Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Releases Super-Secure XP to US Air Force

Posted by ScuttleMonkey on from the true-security-through-obscurity dept.

Wired is reporting that Microsoft is releasing the most secure version of Windows XP ever created, but only if you are the US Air Force. "The Air Force persuaded Microsoft CEO Steve Ballmer to provide it with a secure Windows configuration that saved the service about $100 million in contract costs and countless hours of maintenance. At a congressional hearing this week on cybersecurity, Alan Paller, research director of the Sans Institute, shared the story as an template for how the government could use its massive purchasing power to get companies to produce more secure products. And those could eventually be available to the rest of us. Security experts have been arguing for this "trickle-down" model for years. But rather than wield its buying power for the greater good, the government has long wimped out and taken whatever vendors served them. If the Air Force case is a good judge, however, things might be changing."

61 of 507 comments (clear)

  1. Autorun? by someone1234 · · Score: 5, Funny

    Now i see why they disabled autorun. :D

    --
    Patents Drive Free Software as Hurricanes Drive Construction Industry
    1. Re:Autorun? by lgw · · Score: 2, Interesting

      Maybe so. And while "the most secure XP ever" might not be that secure in absolute terms, I'm sure it's still a step forward. So even if the choice might not be ideal for the military, it really helps the average consumer (and I suspect that security wasn't the Air Force's primary concern - they just wanted to spend less on the patching treadmill). For once, I'm happy with my tax dollars at work.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    2. Re:Autorun? by courteaudotbiz · · Score: 2, Funny

      Nope, they removed the _NSAKEY. Or is it _KEY2?

    3. Re:Autorun? by TropicalCoder · · Score: 5, Insightful

      You're kidding aren't you? "85 percent of attacks were blocked after the configuration was installed". ...and the remaining 15% were not! The concept of a secure computer running Windows XP is a contradiction in terms. The military needs to do better than this, or China is gonna whup their ass.

    4. Re:Autorun? by cbiltcliffe · · Score: 3, Informative

      Modded troll by people who don't get security.

      99% secure is 100% insecure.

      It doesn't matter if there are 85% less vulnerabilities than before. The fact that there are still 15% left means a targeted attack will still succeed!

      All it takes is a single vulnerability, and you're security is useless.

      Stop using the troll mod as a replacement for either:
      "That makes me uncomfortable."
      or
      "I don't understand that."

      --
      "City hall" in German is "Rathaus" Kinda explains a few things......
    5. Re:Autorun? by cbiltcliffe · · Score: 4, Funny

      You're security is useless?

      ARRRGGHH!

      Apparently, so is my grammar.

      See? Piss me off, and I can't spell.
      That must be my superhero weakness....

      --
      "City hall" in German is "Rathaus" Kinda explains a few things......
    6. Re:Autorun? by Atlantis-Rising · · Score: 3, Insightful

      Next up: Why we don't lock our doors, because thieves might happen to carry lockpicks!

      After all, locks are not 100% secure, therefore, that security is totally useless, right?

      --
      "It is possible to commit no errors and still lose. That is not a weakness. That is life." -Peak Performance
    7. Re:Autorun? by tsm_sf · · Score: 5, Insightful

      Wrong analogy. Try: "This bucket has 85% fewer holes than Bucket XP."

      --
      Literalism isn't a form of humor, it's you being irritating.
    8. Re:Autorun? by supernova_hq · · Score: 5, Insightful

      Exactly, locks (unless you pay a shitload for them) are not designed to keep people out. Any locksmith will tell you that the only thing a lock will do is make your neighbours house an easier target.

      Computer security is the same way. You *can* cracl WPA(1/2) encryption, but if you neighbour has his connection open (or is using WEP), you are not likely to become a target.

      The exception, which appears in this situation, is when you are chosen as a target due to a high payoff (military). In this case, simply being harder than your neighbour is NOT going to help you.

    9. Re:Autorun? by icannotthinkofaname · · Score: 2, Funny

      See? Piss me off, and I can't spell.
      That must be my superhero weakness....

      Are you sure it isn't just an easter egg from when your parents raised you?

      --
      Let q be a radix > 1. I am in ur base-q, killing 10 d00ds.
    10. Re:Autorun? by roc97007 · · Score: 4, Funny

      Wow, that needs to pass into our lexicon. "Bucket XP".

      --
      Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
    11. Re:Autorun? by Burning1 · · Score: 4, Insightful

      Personally... If I'm being forced to patch a rusty old bucket, I'd rather start with the one that 85% less holes...

