There's only so much you can teach. When you say a million times "Don't click Yes on every dialog box", and they decide to click Yes for every single P2P program Little Bobby wants to install, what can you do? The solution is either to watch things like a hawk or have them come to me for installations. There's a difference between being an asshole and being safe.
It's not considered a separate version. You don't see "Windows XP Corporate" on the startup screen, do you? It's just Pro with activation turned off.
For that matter, there should be "Exchange 2003 with volume key", "Exchange 2003 without volume key", "Exchange 2003 with Outlook packaged in the kit", etc. on startup screens...
Most worms I've seen (particularly the "let's look at the Outlook address book and start mailing" kind) tend to like to drop files in C:\windows, which'll be prevented on a correctly-configured box. If the engine is dropped in a user's directory (which I'm starting to see), it'll mass-mail, but at least it's confined to that user and doesn't rampage over the entire system.
This is the same as ANY OS. There's no way (outside of a dumb terminal) to prevent users from doing stupid things to their own files (including dropping mass mailing engines into them).
Precisely, which goes back to the underpinnings of the system and whether or not that's secure. The act of having a scrollbar drop a file, however dumb, is not a security hole in itself.
Re:SP2 - as secure as any linux distro...
on
XP2 Spotted In The Wild
·
· Score: 3, Insightful
"install and run a program without asking WAS A SECURITY ISSUE IN ITSELF regardless of what that program would then do"
Uh, it doesn't install a program. It drops a file in a directory. Granted, this directory is sort of important (Startup) but it's only for the user, not the system. Even if it tries to access important files, like I mentioned, it'll be denied on a correctly-configured box.
Also, the act of scrolling doesn't run the program, but restarting does. Small point, but kind of shows you know nothing about it.
"oh and *ONLY* wipe a user's directory? what fucking planet do you live on?"
The same planet where UNIX has had the exactly same scheme for 20+ years, Windows for 10 or so and Mac OS X for 5. As far as I know, short of a dumb terminal, there's no system in the world that can prevent users from doing dumb things to their files. It's the ones that screw up the system that need to be prevented.
Re:SP2 - as secure as any linux distro...
on
XP2 Spotted In The Wild
·
· Score: 4, Interesting
"have a look at the "dragging a scroll bar can be used to install and auto-run arbitrary programs" example below"
It drops an executable into the Startup folder for the *user*. In other words, no root privledge is ever exercised, and the app would likely do nothing on a correctly-configured box (the worst malware can do running as non-root is wipe a user's directory -- same as in Linux or any other OS with similar permissions). Learn about security before you comment on it, please.
"How can we convince people not to run admin mode?"
Simple. Force them not to. When my family got a new PC, I immediately dumped XP Home and put on XP Pro. I set up myself with the Admin account and gave everyone else Limited User accounts.
If they want to install software, tough. They have to go though me first. Just like at work.
Only works if you drag your mouse onto the IE window. If you leave it on the scrollbar while going up and down (which I assume most users do) nothing happens.
Re:I'm sorry, were you expecting better?
on
XP2 Spotted In The Wild
·
· Score: 4, Insightful
This has nothing to do with the base security of Windows. The base nuts of NTFS and the security scheme has been solid ever since it was ripped from VMS. The problem IS the bolts that have been added since then: easily-foiled APIs that have full access to some of the underpinnings when they shouldn't.
Quite frankly, if MS never "innovated", it would be a fairly secure product. NT 3 was practically bulletproof. It's when they started grafting on Win32 junk from 9x, things started to get screwed up. Take off that top layer and everything would be kosher (but a lot less user-friendly)... just like Linux.
... and MS holds 95% of the desktop market along with an ever-increasing server market (a lot of places are dumping Groupwise for Exchange).
The reason why FOSS solutions dominated in the architecture of email was because no big company created a serious alternative. MS has created a new standards to compete with other standards for id'ing mail. FOSS isn't even out of the gate with a 1.0 solution yet. Guess who's going to win?
Outlook is the most popular email client out there, bar none (think how many worms targetted it). Most people who use Outlook use Exchange, at least on a frontend level (my company uses Exchange popping off a more secure backend).
Even if Exchange wasn't being used in the majority of servers, the mere fact that so many people use Outlook as a frontend will dictate whether or not this will be accepted (and, knowing MS, they'll find a way to tie this into Outlook). Think IE, and how many sites are custom crafted to it.
