Ahh, thank you Mr./. security expert for digressing off topic in a futile attempt to show how "smart" you were.
Most LANs are physically secured already to prevent sniffing by way of switched ethernet secured in a closet. The SMB password issue had more to do with social engineering someone to connect to your "server", which would then cause the authentication packet be sent in the clear, than it did with network sniffing.
IPsec or SSL are not great solutions unless you utilize them to prevent access to corporate LAN ports, because otherwise they are fairly non-discriminating on who they will setup a secure channel with. You can control this with ipsec, but there is quite a lot of overhead resulting from this solution both from computer resources and process management overhead, such that it is really only viable in paranoid installations.
So while the SMB encrypted password thing was not a great solution, it was an appropriate short term solution for the existing client base. A better long term solution was to move away from the password hashes completely and towards Kerberos PKI for authentication, which is what happened with the advent of Windows 2000.
When you are comparing browser rendering speeds, which sites are you using?
These days, with the exception of download times, the rendering times are nearly instantaneous. How can you get much faster than that, and does it really matter?
"What do you do when Windows XP ServicePack 8 stops interacting with your Samba DC??"
I remember when I think it was SP4(?) for NT4 did this. It forced the SMB client to not send unencrypted passwords across the network. There was quite a large amount of dismay on the samba usenet groups.
Short term there was a fix to change a registry setting in Windows. Long term there was a fix to Samba to make it support encrypted passwords. What amazed me was the number of people who took the short term fix, and in fact are still promoting this as a legitimate option.
Sometimes I wonder if people really think through the full consequences of their decisions.
"If you're not an American citizen and you are arrested in the United States, you aren't guaranteed a jury of your peers, etc. "
That's not true. The whole reason why the army is keeping the Al Qaeda illegal combatants down in Cuba is because if they brought them back to the US they'd be protected by US laws, and in theory we'd then have to release all of them because they weren't read their miranda rights when detained.
"Usually the punishment is extradition, but when no country will take you back, you get to rot in American prison without trial for the rest of your life. "
Uh oh...
"(Sadly, 60 minutes doesn't post old stories on the internet, so I can't put up a link for more information.)"
Oh that's convenient. You should get a job doing news for Rush Limbaugh or the American Spectator who use the same copout routinely.
"Is XP more secure than 2000 with SP3 or Windows NT with SP6(or is it higher now, don't use it)? I'll personally ridicule whoever claims that."
Try this...
Set your local administrator to a blank password on both your Win2k and XP desktops.
Now try to connect to the administrative shares(C$, etc) across a network from another machine.
On XP a blank password on a local account is more secure than a weak password, as it blocks all network access for such accounts.
As for the patches... It's easier for the UCSB staff to suggest people upgrade than to explain to them how to apply patches. Although Win2k/XP is pretty easy to patch if you use the automated update service.
Actually you'll find that an Abacus is exceptionally cheaper to maintain than any model of computer.
The problem is, like the Macintosh, they only have a limited range of applications that they are good at, making them a poor choice for most consumers.
You may wish to read up on the Beowulf project and better understand what it is:
http://www.beowulf.org/intro.html
Beowulf clusters are designed for doing parallel computations as may be done in a university research environment.
The kind of clusters that Microsoft is talking about is not for purposes of computation but rather for scalability and failover. Look more towards the history of the VAX Clustering solutions, also look for High Availability clustering solutions from Sun, HP, Oracle and so forth.
Microsoft is not going to be competing with Beowulf, they are going to be competing with the Linux-HA project.
Now, let's examine your patching claim. Win2k has had fewer patches than NT4... XP has had fewer patches than Win2k.
What happens when.NET Server comes out and the difference between patching IIS and Apache is nullified? What happens then when companies start looking at them more from a productivity standpoint and realize that they can deliver far more with less effort utilizing.NET Server?
Actually I think this is already true today with Win2k properly managed. The only reason you still continue to see Apache is that is what's already deployed at many sites and it's what the admins are comfortable with. But as the Netcraft survey discusses, some of these hosting companies that were once exclusively Apache are now offering IIS because customers are demanding it.