    12. Re:Autorun? by nabsltd · · Score: 5, Funny

      I think something like it is already there.

      I hear "bucket, it's XP" all the time around my office.

      What do you mean "you need to get your ear-ring checked?"

    13. Re:Autorun? by vertinox · · Score: 4, Insightful

      Exactly, locks (unless you pay a shitload for them) are not designed to keep people out. Any locksmith will tell you that the only thing a lock will do is make your neighbours house an easier target.

      Arguably, an alarm system is more important in keeping people out than the lock on the door. If they kick down the door and a message goes off that lets them know that you know they are there and that the police are coming shortly, they usually won't stick around that long.

      Same thing applies to computer systems. It is more important to know that you have an intrusion as soon as possible than the actual prevention of the intrusion.

      Not that you want to leave the door unlocked, but rather you need the ability to lockdown and detect when someone is there when they shouldn't be.

      --
      "I am the king of the Romans, and am superior to rules of grammar!"
      -Sigismund, Holy Roman Emperor (1368-1437)
    14. Re:Autorun? by timeOday · · Score: 5, Insightful

      99% secure is 100% insecure.

      Holding out for absolute perfection, I see. Let me know when you find it. I'm stuck here on planet Earth where nothing is 100% anything.

    15. Re:Autorun? by lymond01 · · Score: 4, Insightful

      I disagree. Security is a layered thing, both in implementation and subversion. If I'm running Windows NT with no service packs and no firewall, I'm easily hacked by 90% of people.

      If I'm running Windows XP patched and firewalled, I'm easily hacked by 1% of the people. If I'm running OpenBSD fully patched with no open ports aside from SSH, I can be easily hacked by .01% of the people (likely a BSD or SSH developer who slipped in a back door).

      Nothing is 100% secure -- HOW secure you are is the important thing. If this super XP lets in 15% of attacks, you need to ask who knows and who would bother to run those attacks, as well as what other layers of security beyond the desktop are available.

      If you're running a desktop operating system "in the wild" with no patched firewall software of any kind to block basic traffic, then you should add that layer.

    16. Re:Autorun? by Facegarden · · Score: 5, Funny

      The exception, which appears in this situation, is when you are chosen as a target due to a high payoff (military). In this case, simply being harder than your neighbour is NOT going to help you.

      So, what you're saying is, we need to let our economy keep tanking until people would rather hack into Canada?
      -Taylor

      --
      Worldwide Military budgets: $2100 billion. Worldwide Space Exploration budgets: $38 billion. Really, world? Really?
    17. Re:Autorun? by phantomcircuit · · Score: 2, Insightful

      You *can* crack WPA(1/2) encryption

      The best known attack against WPA2 is a bruteforce attack. The basis of WPA2 in PSK mode is a 256 bit AES cipher. The key is based on both the password and the SSID (the SSID acts as a salt).

      WPA2 with a good password is a perfect example of a truly secure protocol. If you started to crack my home wireless network you might finish around the time that the run is running out of fuel and certainly long after humanity has either evolved to something entirely unrecognizable or is extinct.

    18. Re:Autorun? by RobertM1968 · · Score: 2, Insightful

      Nah, doesnt really work that way. With tens of thousands (or is it hundreds of thousands as I read someplace else?) of these exploits out there for Windows XP, being secure against 85% isn't saying much. Compare that to the number of exploits out there for OpenBSD (times) .01% (times) the number of possible attackers (which will give you a fraction of an exploit).

      Yes, nothing is secure, but 85%/15% is not a good ratio when compared with the number of exploits times the number of already exploited machines out there that may be attacking said 85/15 machine.

      --
      StarTrekPhase2 - The Five Year Mission Continues!
    19. Re:Autorun? by DarkOx · · Score: 2, Informative

      It depends, physical security and data security are not always comparable in that sense. Yes the obnoxious alarm and police being on the way is a problem if you need to load up 50" tv and stereo into your van while fending off the dog.

      The computer paging the owner on the other hand might not be a problem. If what I want is your identity and you have a fast connection I could copy an awful lot your how directory before you could even get to a keyboard to the machine to see what is happening, or shut it down.

      Changes are you know something about the targets you are going after. If I was cracking random windows boxes I would probably target *.doc*, *.xls*, whatever extension various tax software might use, and some other things under c:\documents and settings. Linux/Unix PCs and workstations same things only oo's extensions and /home.

