It's not mystical, and it's certainly not undefined.
The fact that those ports are open by default is why it's insecure. The fact that you cannot close them without essentially toasting your system is why it's *really* insecure. This is the 'inherent flaw in the way windows operates (lacking in linux)'. At least, lacking in most modern Linux distros I've ever seen.
If you're talking only about the kernel, or say the tcp/ip stack, you're right: there is nothing inherently insecure about Windows. Too bad you can't just install a kernel by itself.
As Linux (and other Free OSs;) begin to become competitive, the scrappy, free software on the perimeter of the main encampment is the obvious first target to eliminate to save money and cut losses.
You're probably exactly correct, but you have to wonder at the irony of cutting free software in order to compete with free software.
We're losing money to free software? Then let's charge even more for ours!
Given that we're already starting to approach fundamental limitations of the current hardware approach, it'll probably take an entirely new technology to get that kind of speed. I could be wrong, but I'll bet it will be more than 7 years before we start seeing 1GHz clock speeds in commonly available computers.
Heh. I find it fascinating that every year, we're 'starting to approach fundamental limitations of the current hardware approach'. Wonder what this chap would have thought of 3 Ghz processors.
Really cool thread though, the parent's right about that.
However, the next time a virus is released that takes down 90% of Linux installs, and toasts most of the internet, let me know. Until then, your point isn't exactly valid.
Last I checked, more people are currently doing what you consider such a heinous crime than voted for the current President of the USA. I'll let you draw your own conclusions.
And for the record, it is 100% legal for me to loan my CD collection to a buddy so that he can copy it. It is also 100% legal for me to loan a book out to someone if they want to photocopy a few pages from it. Ah, living in Canada has its advantages.
Lastly, the only reason *digital* copies would be any more illegal than analog copies is BECAUSE of the DMCA. Not the other way around, like you imply.
Windows *is* fundamentally insecure, and much more so than Linux. If you don't see this you know very little about computer security.
It has nothing to do with 90%, it has nothing to do with people not patching because they are technically incompetent, IT IS BECAUSE WINDOWS BY DEFAULT RUNS A SHITLOAD OF NETWORK SERVICES AND DOESN'T FIREWALL ANYTHING.
In case you didn't catch that, let me repeat:
IT IS BECAUSE WINDOWS BY DEFAULT RUNS A SHITLOAD OF SERVICES AND DOESN'T FIREWALL ANYTHING.
Run a netstat on a default XP install, and count the open ports. Now do the same on a default Linux (RedHat/Mandrake/Deb/you name it) install and count the open ports. You'll notice a 2:1, 3:1, as high as 10:1 ratio, Windows:Linux. Ok, so by default Windows has many more open doors. Huh, wonder why it gets exploited so often.
Unfortunately, that's not the end of it. Most Linux distros I've seen (fellow slashdotters correct me on this stuff) are now using IPtables by default, with at least a level of security that blocks incoming connections to almost everything. All you have to do in some is select 'high' security, and bang, almost nothing gets through.
Windows by default has no firewall enabled. In fact, you can't do *anything* with pre-XP Windows. Linux has had built-in firewalling for years and years and years...
This is all bad, but it gets worse. The latest worm attacks the RPC service in Windows. Now, logically, you'd think you could shut off an RPC service, if you're never making/receiving REMOTE PROCEDURE CALLS. Nope, the OS breaks pretty nastily if you do that.
I have yet to see a single example of a listening service on a Linux box that cannot be disabled without wrecking the OS itself.
This has nothing to do with patches, volume, or the price of tea in China. Windows simply uses a poor security model, one based more around convenience than intelligence.
I really don't get the massive amount of Windows apologists on Slashdot, either. I personally love Windows for what it's good for, but a simple 5 minutes research into TCP/IP will show anyone just how poor the security model is in Windows. Yet you're modded up with 100% complete nonsense.
Only let those ports you NEED open be open. Ports 1-1024 should NEVER be left open, unless you're running a service on them (and 99.999% of Windows machines aren't).
Next time, you don't have to worry about the latest exploit, and closing yet another hole in your firewall.
My bad. I was thinking licence (noun) vs license (verb). Brits use licence for both, Yanks use license for both. Could never keep these idiotic things straight in school:)
Oh, I'm pretty sure the Kennedy Space Center is in the USA. We do tend to retain the appropriate spellings of proper nouns.
Speaking of which, when are we all moving towards the gender-neutral sci-fi favo(u)rite sEr?
