Windows version
Windows 2000 Professional Service Pack 4 with Internet Explorer 6 Service Pack 1 (both fully patched).
Perl distribution and version
perl 5.6.1, ActivePerl Build 633.
Notes
pizza_order works almost out of the box, with just a few adjustments required:
pizza_order depends on the Getopt::Mixed package, not installed by default in this version of ActivePerl. Just run "ppm install Getopt::Mixed" as a Power User or Administrator while an Internet connection is active;
the command prompt will try to run extension-less files as Windows or DOS executables, so you either need to rename the file as "pizza_order.pl" and add the.pl extension to the %PATHEXT% variable, or convert the script into a batch file with the pl2bat command shipped with ActivePerl. I recommend the former until I find a better solution;
the documentation is in the usual nroff format. Either get Windows ports of man, less and nroff, or (much better) run a man-to-HTML converter, and optionally wrap the HTML document in a CHM and install it as a system documentation file (I forgot how to do this, but it isn't hard to find out).
I don't have a Dominoes account, so I can't really confirm it works. But it runs up until the authentication, so I'll assume it does.
Oh, and on Windows process command lines aren't world-readable, so it's safe to pass the password with the -P option.
445 is CIFS over direct TCP/IP (as opposed to 138/UDP and 139/TCP, which reach the CIFS server indirectly, through NetBIOS emulation over TCP/IP - also known as NetBT). The CIFS server, in other words, is both a NetBIOS and (since Windows 2000) a TCP/IP server. I hope this answers what port 445 is for.
What's LSASS for? LSASS is the center of Windows authentication. Logging on on a Windows system always involves LSASS. Single sign-on is all about LSASS - when the CIFS client needs to authenticate on a file server, it asks LSASS for the credentials the requestor provided. The opposite is also true: when the CIFS server receives a request on the network, it must validate the credentials and resolve them to a SID (Security ID, variable length identifiers for users, groups and domains). This is probably what happens here - CIFS is used to deliver malformed credentials to LSASS.
OTOH NT and all of its derivatives do try to absorb some of those features; exponentially increasing its complexity
It looks like nobody really understands Windows NT. Not that I'll blame you for this, as it's hard to find enough information and cross-reference it. May I try to debunk some myth and present a few facts?
The Windows NT kernel is an upgrade of the VMS kernel. If you hear this, it's true - but at least know why. Many parts (scheduler, I/O manager, object manager) are equivalent or outright identical. To people asking, ironically, why Windows NT isn't nearly as reliable as VMS, I'll answer: hardware, third-party drivers, and a question: since the Linux kernel has basically been a pathetic low-end toy until version 2.6, how do you explain the success of GNU/Linux?
When I say Linux is only now becoming a real kernel, I intend to prove it - by comparison, of course. What's so new and cool about 2.6? let's see: ACLs, capabilities, constant time scheduler, a HAL, PnP, legacy-free system support, threads, TLS, futexes. Except PnP (introduced in Windows 2000), legacy-free support (Windows XP) and futexes ("keyed events", Windows 2003 Server), Windows NT has had them since day one. And what's this rumor I hear about making file names textual, vs. basically binary, strings?
Linux is innovating - by UNIX standards.
Windows NT is not a microkernel, but it was clearly to be one. It's a microkernel like me and you are monkeys: it takes X rays to see where our tails went.
You can easily spot the traces of the original design: named communication ports (LRPC ports) for rich IPC, fast thread pairing primitives (low-high event pair), ability to execute operations on any process or thread through a safe reference (object handle). You can even create a process that is a child of a third process - you can easily see where was this going to go (side note: the Interix subsystem still works old-style, as a microkernel).
It's also interesting to note the obscure and unique terminology: the kernel is called "system", to differentiate it from subsystems, that were supposed to run in user mode, and it's divided into "kernel" (what other systems call "scheduler") and "Executive" ("kernel") - scheme that could be taken to an extreme by running two different kernels on the same scheduler, with the HAL arbitering resources. Well, and mutexes are internally called "mutants", but that must be Dave's notorious sense of humor let loose
Windows NT is not object-oriented: it's object-based. It can't be object-oriented, as it lacks encapsulation and real inheritance. It does polymorphism, but lacking inheritance it isn't interface-based, but prototype-based: every object carries not only its implementation, but also its whole type description, allocator, factory and all else (curiously, prototypes are object themselves, of prototype ObjectType, of prototype itself)
First, news flash: Windows comes with sensible defaults. Dialogs are meant to be a one-time annoyance, and they are long and winding because you need to get it right the one first time and then forget it. Things go wrong? doesn't happen so often, so you should be able to orient yourself without needing to have taken notes months ago, when you set it up.