      If I were attacking cooperate platforms I would be after access databases, excel sheets, on servers with "fs" in the name. Whatever ...

      You have these things scripted before you break in. These scripts can get pretty smart with a little work, probably less working the the hack itself by miles, and you can do a lots of damage in only a few seconds.

      So yea detecting an breach fast is important but keeping them out in the first place probably is more import in the networked data security world than the physical world.

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  2. I'll be truly impressed by Anonymous Coward · · Score: 5, Funny

    When the navy puts windows on their ships.

    1. Re:I'll be truly impressed by Amouth · · Score: 5, Funny

      http://gcn.com/Articles/1998/07/13/Software-glitches-leave-Navy-Smart-Ship-dead-in-the-water.aspx?p=1

      i know feeding the trolls - but he wanted to be impressed

      --
      '...if only "Jumping to a Conclusion" was an event in the Olympics.'
    2. Re:I'll be truly impressed by Anonymous Coward · · Score: 2, Funny

      Silly fool. The Navy has always had windows on their ships. Originally they ported them from British designs and called them "port-holes". What was really impressive was when they put windows on boomers. Admiral Nelson designed the Seaview around its Herculite(tm) bow windows.

    3. Re:I'll be truly impressed by Amouth · · Score: 2, Informative

      it wasn't a Whooooosh.. it was truth.. and if you read it you would understand

      --
      '...if only "Jumping to a Conclusion" was an event in the Olympics.'
    4. Re:I'll be truly impressed by hey! · · Score: 2, Funny

      i know feeding the trolls - but he wanted to be impressed

      You mean -- he wants a squad of royal marines marching behind a drummer boy to haul him out from behind his plough, slip the King's shilling into his pocket when he ain't looking, then send him off to see the world with His Majesty's Navy?

      Well, it takes all kinds I guess.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  3. I would just love to see... by mdm-adph · · Score: 5, Funny

    ...what they did to make it secure. Is the default wallpaper black with a big picture of a lock on it?

    --
    It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
    1. Re:I would just love to see... by houstonbofh · · Score: 4, Funny

      I am just waiting for it to show up on the torrent sites! Secure Windows, WooHoo!

    2. Re:I would just love to see... by Keruo · · Score: 4, Interesting
      My guess would be
      • disabled non-microsoft drivers
      • removed networking
      • removed usb stack
      • removed firewire stack
      --
      There are no atheists when recovering from tape backup.
  4. How to secure XP by snspdaarf · · Score: 4, Funny

    But what good is XP without drivers for keyboard, CD/DVD drives, USB ports, or NICs?

    --
    Why, without your clothes, you're naked, Miss Dudley!
    1. Re:How to secure XP by Burkin · · Score: 2, Funny

      I thought the best way to secure a Microsoft product was to never install and run it?

    2. Re:How to secure XP by merreborn · · Score: 4, Insightful

      But what good is XP without drivers for keyboard, CD/DVD drives, USB ports, or NICs?

      In all seriousness, I'd imagine usability is likely the reason this won't see a public release -- "really secure" and "really easy to use" aren't necessarily mutually exclusive, but you can bet they sacrificed the latter for the former in this case. I'd fully expect application compatibility to take a serious hit, and for many Windows features to be cut entirely.

      This product is probably unusable for the average consumer. I'm sure there are some enterprise contexts in which it'd make perfect sense, though.

      And of course, Microsoft doesn't want to dilute Windows Vista/7 sales with a new edition of XP (which they'd have to support for years) either.

  5. Next will be Windows 3.11 by alukin · · Score: 2, Funny

    Next most secure ever release for US army will be Windows 95, then Windows 3.11 and at the top of security development ever will be release of MS DOS 1.0.

  6. If... by slashkitty · · Score: 2, Interesting

    If they can make it more secure, why don't they offer everyone the secure version?

    --
    -- these are only opinions and they might not be mine.
    1. Re:If... by Red+Alastor · · Score: 4, Insightful

      Because it's probably not the most compatible Windows and might lack some features.

      --
      Slashdot anagrams to "Sad Sloth"
  7. It's not a new version, it's just a configuration. by YesIAmAScript · · Score: 5, Informative

    'The Air Force, on the verge of renegotiating its desktop-software contract with Microsoft, met with Ballmer and asked the company to deliver a secure configuration of Windows XP out of the box. That way, Air Force administrators wouldnâ(TM)t have to spend time re-configuring, and the department would have uniform software across the board, making it easier to control and maintain patches.'

