Service Pack 1 for Windows Server 2003

mithridate writes "Microsoft has posted the Windows 2003 Service Pack 1 Release Candidate. eWeek has a short review of the service pack. My favorite quote from the article is, 'The company argues that the improvements are important enough that applications should be changed to accommodate them.' I know I still have not installed SP2 because of the problems it causes with SQL Server, I can't wait to see what kind of havoc it causes on the servers..."

Catch-22

[rackhamh]

So a bunch of people wrote applications that take advantage of lax security in Windows server environments.

Now Microsoft is saying they won't be so lax anymore, so the applications need to change.

Microsoft is basically damned-if-they-do, damned-if-they-don't. If they don't patch the flaws, they're bad for providing an unsecured environment. If they do patch the flaws, they're bad for breaking existing applications.

I for one fail to see how this is a bad thing... OSes evolve, and applications have to keep up. That's why manufacturers provide separate drivers and software versions for different OS versions, isn't it?

Re:Catch-22

[Spad]

Take a look at the list on the MS website of apps that are broken by SP2.

Microsoft have more applications on there than any other single vendor.

Re:Catch-22

[Matje]

Take a look at the list on the MS website of apps that are broken by SP2.

Microsoft have more applications on there than any other single vendor.

do you think this might be because no one else bothered to have their app tested by microsoft?

Re:Catch-22

[obeythefist]

Ugh, if you actually read the background material, you would notice that SP2 doesn't break anything. It's a list of apps that don't work when you run an unconfigured firewall, for the most part.

Why on earth is it Microsoft's fault that they're telling their users which applications may be affected because in SP2 they're activating a firewall in an attempt to remedy some of the poor security practices they've used in the past?

I think some recognition for a company moving in the right direction wouldn't go astray every now and then, instead of jumping down MS's throat every time they make a move.

Re:Catch-22

[obeythefist]

I don't believe I mentioned BSD or Linux or Jaguar or any other OS or company apart from Microsoft.

I'm not sure what you mean however with regards to "fixing and breaking things more often". Microsoft patches are quite strenuously tested, so they are very slow to arrive (not more often, less often) Very few if any MS patches break third party software. Compare this to the complexity of handling Linux dependencies. I am sure if you upgrade some components of Linux and replace dependencies, you might find a lot of things suddenly stop working. Microsoft isn't really responsible for making third party software work on their OS... are you holding MS accountable for the work of Adobe? Or for the work of nameless shareware developers? Is it not their responsibility to fix the software if they write applications that work outside of Microsoft's preferred APIs?

My experience with Linux dependencies on a couple of different distros have been nothing like your example. Many different applications just don't work on Linux without downloading and installing very specific packages to handle dependencies... so much so that people need to write software purely to handle dependencies. For some reason.. when I install software on a windows box, I double-click an exe file and it works. I don't even need to see the word "dependency". I'm not trying to say one method is better than the other. But what I am saying is that Microsoft have decided to take this path and as a result they have to be very precise with the fixes and patches they apply to their OS.

The unified patching for debian and redhat really makes it easy on the user when you can run a single command to update EVERYTHING in your system.

Shame that isn't available on every Linux distro. With every current version of Windows, I can go to a website called "Windowsupdate.com" and click a single button to update EVERYTHING in my system. And you know what? I don't have to go looking anywhere but microsoft.com for fixes for Windows.

Windows XP SP2 hasn't broken any drivers that I know of, unless they are drivers that for some reason need a hole in the firewall and I suddenly forget how to configure a firewall. Of course I can simply uninstall the service pack if that does ever happen (it doesn't, RTFA please).

So basicly the windows way is bad and painful to use. and the linux was is nice and easy for once

You haven't demonstrated this. Please explain with consise examples of what you mean. Providing a questionable statement without decent supporting arguments is hardly compelling, although on Slashdot people will believe you because "Linux good, Windows baaaaaad".

Microsoft have made the best business decision possible in terms of advancing the security of their platform at the minor cost of a few applications that (again, RTFA because you don't seem to have noticed this) don't work when a firewall blocks them. This is applicable to Linux. Firefox on Linux is *broken* when you install a firewall and block port 80. By your arguments, Linux is therefore "fucked if they do and fucked if they don't" because if you install a firewall the "API is so hacked together to keep everything working" and this somehow has something to do with applying a default-on firewall to the OS. Linux users are purportedly more open minded and understanding of basic OS principles. Why am I constantly meeting Linux advocates who are so more closed minded than the average AOL toting Windows user?

