Slashdot Mirror
WinXP SP2 Sacrifices Compatibility for Security
goldragon writes "TechRepublic is reporting that "Microsoft is pulling out all the stops to improve security. So much so, in fact, that it will cause many problems because SP2 will de-emphasize backward compatibility with legacy systems and code for the sake of security." One small step forward for Microsoft, one giant leap backwards for mankind?"
Giant leap backwards?
Let's face it, you can't remain compatible with old software forever. It causes, well, Windows XP. XP is trying so hard to be everything to everyone, that it can't even pop up a delete confirmation fast enough to not make me wait for it (On an Athlon XP 2700+ with 1GB of DDR333, fresh from boot).
Compatibility is an important issue, but at some point shouldn't the ten-year-old programs run in a virtual environment separate from the OS?
That what was all this school was for... to teach us how to solve our own problems. -- janeowit
Keep your eyes to the sky.
...for the comments? I know this is slashdot and all, but that really has no place in the article summary.
Better than having yet more spam zombies and pwned newbies.
By summer it was all gone...now shesmovedon. --
Finally M$ catches on to what Telephony vendors and various other technology developers have been doing for years.
Had they started with a secure product, then being backwards compatible would not be that much of a problem. Hopefully the M$ code monkeys will not make more problems than they fix.
-Ghost
Since when was compatibility important to ME. Why cant I open a Office 97 doc in Office XP?
Can't say I'm suprised this happened at all really... seems noone else has problems fixing security while moving forward in developement and backwards compatibility.. *coughlinuxcough*
Even a stopped clock gives the right time twice a day.
K8? Since where you able to go into a shop and buy a K8? Its Athlon64 and Opteron dammit!
less people to patch? I can bet it is going to drive IT managers crazy because now they will have to do hardcore tests of all their software to make sure it still works after the patch.
This might just make things less secure overall because nobody is going to want to bork their software. Will it be possible to roll back the patch quickly if someone finds they cannot run program X anymore?
But then again, who knows, it might "accidentally" break Office 97 so people think they need to upgrade to Office 2003.
I wouldn't call this a small step forward. I'd call it a huge leap. It shows that Microsoft actually cares about security. You can't keep an API exactly the same forever. It'll get crufty eventually.
Hopefully, there'll be more breaking for the sake of security.
TheMadRedHatter
while(1)
{
}
Ah, the story of life.
Aren't all Windows users already sacrificing security for compatibility just by using Windows? Perhaps this is just meant to level the playing field.
I'm sure Microsoft will be releasing an update full of application compatibility fixes shortly after the SP2 release. Even in vanilla XP, you can run applications in Win95/98 compatibility mode. I don't see any reason to change it now.
-- Stu
/. ID under 2,000. I feel old now.
Microsoft is making it more secure by not allowing their applications to run!
The article indicates that most of the things being broken will be viruses and trojans.
And that the only other major change will be to Finally honor the NX(Non-executable) memory designation, IOW if you want self-modifying code, you can still have it, but you can't place a call to an area that has been marked as Data-only or NX.
Seems to be all good to me...
Food not Bombs is a nice platitude but it breaks down when you notice that the Bombees are usually well fed
Just another reason for folks to migrate away from their closed systems with forced expensive updates and security holes.
You mean a free service pack that improves security somehow translates into expensive updates with security holes? I'm sorry I fail to get your bizarro logic.
SP2 represents a big change in Microsoft's security vs. ease-of-use stance.
In the past, Windows shipped with many unlikely-to-be-useful services such as the NetBIOS Messenger service turned on by default installations, meaning that a user who wanted to use the service just needs to start using it and it'll already be there ready to work. Of course, we all know how this has been exploited by spammers.
Now, such non-essential services will default to the "off" position, and the user will have to take a step to affirmatively activate the services they want to use. This makes plug-and-play operation a little harder to accomplish, but Microsoft has finally decided that the security gained is worth more than the ease lost.
One small step forward for Microsoft, one giant leap backwards for mankind?
The day mankind as such depends on a single corporation to that extent, backwards seems the only way to go.
It was overrated when Apple told its users, "deal with it." And it's overrated now. If you want backwards compatibility, use a Win2k emulator.
!#@%*)anks for hanging up the phone, dear.
this is a giant step FORWARD. if it can keep my network from being bombarded by all those damned windows viruses it's GOOD no matter what. and i don't even use windows.
i'd say this is the brightest idea microsoft had in the last decade (if they deliver that is)
It says there's a pop-up ad blocker enabled by default...
How innovative, I've never seen that before!
'Generic Host Process for Win32 Services' from your computer wants to connect to law15-f93.law15.hotmail.com [64.4.23.93], port 80
Oh no, Microsoft isn't trying to integrate everything...they're not a monopoly...weirdos.
Hey, given the choice between the two, I think MS is right to choose security. You're often forced to lean toward security at the expense of some convenience, or vica-versa. And in this case, given the recent (past 10 years) track record, security is more important right now.
I, for one, welcome our new Antichrist overlord.
There's one item to highlight this week. Silicon.com and other sources are reporting that Apple's recent patch to fix a major threat in Mac OS X wasn't completely successful, and that a highly dangerous problem still exists in the operating system. The threat is especially noteworthy because it is the first important vulnerability discovered in the Mac OS X operating system that was not due to a flaw in the underlying FreeBSD UNIX on which Apple based OS X. This problem lies in the part of the code created by Apple, and it appears that it is quite difficult to repair. This is the first real challenge to Apple, and it will be interesting to see how the company responds to this critical threat. Previous patches were simply carried over from the Linux/UNIX community. Apple is on its own this time.
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
sounds like they are realizing that eternal backwards compatibility isn't that important to most people... and those who are forced to buy new software are probably going to be buying new Microsoft software (as if they had a choice). same thing with the Xbox.
1. Launch Windows Update.
2. Prepare sacrificial animal in accordance with the EULA.
3. Open CD tray.
4. Allow some blood to drain into computer and close tray.
5. Smear remaining blood on monitor frame.
6. When install completes, reboot and enjoy the ritually clean goodness!
particlesphere.com - quantum
is there anything microsoft could ever do that wouldn't be chastized by the slashdot community?
who CARES about backwards compatibility. If you want to run the latest software why do you need to run old applications.
A substantial number of my clients are still running Windows NT 4.0, I know of 3 Windows NT 3.x boxes.
I'd rather have optimization and security than application compatibility with the past.
a.out ?
--- ask me about nihilism, I will have nothing to tell you.
This is an oppurtunity for Microsoft to get rid of any software that competes with their products, along with any open source software they dislike. All in the name of security.
so is Mozzila on the list of incompatable programs now? how about openoffice, or Lilo?
Does that mean they will finaly ditch program manager? I realy hope there isn't any one still using programs for win 3.1 that still require that. And if so, why are they running it on XP anyway...
Don't believe me, or just feeling nostalgic for windows 3.1, go to run, or a comand promt and execute progman.
It was me, I did it, I moved your cheese
It looks like they finally disabled the Messenger service, that was the most annoying thing in the world.
The majority of XP users aren't using that many old apps anyway... the average XP user is just using XP, Office 2000+, IE6, and MSN. And the majority of 3rd party apps such as those from Adobe, Macromedia, etc will get free updates to be compatible. Its not such a big deal for the average user. I've often felt that M$ would be well served to release a new OS based on an entirely new codebase... get a group of developers that have never seen Windows source code, only the GUI and let them rewrite it without backwards. Then get the major vendors to release compatible versions of their software. Sure... things will lag for a bit, but Windows will get better and the app support will follow. Windows is still based on an almost 15 year old code base. Its time to rewrite it from the ground up. Screw the backwards compatibility. Move on.
OS X did this brilliantly with the Classic compatibility layer. 99% of the time the layer was app-compatible and it ran at least as fast as running OS 9 alone. Many people bitched at first, but when they started using OS X, it was pretty clear that there was a huge advance in stability that made people actively dump their Classic applications and invest in the X architecture. We're still in the transition phase but with Apple proclaiming 9 dead last year, it has been successful for the OS transition.
The reason Windows is in such a hurt is compatibility with everything. Even most Linux distros dont offer the level of backwards compatibility that windows xp or less does. You can still to this day run Win16 apps under windows and still print and save, as if it were no big deal. Thats just not possible with Linux. Try downloading or running a binary from 1994 that was compiled for linux and see if it works, im sure libc and glibc and aout and elf will make things fun.
Its kinda sad how things are around here for Microsoft, Damned of they do, Damned of they dont. Somebody shows progress and they get pounced.
"...one giant leap backwards for mankind?"...And recreating an OS from the 70's isnt? Thats pretty narrow thinking.
http://www.freebsd.org
Check this out: the new SP is supposed to provide an area of memory called "NX" for non-executable, where anything in that area is harmless (for virus quarantine, i suppose). What if I create a virus that modifies the parameters so that ALL the memory is NX? Boy, that would screw stuff up pretty good!
stuff |
Just think of the control MS could exert over all the code running on your (read: their) machine. It would also explain the supercomputer-esque requirements.
Ie this message is moreso for the submitter. Love the tone of your voice. We see almost daily MS lack-of security woes and now MS does something about it. Then you have to bitch about not supporing legacy this or that in the name of security. I think I would rather choose security. hell, all you need to be considered a computer security expert is just say "everything's insecure."
I don't think my reasoning is off the mark at all, but then it's my reasoning and not yours. Note, too, that appearantly the service pack is not going to be available to all XP installations so it's not going to help secure the machines most likely to be zombied for worm, trojan, virus, spam generation. I'm sure it's a good thing overall and will benefit some users, but it will cause some folks to consider other options in the Open Source segment and I see that as a good thing, too.
"Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain
"Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain
We all have to upgrade for Windows anyway. It's about fsking time Microsoft took a hard stance on security and backed it up. I just hope they don't drop the ball, cancel out ease-of-use, but then fail on security too. Wait a minute...
The dangers of knowledge trigger emotional distress in human beings.
You could see it when the finally decided to dump COM DCOM DNA, etc, whatever they were calling their latest crap architecture and go .NET. You could see the future of XBOX2 (really a .Net box) would completely dump the past. Face it, if Microsoft is to move into the future, it's not going to be on their crap architectures of the past. We will see more of this from MS.
One small step forward for Microsoft, one giant leap backwards for mankind?"
/. are met with "All your base are belong to us". Or with slight improvisation, "All your versions are belong to us".
All such posts on
So much for compatibility
http://efil.blogspot.com/
Joel had an interesting article recently entitled How Microsoft Lost the API War. He is arguing that a lot of Microsoft's past success had to do with there philosophy of never, ever breaking backward compatibility. However, recently they started to break backward compatibility (especially for developers), arguing that the new frameworks would be better, faster, more elegant, etc. Granted, most of the issues mentioned in the article relate to security (yes, I read it), but this may still be indicative for a new direction Microsoft is taking.
Under capitalism man exploits man. Under communism it's the other way around.
This is a good thing. It's basically going to break applications that make assumptions about the (in)security of DCOM and RPC. It's very easy to add an application as an exception to the firewall. DCOM and RPC are going to be the major issues, so it's not going to affect Grandma's cute shareware apps any. Any app broken by the NX flag was already broken to begin with. I'm looking at you, XFree86...
Compared to this relatively minor loss, the potential security gains are enormous. It remains to be seen how well it all works though...
Should I expect my applications just stop working some very nice day? Where should I enter my credit card number for my (say) MS Office95 to be automatically upgraded? Oh, yes, that's what MS Passport for.
I wonder how much of the copy protection on software this is going to break. Gamers are probably going to be the loudest yelling demographic when this hits.
Dont get me wrong, I think M$ should completly overhall there security. However, is a service pack the correct time to do this. If M$ breaks programs people need they may not upgrade and that could cause even more security problems. Maybe such a change should wait for the next release of windows(oh, say 2015 or so).
The perversity of the Universe tends towards a maximum. - O'Toole's Corollary
Interesting. Sun and Microsoft settle their big argument, and magically, Microsoft comes out with a patch to Windows that hampers the ability of JIT's to run. That's not playing nice!
stuff |
You know what? Fuck you! First you guys say that Windows sucks because it is outdated. Microsoft releases a new OS and you guys bitch about upgrade costs. MS Releases a service pack you guys bitch about how you cant install it on your illegal stolen copy. You bitch about security and when they go to fix it you bitch about how you can't run all your old DOS apps anymore. You are all a bunch of retarded shitheads.
I've been looking at XP SP2's release canadidate for a couple days now, and it's pretty obvious that it will cause nightmares for Windows admins for quite a while. However, it looks like they're making steps towards better security, which will be better in the long run.
Anyone who works in Windows shops knows the proliferation of COM-based software that was thrown together in Visual Basic, and this software often performs critical functions. It will take lots of testing/planning to make sure SP2 doesn't break these extremely fragile apps. There are many, many in-house applications that are still chugging along, even in compatibility mode, because they simply can't be replaced easily. Unfortunately, Microsoft can't test these in-house apps.
We'll see what happens...
Not wishing to troll in the slightest, but:
Fire up Office XP.
Click File, then Open
Browse for your document.
Click "Open".
Works fine for me.
One small step forward for Microsoft, one giant leap backwards for mankind?"
An enormous step forward for the Penguin.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
because SP2 will de-emphasize backward compatibility with legacy systems and code for the sake of security.
Even if SP2 results in greater security (which I doubt) the lack of backwards compatability removes the only selling point of the entire OS. Users will be driven to GNU/Linux systems in droves!
an ill wind that blows no good
The conspiracy-minded might see this as a sneaky way for MS to force the segment of the market that's not running latest (or legit) copies of Windows to upgrade, in turn boosting demand for new hardware (since those NT4 and 98 boxen probably won't run XP.) Hey, it works for Apple. :-)
Isn't the PC market sluggish right now? Having MS couch an upgrade as a necessary security fix might give it a little jolt. At the very least, it can't hurt MS to shake out a few new customers from the bushes. Especially if there just happens to be a new 'sploit that comes out which SP2 fixes...
Might be a little off-topic, but does M$ not realize that it may be worth it to sacrifice what they consider $, for the safety of your O/S and reputation? Are the people that are using pirated copies really going to buy your O/S anyways? Probably not.
Well, I'm not too sure about the security hole part, but, the SP2 upgrade, as it says in the article, will break compatability with some older applications. This will force anyone using those applications to upgrade (costing money) or search for alternatives (which will either cost money in licences or training, or both).
Will this leave any issues with things like SMB?
Looking at the article it was mostly talking about default firewalling, NX bits, and disabling some services which have recently been abused.
Would they go so far as to disallow plaintext passwords for logins, or SMB sharing?
Other than that minor concern this is good news for all people who have to share a network with Windows users.
I run Linux at home, and am constantly hit by port 137/445 scans from Windows boxes on the same range as my cable modem. Sucks.
According to the article, SP2 will not install on copies of Windows XP that have known "pirated" registration codes. Since computers running illegitimate copies of XP (such as those in Asia, again according to the article) won't get the benefits of SP2's security features, how much "security" will this really provide to the 'Net in general?
!#@%*)anks for hanging up the phone, dear.
Blame microsoft for the problems brought on by bad programs made by other companies. Then bitch because windows is insecure. Then bitch because they're trying to fix the situation and remove backwards compatibility to lessen the problems. Then say how microsoft is only doing this so people have to buy updated software. Well sometimes you have to bite the bullet and upgrade. If you're using some ten year old word processor on top for windows XP, then you better have a good reason of doing so. If you don't want to spend the money, switch to open office.
/. uses linux and other 1337 shit.
I can't understand how microsoft gets bashed for having the security holes and then again for trying to fix them. Besides, how many people on here still use windows? I'm always under the impressions that everyone on
Will SP2 still come with AMD64 support?
tasks(723) drafts(105) languages(484) examples(29106)
Check the date on the Silicon.com story linked to in the blurb, it is May 26.
Apple's last security update was released on June 7.
Thus the blurb appears to be old news, refering to Apple's first fix for only part of the problem.
SteveM
"I expect to hear screams of pain as people deploy SP2 and discover that legacy applications no longer work, but those are probably the same people who complain so loudly (and legitimately) that Microsoft doesn't deploy secure systems."
Here goes my karma, but how true will this statement be here at slashdot?
One small step forward for Microsoft, one giant leap backwards for mankind?
Spoken like a true zealot. I'm an OOS advocate, but I disagree with this type of statement. It's a damned if you do/damned if you don't situation when someone makes comments like this. Hey, security is important here, and I'm sure Microsoft gauged this responce carefully before making these changes. Sure it's going to break some systems, but sometimes something has to give to move forward. I don't know about you, but security is very important to me. If the patch breaks your system, don't install it untill you're ready for the change. No one is forcing the service pack down your throat.
Another problem is the fact that Microsoft won't be offering this service patch to those who hold pirated copies of Windows XP...
So zombies can still launch DD0S copies and be the launchpad for the next new Virus/Worm that there is no patch for yet or the Virus Scanners aren't ready for or Joe Schmoe hasn't had time to patch his system. This doesn't help considering how many pirated copies there are out there.
OTOH, Microsoft just about HAS to break some programs to get security halfway decent. There's no good solution, but I think MS is justified in breaking some compatability in this case.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
In a way, they really have nothing to lose. I mean, although there might be a bit moaning at first, if your Windows software doesn't plan to update after the new Windows OS, then odds are it's time to upgrade. My only real question is how much of an image problem this might leave - how can you advertise on one hand how secure your operating system is as of right now, and on the other completely redesign it a few years later, creating such a drastic change that even an application you had used just the other day no longer works?
Other things that I find good include port management that both handle the opening and closing of ports, but also allows some applications to run as a regular user instead of administrator.
There first complaint with SP2 was the NX command - which isn't available on most current processors. The second sounds like a benefit, not a complaint:
Then they go on to complain about not offering to pirated copies, but forget to mention it's only the ten most pirated product keys. It's still a large number, I imagine, but not the whole picture.That what was all this school was for... to teach us how to solve our own problems. -- janeowit
1) "Microsoft won't be offering this service patch to those who hold pirated copies of Windows XP"
Fair enough, but when you consider the millions of machines out there with pirated copies of Windows, who won't be able to "upgrade"... sorry Bill, but these are going to be the machines that will continue to be compromised and taken over. Why can't they just give the damn SP2 out for everyone, if they're SO CONCERNED ABOUT SECURITY??
2) "I expect to hear screams of pain as people deploy SP2... but those are probably the same people who complain so loudly (and legitimately) that Microsoft doesn't deploy secure systems."
Like what another poster said, Microsoft's damned if they do it and damned if they don't. To be honest I'd really hate to be in their shoes...
The Wknd Sessions - Malaysian and South East Asia independent music
After installing this patch, I found that several of my existing programs ceased working, not that I need them for anything important - see the list below
Adobe Creative Suite
Macromedia Studio MX 2004
Mozilla Firefox 0.9
Symantec Antivirus Coprorate Edition
Windiows Media Player 9
Microsoft Excel 2003
and most perplexing - Windows XP
From which body cavity did you pull this - Interesting - statistical summary?
"the average XP user is just using XP, Office 2000+, IE6, and MSN"
and damned if they don't.
Mark my words, MS is breaking backward compatibility because it's a good marketing move more than for security. It offers MS more control over what can run on their OS. Also, you're going to have to buy the new version of all that stuff that just broke.
