The main obstacle to mass encryption these days is Microsoft. I expect to be skating over Hell's frozen wasteland before Microsoft adopts encryption in Outlook/Hotmail.
I've been encrypting and signing mail in Outlook Express and Outlook for years. The certificates are installed via XENROLL.DLL or CERTENROLL.DLL. Windows actually has a really good encrytion API.
If you go here you can get a free e-mail certificate. Once you install it to the cryptography store you can sign and encrypt mail in any Microsoft email program. If you use the Windows Live Mail application you can encrypt messages in Hotmail too.
And what we have left if we remove all applications what dosn't remove any of these definition parts? Just pure OS
Yeah that was sort of what it was like in the days of MS-DOS and Windows 95. It sort of sucks to have to obtain and install every component individually. Personally, I find it sort of handy that it comes with tools for things you might need to do like browse the web or watch a movie. Plus OEM's already do have the ability to install custom software like the Google Toolbar and it you actually end up with a ton of extra crap that you don't want. Not only that but where do you draw the line on which components to ship as part of the base OS? You could ship Windows without Internet Explorer, but without MSHTML.DLL a lot of programs won't work. Same with a lot of common things that programs expect, like ADO and DirectX. No one really ships a bare OS anymore, cause it sucks.
You should just be able to do it from the copy of RegEdit they inclide in the BartPE boot disk. When you open it you can choose 'Open Hive' from the File menu and browse to the registry files (C:\Windows\system32\Config') and load them into the editor. You need to give them unique hive names in the editor, but they should work as usual.
I think you're thinking of the usual Explorer policies being applied to the system. In that case you can still of course use CMD or sometimes even the Microsoft Common Dialog to open applications. But the method that the parent post was talking about actually does restrict those methods from working as easily.
Linux, Mac, Solaris all have servers user features M$ is still trying to catch up to but none of the problems.
I thought I remembered a specific Solaris telnet exploit not too long ago that was incredible oversight by Sun. I guess that must have really been a Microsoft telnet daemon?
What does matter if the sales come from XP or Vista? They still get money.
True, in fact people buying XP is better for Microsoft. Microsoft still collects the price of an OEM XP license, and eventually the people who are buying XP will have to buy Vista.
Though there still ought to be a name for it other than DoS.
I agree...I was preparing a long rant about the shortcomings of COMMAND.COM and Microsoft's shoddy support for MSAV (I'm still trying to connect to the Microsoft BBS for updated definitions). Now I hear that the acronym is for denial of service.
Thanks for the link! I've been trying to find a detailed report on the vulnerability since it was first announced. That was exactly what I needed to know!
The UAC dialog would not be shown in this case. The UAC box only is shown when a process is initially created, to define the level of permissions the process will run under. A process cannot elevate it's permissions while it is already running. If the process tries to access a restriced area of the filesystem/registry etc while it is already running under these permissions the API call will be denied.
Gee...I remember hearing the same kind of thing when Windows 95 came out...Windows 98 too for that matter...actually with every release of Windows!! I remember the a lot of people warning me about how Windows 95 was terrible and caused nothing but problems. Once I actually started using it I realized that it actually was a big improvement over MS-DOS & WFWG and it was stupid not to be using it. When Windows 98 was released, it was the same deal. People ranting off about compatability and various issues, claiming that Windows 98 "would never make it".
Well the truth is, every version of Windows has had it's issues and doomsayers, and every version of Windows survives until the next release. Vista is the newest version and does contain a lot of kernel improvements and other fixes which make it much better than XP. I honestly doubt that Microsoft is going to reverse the kernel back to version 5 and re-release XP. They will continue to push the newest Windows and in a few years everyone will end up using it regardless.
Fat was allready there in the Dos age, it was simply used again in windows 95
Fat32 (long filename support) arived in win98, a kind of hack the FAT concept.
Actually the origional filesystem was FAT12, which is mostly used for floppies. FAT16 was used in MS-DOS as the filesystem for hard disks. VFAT is the long file name support that was put into Windows 95, it actually is a hack that stores the filename as a table entry with an invalid combination of attributes, so older versions of DOS will skip over the entry when they read it. FAT32 was a new filesystem that came out with Windows 95 OSR2 which allowed it to be used on hard disks over 2GB.