People are bitching at microsoft for no real reason in this case. An unconfigured firewall breaks a few applications that need ports opened, and for some reason, as my parent post said, Linux advocates believe this is a flaw in Windows XP and put the blame squarely on Microsoft.

Explain yourself clearly, concisely, or put your PC back in the box and send it to your OEM. Computer license revoked by the Darwin Internet Preservation Act.

A cheaper solution...

[TWX]

...would be to just firewall every Windows machine behind a Linux box or BSD box and use port forwarding or some other restrictive routing scheme. Even if the hardware to isolate a gigabit's worth of bandwidth ran $1,000, it'd probably still save the company money compared to the man hours required to fix custom software, test it, and install it.

Microsoft Pre-judged?

[Staplerh]

I know I still have not installed SP2 because of the problems it causes with SQL Server, I can't wait to see what kind of havoc it causes on the servers...

This is a little predjudicial. You may have some historical examples to draw upon, but we should cut Microsoft some slack. If they didn't release this, people would complain, and when they do, people complain. If Microsoft is willing to admit that the "the improvements are important enough that applications should be changed to accommodate them", then perhaps they are right. It's doubtful that Microsoft is going to cause this much of a hassle unless it was for a good reason - ultimately, it would be easier for them to forgo this. Perhaps it is initial flaws, but how could they get it all right on the very first release?

I know I sound like some sort of Microsoft 'fanboy', but I'm just trying to present a devil's advocate view against the Slashdot bias against Microsoft.

Windows Firewall

[Ghostgate]

TFA says they have added the same Windows Firewall as XPSP2. However, this is one issue that I can't see being NEARLY as big of a deal as it was for XP. XP has a much bigger percentage of novice users, many of whom had never even heard of a firewall until SP2. Win 2003 is, in general, used by people who would be aware of how to deal with such things and how to troubleshoot any problems that might occur.

Re:Win2k & Server 2k3

[NotoriousQ]

I would not call XP unstable, but it is now suffering from what linux users have suffered for too long: bad hardware / drivers.

If I put cheap memory into the machine - I should expect it to crash. If I run bad drivers - I should expect it to crash.

I do not believe that 2000 is that much more stable than XP. 2003 I do not know, but I guess all of these have the same level of stability, however XP goes on to more computers made out of crap, and therefore it craps out more.

Windows9x was crappy because it did not implement correct separation of processes from each other and from the kernel.

Re:damn.

"The company argues that the improvements are important enough that applications should be changed to accommodate them.' I know I still have not installed SP2 because of the problems it causes with SQL Server, I can't wait to see what kind of havoc it causes on the servers...""

You know for an editor of slashdot, you should really do some research.

If you use the latest service pack for SQL server, XP service pack 2 works fine. The same thing goes for running SQL 2k on Windows 2003. Maybe if you kept up with the current application service releases you would not have problems with the OS ones. :)

I could bitch and whine about vi, gnome, or anything else and I would told to upgrade to the latest revision. Why should you not do so on SQL?

Re:Service Pack vs Version

[Schnapple]

Would you prefer to have Windows Server 2004 or 2005 come out and be charged for this?

sorry, but what's the point of the computer?

[jxyama]

>'The company argues that the improvements are important enough that applications should be changed to accommodate them.'

so, does the PC exist to run the OS or the application? i thought the point of PC and the OS was to run the application that's useful. why does running of the application, which actually accomlishes something, must be compromise to enable the OS to run better?

i'm not arguing that OS is an important/integral part of using a PC to accomplish a task. but i feel that their philosophy is backwards. even if it's the truth, they shouldn't say it. PCs do not exist to run the OS. PCs exist to run the applications. no one cares about a PC that can run the OS perfectly if it can't run useful apps.

Re:Service Pack vs Version

[typhoonius]

I think you're missing the point.

What the grandparent means is that bug-fixing Service Packs and feature-adding upgrades should be kept separate so you can grab the bug fixes without worrying about the new features breaking shit. Both would ideally be free.

Hell, look at Apache; they're still updating the 1.3.x line just for security and using the 2.0.x branch for adding new features (which break a fair number of old things). If your site is already running 1.3.x reliably, you don't want to shake it up for no reason--servers are supposed to be reliable, not flashy--but you want the latest security patches. So you can keep grabbing the 1.3.x updates.

With Windows, you don't have the choice; you pick the devil you know or the devil you don't. Everyone says Microsoft is damned if they do or damned if they don't with the Service Packs, and it seems like their customers are in the same position.