So let me get this straight: right now, if a process crashes, it leaves a port open??? And you need administrator privileges to even open a port??? Windows is a bigger piece of shit than I thought!
___
If you think big enough, you'll never have to do it.
The WinXP article is dated June 7. The link points to a Silicon.com article about a security flaw in OS X, and that article is dated May 26.
It was on June 7, the same day, that Apple released a second Security Update that fixed the remaining vulnerabilities.
~Philly
There are no features I can think of that should sacrifice security over. None. Zip. Zero. Holding off security improvements for the sake of compatibility is one of the loopiest thing you can do. You either pay in blood now or pay for it later with gallons more. Its as silly as claiming you need things to be buggy and broken on purpose!
Bravo to the guys at MS who are sticking to their guns and pushing this through.
Uhhhhh. Since when has Lilo run in windows?
No, none of those programs should be broken. If they are, they have had chances to fix it for awhile now. The Release Candidates have been available, and I'm sure they have already been tested. Sure, MS has the chance to break things, but open source programs also have a chance to fix them. It sucks if they are broken when SP2 comes out, but they won't be broken for long.
Now this is backfiring however. This will take a bit of their advantage off and will most likely add extra annoyances for all users :)
I haven't seen anybody else mention this, but the first thing that I thought of when I read the tagline was DRM. Maybe Microsoft is taking its first steps in getting people to accept DRM, this first one being the one that gets people used to not having any backwards compatibility. Once people are used to having to change, it's a lot easier to keep them moving. Also, they'd be much more receptive to "new and better" technology as the old is slowly killed off and disappears.
Well, even if this isn't for DRM acceptance, it could easily be for Longhorn acceptance and adoption. If they can no longer use apps written 4,5, 10 years ago, they really have no other choice but to finally "upgrade".
And you can open an Office 97 document in Office XP, dumbass.
from Slashdot. Any article against Microsoft goes unquestioned. Any article for MS is criticized, etc.. Reaaaal critical thinking going on up there. Instead of "News for nerds", its propaganda.
Anyhow, I think the best approach to this news is a wait and see attitude. Instead of speculating wildly, lets wait and see how things change.
Users will be driven to GNU/Linux systems in droves!
Honestly, even if we accept as true your logic that there is no rational reason to choose Windows over Linux... you'd still be making the incorrect assumption that a majority of users are driven by reason and not, say, inertia, familiarity, and sloth.
No one has ever lost money betting on human laziness.
Well at least under Linux you can still use wine / winex. =)
Actually... it was a poll done a few months ago by some research org. I forget which one, but I recall seeing it posted on /.
Same AC as #9495765 here.
Firefox 0.9 works just fine on the latest release candidate of XP SP2. No need to get excited.
...microsoft would just like, open up one of their old operating systems and tell people it's unsupported blah blah NDA tie my left shoe...
and move on with it?
hordes of medicare applications are out there being used in critical ways, and they are written for Win16. making these apps work with Win XP alone is enough of a challenge.
why not split and have some compatibility OS, or as a module or product they sell on top of the new (incompatible) OSes?
SIGERR: laziness exceeds quota
well done, Microsoft!
As I'm a web developer, I'm more concerned with the changes to Internet Explorer. Previous versions ignored a mandatory part of the HTTP specification (RFC 2616). Basically, it ignored the Content-Type header in various situations.
This update changes the HTTP handling to follow the specification. Ever been to a website with Mozilla, Opera or Konqueror and it shows you the source code? That's because the web developers only tested in Internet Explorer, which isn't affected by certain misconfigurations due to it not following the RFC rules properly.
Once this change goes through, these types of errors will show up in Internet Explorer as well. Which means Internet Explorer is less compatible with previous versions of itself, but more compatible with everything else. That's a step forward in my opinion.
PS: It's also a reason to make sure your website works in browsers that follow the specifications, not just Internet Explorer, even if you only intend Internet Explorer users to be able to visit your website.
Ironically, apple has often chosen the path microsoft has now taken - the compatibility with outdated OSes should not be a priority over advancement or security.
Don't worry - its just stigmata. Pass me a napkin and don't you dare tell my mother.
This website has been criticizing microsoft for trying to maintain to many features at the cost of performance and security, and now that they get the message you criticize them for taking steps to fix this. This is like watching the political talking heads who attack the other party no matter what they do because they are republican or democrats.
does that mean that it removes IE as the default browser and installs Firefox?
and if you see me strut, remind me of what left this outlaw torn...
I much prefer the control and assurance I can get with Linux and other OSS. The *nix tradition of seperate accounts and premissions is strong, while it seems to get ignored frequently with Windows programs.
The only thing I don't get is why security enhancements should break anything under Windows. Except for permissions issues, are there other reasons?
So much of this discussion seems to present this as an either-or. Why should we have to choose? Why was it necessary to break compatibility in order to provide basic security? And what, exactly, about these changes is making things break?
Why should things like "The Messenger service is now disabled by default" or "new RPC restrictions" break very many applications?
How many ordinary consumer applications (as opposed to specially-written corporate applications which should have a team of programmers to keep things up-to-date) are relying on RPC, or the Messenger service?
Are so many ordinary applications doing spyware-like, product-activation-like, phone-home-like thingies over the Internet?
"How to Do Nothing," kids activities, back in print!
spyware makers are beginning to notice mozilla, and it certainly isnt the magic bullet that you think it to be. i have seen several websites attempt to install spyware via .xpi
mozilla wont' fix the problem, it'll make it less noticable until spyware makers *really* begin to focus on mozilla/firefox/etc
It seems that these changes won't break any well-designed applications, with the exception of viruses and worms.
Granted, MS is taking a "giant leap backward" in compatibility - with viruses! Apparently, the author misses having Blaster auto-install itself upon reboot, and still longs for the days when he had to close 5 or 10 popups to view the web page he really wanted.
How could Microsoft do this? After having spent so much time and effort to guarantee that viruses would run on their platforms, now they pull the plug!? The NERVE!
Quite frankly, this is what they should have done a long time ago. If there's any fault to be found, it's that they didn't do this sooner. Any app which breaks because of these changes wasn't well designed in the first place, and deserves to break. As far as I can tell, none of the Windows apps I've written will be affected by this. The only reason MS estimates that 1 in 10 will be affected is because Microsoft considers viruses to be an application for marketing purposes. This way, they can legitimately claim that there are "50,000 applications written for Windows..." True, 45,000 are viruses, but that hardly matters now, doesn't it....
And for once, they're doing the right thing - they're telling users beforehand that this patch is going to break things, rather than letting the user find out unexpectedly... This is an improvement for them.
The society for a thought-free internet welcomes you.
I am sure if it breaks any apps microsoft will be glad to upgrade the apps so they work again for a low low low price.
Before Microsoft used hardware as and excuse to force upgrades - but now that hardware is slowing up a little bit because there are more pc's today and people are sticking with what they got - they now have to use security to force the upgrade revenue stream.
What a joke - won't people ever learn - they have to keep sucking the money out of you to survive.
My advice is if it breaks any of your apps to switch to linux and run them in wine or buy another emulator if you want. But just switch and get out of their upgrade hell.
... I misread the article's author as being John Carmack!
I was expecting to read news of Doom 3's problems with WinXP SP2 computers... ;)
MS needs to move on if the backwards compatability is what is killing XP. Businesses need to move on as well. The fact that this is the first time since 1996 that there are going to be significant backwards compatability problems is actually pretty good on Microsoft's part.
CAn'T CompreHend SARcaSm?
And there is a hidden registry entry which will turn of all the above mentioned security settings.
Or wait for SP3 when we actually have the settings working
Q: How many Microsoft programmers does it take to screw in a light bulb? A: None. Microsoft just recently declared darkness as it newest inovation in cutting edge technology.
Red Bull gave me wings and I flew into the ceiling fan.
This is a troll. Nothing prevents you from opening Office 97 documents in Office XP. I do it frequently. (Also works with Office X for OS X.)
Microsoft should be applauded for taking such a bold step. This is definately the right move from a company who has always put usability at the top of the list for their programmers.
/., security is only as good as the vigilence of the system administrator. If users don't patch because it makes their machine 'hard' to operate, they will definately look for applications that will defeat security systems.
But I think that it will only be implemented by corporate users and tech-savy Windows users. I see a new generation of TweakUI-like applications on the horizion that will allow inexperienced users to defeat the controls that MS is building into this service pack.
Consider what will happen when someone wants to install an application that is not set up to override the port restrictions that are default in this SP. I can see a whole bunch of folks googling for hack-packs that will disable all of the port protection so that the app will run.
Keep in mind that not all software vendors are responsible corporations who have an image to protect. The smaller niche vendors may worry about their reputation, but they are more interested in making their product work despite what MS has done to the OS to provide better security.
As has been pointed out several times
No offense intended, but when you make an OS so simple that a five-year-old can operate it, you should expect five-year-old reasoning from the system administrator.
"Rocky Rococo, at your cervix!"
If those games can't run under Windows, then they may yet run under Linux/Wine. Pass the word!
Well, you could always look at things in the greater light; if this SP2 really ends up nerfing so many applications, doesn't it stand to reason that it might be yet another reason in the OpenSource/Linux Movement's arsenal? I mean, what happens if a company that has spent millions on developing an application for windows finds out that their program is not going to function (is going to get "nerfed"). Maybe if someone could manage to quickly write a way to convert windows apps to linux (well, applications that use the current, windows XP SP1 version of windows), we could manage to grab another portion of the market by allowing these companies to easily migrate to linux?
Just a thought...
Don't forget that a lot of commercial software used by corporations is hideously expensive and/or was developed in house by folks who are lo longer there (think: poorly slapped together VBA crap). In the case of commercial software they may also have cancelled the support contract for cost reasons (I know we have done this for a number of apps: support sucked and new versions sucked even more).
