The worse part is, COM+ is suppose to provide better scalability than using plain old OLEDB or ODBC. If it worked correctly, I would be able to load test the sucker. Unfortunately, that seems to be a risky and dangerous. If I install a clean win2K3 server it works, but the sucker is wide open. If I install the patches and secure the system COM+ most likely won't work. Others might know the solution, but I for one have given up on finding the solution.
Overall, its long past due that Microsoft focus on security instead of whizz-bang features
Since when has Microsoft done either??
Microsoft is reacting to the overwhelming failure of its operating system to provide even a moderate level of security! Microsoft is reacting to the proliferation of the community's knowledge and understanding that there are more secure, more stable alternatives (thanks to Linux and FreeBSD/OSX).
What "whiz bang" features are you referring to? Popup blocking? Again, this is a three year old technology that Microsoft has tried its best to not implement but is only grudgingly deploying because other products like the Google Toolbar have proven to be incredibly valuable and desireable by the community and its encroached into Microsoft's attempt to hijack the Internet's searching system.
The only thing Microsoft focuses on are continued ways to milk more money from the dominant market position they have in the industry.
However, this post, which I aknowledge to be be WTFOT will not be modified.
Ah life on /..
"Talk minus action equals nothing" - Joey Shithead, D.O.A.
"Talk minus action equals
"The increased focus on security will be good not only for the average user who does not spend much time thinking about security [securing] her system, but also for 'power users' and those who work supporting end users."
Are you implying that men are better at securing their systems then women?
Im dreaming ofa big bndwdth, That can resist the
I guess it all turned out for the best then! You got a good laugh, I'm not pissed off anymore, and everyone wins except the mods who have to waste points sending our little thread to Negative-Oneville. Enjoy the rest of your evening!
You of course realize that pop-up blocking becoming mainstream will just push sites and advertisers into another, equally or more annoying method of pushing unwanted crap in your face before you can get to the content you want.
I can just see it, you must view the ad for 15 seconds before you can load the next page and there's no getting around it, unless you want to spend your life picking apart javascript or whatever for code to load the next page.
What you got today is an annoyance, what you might have tomorrow is a headache. Time to get back to lynx.
A feeling of having made the same mistake before: Deja Foobar
You, you and your developer buddy(s)? Your whole virtual development community? Who gets to decide who had critical input and who didn't?
Who pays for the review/legal fees?
Who researches prior art before preparation/submittal?
Who is responsible for lawsuits if you wanna go after someone? Who funds that?
Tough questions....Anyone have answers?
Is the juice worth the sqeeze?
1. The most annoying option will be the default.
2. The more aggrevating the behavior of a default option, the more difficult it will be to find where it's set and change the setting.
A feeling of having made the same mistake before: Deja Foobar
opinion is all well and good, but have you any facts to back it up ? why is ZA the "worst possible firewall" ? all i can find are glowing reviews
no really , what makes ZA so bad yet Kerio is so good ?
Microsoft's definition of a 'power user' is a user who can change their own settings and install software which won't break Windows...
Karma: It's all a bunch of tree-huggin' hippy crap!
I recently bought an Opteron system...and planned to use it for gaming purposes (keep the criticism to yourselves, I've heard it all). I tried installing 2003 because my school had recently given me a copy and I felt that was a good time as any to try it out, because I wouldn't have to backup everything to do a clean install with XP afterwards. If I liked it, I'd keep it.
First...I could *not* get directX working. It installed, but dxdiag wouldn't enable direct3d. It kept saying my driver didn't support hardware acceleration. Then I installed sound card drivers, and THAT was horrible. It BSOD'ed. Then every time it rebooted, the software that came with the audigy's drivers would start up pop up a screen which would cause the computer to bsod again. I went to safe mode, stopped that application from starting up automatically, rebooted, and used add/remove programs to remove the audigy software. In the middle of the uninstall, it bsod'ed. I tried again, it bsod'ed in the same place.