Again, if you want to fight some battle you have to be honest about your situation.
Yes, Linux FUD. Oh, and I have more experience with both Linux and Windows than you could fit in your index finger. But that's irrelevant since your claims were FUD.
I find it interesting how you resort to name calling due to your failure to backup your ridiculous claims.
Oh forget it from your other post talking about using Mingw it appears you are doing nothing but desktop apps and very likely haven't graduated to using COM.
Get back to us when you've had some exposure to COM+, MSMQ,.NET and other Win32 development topics newer than 1995.
Congratulations, doing two projects qualifies you as a junior developer.
So tell us about these projects? Client apps, or are you doing n-tier stuff yet?
I'm constantly amazed at just how out of touch the/. community is with the Microsoft world, and you only highlight the problem by claiming your light exposure qualifies you as an expert. Sigh...
Actually you were right on that one point, there's a lot of people who claim to be experts who aren't.
Slashdot Mirror
I'm curious...
Considering the tools are all there, why didn't you learn how to use the CLI admin tools for Windows?
Just kind of seems to me you shouldn't be calling people idiots when you don't know what you are doing yourself.
Ahh, thank you Mr. /. security expert for digressing off topic in a futile attempt to show how "smart" you were.
Most LANs are physically secured already to prevent sniffing by way of switched ethernet secured in a closet. The SMB password issue had more to do with social engineering someone to connect to your "server", which would then cause the authentication packet be sent in the clear, than it did with network sniffing.
IPsec or SSL are not great solutions unless you utilize them to prevent access to corporate LAN ports, because otherwise they are fairly non-discriminating on who they will setup a secure channel with. You can control this with ipsec, but there is quite a lot of overhead resulting from this solution both from computer resources and process management overhead, such that it is really only viable in paranoid installations.
So while the SMB encrypted password thing was not a great solution, it was an appropriate short term solution for the existing client base. A better long term solution was to move away from the password hashes completely and towards Kerberos PKI for authentication, which is what happened with the advent of Windows 2000.
Just curious...
When you are comparing browser rendering speeds, which sites are you using?
These days, with the exception of download times, the rendering times are nearly instantaneous. How can you get much faster than that, and does it really matter?
"What do you do when Windows XP ServicePack 8 stops interacting with your Samba DC??"
I remember when I think it was SP4(?) for NT4 did this. It forced the SMB client to not send unencrypted passwords across the network. There was quite a large amount of dismay on the samba usenet groups.
Short term there was a fix to change a registry setting in Windows. Long term there was a fix to Samba to make it support encrypted passwords. What amazed me was the number of people who took the short term fix, and in fact are still promoting this as a legitimate option.
Sometimes I wonder if people really think through the full consequences of their decisions.
"If you're not an American citizen and you are arrested in the United States, you aren't guaranteed a jury of your peers, etc. "
That's not true. The whole reason why the army is keeping the Al Qaeda illegal combatants down in Cuba is because if they brought them back to the US they'd be protected by US laws, and in theory we'd then have to release all of them because they weren't read their miranda rights when detained.
"Usually the punishment is extradition, but when no country will take you back, you get to rot in American prison without trial for the rest of your life. "
Uh oh...
"(Sadly, 60 minutes doesn't post old stories on the internet, so I can't put up a link for more information.)"
Oh that's convenient. You should get a job doing news for Rush Limbaugh or the American Spectator who use the same copout routinely.
Interesting, I don't see Arc/Info or AutoCAD available for the Macintosh.
Ohwell, you remind me of when I was an Amiga zealot. Kind of funny actually.
"My night vision was never very good, so I don't mourn the loss"
What do you mean "mourn the loss"? Are you saying you have horrible night vision now?
"I know of none where the Mac doesn't enjoy an advantage."
:)
CAD, GIS, accounting, banking...
I realize you are just a Macintosh troll, but it's still funny to tweak you.
This will at least solve your blank Admin password problem...
"To protect users who do not password-protect their accounts, Windows XP Professional accounts without passwords can only be used to log on at the physical computer console."
