Slashdot Mirror
Vista Post-SP2 Is the Safest OS On the Planet
pkluss noted Kevin Turner, COO of Microsoft making the proclamation that "Vista today, post-Service Pack 2, which is now in the marketplace, is the safest, most reliable OS we've ever built. It's also the most secure OS on the planet, including Linux and open source and Apple Leopard. It's the safest and most secure OS on the planet today."
April 1st was 2 weeks ago.
Caveat Utilitor
Isn't every Microsoft OS release the safest and most reliable OS that they've ever built?
And didn't they spend a massive amount of capital marketing the security benefits and lower TCO of having Windows Server 2003-based servers as opposed to Linux-based servers?
I can't wait until the black hats get a hold of this one.
http://www.tomshardware.com/reviews/pwn2own-mac-hack,2254-4.html
'The NX bit is very powerful.When used properly, it ensures that user-supplied code cannot be executed in the process during exploitation. Researchers (and hackers) have struggled with ways around this protection. ASLR is also very tough to defeat. This is the way the process randomizes the location of code in a process. Between these two hurdles, no one knows how to execute arbitrary code in Firefox or IE 8 in Vista right now. For the record, Leopard has neither of these features, at least implemented effectively. In the exploit I won Pwn2Own with, I knew right where my shellcode was located and I knew it would execute on the heap for me.'
And this was with Vista SP1. No one knows how to exploit Firefox or IE on Vista due to NX and ASLR.
This seems to be a pretty powerful statement, from someone who would stand a chance of knowing.
My only question is, where is Vista SP2? Last I checked, it was not yet released.
http://lkml.org/lkml/2005/8/20/95
Flight Simulator is now grounded.
Oh well...
The safest MS "operating system" is probably DOS 6.2 on a stand-alone 286. Just don't share floppies with anyone!
People are always saying this on here (from NT 4.0 onwards) but how does the average user determine whether their hardware is faulty, their drivers are buggy or their OS is just a load of bloated crap? Vista is ok but I don't see any specific advantage over XP Home apart from being able to alter ACLs with a GUI instead of CACLS, and despite what apologists say, it is slower than XP.
Would you rather that RAM sit there doing nothing? Windows Vista has many features that utilize RAM to its fullest extent. Any free RAM on my system is RAM that is sitting on its lazy ass doing nothing. Windows Vista is actually smart enough to user it (Super Prefetch comes to mind) when my applications are not.
I'm actually typing this in Internet Explorer 8 on Windows Vista Business SP1 32-bit on a Pentium M 1.4 GHz with 1 GB RAM, and it's actually quite snappy.
Or this:
http://opensource.dyc.edu/tinhat
it wasn't that long ago that a certain high profile distribution accidentally disabled the pRNG in its core crypto libraries ... for two years.
Umm, no.
A certain high-profile distro accidentally disabled the pRNG in it's sshd initialization scripts.
another high profile distro let attackers actually sign some rogue packages with their private key.
again, no. The key was suspected to have been compromised, and as soon as it was discovered, the key was revoked, they performed a complete audit of all packages, and everything checked out.
I don't think anybody should be making smart comments about the security of Linux.
Least of all you... of course the fact that the only two incidents that you could come up with are entirely in your head actually speaks volumes.
That's not a limb, that's a leaf.
The fact that MacOS is not Windows is not the problem.
The problem is that MacOS is not full of holes like swiss cheese.
Microsoft's problems have nothing to do with the fact they have
the most used products and everything to do with the fact that
the pull stupid sh*t that no one else does.
Then they build on top of that.
A Pirate and a Puritan look the same on a balance sheet.
Windows Update does not use IE and hasn't since XP. You need to get information that isn't many years out of date.
IE is only used for Windows 2003/XP and earlier systems. Vista/2008 has its own separate updating program.
Windows Update does not use IE and hasn't since XP. You need to get information that isn't many years out of date.
Where are my mod points when I need them? Mod parent up informative please!
He is correct.. Vista and beyond use an interface in the Control Panel which is vastly superior to the IE Windows Update. Read up here: Windows Update
Point 1. Port filtering is still there. Control Panel, Administrative Tools, Windows Firewall with Advanced Security. Just because you're too fucking stupid to find it doesn't mean it doesn't exist.
Point 2. IE 7 runs in a sandbox. IE8 does as well as well as having inbuilt checking of known bad sites (Smartscreen filter), anti-phishing, popup blocker, blocking of add-ons etc. SO YOU DON'T NEED ANY OF THAT SHIT YOU'RE ON ABOUT which actually causes MORE trouble than its worth.
I only please one person per day. Today is not your day. Tomorrow isn't looking good either. - Scott Adams
If Max OS X isn't full of holes, why are there several pages of them on Securityfocus.com? Hell, Safari had a big enough list on its own.
I only please one person per day. Today is not your day. Tomorrow isn't looking good either. - Scott Adams
The pRNG was disabled in the openssl library, thus compromising any system using keys generated by that library. That is a major, major hole and has nothing to do with sshd initialization scripts (where did you get that from anyway?)
You don't understand. Which is normal: You're about the sixtieth person I've had to correct on this issue.
In synopsis: you're wrong.
Here's why:
RAM that is sitting there holding stuff you might need, sometime (ala Superfetch) is just as ready to be utilized as RAM which is doing nothing at all. Superfetch is a read caching system, and any RAM it has in use for itself can be used by other programs IMMEDIATELY if they need it instead. Nothing has to wait buffers to get pushed out to disk, there's no longstanding delay. It just gets repurposed, and overwritten with other stuff. It doesn't need zeroed first. It's RAM, ie Random Access Memory, ferfuck'ssake.