Given that 2003 is a server OS, I can draw two conclusions...it's a HORRIBLE server OS, because it's not frigging stable, or it's not meant to have graphics/sound because it's a server OS, and it's stable otherwise. WinXP has absolutely NO problems with my hardware at all.
Warning: Opinions known to be heavily biased.
Whatever about the spam blockers, the eye candy and the new wireless widget, I wonder if SP2 will detect and disable XP installations with illegally generated corporate volume license keys in the same fashion that SP1 did.
Da Blog
...when I saw it has about a 50% thumbs up rating on cnet. Alot of people were having issues with it. And if the odds are that 1 out of 2 people will have a problem, I know which one I get to be.
Hold your breath until IE supports a single clickable button to remove all privacy-sensitive information.
Karma: It's all a bunch of tree-huggin' hippy crap!
Okay, Mr. Anonymous Coward.
Yours Truly
The ICouldCareLessTroll.
- It's not the Macs I hate. It's Digg users. -
Yeah, because emerge -u system is just too much to type sometimes.
Karma: It's all a bunch of tree-huggin' hippy crap!
I though the idea of a beta was to find the bugs. if this patch is only beta, does that mean the original was alpha?
Damn, Microsoft is smart, they sell there alpha version and the give away the beta version
it is only after a long journey that you know the strength of the horse.
As the AC asked, why specifically do you believe that ZoneAlarm is one of the worst possible firewalls?
Because Unix was designed for multiple concurrent remote users, protecting each users' environment (and the OS as a dependancy) was a core requirement and early design decision.
Because multiple concurrent remote users is not a feature of Microsoft Windows XP SP2, security will always be an afterthought. While it may be "securable" in that you can turn off almost everything, and maybe even default configuration in that mode is possible, security *breaks* desirable functionality. Apps must be written by design to accomodate security requirements or they will require turning off security features. When the apps are the reason you tolerate the computer and the OS, the conflicting requirements of the app and recommendations of the OS will quickly turn into an insecure ball of mush. Spyware is case and point: by mere existence.
The design philosophy of Microsoft Windows is to give developers unlimited power over the users they can acquire. These powers are supposed to be used for good, but there are no real checks and balances unless you are like Ralph Nader and can use the courts and organise class action. Even then, people get abused by negligent and malicious programmers. It is by design.
A PC is a user; a user is a means to power and money. Users are merely a means to another end. Whom does security serve? How?
A unix server is a community of users. The synergy of users in that community is a means to power and money. Plurality of interests and the common-ground and balance between them is the heart of unix. Whom does security serve and how?
Redmond does not believe in security. They believe you should feel secure, but you need not actually *be* secure. If you feel secure enough to pay them before you get uprooted, then maybe it is cheaper to put up a false front in the name of security? I'm not saying you can't do things right on Windows, but Redmond keeps making it so damned hard!
If you want Microsoft to make Windows secure, then demand to share a big fat beefy PC (with more than a few CPUs) with a few other users. Providing an environment where *peers* can trust each other is the foundation of secure computing. Demand it. Put up some ducats and show them how much you want it. Hold those ducats and don't give them up until you have the deal you want.
--- Nothing clever here: move along now...
It was twenty years ago today that I quit my job at MIT to begin developing a free software operating system, GNU. While we have never released a complete GNU system suitable for production use, a variant of the GNU system is now used by tens of millions of people who mostly are not aware it is such. Free software does not mean "gratis"; it means that users are free to run the program, study the source code, change it, and redistribute it either with or without changes, either gratis or for a fee.
My hope was that a free operating system would open a path to escape forever from the system of subjugation which is proprietary software. I had experienced the ugliness of the way of life that non-free software imposes on its users, and I was determined to escape and give others a way to escape.
Any corporate setting that already has ZLID running will never see any benefit to migrating to a new desktop firewall of unknown quality. The rule set you've worked so hard would be useless. And as far as anyone can tell the update fixes address the known vulnerabilities. Mega SPs will slow everyone down for very little if any perceived benefit.