    So if you'd like to do it yourself, you can secure your XP too.

    http://nvd.nist.gov/fdcc/fdcc_faq.cfm

    I'm not sure super secure is the right word for this version of XP though, given that there are a lot of security features it is missing that Vista, Windows 7 and some other OSes have.

    --
    http://lkml.org/lkml/2005/8/20/95
  8. MS is probably holding the air force hostage by t0qer · · Score: 5, Interesting

    So I have this on good authority from someone who works there... A few years back the VA decided to start migrating from IIS to apache. At the same time they wanted to migrate file servers as well. When MS caught wind of this, they told the powers that be at the VA, "You drop us, and we'll audit you." Part of the contract MS holds with the VA is they're allowed to perform a license audit any time they want. The VA did its own internal investigation and figured out pretty quickly that MS had them, "Over the barrel" so to speak... I don't think the Air Force really wants to use MS stuff, but if they're in a similar situation as the VA, this doesn't bode well for them. I hope the Obama administration catches wind of this and puts a stop to this practice. It isn't right that my tax dollars are being forced into MS's pockets. I think in these rough economic times our government needs to really start exploring more OSS/free solutions out there.

    1. Re:MS is probably holding the air force hostage by Archwyrm · · Score: 2, Insightful

      As a former sysadmin for an Army brigade, I can tell you that we would have failed an audit horribly as well, considering we simply installed Windows or Office or whatever on any machine whenever we needed to. In fact, probably the only machines that we could guarantee had licensed software, were the ones that came pre-installed with it from Dell.

      Then, IIRC, round about mid '03 the Army made a deal with MS where they forked over ~$400 million for unlimited installations of a long list of MS software on Army computers for a number of years. This was no doubt partly to cover the widespread unlicensed copies.

      --
      Fascism should more properly be called corporatism because it is the merger of state and corporate power. -- Mussolini
  9. how is this diffrent... by iccaros · · Score: 2, Insightful

    so the Air force paid MS to "lock down windows" probably to the STIG.. Instead of doing what DODIIS does and create a Install disk to be installed and tested against, so if you do have to rebuild its there... I thought that MS came up with an affordable PL3 or PL4 System, we have been working with MS for a PL3 system, but it would cost almost a million more than a comparable Trusted Solaris or SELinux solution. and be hell to administer

  10. AF Standard Desktop Configuration by PapaSmurph · · Score: 5, Interesting

    While this was an interesting article, the XP and the Vista versions used by the USAF are the same ones used by the general public. The only differences are the security setting, the firewall configuration, and the user configuration. No one is an admin unless they need to be, and no normal day-to-day work is done in admin mode (same thing you do in Linux, no doubt).

    I didn't know this article was going to be published, but when I found it, I was not surprised by the comments. I've been working on this program for more than 2 years. Users hate it. Developers loathe it. Network security staff loves it.

    Nothing can make Windows (or any other OS) completely secure if it's connected to a network. This is as close as the federal government as ever come.

  11. diversity is fantastic protection by wizardforce · · Score: 2, Insightful

    The airforce and the military in general would do well not to create a monoculture; especially not one based on an arguably insecure operating system that is nearing its end of life. Despite the existence of *nix alternatives that are of comparable ease of use and generally superior security and customization, the military continues to insist that using an old operating system full of flaws and actively exploited by the vast majority of malware is suitable for government use. There is something very wrong here.

    --
    Sigs are too short to say anything truly profound so read the above post instead.
    1. Re:diversity is fantastic protection by Anonymous Coward · · Score: 2, Interesting

      oh yes, we definitely don't want a monoculture. Please make sure the poor 19 year old airman who barely knows how to install a driver in XP now must know how to do so on a Ubuntu box, a Macintosh, XP, Vista and for the hell of it, a couple Win 3.1 boxes 'just in case'. And pity the poor sergeant who is given a Powerpoint presentation by the general and has to figure out how to make it work across 4 different versions of Office, OpenOffice, etc.
      But at least we'll know when we get hacked that only part our useless network will get taken out by the bad guys.

      Networks must be useful first... or else why bother defending them?

  12. A subtle point by Dystopian+Rebel · · Score: 4, Insightful

    "Having the most secure Windows ever" does not equate to having secure Windows.