In both cases software upgrades may come with a big price tag which might well discourage affected companies from upgrading to SP2.
yeah, spam, popups, spyware and malware are truly windows problems. One thing is to be said for exchange, it's most likely not capable of sending millions of emails per hour. As for popups, who brought the javascript implementation that allows windows.open(..);? Well, netscape, thank you! And the only things spyware and malware require are any operating systems and ip for communications.
___
No power in the 'verse can stop me
Those who sacrifice a little essential compatibility to gain a little temporary security deserve neither- er, wait, never mind
Far too many Windows applications require that the user be logged in as Administrator. So many apps unreasonably require admin privledges that many users opt to be permanently logged in as Administrator. This in itself is a huge security hole.
Microsoft needs to close this hole and improve the application install/uninstall process. Many of the other fixes in XP sp2 are just window dressing without these necessary loopholes being closed.
-- "Most people prefer a popular myth to an unpopular truth"
Follow the money!
No backwards compatibility, more migration towards us.
Thats the ballmer way of bussiness
NO SIG
I would think that at the borders of our networks port 135 should be block universally. If your company needs 135 and is using the internet as a backbone you should be forced to tunnel it! I can't believe we are still being scanned on these ports. my .0000001 cents worth!
I mean, if no features are worth sacrificing security over, so would being able to use a computer. I mean, you can solve ALL security problems by unplugging the computer - no one will EVER break into the data from a network then, right? ... yeah. Think. There are quite a few things where the feature is better than security.
Having said this though, I just want to know what programs are broken now. I hope none of mine, as then I'd have to stick with SP1 for awhile.
--- Ãther SPOON!
Part of the problem is that Windows has traditionally been so lax on security that programmers have got away with bodges that would be considered unforgivable on a system that had been designed with security in mind from the word go. At some stage, though, something has to give. If all this legacy software is depending for its very operation on the same things as the viruses, worms, adware and spyware -- and it is -- then that is the choice you have to make: whether to allow sloppily-written programmes to take advantage of the security holes but unavoidably also permit malware to use them; or to prevent malware taking a hold, but in the process, unavoidably break sloppily-written legacy software. The two are indistinguible.
Now, if SP2 breaks compatibility with so much legacy software, then surely this spoils one of the arguments against switching to an alternative operating system that also would break compatibility with legacy software?
On a slightly different topic, why is anti-virus and spyware removal software closed source? If I cannot view the source code of an anti-virus programme then how do I know it is not simply going to infect my system with a virus every so often just so it looks like it has done some good? How do I know it is not going to infect other people's systems with viruses just so they will buy their own copies of anti-virus software? How do I know it is not installing its own spyware? If the software is not a Trojan horse then why will the makers not just show me the source code?
Je fume. Tu fumes. Nous fûmes!
Are you guys ever happy? I honestly don't think you are. First, you biatch endlessly about the lack of security in XP. Then, when MS does something about it, you start right up biatching for more! I'm willing to bet 80% of the people who read this site hate Microsoft because it's the "cool" thing to do around here. I'll wait for the 20% to reply with their reasons for hating Microsoft, most of which will probably be the same babble I hear in every anti-MS thread.
XP users can stick with needing a low-range current PC dedicated to the OS and all the flashy whiz-bang animations the OS offers. They can stick to still having security problems, whilst having to sacrifice backwards compatibility.
Me? I'm gonna stick with 2K Pro, freeing up resources for using actual applications, having a hugely more secure system, with a smaller footprint, and being able to run 100% of the Win32 apps I've come across, new and old.
That cool with you, Microsoft?
Give people a reason to upgrade their OS in future.
Do you see what I did there?
The leap backwards actually comes from using Windows, to start with. Go for Linux on the desktop... and NetBSD on the server and you're all set. :)
The Internet Connection Firewall is now enabled by default, which should improve security for SOHO users. However, in a corporate environment it could cause problems for users trying to connect to network resources. The firewall will also now activate much earlier in the boot cycle, even before the network stack is enabled. On shutdown, it will now remain active until after the stack is disabled.
There is nothing inherently safe about liberty. That's why so many people died protecting it.
No. For one, the whole of mankind doesn't use XP; you're forgetting about those who use alternative OSes like Linux, Unix, *BSD, OSX, etc. These OSes will remain progressive and advancing because they don't have the sort of problems that set back Windows.
Conversely, i guess you could say that it's a small step forward for Linux et al because this is just one more reason that these OSes are better than Windows in many ways, such that switching to an alternative OS is becoming more and more feasible everyday.
Excerpt:
A certain software company decided that it was too hard to take the coordinates of the NM_DBLCLK notification and hit-test it against the treeview to see what was double-clicked. So instead, they take the address of the NMHDR structure passed to the notification, add 60 to it, and dereference a DWORD at that address. If it's zero, they do one thing, and if it's nonzero they do some other thing.
It so happens that the NMHDR is allocated on the stack, so this program is reaching up into the stack and grabbing the value of some local variable (which happens to be two frames up the stack!) and using it to control their logic.
For Windows 2000, we upgraded the compiler to a version which did a better job of reordering and re-using local variables, and now the program couldn't find the local variable it wanted and stopped working.
I got tagged to investigate and fix this. I had to create a special NMHDR structure that "looked like" the stack the program wanted to see and pass that special "fake stack".
I think this one took me two days to figure out.
From a linux user, I see backwards compatability as the biggest nightmare of linux today. There is just too much of it, and it's holding back progress. Many of the points I'm about to address come from OS X, as I'm also a happy user of that system, and think it's a model for what can be improved about operating systems if you're willing to sacrifice some backwards compatability.
/usr/include, /usr/lib, /usr/share. This conventional *nix approach practically requires a package manager to keep things straight. Then, all that is required to compile against it, both finding includes and library search path, is a simple '-framework foo' argument to gcc, which follows a single search path. Easier to write makefiles, without wasting your time in autoconf.
Over 4 years ago slashdot was full of posts about how it would take the OOS community a couple weeks, months at most, to match Apple's nifty new compositing window system. Well, today 99% of us are still using X, and it really hasn't changed significantly. Even the extensions being worked on at FreeDesktop aren't in wide use, and it doesn't look like they will be soon.
We're still stuck with an ancient standard directory hierarcy, and multiple search paths meant to find the same thing (what? I still have to have a huge autoconf macro in order to find both the LDFLAGS and CFLAGS necessary to include library foo?). This obviously isn't the best it could be, and yet no one even considers trying to change, because 'that's the way it was always done'. Again, look towards OS X. Headers, libraries, resources, documentation, XML files with library metadata, everything associated with libfoo is contained in a single directory 'foo.framework', not scattered in
A lot of lessons have been learned since these systems have been designed. If you insist on supporting everything ever made, you're never going to get anywhere.
We will continue to download and install
the latest nightly build. What will the
MS community do when Search Doggy and Clippy
(R.I.P.) are gone forever?
Please? The issue can't be addressed until people can see the malware attempts.
They are two seperate product lines. If you'll compare XP to the previous iterations of the desktop line - 95, 98, ME - then you'll see that it is indeed a "a pretty giant leap forward in desktop computing".
You'd be surprised how stupid most people are. Have you been following any of the recent virus and spyware debacles at all? The current arrangement is actually fairly close to ideal. The people intelligent/capable/informed/(insert appropriate term) enough to know what a file system is will also be aware of the existance of windows 2000 as well as various ways to make XP less idiot-friendly. This arrangement does not work the other way around.
Work is punishment for failing to procrastinate effectively.
But those corporations are the *average user* I was referring to. Heck, I have 50+ PCs I'm responsible for. I have no intention of rolling SP2 anytime soon. Instead, we have a corporate firewall, AV software, anti-spyware software software, and built-in pop-up blocking in Mozilla (plus the google toolbar for IE). I don't need SP2 for my corporate systems. Sure, in time I'll probably roll it out, but I already have measures in place to address the majority of the needs that SP2 addresses. Its the average home user that just uses XP, Office, IE, and MSN... and they're the ones that won't know what broke, but probably won't get SP2 anyway because they don't have Automatic Updates installed, but if they get SP2, they'll call up Adobe or whoever and get the new versions of such and such. Unfortunately, SP2 won't affect a lot of home users until CDs start shipping from OEMs that include XP with SP2... since stock XP installs don't have automatic updates turned on.
While I fully applaud what MS is doing, it seems like the wrong time to be breaking legacy apps. Put out an actual new Windows release, rather than just a point update. People will be far less surprised when old software breaks with a full release, but with an update to the old system you shouldn't be breaking compatibility.
This isn't a damned if you do, damned if you don't situation in reality, it just needs to be managed properly. By jumping the gun on this, they'll likely piss off users, but if it were longhorn or some interim release then some breakages are simply to be expected.
That said, since I don't run Windows on my own machines, I get to be one of those that benefits by not having as much email or log spam due to 0wn3d winboxes (less spam please indeed!) so I can't complain. This is a distinct advantage of the Free software model, since Mozilla, OpenOffice, etc can be updated for no cost if this release happens to break them.
"I may not have morals, but I have standards."
Or they can just not upgrade. If it aint broke don't fix it.
well besides people are fed up with windoze virii/exploits etc...
I think they are building their base for more DRM crap. I wonder if they slipped any DRM type stuff in the thickets of sp2...
although maybe I just have my tinfoil hat on too tight today =P
e.
Build Your Own PVR/HTPC news, reviews, &
if this really makes it more secure, I'll all for breaking backward compatability. This just means developers will have a much harder time figuring out why certain COM+ services stop working.
