Slashdot Mirror
XP2 Spotted In The Wild
LostCluster writes "WinXP SP2 has just been released to the public via Automatic Update, but eWeek and PC Magazine are together reporting that Windows XP SP2's 'Windows Security Center' is just about as insecure as it could possibly be. According to them, any program (including ActiveX controls) can access and edit the Windows Management Instrumentation database, and therefore spoof the security status of an insecure box to report that it is properly secured."
At least Microsoft makes an attempt to identify non-secure PCs, while Unix security goes no further than 'read-only' flags on files (and only files, directories are by default read/write, so anybody can delete your files.)
Does that make Microsoft a terrorist group?
* FarCry Demo fails to install
So? How is that their problem?
* Unreal2 won't run
So? How is that their problem?
* Norton Antivirus status is not detected by Security Center
Neither is the state of my house's alarm system. Guess I should blame Microsoft instead of ADT. Or no one...
* AVG Antivirus is not detected by Security Center
It didn't detect me leaving my garage door open, either. Wonder how it was that Microsoft didn't know I had a garage door?
* Windows crashes on startup if any non-MS OS is doing a SMB network scan while it is starting up
Okay, this I'll give you.
* Security Center considers having Automatic Updates set to "Ask Before Installing" a security risk
What percentage of XP home users out there install critical updates as soon as they're available?
Do you really think this is a problem?
"I could easily see a home user trying it for a day or two and finding so many things broken that they just give up and log on as the administrator."
I guess this is why the Windows trolls call Windows "easier to use" than Linux. Wow! I can do anything as administrator! This is so much easier than Linux where I have to have a clue!
Now the Windows trolls blame the developers because Microsoft says an app should run correctly as a normal user, not an administrator.
Has anybody bothered to ask the developers why they insist on running as administrator? Could it be because they can't design their app to run as a normal user for other Windows reasons?
Nero wouldn't burn CDs as a normal user until they created their Windows service. Must have had a reason. I doubt they just upgraded their code from Windows 98 and said, "Well, it will be easier just to run it as Administrator because most users run as Administrator anyway." More likely, they couldn't figure out a way to do it correctly until they figured out the service angle.
Could this be because the OS and its APIs are so complicated nobody can figure out how to do anything on it anymore?
So now we're going to have a more or less complete rewrite called Longhorn so all the developers have to relearn how to design for Windows all over again? And this will be secure how?
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
MS has also uniformly limitted Window's responsibilities to just being an operating system; meaning if you get a trojan which disables a service, your security has been compromised. MS Windows is not created to be trojan-proof (nor is any operating system).
MS Windows is NOT a security product, virus scanner, etc. If you think those programs are necessary (and I hope you do), there are very good third-party products available.
They're actually pushing out retail copies with SP2 on 'em? The same SP2 that many companies (including the one I work for) advise against installing? The same SP2 that breaks scores of 3rd party software?
LilMikey.com... I'll stop doing it when you sto