In other words:
A system with a gigabyte of free RAM is a system with a gigabyte of RAM that it's failed to use. An optimized system does not have unused RAM.
Linux systems also eventually use all available RAM for caching. Your UID is low enough that you've probably even seen discussions of this "problem" in *nix years and years ago, and you should understand by now that it's not a problem at all, for all of the same reasons (listed above) that it's not a problem with Windows.
Kid-proof tablet..
More than that, if you suddenly try to load a large application that demands RAM, and there isn't enough due to the super pre-fetch or whatever, it's not like they're going to swap the super pre-fetch stuff to disk. They'll just drop it and load eclipse. Computer science is easy, folks!
Google - Free windows software - 1 - 10 of about 68,000,000
Google - Free Linux software - 1 - 10 of about 32,700,000
Google - free OS X Software - 1 - 10 of about 24,100,000
Google - Free unix software - Results 1 - 10 of about 12,800,000
Google free amiga os software - 1 - 10 of about 454,000
Hmm, he was pretty damn close. I probably missed a few, but not many.
Yes, they do make peripherals. No, they aren't re-branded.
Windows XP was not a continuation of the 95-98-98SE-ME hybrid 16/32bit product line. It is a continuation of Windows NT->2K line, which was 32-bit pure and already very stable in comparison. Apples and oranges.
And XP is slower than 2k.
And 2k is slower than NT4.
More functionality means less performance. Doesn't matter much
Not to feed the troll, but really? In my experience new, feature-rich releases of OSs tend to be much faster than their predecessor. My experience is mostly with OS X and a bit of Ubuntu. OS X in particular has gotten snappier and more featureful with each point release.
This is true, optimizations in GCC have lead to the newer OS's becoming faster on new hardware when doing the same things.
So the above note about the latest version *always* being slower.. that actually only applies to Windows.
Bringing liberty to the masses. - http://freetalklive.com/
Except that the RAM used for prefetch isn't paged out, ever. If an application needs it, it's immediately released to the application. All modern OS's that I know of do this, including Linux, OS X, and Windows. Don't talk about things that you don't understand.
You don't make the poor richer by making the rich poorer. - Winston Churchill
Who cares how much there is. All the worthwhile free software that runs on linux also runs on windows.
OpenBSD is consistently impervious to network service attacks which are exploitable on other platforms. Generally an exploit will lead to a service crash in the worst case.
POKE 36879,8
Wrong. They broke the entire OpenSSL library, not just some initialization scripts.
Wrong. Not only did they break the entire OpenSSL library - they broke it in such a way that every damn certificate created using that distro was one of a "limited series" of around a thousand certs.
They broke the seeding of the PRNG such that the only seed was the PID.
It was, in laymans terms, a fucking disaster. They may have well enforced everyones root password to be 'password***', pick your three numbers.
3laws: No freebies, no backsies, GTFO.
Why is it Vista's fault if the hardware manufacturer releases crappy drivers
It's not. If you buy the machine from - say Dell - and it is flaky due to some hardware or driver issue, then Vista shouldn't be blamed - Dell should.
However, that is a very naive view of human nature. In fact, MS plasters their branding all over the place within Vista - so no wonder you are much more likely to be aware that it is a Windows machine rather than a Dell machine. If they wanted to keep a premium image they needed to pursue a different marketing strategy. Their reputation for instability is a marketing problem, not a technical one.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
And for those of us who want something usable there's X-Plane. Nothing against Flightgear but last time I checked it still needed a fair bit of work.
I may agree with what you say, but I will defend to the death your right to face the consequences of saying it.
I think you don't properly understand how SuperFetch works. It caches in RAM frequently used program data by pre-emptively loading commonly used applications and program data into unused RAM in anticipation of the user intending to run these applications. If he/she does, load times can be greatly reduced.
However, note that the SuperFetch service runs at a very low priority, and will yield system resources to effectively any other process that requests system resources. Further, in the event of a program requesting memory that isn't available, SuperFetch will just dump from its cache a large enough portion of memory to accomodate the program. By your own admission, and correctly, RAM is _FAST_. The process of re-allocating a segment of memory from SuperFetch to your new program is negligible. SuperFetch will also never page to disk memory in use by an actually running program in order to fill the cache. I'm not saying that running programs won't be cached to disk, but it isn't SuperFetch that is the culprit. There are many other mechanisms in place that can result in this occuring, and SuperFetch isn't the only code on the system that plays around with the cache.
Suffice to say, if you dislike SuperFetch, it's easy to disable it. Just go into Windows Services and change the SuperFetch service startup from Automatic to Disabled, and stop the service. You've now disabled the aggressive pre-caching, no harder than any other tweak for any other operating system.
As someone who spent many long hours performing patent searches while working for a consultant to MS Hardware, I can assure you that yes, they do their own hardware design. They are subject to counterfeiting and "third shift" IP theft* just like many other companies who manufacture overseas, and the keyboard you saw was no doubt one or the other. In parts of Asia it is just as easy to find counterfeit or copycat Logitech stuff too. I know because my company bought them to study.
* Third shift theft is when a company (often Chinese) signs a legitimate manufacturing deal with a U.S. company but purposefully overproduces. So say Company X does a deal to manufacture 2 million MS keyboards. They produce 2.5 million and do another deal on the side to slap a no-name label on the extra 500,000.
Build a man a fire, he's warm for one night. Set him on fire, and he's warm for the rest of his life.
Windows prefers to cache IO. Makes loading an application faster if you have a demo machine (since you won't be demoing with too little ram or too many open apps) but kind of sucks for real use.