If by "ripoff" you mean "better", "more fleshed out", and "overall a better simulation of actual life", than yeah, it's a ripoff. The same way a hotrod is a ripoff of the flintstones car.
"So tell me, who would you rather hold the patent on these things, Microsoft or Nintendo?"
Honestly? MS. Or MS and Sony. Nintendo has a vested interested in keeping software piracy controlled to the point that they didn't want any games online. Sure, the PR was that "no one wanted online gaming", but come on. Everyone wanted online gaming. The truth is Nintendo wanted to take every possible easy avenue away from pirates (what better way to get ISOs on an Xbox than by the network).
Nintendo doesn't "get it". They haven't gotten it in 20 years. Their controls drive away users and piss off players who'd like to play online.
Once again: the issue isn't that the battery life is bad. The issue is that they claim the battery life as one thing then it turns out to be another. See iBook and 3rd-generation iPod.
"If you sold someone a product that uses consumables in it"
Stop right there. How is music "consumable"? You buy it, you stick it on X devices (if you can), you keep it for as long as you live. The analogy falls apart from word 9.
Difference between CLIs in OSes
on
Latest SP2 News
·
· Score: 2
I think some UNIX vets are confusing the Windows implementation of the command line and UNIX's. In UNIX they're pretty much identical in terms of functionality. In Windows that's not the case.
Example: yesterday I tried to FTP from a Windows 2003 server to another box. For the sake of speed, I tried using IE as my FTP client. Windows 2003 locked down the box by default, so that client wouldn't work without tweaking IE settings. However, I tried the Windows FTP command line app and it worked fine.
The "safeguard" described in the article really isn't meant to be a safeguard at all. It doesn't follow any of the low-level security features that the system provides (like permissions). It's just a quick tag for Joe User to remember that a file was downloaded and not placed by them.
Say what you want about people who rely on PowerPoint (I know I do), but the app is actually pretty fun. I'm preparing a few training sessions now and PowerPoint is one of the things staff wants to learn. I've barely delved into it, but I'm finding a lot of Flash-like features. Sure, it's for "business", but it'll probably be the funnest training class I've ever held.
Slashdot Mirror
"Education goes a long way."
There's only so much you can teach. When you say a million times "Don't click Yes on every dialog box", and they decide to click Yes for every single P2P program Little Bobby wants to install, what can you do? The solution is either to watch things like a hawk or have them come to me for installations. There's a difference between being an asshole and being safe.
It's not considered a separate version. You don't see "Windows XP Corporate" on the startup screen, do you? It's just Pro with activation turned off.
For that matter, there should be "Exchange 2003 with volume key", "Exchange 2003 without volume key", "Exchange 2003 with Outlook packaged in the kit", etc. on startup screens...
Most worms I've seen (particularly the "let's look at the Outlook address book and start mailing" kind) tend to like to drop files in C:\windows, which'll be prevented on a correctly-configured box. If the engine is dropped in a user's directory (which I'm starting to see), it'll mass-mail, but at least it's confined to that user and doesn't rampage over the entire system.
This is the same as ANY OS. There's no way (outside of a dumb terminal) to prevent users from doing stupid things to their own files (including dropping mass mailing engines into them).
Precisely, which goes back to the underpinnings of the system and whether or not that's secure. The act of having a scrollbar drop a file, however dumb, is not a security hole in itself.
"install and run a program without asking WAS A SECURITY ISSUE IN ITSELF regardless of what that program would then do"
Uh, it doesn't install a program. It drops a file in a directory. Granted, this directory is sort of important (Startup) but it's only for the user, not the system. Even if it tries to access important files, like I mentioned, it'll be denied on a correctly-configured box.
Also, the act of scrolling doesn't run the program, but restarting does. Small point, but kind of shows you know nothing about it.
"oh and *ONLY* wipe a user's directory? what fucking planet do you live on?"
The same planet where UNIX has had the exactly same scheme for 20+ years, Windows for 10 or so and Mac OS X for 5. As far as I know, short of a dumb terminal, there's no system in the world that can prevent users from doing dumb things to their files. It's the ones that screw up the system that need to be prevented.
"have a look at the "dragging a scroll bar can be used to install and auto-run arbitrary programs" example below"
It drops an executable into the Startup folder for the *user*. In other words, no root privledge is ever exercised, and the app would likely do nothing on a correctly-configured box (the worst malware can do running as non-root is wipe a user's directory -- same as in Linux or any other OS with similar permissions). Learn about security before you comment on it, please.
"home, corporate, pro"
There's a corporate version? Tell me where I can get it!