Usually, I'd say this was a good thing. But, as with all things M$, I must adopt the cynical view that this is just another way for them to force people to upgrade to the newer, still buggy, resources hogging software they put out today. Since a large number of places are refusing to upgrade because their systems are stable, and because the reputation of M$ patches and updates is shoddy at best, the promise of something secure, that actually works right seems rather an elusive fantasy.
I mean, who cares about empty promises from a morally bankrupt company that is known for predatory business practices and open hostility toward their customer base?
Apple broke a lot of backward compatibility and it did hurt, but at least the new software at the end of the tunnel didn't blow goats.
In space, no one can hear you moo.
Opera or Firefox, your choice. Or if you have to use IE engine, try Avant browser and disable ActiveX.
"One small step forward for Microsoft, one giant leap backwards for mankind?"
I think the only thing backward about this is CmdrTaco's analysis.
Just a few weeks ago, I heard it quoted that MS used to say "DOS isn't done until Novell won't run", not Lotus.
I have a feeling this one may just be another urban legend, like the "640K should be enough for anyone" quote.
In any case, I think you're *always* going to see a little bit of favoritism when a company builds both an OS and supplies commercial applications made to run on that OS. They may not want to out-and-out break the competitor's app, but they'd at least be willing to make tweaks to their OS code that makes their own apps look better (EG. undocumented API calls). I'm confident that Apple has done/still does this with their OS, just like Microsoft does. The "3rd. parties" are on their own to make their apps run well.
Will they blacklist known pirated IDs, or whitelist known valid IDs?
If the former, there are several keygens for Windows that can generate CD keys easily for pirates. It's also well documented how to change the CD key without reinstalling Windows.
There's 10 types of people in this world, those who understand binary and those who don't.
The only thing that worries me about SP2 is the firewall. I already have a non-MS firewall installed on my machines. I not only don't want the MS firewall turned on upon installing SP2, I can't allow it to be turned on because it'll interfere with the already-active non-MS firewall. The SP2 installer should be smart enough to detect the presence of a firewall. Any bets on whether it actually will or not?
NT being "New Technology".
They got people from Dec with VMS experience to design it and they wrote it from scracth, more or less.
I'm sure some of the old windows code made it into NT, but I'm thinking that the low level stuff was all new.
The Internet is full. Go Away!!!
I have been waiting for the announcement that would explain all the astroturfing I've been seeing lately about how Microsoft has spent lots of man-hours over the years and the horrible hacks that they have made in Windows to make Windows compatible with legacy programs.
And, now, here it is! They knew that SP2 was going to break compatibility with some (probably) high-profile legacy program and they built up advance goodwill to counter this. Given that they felt the need to do this, it must also be a program that will lead to more cries about "killing the competition".
Stay tuned. All will become clearer as we see exactly which legacy apps are broken by SP2!
The PROBLEM is that Microsoft is combining this new "feature" (security) with their bug fixes.
So, what do people do who are ALREADY running their software on XP, who need the bug fixes, and have already dealt with the security issues (firewalls, etc)?
This gets back to Microsoft's old behaviour or adding features and functionality in such "service packs".
Microsoft should release sp2 with ONLY bug fixes.
Microsoft should ALSO release a "security enhancement kit" that has the lock down features they're putting in sp2.
That way, the users have a chance to check out the new security and see what still works and deal with the things that break.
Do you think that maybe M$ has been weary of doing anything major because if they break compatibility then all those developers that have to goto the drawing board might jump ship to avoid huge API licencing costs?
Maybe even go Open Source?
Don't forget M$ is making money comming and going. From those who buy the OS and those who are 'privilaged' to write anything more extensible then solitaire. I would drop VB for Java / C / Perl etc any day and have 100x more control and knowledge what ERROR#ABC123 is actually caused by then trudging through a knowlege base to find that you don't have access to the API that caused the problem.
Just a thought....
A loop, by its nature, continues. If that didn't make sense, start reading this sentence again.
Backwards compatibility, yea compatible with poorly written software. It's about time that old stuff gets patched or thrown out. I say Kudos to Microsoft on this one! There are some excelellet Ideas in that upgrade, things we have always complained they should do. We all knew there would be issues with old software, but security problems have reached a point where I say it is very very much worth it.
(If at first you don't succeed, do it different next time!)
"MS releases security patch"
-> M$ SUCKS! LINUX ROCKS!
"Linux kernel flaw"
-> LINUX ROCKS! M$ SUCKS!
"MS releases general patch"
-> THIS DOES'T IMPROVE SECUREITY!1! LINUX ROCKS!
-> THEYRE TRYING TO HARD TO BE BACKWARDS COMPATABLE! M$ SUCKS!
"MS releases general patch with high security emphasis, just like everyone's been clamouring for"
-> IT MIGTH BRAKE SOMETHING! M$ SUCKS LOADS! *LINUX ORGASM*
Etcetera...
Does backward compatible translate to back-orifice compatible?
Fast user switching? Never used it
If Microsoft wants to radically improve their desktop why don't they just include multiple desktops or programming tabbing
Multiple desktops, for onething, are not a new thing by any means, and vastly improve useability and organisation.
And what's sexier then file tabbing?
Stopping a messenger program or the gimp from filling up my task bar and windows by having everything tabbed and/or in it's own desktop is great. And seeing as i'm doing all this in the wonderfully low level, bloat free, fluxbox, sticking these features into XP should not impose a huge preformance hit (multiple desktops might chew up a bit of ram, but not as much as, say, a GUI that needs 3D acceleration...)
Oh and XPs faster boot time... all they do is get your desktop image in the background faster. But XP still loads everything in the background. Personally, i'm far lest frustrated seeing a loading screen tehn when i try to open up my browser and end up opening 3 up out of frustration while waiting. And now i don't have anything opening up in my system tray other then my virus checker. I'd just like my booting to be honest..
The Neo-Bohemian Techno-Socialist
Microsoft has, for years, chosen "user friendly" over "secure".
In fact, security wasn't even a concern. If a feature could make a user's life a tiny bit easier, but would leave the machine wide open, then the feature was added.
This is a step in the right direction, but I don't believe it should have been added to the regular bug fixes of sp2. The security lock-down needs to be its own patch/install/upgrade.
The first is the NX bit on AMD64 and EM64T. This will be applied to all code, including legacy 32-bit code. Windows has required all applications that execute on the heap to mark such regions as executable for some time already, but there was no enforcement until now. There will likely be compatiblity fixes for some applications, but there will probably be others that break.
The second thing is the new lockdown for Internet Explorer. This will break quite a few websites and web applications. Spyware that runs using ActiveX controls will get a nasty shock from this, but so will a lot of custom applications that run as ActiveX controls and websites that depend upon scripting.
There are also minor bug fixes and implementation changes that will break applications relying on buggy or undefined behavior in Windows, but that's normal with patches and updates, and will get the standard Microsoft compatibility treatment.
I call on Micro-Soft to lock down Windows real tight and break as many applications as possible.
The effect would be to drive people to Linux and open source.
hmm Well for one thing sp2 isn't very good at stoping pirates from using it what dose it block maybe 10 serials ? There are around 100 widely known open liscene serial numbers for xp And then if you happened to find a computer somewhere that was legitimate you could just use that serial , thats 101 pirated serial numbers Not that i am a pirate I am more a ship mate watching what other people do but anyway another thing i haven't seen any compatibility problems with sp2 I don't really know what problems it is supposed to have but it works fine for me. I have apache and iis , couple of other servers compiled in cygwin that run fine , using ports , I didn't even know about automatic port management. I know I have a tone of stuff that uses the remote procedure call , because just about everything uses it. If you go from one program to open another you just about have to use it. Or well speaking from the blaster standpoint when you got hit with it , you couldn't open programs from within programs after you had performed shutdown -a so i am assumeing thats what rpc is used for. So whats wrong with sp2 ??? Microsoft Seems to have done a good job on sp2 I think I have been using it for oh say 4 months or so. never had any problems
Joel Spolsky recently wrote an *excellent* article on this very topic called How Microsoft Lost the API War. Like almost everything he writes, it's well worth a read.
/big/ thing. He cites VB.NET and Longhorn as two examples, but it looks like Microsoft just gave him another big one.
One of his major points is how MS is breaking with it's past, from when backwards compatibility was a
-Bill
SlashSig Karma: Excellent (mostly affected by moderatio
Microsoft should have done this at the XP release many years ago. Their is too much legacy code in XP than their should be. The should have taken yet another clue from Apple and run the old code via emulation or in a protect partition, separate from the XP OS.
Let's face it, for the Windows OS to evolve at one point it is going to have to leave all of DOS behind, starting with DLL. The sooner MS comes to this conclusion the better it will be for them but I am sure they still don't see it that way.
a) This has been discussed before.
b) This is a good thing. Yes, some software may have to be changed. Red Hat and others have added NX as well, and the Linux world didn't crumble. This is not a bad thing; it's a very good thing. Please stop discouraging Microsoft from improving the security of the general computing environment.
May we never see th
The biggest problem will come for applications that use just-in-time code creation. On the other hand, the .NET Framework common language runtime code already supports NX as implemented in SP2.
.NET does?
So Java no longer works, but
Microsoft won't be offering this service patch to those who hold pirated copies of Windows XP
I could be mistaken, but I thought Microsoft had caved and agreed to allow pirated copies acces to SP2 in the end.
As I say, I'm not sure, as I'm not a Windows user, but my roomate is and said they were allowing pirated copies to update in the name of security.
"Reality is merely an illusion, albeit a very persistent one " -Albert Einstein
This was reported months ago. Heck, I submitted a story (which was rejected) about how SP2 was going to break a ton of apps. Nothing new to see here, move on...
-jls
Techno-pagan
Microsoft failed to create a secure operating system, and I blame them. Microsoft also failed to release enough information to developers to write code that will survive operating system patching, and again I blame Microsoft.