I don't know if this also applies to Home. I can't find anything suggesting it does, and do not have an installation I am able to test on.
"Is XP more secure than 2000 with SP3 or Windows NT with SP6(or is it higher now, don't use it)? I'll personally ridicule whoever claims that."
Try this...
Set your local administrator to a blank password on both your Win2k and XP desktops.
Now try to connect to the administrative shares(C$, etc) across a network from another machine.
On XP a blank password on a local account is more secure than a weak password, as it blocks all network access for such accounts.
As for the patches... It's easier for the UCSB staff to suggest people upgrade than to explain to them how to apply patches. Although Win2k/XP is pretty easy to patch if you use the automated update service.
Actually you'll find that an Abacus is exceptionally cheaper to maintain than any model of computer.
The problem is, like the Macintosh, they only have a limited range of applications that they are good at, making them a poor choice for most consumers.
Windows Media Player 9 as it comes with Windows XP supports HDCD number of other technologies such as SRS.
If you want to write your own talk to Microsoft about licensing it, as they purchased Pacific Microsonics(makers of HDCD) several years ago.
You mean this:
http://www.zeroconf.org/
This has been available on the PC since the release of Windows 98.
Recommending to someone they use a Macintosh is an insult.
I see you are now resorting to insults rather than demonstrating that you know what you are talking about.
Please explain to us what you think UPnP is.
Since when is pointing out that you are clueless on the subject matter an insult? Geee, I'm sorry I hurt your feelings.
Hint: UPnP has to do with networks... not hardware you plug into your desktop.
From your recommendation it appears you have no clue what Universal Plug and Play even is.
That's ok. I certainly didn't mean to be rude to you as your post was intelligent. :)
You may wish to read up on the Beowulf project and better understand what it is:
http://www.beowulf.org/intro.html
Beowulf clusters are designed for doing parallel computations as may be done in a university research environment.
The kind of clusters that Microsoft is talking about is not for purposes of computation but rather for scalability and failover. Look more towards the history of the VAX Clustering solutions, also look for High Availability clustering solutions from Sun, HP, Oracle and so forth.
Microsoft is not going to be competing with Beowulf, they are going to be competing with the Linux-HA project.
http://linux-ha.org/
Learn to read threads.
I was responding to smitty.
That wording is a bit better.
.NET Server comes out and the difference between patching IIS and Apache is nullified? What happens then when companies start looking at them more from a productivity standpoint and realize that they can deliver far more with less effort utilizing .NET Server?
Now, let's examine your patching claim. Win2k has had fewer patches than NT4... XP has had fewer patches than Win2k.
What happens when
Actually I think this is already true today with Win2k properly managed. The only reason you still continue to see Apache is that is what's already deployed at many sites and it's what the admins are comfortable with. But as the Netcraft survey discusses, some of these hosting companies that were once exclusively Apache are now offering IIS because customers are demanding it.
Again, if you want to fight some battle you have to be honest about your situation.
The point still remains, undisputed, that you were unqualified to make the comparison that you made.
The further you explain your lack of experience, the more sure it is that you are not an expert in the subject arena.
Mingw? As your compiler? You said this was a "professional" project? Were you joking?
Yes, Linux FUD. Oh, and I have more experience with both Linux and Windows than you could fit in your index finger. But that's irrelevant since your claims were FUD.
I find it interesting how you resort to name calling due to your failure to backup your ridiculous claims.
Oh forget it from your other post talking about using Mingw it appears you are doing nothing but desktop apps and very likely haven't graduated to using COM.
.NET and other Win32 development topics newer than 1995.
Get back to us when you've had some exposure to COM+, MSMQ,
You need to start learning to recognize Linux FUD for what it is... hogwash
Congratulations, doing two projects qualifies you as a junior developer.
/. community is with the Microsoft world, and you only highlight the problem by claiming your light exposure qualifies you as an expert. Sigh...
So tell us about these projects? Client apps, or are you doing n-tier stuff yet?
I'm constantly amazed at just how out of touch the
Actually you were right on that one point, there's a lot of people who claim to be experts who aren't.