I'm running my SIS AGP drivers from XP with my ATI Cat 3.10 XP drivers with my SB Live! XP drivers with the Astra 3400 scanner dlls I copied over from XP SP1. 2003 will run most everything XP does, including system restore (if you want such nonsense). 2003 is configured without any acceleration enabled. You will have to jump through a few configuration hoops and enable some services, but it can be done. See this invaluable setup guide.
Anyone want to take bets on how well the new SP2 will coexist with other software? What happens to your Symantec, Popup blocker, Google toolbar, Mcaffee, Zonelarm or other software after SP2 is installed? Is it going to make your machine crash and burn? I'm sure Microsoft has throughly tested the possibility that some of the new security features they're implementing might be redundant on some user's machines already... right? I'm sure they wouldn't destroy the functionality of non-Microsoft third party software customers have paid for and/or preinstalled on the system right?? Muhahahhahahahaha
Capitalism doesn't work well with monopolies. IE is deeply entrenched. And it didn't get there by being the best product - it got there by being shoved down the throats by bundling it with an operating system that holds a monopoly situation.
IE Pop-up blocker needs two things; an override key and a visual queue.
With google toolbar i just hold the ctrl key while clicking and the pop-up is permitted. It's very useful for sites like www.showcasecinemas.com where you click to bring up a list of showings and it comes in a second window.
Sound queues annoy me too; and for the less anal retentive they may be unavailable (that's less likely these days; but still possible); again something like the visual queue google gives.
The allow pop ups for a specific site is a nice addition though.
There is already a surplus of qualified educated tech employees. Since there is more out of work tech workers than there are jobs anyone going to higher education seeking a tech related degree should think twice about entering a market where they will have no experience and a degree worth more as firewood than any chance of employment.
Maybe you should look into another area that has some growth potential.
Nick Powers
Encryption: I may not agree with what you say, but I will defend your right to encrypt it...
"Looks to me that Linux is looking more like Windows XP, but that's just me......"
Lol. Have you taken a careful look at the
look and feel of Billy's windows explorer? Looks
a lot like nautilus. Billy's screenshot of his
next office? Looks like open office.
A friend of mine summarized it this way:
If you want to know what Billy's look-and-feel
is for next year, look at this year's gnome look-and-feel.
Anyway, I'm sure you meant well, but I urge
you to do a time comparison on whose theme
came out first. I think you may be surprised
by what you find out.
I'd like to know what I'm signing over to Gates & Co., what kind of global permissions I have to grant them, and what kind of invasive tricks they have up their sleeve- just to make sure my system is as secure as it should have been in the first place.
I'd like to see a nmap scan of the ports still open after applying SP2. And a good reason why those ports are still open. Is 1025 open? If then, why? Does Microsoft break functionality in favor of security in an product that targets home users? A proper documentation for the ports used by XP Home and Pro would be far better than a obscure new service pack that does things and more voodoo. I read the document on expected changes with SP2 (looks weird in OOs, but it's readable). Almost words about those funny ports beyond 1024 where those dynamic mappings to the RPC begin.
Keep up the...work Microsoft.
Signed The Moops
at 222MB, they should consider sending every registered MS user a CD. I'm sure they could afford it. During the previous security fiasco, their defense was that the patch was available but people didn't bother upgrading their systems. Not everyone is on broadband, so it has to be easier to distribute the patch the same way AOL sends those coasters. Leave it to the user to decide whether to throw out the CD or not.
Funny thing about Software firewalls. They are subject to "Social Engineering". A SW firewall is really 2nd level (even 3rd level) defence. Microsoft have done a good thing by enabling it as default and making it a bit more functional, as an interim measure. (I suspect ZA may disagree)
To stop rogue incoming traffic, it's easier than trying to work out which of the many interrelated default Windows services they can disable, or configure to listen to local requests only... which is the approach I assume Longhorn is be taking.... Security-wise this is the conceptual flaw with Windows. Power without responsibility... A firewall will paste over the cracks for a short time - but for how long?