If a laptop from the mid 90a can have a section of the bios that can test all of the hardware why can't a big name manufacturer acomplish that now?
Actually on all of the Dell portables they do have a built in hardware test in the BIOS. The diagnostic boot can be selected from the boot menu or by pressing the power key and Fn at the same time. It will run a quick test on all of the critical system components and the hard disk.
They also usually have partition on the hard disk which can be booted to as well, which contains their diagnostic software for running more extensive tests.
More appropriately to the topic at hand, in the late 90's one, um, apparently merely had to enter 111111111-111 to dismiss the license screen for Office 98.
Yeah, I remember a similar key could be used as a key for Windows NT too. Windows 98 also had a really easy workaround too. You could boot into Safe Mode after an install, run regedit and put anything in the 'ProductKey' registry value. After a reboot the system wouldn't bring up the product key entry screen.
There are usually DOS versions of most vendor's flashes available. The Windows option is just easier for most users running the most popular operating system for their platform. Grandma and Grandpa can't be expected to burn a bootable CD or make a DOS boot floppy for a 1MB BIOS flash.
Dell already has a Diagnostic CD, though it doesn't boot linux. It runs tests on all of their hardware through a GUI interface. Usually you can boot to it from the resource CD or the utility parition on their systems.
I was actually impressed to by the speed at which Creative was able to deliver their Vista drivers for the Audigy. They are still in beta but I haven't had a single problem with them yet. They also are much better than the Audigy drivers for XP. Under XP every time I added a new PCI card, the Audigy drivers would break and need a reinstall. No such problems under Vista. The support is even there to put the cards into the extra speaker modes, and amazingly the setting doesn't reset itself for unknown reasons. Not bad considering when I bought the card XP was still in beta.
That's funny...I've got an "always on" setup of Linux Unix, and MacOS X and I've never experienced an issue.
Well try to install any older RedHat 6 default installation off of the CD (especially ones with an unpatched RPC service) and watch how secure and problem free the system be. Of course your machine will still be up 24/7, but only because the kid who installed the rootkit needs to connect to it.
The reality is that every operating system needs to be maintained, no matter how "secure" the reputation. Even if they would have been running something like Linux, MacOS or Solaris, if left unpatched they would get taken down just the same.
Slashdot Mirror
The main obstacle to mass encryption these days is Microsoft. I expect to be skating over Hell's frozen wasteland before Microsoft adopts encryption in Outlook/Hotmail.
I've been encrypting and signing mail in Outlook Express and Outlook for years. The certificates are installed via XENROLL.DLL or CERTENROLL.DLL. Windows actually has a really good encrytion API.
If you go here you can get a free e-mail certificate. Once you install it to the cryptography store you can sign and encrypt mail in any Microsoft email program. If you use the Windows Live Mail application you can encrypt messages in Hotmail too.
And what we have left if we remove all applications what dosn't remove any of these definition parts? Just pure OS
Yeah that was sort of what it was like in the days of MS-DOS and Windows 95. It sort of sucks to have to obtain and install every component individually. Personally, I find it sort of handy that it comes with tools for things you might need to do like browse the web or watch a movie. Plus OEM's already do have the ability to install custom software like the Google Toolbar and it you actually end up with a ton of extra crap that you don't want. Not only that but where do you draw the line on which components to ship as part of the base OS? You could ship Windows without Internet Explorer, but without MSHTML.DLL a lot of programs won't work. Same with a lot of common things that programs expect, like ADO and DirectX. No one really ships a bare OS anymore, cause it sucks.
You should just be able to do it from the copy of RegEdit they inclide in the BartPE boot disk. When you open it you can choose 'Open Hive' from the File menu and browse to the registry files (C:\Windows\system32\Config') and load them into the editor. You need to give them unique hive names in the editor, but they should work as usual.
Whoops!! Sorry! Grabbed the wrong link to the PE builder. This is the correct one.
Try making a PE disc with Bart PE. It will allow you to make a bootable Windows disc that has an offline registry editor.
I think you're thinking of the usual Explorer policies being applied to the system. In that case you can still of course use CMD or sometimes even the Microsoft Common Dialog to open applications. But the method that the parent post was talking about actually does restrict those methods from working as easily.
I agree, I've received plenty of good deals on Viagra lately.