"How can we convince people not to run admin mode?"
Simple. Force them not to. When my family got a new PC, I immediately dumped XP Home and put on XP Pro. I set up myself with the Admin account and gave everyone else Limited User accounts.
If they want to install software, tough. They have to go though me first. Just like at work.
Only works if you drag your mouse onto the IE window. If you leave it on the scrollbar while going up and down (which I assume most users do) nothing happens.
This has nothing to do with the base security of Windows. The base nuts of NTFS and the security scheme has been solid ever since it was ripped from VMS. The problem IS the bolts that have been added since then: easily-foiled APIs that have full access to some of the underpinnings when they shouldn't.
Quite frankly, if MS never "innovated", it would be a fairly secure product. NT 3 was practically bulletproof. It's when they started grafting on Win32 junk from 9x, things started to get screwed up. Take off that top layer and everything would be kosher (but a lot less user-friendly)... just like Linux.
Which they're not. At least in any sane business environment (and any home environment where people have a clue).
... and MS holds 95% of the desktop market along with an ever-increasing server market (a lot of places are dumping Groupwise for Exchange).
The reason why FOSS solutions dominated in the architecture of email was because no big company created a serious alternative. MS has created a new standards to compete with other standards for id'ing mail. FOSS isn't even out of the gate with a 1.0 solution yet. Guess who's going to win?
Well...
Outlook is the most popular email client out there, bar none (think how many worms targetted it). Most people who use Outlook use Exchange, at least on a frontend level (my company uses Exchange popping off a more secure backend).
Even if Exchange wasn't being used in the majority of servers, the mere fact that so many people use Outlook as a frontend will dictate whether or not this will be accepted (and, knowing MS, they'll find a way to tie this into Outlook). Think IE, and how many sites are custom crafted to it.
If by "ripoff" you mean "better", "more fleshed out", and "overall a better simulation of actual life", than yeah, it's a ripoff. The same way a hotrod is a ripoff of the flintstones car.
*Looks at family* 5 kids, 1 mom. 3 of us have downloaded movies over the internet. That statistic, at least for me, is quite low.
Think about it. The way it's phrased, if you've *ever* downloaded a movie, even part of one, *anytime* in your life, you'd be counted.
"So tell me, who would you rather hold the patent on these things, Microsoft or Nintendo?"
Honestly? MS. Or MS and Sony. Nintendo has a vested interested in keeping software piracy controlled to the point that they didn't want any games online. Sure, the PR was that "no one wanted online gaming", but come on. Everyone wanted online gaming. The truth is Nintendo wanted to take every possible easy avenue away from pirates (what better way to get ISOs on an Xbox than by the network).
Nintendo doesn't "get it". They haven't gotten it in 20 years. Their controls drive away users and piss off players who'd like to play online.
Apple claims iBooks get 6 hours. Look it up on their site.
Once again: the issue isn't that the battery life is bad. The issue is that they claim the battery life as one thing then it turns out to be another. See iBook and 3rd-generation iPod.
"Push the edge" all you want, but don't tell me my notebook gets 6 hours of battery life when it doesn't.
"If you sold someone a product that uses consumables in it"
Stop right there. How is music "consumable"? You buy it, you stick it on X devices (if you can), you keep it for as long as you live. The analogy falls apart from word 9.
I think some UNIX vets are confusing the Windows implementation of the command line and UNIX's. In UNIX they're pretty much identical in terms of functionality. In Windows that's not the case.
Example: yesterday I tried to FTP from a Windows 2003 server to another box. For the sake of speed, I tried using IE as my FTP client. Windows 2003 locked down the box by default, so that client wouldn't work without tweaking IE settings. However, I tried the Windows FTP command line app and it worked fine.
The "safeguard" described in the article really isn't meant to be a safeguard at all. It doesn't follow any of the low-level security features that the system provides (like permissions). It's just a quick tag for Joe User to remember that a file was downloaded and not placed by them.
LEARN ENGLISH!!!
Considering how many Slashdoters buy music through iTunes, I don't think it matters what DRM is used, as long as it's the right company.
Smoke alarms. Anyone see smoke alarms around here?
Say what you want about people who rely on PowerPoint (I know I do), but the app is actually pretty fun. I'm preparing a few training sessions now and PowerPoint is one of the things staff wants to learn. I've barely delved into it, but I'm finding a lot of Flash-like features. Sure, it's for "business", but it'll probably be the funnest training class I've ever held.