And I don't really see the 'vanishing forever' argument. There are plenty of restoration organizations, that watch and pay for older non working games to fix up.
Why not just copy the discs to the hard drive of a new computer or a CD-ROM?
Modern computers can't even LOAD half of these games, let alone run them correctly. Many old games had timing routines linked to the clock rate, for example. Imagine playing a racing game, ONE THOUSAND TIMES FASTER. Never mind the sound support. Non-existent for any new sound card, and Windows won't let the games talk to the hardware anyway.
Short of someone writing a full, usuable x86 emulator (no, vmware isn't a good option for emulating MSDOS 3.12 on a 286) there is no way to play most of these games on a new PC.
I grew up during the 70s and 80s, and played most of the classics when I was a kid. Needless to say, I'm rather fond of them compared to most new games.
As an experiment, I gave a decent MAME set to a bunch of the kids I'm currently in school with. Most of them are about 20 years old, and in fact most had never been into an arcade (they simply no longer exist here). The odd pinball game, or Ms PacMan is about as much as they've seen. To them, it's all about 3D.
It took a bit to get over the low-res graphics, but it's amazing: they're ALL playing these games now. In fact, several have actually uninstalled newer games from their laptops (like Battlefield 1942 and Warcraft III) to free up space for more MAME roms. These kids have no 'happy memories' of the old games, yet love them as much (and in some cases more) than the new stuff.
I find this same argument comes up every time Star Wars is mentioned: the whole 'the first movies actually sucked, the only reason you think they're any good is that you were a kid then'. Bullshit. Most adults at the time (my 50's-era parents included) enjoyed Star Wars back then. Lucas didn't make his millions off of just 8 year old boys.
Again, I use some of my schoolmates as examples, because many of them are simply too young to have ever seen the original Star Wars movies. Guess what? They think the new movies are pretty bad, for the most part. People my age seem to actually like them BETTER than people who've never seen the first trilogy.
Blowing on your Nintendo cartridge really doesn't do anything, unless you have a pretty thick layer of dust on it.
What actually happens is this: the original NES had a 'lock-out' function, wherein only licensed NES games would work on the console. The problem is, if the game wasn't seated PERFECTLY in the slot (a real bitch to get right with the front loading systems), there wasn't a good enough connection for the lock-out chip to be read, and thus, the infamous flashing NES display. Cartridge contacts oxidize/corrode mad fast, and after a couple of years most NES cartridges were a real pain to use. Blowing on the cartridge does sweet diddly for the most part, but what it does do is force you to remove and re-insert the cartridge many times into your deck. Eventually, you'll get it right and the game works.. at least in theory.
The solution? Dip a Q-tip in rubbing alcohol (isopropyl) (probably other solvents work too), and scrub the living hell out of the cartridge contacts. The end of the Q-tip will be almost black, that's how much crap is preventing you from playing your game.
I've ran through a dozen decks and over 400 games in the past 2 years, and I have yet to encounter a combination that doesn't work perfectly (and I do mean, on the first try) if the cartridge is cleaned enough.
Also contrary to popular myth, every other cartridge-based system is also suceptible to this. I've seen it with SNES, Genesis, Colecovision, Atari VCS, and even N64 games. It's just not usually so bad because the cartridge fits better - but once the contacts are all gunked up, you have the same problem. Yes, the same solution works.
Having said this, ROMs do unfortunately suffer from bitrot (the eventual loss of bit data from the ROM chip itself). Some estimate we're about to start seeing it on a large scale with the VCS, as it's approaching 30 years for some of its games. Eventually, the original ROMs simply won't be readable. Could be in the next couple of decades, could be a couple of centuries (it's kind of hard to test that length of time reliably:). Long term, dumping game ROMs *is* the only reliable way to save them, unless companies give out the original source, which has often been long lost. Presumedly you could use an FPGA or something to reproduce the exact original circuitry of the game system. Until TV standards change, that is:)
Slashdot Mirror
Neither was 'email', until enough general adoption of the word happened.
:)
For that matter, neither was 'virus'.
The language adapts, deal with it
But then everyone here would have 1 million Karma...
It's not mystical, and it's certainly not undefined.
The fact that those ports are open by default is why it's insecure. The fact that you cannot close them without essentially toasting your system is why it's *really* insecure. This is the 'inherent flaw in the way windows operates (lacking in linux)'. At least, lacking in most modern Linux distros I've ever seen.
If you're talking only about the kernel, or say the tcp/ip stack, you're right: there is nothing inherently insecure about Windows. Too bad you can't just install a kernel by itself.