    --
    Rich And Stupid is not so bad as Working For Rich And Stupid.
    1. Re:A subtle point by houstonbofh · · Score: 4, Funny

      I guess the irony of having to go to a "dirty pirate site" to get "the most secure windows ever" is lost on you. To get security, you have to steal it? (Or use %uname)

  13. Re:dead right by jellomizer · · Score: 2

    It is probably a case they have a lot of Windows Apps that need to be ran, and it is cheaper to get Microsoft to secure windows then to report their products to an other OS (Who really isn't that much more secure anyways) try to get resources to secure the Open Source OS to an acceptable levels, (Or find out how to configure OpenBSD to do what you want) then pay to report all your apps and retest and security check them all again.

    What the air force is doing is Replacing the Doors/Windows and Locks from the house. Vs. Rebuilding a new one just to get the New Doors/Windows and Locks.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  14. You too can have your own "Super-Secure" XP setup by jdb2 · · Score: 5, Funny

    It's called running XP in VMware under Linux.

    ( Also, is it just me or does the "XP" after "Super-Secure" look like a smiley representing someone laughing their guts out? )

    jdb2

  15. Re:I bet the british wished they had this... by Locutus · · Score: 2, Insightful

    let's see, Windows on hospital equipment recently got Conficker because Microsoft no longer provided security patches for Windows 2000 and NT. I'm now wondering how long the British Navy thinks these subs will last and how they'll deal with unpatched Microsoft operating systems running the show when Microsoft stops feeding them patches?

    Hey USAF! If you can't see the source code and see the patches for later versions, you can't have any hope of securing the system in the long run. You're only hope for security dooms you to tearing it all out and replacing it. And you know that is not going to happen and doesn't happen. Good luck with that "Super-Secure XP".

    LoB

    --
    "Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
  16. 85 percent of attacks were blocked by hAckz0r · · Score: 4, Insightful

    85 percent of attacks were blocked after the configuration was installed.

    Now lets rephrase that; 15% of the attacks were still successful after a complete lock-down configuration was applied and lots of manpower went into burning custom installation disks and procedures. Is it just me or does anyone else see a problem with this?

    1. Re:85 percent of attacks were blocked by ion.simon.c · · Score: 2, Interesting

      This is way beyond a "stock" system...

      Okay... I'd still like to see the stats for a fully patched stock system before I say "Oh, this isn't worth the effort."

      But it still completely fails to protect the host against 15% of the *known attacks* in the wild?

      Do you have a comprehensive list of those attacks? I know that I don't.
      How many of those attacks are software keyloggers? There's not a whole hell of a lot that you can do to protect against that.
      How many of them are hardware keyloggers?
      USB or FireWire DMA memory access sploits?

      We need details before we can pass judgement. Until we have these details, this "report" is just some MS PR flack flapping his gums.

  17. Re:Cat out of the bag...? by gadget+junkie · · Score: 2, Interesting

    Next up, the Army and Navy. After that, government agencies ... finally, big businesses and the public.

    Yes, so we will be able to buy XP instead of the best and most secure OS, Vista!!!!!
    I think that this is the best own goal ever done by MS in its long life, on two counts. first, they are saying that XP is arguably more secure than vista. second, they are saying that while all organizations are created equals, some are more equal than others. Why is it that i cannot buy XP anymore, while the Air force can?
    So, I do not think that "big business and the public" will ever be able to buy that. Never. not ever. BUT, that does not mean that this will not have repercussions.Big business will use it as a lever to delay, yet again, the adoption of Vista/win7, by browbeating MS into admitting that they will support XP longer than publicly stated ( I do not think that they will leave the Air force high and dry in four years, do you?), and demanding equal treatment. moreover, I do not think it possible that this XP will not percolate in the public domain.
    One more unintended consequence: any attempt into selling Vista/win 7 by implying that Xp is less secure is meaningless now: "go tell the blue boys, then come back!"

    --
    "If a boss demands loyalty, give him integrity. But if he demands integrity, give him loyalty." (John Boyd, 1927-1997)
  18. Re:Obviously this can't work by secPM_MS · · Score: 4, Informative
    I am a security program manager at Microsoft. The article gets much of it wrong. The Air Force wanted the machines preconfigured to a secure configuration so that they did not have to do this configuration. Such configurations are not distributed to the general public because of the impact on generalized consumer useability. Microsoft always publishes a security guide which provides guidance on configuring systems for different threat environments. For example in the Windows Vista Security Guide, Chapter 5 is titled "Specialized Security - Limited Functionality". Such security guides exist for NT on.