To stop rogue out going traffic, well usually its too late by then ...
Firewall: "Do you wish to allow "Very Important Microsoft Firewall Update to access the intenet?"
User: Err... yes?
Trojan: "Sucker!!! ..."
I'll wait for SP3 that way all the new holes in SP2 are covered. ;)
As you've probably ready a slew of posts by now about how "M$ still suxors!" and how MS will "never be as secure as *ix".
Keep something in mind. While a good portion of the m$ directed slings and arrows are legitimate concerns over the security of the OS, with good reason, the majority of slasdot users hate M$ because of a completely different ideal. M$ is huge. By nature, slashdot folks just hate corporations. All corporations are bad. They do nothing but steal from the public and rape their employees. They kick puppies and steal candy from kids.
What folks here would really hate most is this: Microsoft actually getting their OS into a position where the *ix folks would have nothing to complain about that didn't happen years in the past. The best they could do is say, "Well I don't trust an OS that is as buggy as Windows USED TO BE"
I use Linux and Windows. I prefer Linux however the apps I need to do work don't exist on Linux. Linux advocates need to put pressure on software developers to release versions for Linux (Starting with Macromedia IMHO).
Unless that can happen, more CEO's and CTO's (Who are mostly clueless) are going to read these changes Microsoft is making and remain a Microsoft shop.
Karma means nothing to me, so suck it...
I want to know about the status of the Eolas "fix". I'm pretty surprised the reviewer did not mention its absence/presence.
It mentions it in the article.
I couldn't disagree more.... I would much rather see the homeusers using the worst firewall on the planet, than none at all. In the case of less savy users, ZA would be an excellent choice. It's far more robust than the included firewall with XP, and a good fit for users of 2000 and prior operating systems.
I always find it odd when people complain about the lack of specific features included with MS operating systems, then whine when they do add them.
tell them to quit downloading so much porn
And you need a few million dollars to litigate the patent. Of course, some attorneys may be willing to do it on a contingency basis.
There is a reason patents are referred to as the "legal sport of kings."
When I (and most Open Source writers) write something Open Source (granted my stuff is rinky-dinky) I just write it in my spare time with no desire or capability to invest money into it. I just can't afford to patent things on my own. That is why most patents are assigned to a major company. You need money to get patents.
I don't know what the financial situation is for the major projects (Linux kernel, Mozilla, KDE, etc.) but they'd have to make a serious commitment of money and time (as it takes ~5yrs to get a software patent now a days) to get patents. Until recently, the majority of MSFT's patent portfolio was in keyboards and mice! It wasn't until they got scared with the recent patent attacks against them that they started to build their software portfolio.
Another small problem for the Open Source community is that many countries bar you from getting a patent if you have published the idea before filing the application. Given the open nature of Open Source, you might run into a statutory bar on your patent if you put the code in CVS before you file the application.
And as a side issue...
A good example would be the pop up blocker (It probably isn't patentable from proir-art but for argument sake).
A good patent attorney should be able to find a way to patent MSFT's implementation of the pop-up blocker. It'll be a narrow damn near worthless patent I'll grant you, but it can be done.
plzchgitkthx...
I work as an independent computer support consultant servicing mostly Windows users, and I can assure you that a large portion of "regular joe" users have huge problems with viruses, spyware, and trojan horses. Most of them don't even know it- they just complain about having a lot of popup windows (spyware) or having trouble with their Internet connection (Blaster). Many of them continue to struggle to use their computer for months with these problems.
And it's not just my clients (who obviously are limited to the set of folks who have problems bad enough to call a professional)... the percentage is high in my social network as well.