As Linux (and other Free OSs ;) begin to become competitive, the scrappy, free software on the perimeter of the main encampment is the obvious first target to eliminate to save money and cut losses.
You're probably exactly correct, but you have to wonder at the irony of cutting free software in order to compete with free software.
We're losing money to free software? Then let's charge even more for ours!
Twenty seconds??
But I want it now!
Given that we're already starting to approach fundamental limitations of the current hardware approach, it'll probably take an entirely new technology to get that kind of speed. I could be wrong, but I'll bet it will be more than 7 years before we start seeing 1GHz clock speeds in commonly available computers.
Heh. I find it fascinating that every year, we're 'starting to approach fundamental limitations of the current hardware approach'. Wonder what this chap would have thought of 3 Ghz processors.
Really cool thread though, the parent's right about that.
No one's ever claimed Linux is 100% secure.
However, the next time a virus is released that takes down 90% of Linux installs, and toasts most of the internet, let me know. Until then, your point isn't exactly valid.
In a heartbeat.
Last I checked, more people are currently doing what you consider such a heinous crime than voted for the current President of the USA. I'll let you draw your own conclusions.
And for the record, it is 100% legal for me to loan my CD collection to a buddy so that he can copy it. It is also 100% legal for me to loan a book out to someone if they want to photocopy a few pages from it. Ah, living in Canada has its advantages.
Lastly, the only reason *digital* copies would be any more illegal than analog copies is BECAUSE of the DMCA. Not the other way around, like you imply.
Wouldn't they have to use Windows in order to test their virus as they develop it? :)
Windows *is* fundamentally insecure, and much more so than Linux. If you don't see this you know very little about computer security.
It has nothing to do with 90%, it has nothing to do with people not patching because they are technically incompetent, IT IS BECAUSE WINDOWS BY DEFAULT RUNS A SHITLOAD OF NETWORK SERVICES AND DOESN'T FIREWALL ANYTHING.
In case you didn't catch that, let me repeat:
IT IS BECAUSE WINDOWS BY DEFAULT RUNS A SHITLOAD OF SERVICES AND DOESN'T FIREWALL ANYTHING.
Run a netstat on a default XP install, and count the open ports. Now do the same on a default Linux (RedHat/Mandrake/Deb/you name it) install and count the open ports. You'll notice a 2:1, 3:1, as high as 10:1 ratio, Windows:Linux. Ok, so by default Windows has many more open doors. Huh, wonder why it gets exploited so often.
Unfortunately, that's not the end of it. Most Linux distros I've seen (fellow slashdotters correct me on this stuff) are now using IPtables by default, with at least a level of security that blocks incoming connections to almost everything. All you have to do in some is select 'high' security, and bang, almost nothing gets through.
Windows by default has no firewall enabled. In fact, you can't do *anything* with pre-XP Windows. Linux has had built-in firewalling for years and years and years...
This is all bad, but it gets worse. The latest worm attacks the RPC service in Windows. Now, logically, you'd think you could shut off an RPC service, if you're never making/receiving REMOTE PROCEDURE CALLS. Nope, the OS breaks pretty nastily if you do that.
I have yet to see a single example of a listening service on a Linux box that cannot be disabled without wrecking the OS itself.
This has nothing to do with patches, volume, or the price of tea in China. Windows simply uses a poor security model, one based more around convenience than intelligence.
I really don't get the massive amount of Windows apologists on Slashdot, either. I personally love Windows for what it's good for, but a simple 5 minutes research into TCP/IP will show anyone just how poor the security model is in Windows. Yet you're modded up with 100% complete nonsense.
Only let those ports you NEED open be open. Ports 1-1024 should NEVER be left open, unless you're running a service on them (and 99.999% of Windows machines aren't).
Next time, you don't have to worry about the latest exploit, and closing yet another hole in your firewall.
You can't remotely exploit a hole if the hole isn't open in the first place.
A default RedHat install, running no servers, has hardly any open ports, and any that are open are blocked by IPtables.
So no, there aren't any exploitable holes on a default RedHat install - unless you yourself open them up, and turn off the firewall.
I'm pretty sure this was intended to be moderated Funny, and if not, I'm really scared.
Nope, but I get licenSed to drive, and as a result hold a driver's licenCe in my wallet. :)
My bad. I was thinking licence (noun) vs license (verb). Brits use licence for both, Yanks use license for both. Could never keep these idiotic things straight in school :)
Oh, I'm pretty sure the Kennedy Space Center is in the USA. We do tend to retain the appropriate spellings of proper nouns.