    Users are free to configure their systems for higher security. Note that doing so may limit functionality you are used to. For example, you can configure your system so that all users run as normal users (no administrative functionality). Running users as normal users is part of all security guidance. Not all XP software will run if you do this. You can set IE to high security mode by default and disable Flash, etc. Doing so breaks much of the web but is more secure. You can get security, but it will impact your user experience.

    It is easier to secure Vista and 2K8 server systems.

  19. Re:It's not a new version, it's just a configurati by JATMON · · Score: 5, Insightful

    if you look closely at the article, this is something that the air force did between 2005-2007. so this is actually old news. 'The Air Force began the project in 2005 and finished installing the new configuration on systems in 2007. In contracts with hardware providers it demanded that vendors pre-load the special Windows XP configuration onto systems before delivering them to the Air Force.'

  20. Re:Cat out of the bag...? by dave562 · · Score: 2, Informative

    Where do you get that they are saying XP is more secure than Vista? Another angle to consider is the one that the Air Force has been running XP for a long time and all of their applications are coded to work with XP. Microsoft took the smart route and improved what the Air Force already had instead of forcing them into an upgrade. Vista very well may be more secure than XP, and Windows 7 might be more secure than both of them.

    For as long as I've been using computers, I've hated the forced upgrade cycle that Microsoft imposes on their customers. It would be nice if they would just stick to a single OS and improve it. For a lot of people, XP is good enough. It gets the job done and there isn't any reason to upgrade. If NT weren't such an insecure piece of turd, it could serve the needs of most businesses out there (just like Linux + Samba and OpenLDAP can). Having said that, I understand that a single OS isn't exactly a viable business model, unless you force people into support contracts. Given that Microsoft and Apple both charge for OS updates, I don't think that business model is going away any time soon.

  21. Re:I bet the british wished they had this... by anjilslaire · · Score: 4, Informative

    let's see, Windows on hospital equipment recently got Conficker because Microsoft no longer provided security patches for Windows 2000 and NT.

    Uh, no. The MS08-067 patch that addresses conficker was released for Windows 2000 at the same time as all the other OSes, with the exception of NT. http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

    --
    Need more useless stuff to read on teh internetz?
  22. Microsoft lobbying vs. US Air Force by janwedekind · · Score: 2, Funny

    And the US Air Force lost this fight.

  23. Re:I bet the british wished they had this... by j79zlr · · Score: 4, Informative

    let's see, Windows on hospital equipment recently got Conficker because Microsoft no longer provided security patches for Windows 2000 and NT.

    Extended support for Windows 2000 doesn't end unitl July of 2010. The patch that fixes the exploit on Win2k is here if interested.

    As for NT, the long term support ended over 5 years ago.

    --
    I'm not not licking toads.
  24. STEEL DOOR! by Jeremiah+Cornelius · · Score: 2, Funny

    Meet GRASS HUT!

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
  25. Re:Disabling those out of the box not a bad idea by Tacvek · · Score: 2, Informative

    In Windows XP Embedded, you can choose which components to install, on a significantly more fine grained scale. For example, you can leave out Windows Explorer (i.e. the icons on the desktop, task bar, and File Management tool (the my computer window, etc)). I'm not sure quite how fine grained the driver selection is, but it is still far more fine-grained than tradition XP installations. You can definitely leave out unused network stacks, etc.

    But for some reason few people seem to be aware of it, or choose to use it. I mean I've seen logic analyzers running standard OEM Windows XP.

    --
    Stylish sheet to fix many problems in Slashdot's D3: https://gist.github.com/801524
  26. security program manager at Microsoft by rs232 · · Score: 4, Funny

    "I am a security program manager at Microsoft"

    I wouldn't mention this on your next job application ;)

    --
    davecb5620@gmail.com
  27. Balmer, Gilligan, SuperSecure Windows XP... by Phizzle · · Score: 2, Funny

    And then I blew my morning coffee through my nose...

    --
    I will not be pushed, filed, stamped, indexed, briefed, debriefed or numbered. My life is my own.
  28. Oxymoron? by JustNiz · · Score: 3, Funny

    >> the most secure version of Windows XP

    Isn't that an oxymoron? Kinda like dry water?

  29. In other news . . . by colinrichardday · · Score: 2, Interesting

    The Air Force has yet to explain who, if anyone, authorized the bombing of a Redmond, WA software company by a squadron of B-52s.