Now yes- I agree an expert can avoid these things. I didn't even have virus protection on my primary machine for years, and yet I never got an infection. But that was because I never got attachments from untrusted sources. And I never downloaded "risky" software. But average users and even "experts" who are unfamiliar with this particular OS are vulnerable, and it's ludicrous to suggest that these huge problems are an issue of user skill.
Frankly, from a purely financial perspective, what MS is doing is bad for my business... I really should send a nice thank you note to the turd that wrote Blaster. But something tells me I'm not going to be running out of work anytime soon...
-R
Sorry, this is OT, but does anyone know how I could find out the current number of members on /.? I want to know how long until I can metamoderate...some of these moderations make me want to...
As a consumer, I don't mind this approach at all, I'd rather have all these features built into my OS than have to pay extra for them. Kudos to MS for adding new features (which are first attacked by OSS zealots then later simply copied into OSS environments).
AdMuncher R0xXoR5
[Fuck Beta]
o0t!
After I installed SP1, my windows xp installation went from great to plain aweful.
1.) The number of errors I got from event manager spiraled thru the roof.
2.) It also caused internet explorer to error out with dll errors every other page.
3.) My scanner would scan in all pitch dark pictures.
4.) My graphics card would just get dll errors in the middle of games that would work before.
I re-norton ghosted back an image of pre SP1, and all was in harmony again. You can pay me to touch SP2.
Why not:
Installing this program will most likley set your computer on fire and let the magic smoke out.
Do you want to do the only smart thing in you life and not install this tool of SATAN?
OK CANCEL - notice that when the luser instincivly clicks 'OK' they will do the right thing.
Yeah, seeing as how Gentoo themselves got hacked, along with GNU/FSF, GNOME, and Debian.
"Sufferin' succotash."
Brilliant. We should just say "No offense" after every sentence. No offense. That way nobody will ever be offended by anything we say! No offense. I'm a damn genius! No offense.
One problem I see is that web sites like amazon are using flash plugins to get the effect of pop-ups without blocking them. Will this ti more common in IE?
It was a joke dude, anyway gentoo themselves didnt get hacked, it was actually someone elses dodgy mirror of the portage tree.
Lighten up!
Overly Critical Guy has yet to put forward a coherent or logical argument for his tired and continually discredited views. He sure hates Slashdot, but he continues to post here!
You are so full of shit it isn't funny. Again you trot out your anecdotal evidence (of dubious truthfulness) and tout it as gospel truth. You lie so much that I doubt you could recognize the truth as it relates to linux and oss (or microsoft for that matter) if came up and bit you on the ass.
I have been using the latest version of gentoo with kde and never, ever had it crash on me (which, of course, is anecdotal). I have no problems with cut and paste (as you seem to keep trotting out--it doesn't ring true) and fail to see the ugliness that you seem to find in abundance not only in gnome and kde, but with every open source project. If there is ugliness anywhere, it's deep in your empty and tortured soul. Get a fucking grip.
In short, we're tired of hearing your lies and astroturfing for microsoft. Please shut the fuck up.
I wonder how long the average windows user will deal with "Allow jf934yhf.exe to use the internet" before they shut down the firewall because of "annoyances."
Obviously, knowing what's going out of your PC is important, but that level of sophistication might make more people see firewalls as a PITA than something they need, not to mention the problems that come up when you're in a game or something that hides or obscures those little 'allow' boxes.
I liked the old firewall because it was simple. It blocked stuff from coming in and arguably your virus scanner should be taking care of the PC itself. I also don't think asking the customer is such a bright idea, if it hooked onto a database somewhere on the net and told you "This is a safe application, this is Quicken" then fine, but it leaves the user guessing what s3rvices.exe is and as we have seen clicking Yes on everything is default behavoir.
Outbound blocking seems like a lot of trouble for little return. I'm assuming this firewall does or will support UPnP so eventually the trojan writers will just exploit that.
I'd much rather see the firewall on by default (is it?), ActiveX off by default (with the exception of windowsupdate), and Windows update on by default. More features isn't the solution, shipping the product airtight is.