While I welcome any attempt to make the platform more secure, it is certainly a case of closing the barn door after the horses left.
With Microsoft's history of intentionaly breaking things for their competitors, I think it's fair to worry about what intentional abuses will be released in SP2.
The only truly surprising thing about the whole issue is that they are giving it away instead of selling it. (Windows XP Puma! only $199)
-Z
About 50% shareware / commercial software that you can get off the net uses some sort of protection mechanism: Serial, Encrypted Code, ...
Nearly all of these protections use tricks such as self modifying code, undocumented windows function... that's going to break compatibility for sure.
no SP2 upgrade for me until I see all my software patched for it.
What do you mean, "finally?" They always have told people to develop apps so you don't have to run as admin, even down to determining where to store registry entries. With .NET forming the basis for Longhorn, they're merely pushing that fact even more--I doubt Longhorn will create accounts in the admin group by default, unlike XP (which does it merely to retain compatibility with the decade of Windows software that precedes it).
.NET is out, trojans and spyware are a thing of the past, and the resulting sandboxed system is stable as a rock? Just KDE 3.6 announcements, where they add more sidebar buttons to Konquerer!
This is yet another "M$" bash article that illustrates an OSS mindset of "damned if they do, damned if they don't." I always hear about how bad Windows is because it contains so much legacy compatibility, then when they remove some compatibility to update things, suddenly that's bad too. Look at the headline and article summary. Hell, I knew morons would start bringing up the Office 97 file format transition (big deal, they changed file formats once single time, and Slashdotters have still never let go...I'd like to point out how many endless changes have been made in the OSS world on the turn of a dime).
What are the Slashdot editors going to have to post once
I've written a lot of code, including my share of system libraries. However, there comes a time when you just need to say "Enough. I've changed my mind, that didn't work as well as this will". Particularly with security issues, you sometimes need to just drop the old stuff to move forward, and if it breaks old software, too bad -- that's the POINT of removing insecure library functions.
I'm not a big fan of Microsoft, but I use it at work. The latest versions are no more bloated, clunky and unstable than the latest bloated Linux versions with KDE or Gnome in eye-candy mode. They acknowledged their security faults, and are dropping the old baggage required to address the problem. I fail to see what they've done wrong here. I seem to remember a number of open-source project that have mad API changes over the years to improve security, and we hail that as progressive, proactive, and intelligent design. Where's the foul?
I just tried it. Office XP opens 97 documents just fine.
Why are there so many Slashdotters still obsessed with Office 97? Are there really that many people stuck on that piece of software from seven years ago? We've had three versions of Office since then. Get over it already.
You show me a non-technical person running linux without X server, I'll show you someone who swtiches back to windows.
The key difference between a Programmer and a Senior Programmer is that one of them is Mexican.
So says the Slashdotter posting through KDE running a taskbar, start menu, minimize/maximize buttons, menus in the same place on the window, similar print dialogs, integrated browser/explorer, and more...
The Internet Connection Firewall is now enabled by default, which should improve security for SOHO users. However, in a corporate environment it could cause problems for users trying to connect to network resources. The firewall will also now activate much earlier in the boot cycle, even before the network stack is enabled. On shutdown, it will now remain active until after the stack is disabled.
A smart start in my eyes - even though network admins might curse until the properly set up all PCs, John Doe is probably safer now.
The Messenger service is now disabled by default.
Praise the Lord, another evil gone (or at least disabled by default)
A pop-up ad blocker has been turned on by default.
Hmmm... probably useful, but as long Internet-"Security Hole"-Explorer is still default, with Active-Security Breach, er.. Active-X turned on it won't help much...
A unified security application called the Windows Security Center has been added (for more information on this feature, see this News.com article). It is supposed to bring all of the most basic security configuration information into one easy-to-manage place that will show whether your firewall is enabled, if your antivirus software is working, and if you have the latest software updates installed.
Again something good for John Doe, though I don't feel comfortable for MS checking out my PC
NX support is added to Windows XP. NX (no execute) will allow NX-enabled CPUs to mark certain areas of memory as non-executable; that is, any code pushed into those areas (perhaps by malware such as Blaster or other viruses) will just sit there, unable to run and therefore will be rendered harmless. This will harden the OS against the notorious buffer overrun threats. NX is currently only supported for AMD?s K8 and Intel?s Itanium processors, but 32- and 64-bit support for this important security feature is expected in most future processor releases.
Probably a good thing, fixing some of the oldest exploits in programming, but with Palladium sneaking round the same corner I have a not that good feeling
DCOM (the Distributed Component Object Model) gets a new set of restrictions in the form of an access control list for nearly every action of any COM server. There will also be a more detailed set of COM permissions, which will allow administrators to fine-tune COM permission policies.
Sounds reasonable
There is improved port management. It will no longer be up to the application to close ports after it is finished. Before, if a developer left out the closing routine or the application crashed, a port could remain open and leave XP open to attack. SP2 encourages port management with an application white list that only a user with administrator privileges can alter. Placing an application (such as a peer-to-peer program) on the white list causes ports to be managed automatically. Such applications can also now be run as a regular user rather than needing local administrator privileges to open ports in ICF.
As with the other Firewall changes, a sensible thing.
New RPC restrictions help tighten communications. The XP SP2 changes in this area let administrators fine-tune RPC services. This granular control over RPC will allow you to specify that a port be used for RPC even if the application is not on the white list. There are a lot of changes for RPC, including a new RestrictRemoteClients registry key that by default blocks most, but not all, remote anonymous access to RPC interfaces on the system. The RPC interface restriction will require an RPC caller to perform authentication, which makes it much more difficult to attack an interface, and helps mitigate against Trojan attacks.
Good... I guess...
All in all, what are the disadvantages?
Some hassle for Sysadmins till they get the settings right, some compatibility trouble with programs that have dynamic code, but all in all a big plus for security.
Seems good to me
+++ MELON MELON MELON +++ Out of Cheese Error +++ redo from start +++
Another problem is the fact that Microsoft won't be offering this service patch to those who hold pirated copies of Windows XP,
I seem to recall a not to old article that claimed just the opposite of this?
When Win2K SP4 rolled out, our network provider decided to patch everyone's system at once. Almost every system in the agency went down. Turned out the for some reason SP4 was not compatible with our old network cards. We had to roll back the patch. On some systems, even that didn't work. We had to install new network cards. What I don't understand is if 10 year old DOS programs work, why my 4 year old network card didn't. I'm going to be very careful about allowing XPSP2 into our environment.
That's gotta fit into your schema somewhere
There is a point where Microsoft's backward compatability plan will no longer be feasible. This is perhaps one large step for them past that threshold.
They can only maintain that for so long. When they no longer support legacy systems, those users will have to decide weather Microsoft still makes the most sense for their needs. I'm willing to bet many of them, if they are smart enough to do the research, will be choosing OS X or perhaps even Linux.
"Politicians find new names for institutions which under old names have become odious to the people."
I think that one of the realities is that the people willing to download and install this update are the people who already know what they are doing on their pc. They probably already have broadband, regularly use windows update, have a popup blocker, perhaps zonealarm,adaware,etc...they are probably in pretty good shape. Everyone else will still be screwed -we'll still get a ton of viruses roaming around our inboxes-because MS made security an afterthought instead of preventing all these problems before releasing an OS to the general public. And if there are compatibility problems then it will deter even some of those in the tech knowledgable minority.
You can't install SP2 (RC2) through Windows Update. SP2 is only released through Microsoft's beta program.
You misunderstand me. If the make non-admin the default, then Broderbund will FINALLY *have* to fix their apps. This particular rant of mine is not anti-MS, it's anti-Broderbund.
The "It's about time" comment was re: abandoning the Registry for app settings.
The only reason we have the rights we have is that people just like us died to gain those rights. -- Cheerio Boy
As a desktop OS, I haven't seen anything better than Win2K.
Look at it this way:
1) Windows XP Pro does everything that Windows 2000 Pro does.
2) Windows XP Pro, with a bit of tinkering and no downloading, can be made to look and act nearly identical to Windows 2000 Pro.
3) Windows XP Pro has more features than Windows 2000.
4) Windows XP Pro runs faster than Windows 2000 Pro (once you're finished with step 2.)
5) Windows XP Pro has the exact same hardware requirements as Windows 2000 Pro, but contains many, many more built-in drivers. (Which means less downloading for the user.)
6) Windows XP Pro costs the same amount, or less, than Windows 2000 Pro.
So... uh... buying Windows XP is a no-brainer as far as I'm concerned. I really don't understand the people who think that Windows 2000 Pro was the end-all of Microsoft OSes.
Comment of the year
This is a troll.
Mozilla runs just fine, and it doesn't matter if it didn't because Mozilla would just update its code (being open source and all).
Windows is still based on an almost 15 year old code base.
No, it's not. That's like saying Linux is based on an almost 15 year old code base (1991 is just 13 years ago...).
Its time to rewrite it from the ground up. Screw the backwards compatibility. Move on.
They already did. It's called Windows NT and was a complete rewrite based on parts of VMS (the same guy who worked on VMS even became NT's lead).
With Windows XP, they finally completely replaced the DOS-based kernel and merged off of NT. Everything is using that unified codebase now.
You know, it's really shocking how little Slashdotters seem to know about these things. Back in the day, it seems like Slashdot was so much better at actually reporting tech knowledge, but now it's about posting the most scathing and trollish articles in order to get reactionary page hits in order to run their ads. Few people consider that this website is corporate-owned now. This place is the Ain't-It-Cool-News of the tech sector.
To get the XP certified logo, your app has to be able to run as a non-Admin. The requirement is there, and in my experience most apps meet this.
So I'm not sure where you are coming from. The only applications I encounter that "require" admin are primarily developer tools.