I thought I remembered a specific Solaris telnet exploit not too long ago that was incredible oversight by Sun. I guess that must have really been a Microsoft telnet daemon?
True, in fact people buying XP is better for Microsoft. Microsoft still collects the price of an OEM XP license, and eventually the people who are buying XP will have to buy Vista.
I agree...I was preparing a long rant about the shortcomings of COMMAND.COM and Microsoft's shoddy support for MSAV (I'm still trying to connect to the Microsoft BBS for updated definitions). Now I hear that the acronym is for denial of service.
*sign* one day...
Thanks for the link! I've been trying to find a detailed report on the vulnerability since it was first announced. That was exactly what I needed to know!
Welcome to Windows Vista my friend.
The UAC dialog would not be shown in this case. The UAC box only is shown when a process is initially created, to define the level of permissions the process will run under. A process cannot elevate it's permissions while it is already running. If the process tries to access a restriced area of the filesystem/registry etc while it is already running under these permissions the API call will be denied.
Gee...I remember hearing the same kind of thing when Windows 95 came out...Windows 98 too for that matter...actually with every release of Windows!! I remember the a lot of people warning me about how Windows 95 was terrible and caused nothing but problems. Once I actually started using it I realized that it actually was a big improvement over MS-DOS & WFWG and it was stupid not to be using it. When Windows 98 was released, it was the same deal. People ranting off about compatability and various issues, claiming that Windows 98 "would never make it".
Well the truth is, every version of Windows has had it's issues and doomsayers, and every version of Windows survives until the next release. Vista is the newest version and does contain a lot of kernel improvements and other fixes which make it much better than XP. I honestly doubt that Microsoft is going to reverse the kernel back to version 5 and re-release XP. They will continue to push the newest Windows and in a few years everyone will end up using it regardless.
I'm sorry you can't burn Rome with Nero, it will report that it can't find the license files...
Actually the origional filesystem was FAT12, which is mostly used for floppies. FAT16 was used in MS-DOS as the filesystem for hard disks. VFAT is the long file name support that was put into Windows 95, it actually is a hack that stores the filename as a table entry with an invalid combination of attributes, so older versions of DOS will skip over the entry when they read it. FAT32 was a new filesystem that came out with Windows 95 OSR2 which allowed it to be used on hard disks over 2GB.
Actually on all of the Dell portables they do have a built in hardware test in the BIOS. The diagnostic boot can be selected from the boot menu or by pressing the power key and Fn at the same time. It will run a quick test on all of the critical system components and the hard disk.
They also usually have partition on the hard disk which can be booted to as well, which contains their diagnostic software for running more extensive tests.
Yeah, I remember a similar key could be used as a key for Windows NT too. Windows 98 also had a really easy workaround too. You could boot into Safe Mode after an install, run regedit and put anything in the 'ProductKey' registry value. After a reboot the system wouldn't bring up the product key entry screen.
There are usually DOS versions of most vendor's flashes available. The Windows option is just easier for most users running the most popular operating system for their platform. Grandma and Grandpa can't be expected to burn a bootable CD or make a DOS boot floppy for a 1MB BIOS flash.
Dell already has a Diagnostic CD, though it doesn't boot linux. It runs tests on all of their hardware through a GUI interface. Usually you can boot to it from the resource CD or the utility parition on their systems.
Richard Stallman? Is that you?
Hmmm...Sound Recorder seems to be running pretty quick for me...
I was actually impressed to by the speed at which Creative was able to deliver their Vista drivers for the Audigy. They are still in beta but I haven't had a single problem with them yet. They also are much better than the Audigy drivers for XP. Under XP every time I added a new PCI card, the Audigy drivers would break and need a reinstall. No such problems under Vista. The support is even there to put the cards into the extra speaker modes, and amazingly the setting doesn't reset itself for unknown reasons. Not bad considering when I bought the card XP was still in beta.
lol I wish I had mod points right now! That really brightened my day!
Well try to install any older RedHat 6 default installation off of the CD (especially ones with an unpatched RPC service) and watch how secure and problem free the system be. Of course your machine will still be up 24/7, but only because the kid who installed the rootkit needs to connect to it.
The reality is that every operating system needs to be maintained, no matter how "secure" the reputation. Even if they would have been running something like Linux, MacOS or Solaris, if left unpatched they would get taken down just the same.