Really now, we've had warning windows in Outlook for quite some time and people tend to ignore them. "You say everything is harmful, stupid computer!"
even though macs are somewhat nice, if you want to upgrade 1 component, you are stuck buying a whole new system. With Intel/AMD systems running Windows or Linux, you can upgrade as you wish with no problems...
What I use Mozilla, once in a while I get a 'VERIFIER BUG' virus, that I have to actually go into the sub/java directory to delete. This never happens with IE.
the size of this sp make it quite inaccessible for anyone on a dialup. hopefully those of us that bought the cd and registered it will receive a free copy of this patch in the via FedEx the day before it's released to the public on the internet.
Security fixes are bug fixes!
parent is a worm. don't click the link windows users. jaz
Life is what happens to you while you are busy making other plans. No-one sees motorcycles
I personally don't like my data being controlled by activation. How does the SP2 work if Reset5 is installed?
I don't hate big corporations, I actually work for one, And I have seen the damage to our profits that MS software has caused. Our reputation has not been damaged just out of sheer luck, other companies on the same field have benn bitten very badly for one or tow bad decisions (amongst them to deploy MS serversfor any mission critical applications).
What I hate is corporations that behave in an unethical, or like MS, even illegal manner.
I don't understand why some folks would avoid convicted criminals as their first choice to do business but are all so happy to submiss themselves to a company known to abuse his business partners and costumers.
I don't care if they make the greatest products in the universe, I have ethical standards and MS does not come even close to match them.
IANAL but write like a drunk one.
At the same time the kernel dev team is very reluctant including PAX and RBAC (basicly, grsecurity's features) into the kernel and making SSP compilation standard and mandatory. They would reduce the amount of vulnerabilities on Linux platform by 95%. (Pratically all the buffer overflow attacks.)
After this summer those vulnerabilities will be found on Linux but not on Windows anymore. Sure there will be some other types (mischecked inputs and such) but basically, it will make the Linux look *BAD*. And in fact, Linux will be bad if compared to Windows.
I am not a troll. I love Linux and I know the stuff I am talking about.
In order for a virus to infect your system, you have to run the virus code. Just receiving a virus through mail will not get you infected when using most e-mail clients.
Conclusion: You are talking complete nonsense.
I hope the moderators who modded you up get a good and hard beating in meta moderation, because they obviously waste mod points on misinformation!
Clever signature text goes here.
now that windows has a built-in (functional) firewall, which should be on by default, and a possibly upcoming anti-virus, what do the companies that are currently selling these solutions think?
i see their market disappearing in one clean windows-update swoop.
I use Internet Explorer with the Google Toolbar. Haven't seen a popup since.
Insert offensive troll-style sig here. Please mod or respond appropriately.
Well, I can only speak from experience, but in one year I went through 2 Linksys routers, both dying in different ways. I switched to Netgear and haven't had a problem since.
This quick-n-dirty script parses the .aspx files on the above-mentioned pr0n site and leeches all of the .WMV movies without bothering to download the adverts.
/dev/null 2>&1 /dev/null 2>&1 ... please wait ... /dev/null 2>&1
Happy pr0n watching, slashdotters!
#!/bin/sh
for i in `seq 1 10000`; do
wget -O ViewMovie-${i}.1 http://www.neox3.com/ViewMovie.aspx?ClipID=$i >
ASX=`grep 'SRC="BuildASX.aspx' ViewMovie-${i}.1`
ASX='a='`echo -n "${ASX##*a=}" | sed s/[\"\'\ \)\;]//g | tr '\r' '\000'`
echo "$ASX" | egrep '[0-9]' >
if [ "$?" == "0" ]; then
wget -O ViewMovie-${i}.2 "http://www.neox3.com/BuildASX.aspx?$ASX" >/dev/null 2>&1
MMS=`grep -i mms: ViewMovie-${i}.2 | grep -v Ads | cut -f2 -d\"`
echo Downloading $MMS \(${MMS##*/}\)
mplayer -dumpfile ${MMS##*/} -dumpstream $MMS >
rm -f ViewMovie-${i}.2
fi
rm -f ViewMovie-${i}.1
done
----------------------------------------
Religious war: fighting over who has the real imaginary friend.
