Slashdot Mirror
The Verdict on WinXP SP2?
A reader writes: "Now that time has passed, people have been giving their opinions as to the effectiveness of Windows SP2. The jury has been good, but mixed." The ITMJ Product Guide is part of OSTG; what's been your, if any, experiences with SP2?
The article's like totally content-free. If you've vaguely heard of XP SP2 before it adds nothing.
And there are no user reviews on the site - the four-day old "discussion" has been "archived".
The firewall is either on or off, not very configurable.
With all the horror stories I've heard (thought it works fine on my laptop I'm not game enough to put it on my workhorse pc) I'm sticking with SP1 for now. I skipped sp1a cause it is the same as sp1 except microsoft took out the sun java component.
http://www.livejournal.com/users/metricmusic
You must be new here. We're all closet Windows users.
Quiz: How many of you run Linux only? Now how many of you are blown away by Half-Life 2? I rest my case.
It would be cool if it didn't suck.
I've installed it on one of my home computers. The only thing that screwed up was that I couldn't connect to my wireless network anymore, but all I had to do was dig out a checkbox that said something about "Windows should manage my wireless networks."
I plan to install it on my other home computer sometime in the next few weeks.
Took a long time though. Found that very irritating. I started at about 8pm, and ended up going to bed before it had finished.
My other processor is big-endian.
Never mind the jury, what was the verdict like?
sudo ergo sum
I've been able to take off my software firewall and let Windows handle it.
Bad move, I'd say. As the article points out, the windows firewall is inbound only. You should still have a software firewall in case you get a rogue application trying to get outbound access. Even if you never install any more applications, you might not be happy with (for example) Windows Media Player or some other MS application 'phoning home' unexpectedly.
Speak for yourself monkey man. I have some self-control. If the game isn't out for xbox, ps2, gameboy [which I use for pocknetNES mostly] or Linux x86-64 then I don't care for it.
Half life 2 may be a cool game and all but until they release a Linux release [re: never] I won't play it on any of my machines.
Tom
Someday, I'll have a real sig.
SP2 was meant to take a working system and secure it beyond the normal level of security.
If IE or any part of the system was borked, you should have run a virus scan, spyware scan, and troubleshot the problem before slapping SP2 on.
Never assume a security update can solve already existing errors within the operating system. SP2 is not to blame here, refusal to solve the problems before upgrading the system is on your side.
"We're breaking out the ramen noodles. . . "
"Really? Is it someone's birthday?"
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
I've been able to take off my software firewall and let Windows handle it.
Did your copy of SP2 include a hardware firewall for free then? Hint: The firewall in SP2 is intended as a basic firewall solution for those who do not already have a firewall. If you already had a firewall running you should have left it running; your existing firewall will have more features and be more secure than the one supplied with SP2.
So let me get this straight... Microsoft's ueber-update to improve Windows security works great, as long as you install it on a machine that was already secure enough not to have malware/spyware on it?
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
The last worm at our office only hit the XP boxes. Isn't anecdotal evidence fun?
Everyone keeps bashing SP2 so much, I decided I'd even this up a bit.
Although I'm not an NT admin, I did install SP2 in a couple of places, and here's my take:
1. Added a simple, probbably far-from-what-we-here-on-/.-would-call-decent but TURNED-ON-BY-DEFAULT firewall to joe-clueless-user. IMHO, this will severely reduce virus infections on the vast amount of joe-user machines that are not properly mainained with good up-to-date malware-protection.
Yes, a minority of 'joe-average's will have stuff break due to this, but the majority will benefit.
2. Enabled windows update by default. Again, will severely increase resilience of a vast number of joe-poorly-mainained-user boxen.
3. Tags files that were downloaded from the internet as such, and gives a proper warning when attempting to execute it. Another simple idea that will decrease suffering of people from malware.
4. [...Finally] added a decent popup blocker.
5. IP configuration GUI improvements. After 9 years of renewing a DHCP lease from the command line, they finally put a "right-click-on-tray-icon--->>REPAIR" option that gets a new one. right-click-->STATUS was also complemented with a new tab that... SHOWS MY IP ADDRESS. BRILLIANT!
Sheesh, and it only took them 9 years. Buy hey, better late than never, I say.