Unless there are some games I'm unfamiliar with...
Although beyond overstating the need, you are also overstating the risk. Being logged on as local admin to a desktop really isn't that big of a security risk. You risk destroying your desktop install, but that's it, the impact is contained. The changes in SP2 are there to prevent problems from spreading from other machines.
Microsoft is finally doing the right thing and people are still bitching.
Implementing OpenBSD's W^X memory locking, vastly improving the firewall and turning it on by default, and disabling that goddamn messenger POS are all very good things.
If it breaks a few programs so be it: the breaks won't last long, but the vast improvements in security will.
"The crows seemed to be calling his name, thought Caw."
Slashdot set to fork into MS-tolerant and MS-intolerant editions.
Lameness filters to be adjusted accordingly.
Not as easy as Ctrl+Click to open it in a new tab so that I can look at it before closing the tab and going back to where I left off on Slashdot.
I find that about 50% of the time the back button takes me back to the top of the article rather than the point I left it so I normally open links in a new tab/window.
Like I said, I was just wondering if there was any particular reason for not making the URL clickable. I apologise for rattling your cage.
Party Time: Excellent
One small step forward for Microsoft, one giant leap backwards for mankind?" No. Not a step back. It's retarded to think that you could possibly keep legacy code from windows 98 working and expect things to be secure. I dispise M$ and even I can see this is a step in the right direction.
http://www.rustyrazorblade.com
Are you people ever happy with anything they do? I know, they're generally evil, but the members here preach about the evils of unsecured software. Now you're criticizing the company for doing exactly what you asked? kM
-- You can't drink all day. (Unless you start in the morning...)
all 75000 viruses? That'll take a while...
Complain if MS sacrafices security for compatability.
Complain if MS sacrafices compatability for security.
Oh hell, just basically complain. And if you don't know what to complain about make up something you "heard on slashdot" that you then think must be true.
As for SP2, its a great upgrade. Lots of folks will love it and lots of them will be much more secure. MS does something right, deal with it.
--> Fight tyranny and repression.... read
Didn't the move from Win98 to WinXP show you anything? It Broderbund will just ignore their old apps and release new versions (which you can pick up for the low price of $50...).
Microsoft breaking compatablity just gives other companies (hardware and software) a chance to kill off support for older products.
While Windows Update has (and still does) work fine, it reports an invalid key when I attempt to install SP2 RC2. Anyone else have this trouble? Anyone know how many additional keys they're blocking?
There is the "Do what I say, not what I do" angle -- if 100% of Microsoft's own applications ran under "User", there would be no bashing angle. That is not the case however, especially with games.
Whenever I hear the word 'Innovation', I reach for my pistol.
courtesy Raymond Chen's blog: During the run-up to Windows XP Service Pack 2 Beta in December of last year, there was a list of five bugs that the release management team decided were so critical that they were going to slip the beta until those bugs got fixed. The third bug on the list: Deer Hunter 4 won't run. Deer Hunter has the power to stop a beta.
it's not going to stop until you wise up, no it's not going to stop. so just give up.
[i]I find that about 50% of the time the back button takes me back to the top of the article rather than the point I left[/i]
I've found this to be true as well. This should've been fixed. Back to Opera I guess.
You seem to be saying you are far superior to those of us who know more about Microsoft products and know more about how broken and anti-idealistic they are.
This is long overdue. They've been keeping their systems backward compatible at the expense of things like security for long enough. This is just the first step. Maybe one day they'll actually consider Windows not crashing more important than Applications not crashing.
"he drew his sword Ringil that glittered like ice... and he wounded Morgoth with seven wounds..."
ANGER PROBLEM!
I don't believe SP2 affects COM objects. Only DCOM, which almost nobody used. I haven't used SP2 so I'm not 100% sure, but I don't think it affects run-of-the-mill VB6/COM software at all.
I'm not sure which DOS apps you are thinking about, but I can think of many, many DOS apps that don't work in WinXP, and, as the insightful readers out there have already guessed, I am talking about DOS games!
A few quick examples:
- Star Control 2
- Ultima 7
- Wing Commander 3
(basically anything that Origin ever made was always broken on the next OS upgrade hehe...)
Maybe the simple text DOS apps can still be run in WinXP, but you'll be hard pressed to find many games that still run. DOOM _might_ still run, I'm not even sure about that one. (I know it ran in Win9x)
If DOS compatibility wasn't an issue, then projects like http://dosbox.sf.net wouldn't exist...
You have illustrated a point I often make (and get modded down for). For all the "forward thinking" that Linux users are supposed to be doing, and all the progress they're supposed to be making, the truth is that the OSS community avoids change and is very stubborn.
When KDE and GNOME came out, it was nice at first to have a couple of cute desktop emulators hacked on top of X, but I always thought by now someone would have replaced XFree86 with something modern and hardware-accelerated, and we would have moved on. But we're still using KDE and GNOME.
Endless hierarchies of folder structures are prevalent everywhere. We're just supposed to accept things like "/usr/local/lib/blah/blah.something" for some random file. If it was on Windows, someone would be complaining about how Windows "hides" things in convoluted folder nests. On Linux, it's just accepted because some random geeks got together and deemed it a "Linux Filesystem Standard" for files to be scattered every which way across a filesystem made up of thousands of directories.
Linux and its desktop attempts are hindered by the huge cross-section of anti-social geeks who have latched onto UNIX as their mentality for being "elite." It's holding back progress. You're absolutely right, OS X had the right idea, but don't expect anything to change in this community. Many of us have been saying this since the late 90s. Developers don't listen ("code it yourself!"), and Slashdotters bitch at you ("don't criticize a volunteer effort!").
No security = useless
No compatibility = useless
Think of it this way. It is much better to wear clothes than to wander around naked.
One small step forward for Microsoft, one giant leap backwards for mankind?
This just proves you guys don't like microsoft just because you want to bash something. I bet if apple were big you'd do the same.
Here they release something you've all been crying out for and now you do an about turn and give the biggest hypocritical answer.
nice one slashdot.
This statement One small step forward for Microsoft, one giant leap backwards for mankind?, is the exact reason why very few people take the Open Source crowd very seriously. Microsoft is making a valent effort to fix security holes, that the OSS gang always complains about. And what is the response when Microsoft actually goes in and improves their product for the better, and closes some gaping holes? I will tell you one giant leap backwards for mankind, stop being so biased and get a life. This is the exact reason why I don't use Linux, because of this cocky holyer-than-thou attitude that they have. I say get off your high horse and congradulate Microsoft for fixing the hole, and gradulate your self for putting this kind of pressure on Microsoft to fix the holes.
[n/t]!
Sorry, here comes some anti Microsoft diatribe.
Despite the "Microsoft are holier than thou" comments, what's to stop them only breaking compatibility with non-Microsoft software? Given past history - likelihood is high.
I don't assume Microsoft is a plain bad company - I just judge them on their past history. An almost consistent track record of leveraging the market by force is VERY GOOD REASON to never trust this company again.
AC
> WinXP by default starts 36 services.
I call bullshit. Just got a new laptop with WinXP and there were 22 services at startup, 7 of which were useless crap installed by compaq (4 separate services for "easy access" keyboard?) and two from non-Microsoft applications. That leaves thirteen for Microsoft.
The article talks about applications possibly breaking due to the changes but doesn't seem to give any examples. It would be nice to know a couple of applications that broke (and how) so you can ascertain the kinds of applications you're going to have to watch...
"One small step forward for Microsoft, one giant leap backwards for mankind?"
When Apple broke compatibility there wasn't much of a negative reaction to that. Are we a little biased here?
I think it's good for MS to break backwards compatibility for some things at this point. Some of that legacy bloat will be stripped off of the OS at least.
...it was (the first time) to move to a completely new architecture, and the second time to move to a completely new OS architecture. NOT for a Service Pack!
And let us not forget, the second time (the move to OS X) they had a backwards compatible OS 9 layer so that you could still run your old apps whilst waitingAlso there's a hell of a lot of companies out there using legacy internal apps developed in things like:
- Pascal
- QBasic 4.5(I kid you not)
- VB 3 4 and 5
Let us also not forget that the NX extensions could prove problematic for VM's (hmm...Java, I bet M$ wouldn't mind 'breaking' that on windows once and for all, something they got sued for, and settled over).Now it starts to look a little less easy to forgive, doesn't it?
Finally, Apple just doesn't have the same installed base as Microsoft (and Windows XP), especially in business, so this could be one giant headache for corporate IT admins.
I am NaN
You know, we Linux users may be ignorant, but we aren't stupid, so we are able to learn. Microsoft's undisputed leadership is in handling the business in general. Therefore, we take a clue from Microsoft's methods, one of which is to always critice whatever you can. It's only my ingrained honesty that keeps me from lying, like Microsoft does, but if it weren't for that the FUD agaisnt MS would be spread much thicker.
So the NX causes problems with some Just In Time compilation programs? Sounds like this could impact Java performace, i'm sure MS is deeply concernered about that...
For my online banking, currently only M$ and of course IE. To make it even worse the damn app uses M$ JVM and only that JVM. Happy to have VMWare, so no need to reboot to use it. After the install of that service pack, well you could guess it, no more online banking. Even removing it didn't solve the problem. Lucky I have a backup vmware file so my problem was quite quick solved. So I decided that I won't waste my time anymore on M$. That actully happen quite a while ago, after the experience with the dll-hell. Linux user #358897
So how is it that I am running Firefox on Longhorn?
"Taligent is still pure vapor. Maybe they'll be the last who jumps up on Openstep... "
Will NX break java? Or is Java even available on the cpus that support the no-execute flag?
After installing SP2RC2 and noting that everything was working fine, I went and re-set bblean as shell, and walked away after rebooting... When I came back, I had a BSOD; something about Login (I was too panicked to read it that closely).