FSCK! Wish Microsoft would just come out with a perfect version of there OS so i could steal that n not have to deal with this crap. Think'n they're so smart stopping me from installing services packs just cuz I didn't *pay* for they're software. . .
The last few viruses did not affect all Windows mail clients at all, since most of them don't execute attachments by default, and therefore the virus cannot infect the system.
.zip file. Did people unzip it and then run the .exe? Of course they did. Mail client vulnerabilities are completly optional these days.
I'm afraid you are mistaken. The last few viruses going around did not attempt to be auto-executed by any particular mail client. They just depended on people being clueless enough to run the executable manually after downloading it. Which, needless to say, a lot of people did. Every Windows mail client is equally vulnerable to this because it has nothing to do with the mail client at all. See also: social engineering v. exploiting a security hole.
The recent Mimail virus even sent itself out as a
I like my women like my coffee... pale and bitter.
I don't want my e-mail to cripple my use of it by blocking certain attachments, but on the other hand I don't want it to run executable attachments automatically either.
What you are talking about us not vulnerabilities in the software, but stupid people who open random attachments from complete strangers. Spocial engineering, perhaps, but not exploiting a security hole. Not a security vulnerability in most e-mail clients.
Try to get your facts straight before you attempt to re-define well known terms.
It doesn't matter if the virus spreads by social engineering - the software is not vulnerable. If you pick up a floppy disk on the street, put it in your PC and run a program on it which happens to contain a virus, that doesn't mean that it's a security vulnerability in the floppy!
So quit talking nonsense.
Clever signature text goes here.
Thank you for paraphrasing exactly what I said. I believe I stated clearly that the mail clients are not vulnerable, but people are, hence social engineering and everyone having the same chance of infection no matter what mail client they're using (since it doesn't depend on any particular client vulnerability).
What part of that did you disagree with?
I like my women like my coffee... pale and bitter.
Imagine a Mom with 3 kids who has to cook dinner in 2 hours and pick up the kids in 45 minutes from school. She clicks the conveniently named Email icon in her Windows XP start menu. What's in her inbox? A package of vacation pics from her sister. Little does she know that her sister's file is infected with a virus and her pics are contaminated. Keep in mind that her antivirus subscription expired about the same time the 6 months of AOL did. And no, she didn't resubscribe, there's a mortgage and credit cards to pay.
Would you call this lady stupid?
Yes, she is stupid when it comes to computers. And just because she is stupid doesn't mean that her software is necessarily vulnerable.
You said "every Windows mail client is equally vulnerable to this", which is nonsense. This has got nothing to do with the e-mail client at all.
LOL indeed. How stupid and blind can you people be?
> > I wist[sic] windows would have the grep command =(
> Windows NT/2000/XP/2003 and the Win 98 Resource Kit has a similar command in findstr. A basic set
> of regular expressions are included like character classes, ranges, beginning and end of
> words and lines, and multiple matching.
Better yet (imho), just install Cygwin, which gives you a full unix environment with all the tools necessary to use Win32 without feeling the need to gut yourself. That includes grep, find, locate and similar tools.
Plus, if you're insane enough, you can use it to install X11 and run KDE 3.1 or GNOME 1.4 instead of explorer.exe. Well, except that they're not yet mature on this platform (KDE runs extremely slowly, while GNOME is both not up to date and a bit less stable than what you'd expect from GNOME).
--
-JC
coder, needs FT work, Long Island, NY
http://www.jc-news.com/parse.cgi?coding/main
Here's one that could use a few points down. I only use one account and it's "too active" so I'm not allowed to mod. That rule makes no sence, since lots of people use multiple ones.