6. After 2 years with flaky, unstable, bugged, alpha, crappy user UNfriendly blowatware bluetooth drivers based on the WIDCOMM "my-dog-can-write-better-software" SDK, Microsoft finally threw in their long awaited BT stack. And boy, was it a sight for sore eyes. It supports all my BT plugs out-of-the-box, Its simple and intuitive to use, and works like charm. BT network driver works great, as does syncing with PDA and a symbian phone. No more 30-minute battles with the Nokia suite, the BT tray icon that stopped responding and a guess-list of 12 serial port drivers to sync my phone with Outlook.
I tip my hat to MS for issuing an *excelent* BT driver suite, albeit 2 years overdue.
And yes, they crippled raw packet API on the TCP/IP stack, so nmap had to write a little workaround.
So go ahead and bash MS all you like, but as far as both myself and quite a clueless family members I inevitably get to support are concerned, SP2 did good. If fewer people have to spend their time, money and nerves treating virus-related computer problems, all the better.
Kudos Microsoft, and thats coming from a hardcore UNIX geek and fulltime Linux/Solaris admin.
Flame away kids.
-
If you don't even know how to disable rebooting when you get a blue screen then you obviously don't know squat about XP. Hate to break it to you.
Some really good things about SP2 and security that people like my mother would benefit from:
1) Application warnings
In a similar way to some adware programs (such as WinPatrol), SP2 warns when new applications are trying to add themselves to your startup and gives quite a good explanation as to what is going on.
It also warns if applications are trying to contact the internet like some of those personal firewall things.
2) Internet security warnings
You know those dialogs "This is a really complex technical thing about running ActiveX controls and you know nothing about them, hey, so just click Yes or press Enter because that's what we've decided to default this dialog to". Well those are now quite different. The Action button to say yes is actually disabled for about 5 seconds or so to encourage reading of the dialog (and its better worded) and they also don't default to evil actions.
A few other things I like:
* They've hidden all of those pesky updates from Add/Remove programs, you can turn them on with a checkbox. My Add/Remove was becoming ridiculously long with all the automatic update patches showing up as installed applications.
* Much improved Wireless networking capabilities. Made it user friendly enough for lusers to understand and configure without impacting on advanced capabilities.
I haven't had any major problems as some others seem to have had (and neither have the 100 odd people in my company who have also updated), so I can't comment on that. All I can say is that I've updated certain "stuff" on my linux boxes before that has broken other things, so lets not get overly critical about one or two teething problems.
As much as I hate to admit this, I think that MS have actually done quite a good job with SP2.
SP2 is the first verion of Windows to support Blue Tooth.. and it is a GREAT improvement over using vendor supplied drivers and utilities.
Oh yeah.. the WiFi support and interface is MUCH bettter too.
Not in 100% of cases, but at the very least they shouldn't make those systems any worse. By the arguments people are giving in reply to my previous post, no security patch can ever install reliably, yet strangely, many have until this point.
For a start, Windows XP is supposed to have filesystem protection in place to prevent permanent changes to key Windows system files. This was one of the much-hyped benefits of upgrading, if you recall. If this has been circumvented, Microsoft must at least know the correct checksums etc. for all the key system files in their unmodified state.
At the very least, following the "do no harm" policy, each included patch in the SP could check whether the previous versions of the files it's changing were unmodified, and issue a warning rather than messing around trying to install over bad starting data in that case. That alone would probably prevent a lot of the problems.
Taking that to its logical conclusion, it would be hard to compromise a system without affecting any key files at all. Why can't the update include checksum information for all the key system files, check them all at the start of installation, and abort with a suitable warning rather than proceeding if the system has been compromised? It's not as though it's a small, modem-friendly download and they're worried about file sizes.
Come on guys, this isn't rocket science, it's kindergarten. Failing to read page one of the manual is no excuse for delivering an update to such essential software that takes out something like 30% of your installed base according to early adopters. I could understand the odd slip up, some particularly clever malware or a human error among hundreds of fixes, but we're talking about thousands and thousands of installations being wrecked here.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
The Wireless Zero Configuration service was far from Zero effort on my laptop. If the zero applied to useful functionality then it was 100% effective. It doesn't support my NetGear 802.11a PC-Card. It does support the on-board 802.11b. If it's enabled then WEP doesn't work on the NetGear (even if the NetGear config software is running). If it's disabled then the on-board wireless NIC doesn't work. In the end I had to disable the service and use the NetGear XP driver and config S/W then go get Windows 2000 drivers and config S/W for the on-board NIC so that I could run both at the same time. I burned hours "fixing" SP2. I saw the posts about Joe-average and agree but if it breaks big-time when it doesn't work then that's nasty for Joe-average and irritating for me. Joe-average would never have figured out why their shiny new wireless network stopped working.