I managed to get back in by logging into another account I had in XP and replacing the custom shell program with a renamed copy of explorer.exe and everything worked fine after the next reboot.
I could be wrong, so feel free to correct me; but I noticed SP2 wouldn't install with bblean running as shell, and it looks like it was for a good reason. Be careful. :)
somehow, I think the NX feature was a lost cause, all virus writers have to do now is use their code to infect all the programs in a different way, and make the infected programs run in the dead zone of memory, bam, your windows install is 10 times more fucked than virii created before the NX fix. and this time, it'd be impossible to run windows.
I dont think this will fix much, just give the user a false sense of security, forcing people off the older systems since all new programs will be written to only work with XP with SP2. Thus Microsoft gains money. I hate to sound like an anti-microsoft troll, but it just looks like M$ pulling something "for the welfare of its users" to only tighten their grasp on the common user.
Looking at the "Security" they're adding, looks like things that shoulda be added a while back, and will only be exploited days after release, with possible nastier exploits.
We finally started a full switch to Linux because of service packs to win2k that broke our old DOS CAD tools in the name of security -- and started "phoning home" like XP. OK, allowing full access to the hardware by old DOS programs is a potential security problem, but it would seem that in these days it would be easy to do an emulated sandbox for such that would not be allowed to do serious damage, rather than just making it impossible to run old programs. Win 3 to 9x allowed this via VXD's but this is lost in the more "advanced" versions. For example, TraxEdit (the old version of the now prohibitively expensive Protel toolset) is broken on recent Windows versions that have been patched. But even expense aside, we like these lean, mean tools written to run well on a 286 far better than the new stuff. Imagine how nice they are on a pentium!
Would be nice if it were that simple, but a nice trick used throughout GOOD c++ programming is to allocate, say, an MFC dialog on the stack, as this automatically solves many memory leak problems and is tons faster than new. Much good software would be broken by disallowing execution from the stack. Of course, stack overflow exploits are the fault of the programmer, not the language, as it's trivial to use the length checking versions of strxxx and so on, and they've been around for quite awhile. And bad code can be trivially found by a text search...
Hope Microsoft keeps it up. And I hope it keeps GPL software authors on their toes as well. If MS keeps tweaking things, it will get painful for vendors of -pardon my expression- "shitty" software. It will raise the bar, so that those who don't properly design or maintain their software will end up without customers (because it just won't run).
If Outlook no longer uses the file types in the registry or the vanilla shell execute calls to handle e-mail attachments, then I'll know they're really serious.
Fred
"A fool and his freedom are soon parted"
-RMS
Microsoft has announced that do to another wild coincidense, competitor products will cease to work.
Bill gates was heard to be snickering as his limo drive wisked him off to an undisclosed location only know as 'the bank'.
Security is good, but MS has a horrible history of this behavior, and for that I mach him.
The Kruger Dunning explains most post on
you've only been using Microsoft products for 10 years? you're Lucky ... ;0
The Kruger Dunning explains most post on
soon you won't be able to leave either
My guess is that the only stuff it "breaks" is crap that is running improperly anyway. Stuff that tries to write to system directories for no good reason, instead of to each user's "Documents and Settings" directory, for example.
If windows programmers had been writing software with multiple users in mind from the beginning (ala unix), then many of the problems plaguing windows likely wouldn't exist.
As I've written before, even when linux becomes mainstream, it will not have the number of problems that windows has simply because linux developers always have and always will write their code for a multi-user system. Much of the windows software still around still thinks it is ok to modify system settings in the registry, system files, etc.
Windows just hasn't to date gotten the unique settings per program for each user thing down.
I remeber when there was a change to DOS, then suddenly word perfect would barely work.
I remeber when there was a change and lotus stopped working properly
I remember when Novel stopped running properly.
All of these were in conjunction with MS coming out with similiar products, or started moving into those fields.
I have had MS tell me of way around some issues. If this breaks it, are they going to help me? probably not.
The first time I heard that saying, it was Lotus, not Novell, AND it was said by an MS employee.
The Kruger Dunning explains most post on
You linux fanboys can't have it both ways!
There are so many backwards compatibility issues with different Linux distros!
You have complained for so long that maintaining all the backwards compatibility is what causes windows to have so many security issues!
Take a look at yourself and smack that head of yours as hard as you can! You can't complain about MS doing what you have whined they should do for years!
Microsoft is the suxx0rz!!!!!!!!!1111 Linux ROOLZ!!!!!!!!!!111111
Would be nice if it were that simple, but a nice trick used throughout GOOD c++ programming is to allocate, say, an MFC dialog on the stack, as this automatically solves many memory leak problems and is tons faster than new.
A class instance is data. It doesn't contain any code (it contains a pointer to a vtable, which itself points to code...). So you can keep allocating objects on the stack, it is indeed faster / safer.
I hate Windows. (Except for games)
That said, this is a pro-active step. People have bashed MS and Intel for keeping too much legacy crap, and now the MS finally decides it should take some out, we get this story bashing them. I applaud them, and put a lone tally mark in the "Benevolent column." I might have erased one from the "Satan column," but it's much too crowded and I don't want to accidentally erase more than one.
I hate grammar Nazi's.
I don't recall seeing phono inputs on a fair number of preamps any more either. Got to have the cartridge levels up to the 1 V/600 ohm scheme these days.
78 RPM turntables are a project to find as well.
[Sorry for the title, but with so much noise on this topic, I figured I'd have to do an Al Franken to get noticed.]
For the first time ever on slashdot, I gave up reading even the highest modded contents.
ATTENTION: MS Shills
When you're given your talking points, try not to quote them. Seeing the same key phrases in post after post makes you all look like - I have to say it - the Borg. Besides, it's hard to fake a groundswell when everyone arrives chanting the same slogan.
Also, you're not going to be effective if you monopolise the high karma. Let a few honest posts drift up to the top as well. It's called camouflage.
I don't know who's paying for this astroturf, but it sure needs trimming
Crumb's Corollary: Never bring a knife to a bun fight.
Hey douchebag, all of that crap is part of a Windows *theme* that a user can *choose* to use--as well as CDE, Apple, X... But then again, you were trolling, weren't you?
Things will get funny when applications hit the market which will require SP2 or higher (remember apps for NT4 ?). At this point we'll end up with a funny mix of XP boxes in every place, some on SP1, others on SP2+.
Don't forget: SP2 doesn't only fix security issues, but most certainly introduces tons of bug fixes, something new apps might well depend on.
The Messenger service is now disabled by default. They..... they have done somthing right!! "faints"
Saying Apple is better than MS is like saying Botulism is better than rabies.
I find that about 50% of the time the back button takes me back to the top of the article rather than the point I left It happens in both IE at work and Firefox at home, i blame the slashcode,
Saying Apple is better than MS is like saying Botulism is better than rabies.
All it takes is one annoyed customer who suddenly can't run his copy of DeerHunter Solitaire for Windows 3.1 to get pissed off.
Next thing you know, the whole town is pissed off.
The only leverage Microsoft has in the OS industry is that its backwards-compatability encourages customers to keep upgrading to modern versions of their software with some level of confidence. Especially those who upgrade their version of Windows through new computer purchases.
People want their software investments from 1990 to continue to work in 2004. Whether or not this is a realistic expectation is another story.
The moment enough old/discontinued software no longer works, people might consider alternative options.
Up, Up, Down, Down, Left, Right, Left, Right, B, A, START
One small step forward for Microsoft, one giant leap backwards for mankind?"
Well, for anyone using Windows XP, the disadvantages of losing some backwards compatibility must be weighed against the advantages of being vulnerable to fewer exploits.
The advantage in time and energy savings for the user might be greater than the time and cost spent dealing with backward incompatibility.
"Provided by the management for your protection."
Not upgrade what, to SP2, or upgrade the software that may or may not be effected by SP2?
The thing is, is that Service Packs usually do fix something that is broke (else, why do all the work of making the service pack?).
So, if Company A wants to upgrade, they'll test it to see what, if any software of theirs it'll hose. Then, once they see all the problems, they can decide on whether to use SP2, and upgrade/replace necessary software, or not use SP2, and find other ways to secure their systems.
But SuSe and it's pretty awesome tool "SaX" (Suse Advanced X-configurer or something) still sets up X to listen to network.
At least it did when I set up my box. But then again I set it up with tons of other network services. If I had disabled all those, maybe it would have been configured otherwise. However, I doubt that a X-configuration tool checks for open ports before deciding upon this.
I ended up applying the "--nolisten tcp" or whatever option mentioned above.
So, by your definition, at least SuSe is broken.
Not Buzzword 2.0 compliant. Please speak english.
For all troublesome software:
Redirect all program installations from "C:\Program files\" to "C:\Programs\" without altering the Windows registry to inform Windows of this treason.
C:\Programs isn't protected in any way, so even in user-space appplications can update their (sadly misplace) databases, ini-files or whatever.
You'd be suprised how much all of a sudden works out of the box.
Still doesn't compensate for badly written software and architechture though.
Not Buzzword 2.0 compliant. Please speak english.
Ok. Put my tinfoil hat back where it belongs if I'm wrong on this one.
According to investigation of the famouse leaked source from Redmond, wasn't there a lot of dirty hacks in the code, in order to maintain "compatebility" with older (Microsoft mostly) software using hidden APIs, relying on and working around known "bugs"?
So in order to keep compatability, they had to re-implement the bugs that were exploited in the first place?
To any sane man, this should sound like sheer insanity. Why not fix the broken software, instead of breaking the OS?
But then again, I may remember incorrectly.
In case I'm not, I have nothing else to say than that Microsoft truly deserves what is coming to them now (apart from money that is) and that they have driven themselves up this road.
Not Buzzword 2.0 compliant. Please speak english.