Speaking of which, when are we all moving towards the gender-neutral sci-fi favo(u)rite sEr?
Or dupes.
Only Homer spells it that way.
Look up "rediculous" on google and you'll get thousands of hits.
Yay, so people can't spell worth a damn. Not much of a 'non-disputable' resolution.
Up here in Canada, centre is the noun, and center is the verb.
So The Medical Centre, and you center your sights on a target.
And I don't really see the 'vanishing forever' argument. There are plenty of restoration organizations, that watch and pay for older non working games to fix up.
Bitrot..
Why not just copy the discs to the hard drive of a new computer or a CD-ROM?
Modern computers can't even LOAD half of these games, let alone run them correctly. Many old games had timing routines linked to the clock rate, for example. Imagine playing a racing game, ONE THOUSAND TIMES FASTER. Never mind the sound support. Non-existent for any new sound card, and Windows won't let the games talk to the hardware anyway.
Short of someone writing a full, usuable x86 emulator (no, vmware isn't a good option for emulating MSDOS 3.12 on a 286) there is no way to play most of these games on a new PC.
I grew up during the 70s and 80s, and played most of the classics when I was a kid. Needless to say, I'm rather fond of them compared to most new games.
As an experiment, I gave a decent MAME set to a bunch of the kids I'm currently in school with. Most of them are about 20 years old, and in fact most had never been into an arcade (they simply no longer exist here). The odd pinball game, or Ms PacMan is about as much as they've seen. To them, it's all about 3D.
It took a bit to get over the low-res graphics, but it's amazing: they're ALL playing these games now. In fact, several have actually uninstalled newer games from their laptops (like Battlefield 1942 and Warcraft III) to free up space for more MAME roms. These kids have no 'happy memories' of the old games, yet love them as much (and in some cases more) than the new stuff.
I find this same argument comes up every time Star Wars is mentioned: the whole 'the first movies actually sucked, the only reason you think they're any good is that you were a kid then'. Bullshit. Most adults at the time (my 50's-era parents included) enjoyed Star Wars back then. Lucas didn't make his millions off of just 8 year old boys.
Again, I use some of my schoolmates as examples, because many of them are simply too young to have ever seen the original Star Wars movies. Guess what? They think the new movies are pretty bad, for the most part. People my age seem to actually like them BETTER than people who've never seen the first trilogy.
Blowing on your Nintendo cartridge really doesn't do anything, unless you have a pretty thick layer of dust on it.
:). Long term, dumping game ROMs *is* the only reliable way to save them, unless companies give out the original source, which has often been long lost. Presumedly you could use an FPGA or something to reproduce the exact original circuitry of the game system. Until TV standards change, that is :)
What actually happens is this: the original NES had a 'lock-out' function, wherein only licensed NES games would work on the console. The problem is, if the game wasn't seated PERFECTLY in the slot (a real bitch to get right with the front loading systems), there wasn't a good enough connection for the lock-out chip to be read, and thus, the infamous flashing NES display. Cartridge contacts oxidize/corrode mad fast, and after a couple of years most NES cartridges were a real pain to use. Blowing on the cartridge does sweet diddly for the most part, but what it does do is force you to remove and re-insert the cartridge many times into your deck. Eventually, you'll get it right and the game works.. at least in theory.
The solution? Dip a Q-tip in rubbing alcohol (isopropyl) (probably other solvents work too), and scrub the living hell out of the cartridge contacts. The end of the Q-tip will be almost black, that's how much crap is preventing you from playing your game.
I've ran through a dozen decks and over 400 games in the past 2 years, and I have yet to encounter a combination that doesn't work perfectly (and I do mean, on the first try) if the cartridge is cleaned enough.
Also contrary to popular myth, every other cartridge-based system is also suceptible to this. I've seen it with SNES, Genesis, Colecovision, Atari VCS, and even N64 games. It's just not usually so bad because the cartridge fits better - but once the contacts are all gunked up, you have the same problem. Yes, the same solution works.
Having said this, ROMs do unfortunately suffer from bitrot (the eventual loss of bit data from the ROM chip itself). Some estimate we're about to start seeing it on a large scale with the VCS, as it's approaching 30 years for some of its games. Eventually, the original ROMs simply won't be readable. Could be in the next couple of decades, could be a couple of centuries (it's kind of hard to test that length of time reliably
I've seen Linux running on boxes that cost less than the liscence they want to sell.
Odd, I've seen the same thing with Windows/Office boxes!