Second, configuring networks by hand is an obsolete concept, so it's nothing that should be toted around so proudly. Part of the sensible defaults in Windows is DHCP support, and there's really no reason not to use it (is there? sucks to be you. You'd have to do extra work anyway). But I digress.
Third, Windows isn't a free ticket for one-sided ignorance and lazyness. It may be so around your circles, it isn't if I'm nearby (who am I? I'm your worst nightmare come true. I know what's the difference between %ENVVAR% and !ENVVAR! in the Windows command prompt and I can quote the XSI standard by heart and install bootsectors by hand with dd, complete with setting disk parameters. I'm the two-headed computer guy, and I'm your nemesis, my dear monochromatic Linux wimp). Do you consider yourself a person open to exploration and self-education? you aren't if you moved away from Windows because you just didn't get it. You may like repeatedly submitting yourself to the masochistic practice of routinely wading through configuration dialogs, it's not my business. Different strokes for different people. We who use Windows not only as a dubious source of sordid personal pleasure, instead, prefer to sort out networking matters with the "netsh" command, in the rare event that something isn't taken care of by DHCP. Free hint: try "netsh interface ip add dns", and please resist soiling your underwear.
Fourth: I use Windows exclusively and I still understand UNIX better than you (add "nyah nyah nyah"s at will). What makes text files great is that you can put them under version control, the rest is just "ain't it cool". And I won't even begin commenting on your utter lack of understanding of the Windows registry (whooops! hope this doesn't count as a comment), because I have an unfair advantage.
Oh, please! find a better excuse. The patch worked perfectly. I wouldn't have the slightest idea of what the shutdown message looks like if, about a year ago, I didn't think "what if I terminate the LSASS process?". Why? because I installed the goddamned patch when I should have, that is more than a month ago, as soon as it came out for my language
How can people say Windows is not secure? since I upgraded to Windows 2000 from Windows 98, I have never used a personal firewall or an antivirus, and I still have to be infected for the first time (I got a virus only once, on Windows 98, because I double-clicked it by mistake, believing it wasn't a valid executable. Lo and behold, it was Matrix - the last, true virus. After Matrix there have only been these lame web worms). It all depends on how much time you're going to invest initially, and on how much ease of use you can tolerate to sacrifice to security
Sure, hard-core security is almost impossible to achieve, but mostly because of lack of culture and infrastructure:
Culture:
the NTFS filesystem maker creates a default ACL that allows file execution
the ACL editor is very liberal about execution access, always allowing it by default and (in the basic mode) mixing it with the read access, like it was equally harmless
Windows Scripting Host should check that the file is executable before executing the scripts within. Similarly, Office should always disable macros for non-executable documents (if execution access wasn't granted by default, this would shield users from the most common worms)
Infrastructure:
to run a service as some specific user, the credentials (username and password) aren't really necessary. You may want to run a service as a lesser user on the local machine, and as an anonymous user on the network (i.e. without credentials, like services running as SYSTEM) - much better security. But Microsoft needs to propagate the lie that Windows is more secure because a password is always necessary (bullshit), so you won't see this in Windows 2003 Server either
the management of devices is horrible, compared to the traditional UNIX way. You can't assign names or naming patterns to devices - they either choose their own names or let the system auto-generate them as progressive integers. So there's no reliable way to assign security to devices (e.g. locking out users from the floppy drive). Even the unreliable way requires third-party software, because the Policy Editor rejects device paths like \\.\GLOBALROOT\Device\Floppy0
I won't even go into the inadequacies of filesystem mounting. The thing is so broken (and unfixable without breaking existing drivers) that it isn't even funny
Essentially, it boils down to the fact that Windows 95 was more successful than it deserved to be. The NT team was forced to port the bad joke turned nightmare known as "Win32" to their wonderful system (and they'll probably go to the OS Engineer hell for what they had to do to hide the protected memory nature of Windows NT to Win32), and NT has never been its good, old self, since then (why the hell do we need drive letters in 2003? why isn't the damn CD-ROM mounted by label, so that programs won't complain when you move scratched media from your old, crappy drive to the newer one?)
if someone breaks into MS WindowsUpdate servers, he could install ANYTHING on millions of computers!
That's why all hotfixes are digitally signed. Windows Update, IIRC, checks the signatures on the files, but I'm not sure - I patch by hand (Windows Update isn't able to install patches without rebooting)
noting that Linux has never given me this kind of trouble
Gee, put some effort in configuring Windows too, and you'll never have this kind of trouble
The problem seems to be that if you install Microsoft's updated.Net packages before Visual Studio
Buzzz. Wrong. The.NET Framework won't be part of the system until Longhorn. Either you personally install it, or it doesn't get installed or updated automatically. The problem lies somewhere else
kind of important on a windows 2000 box, which doesn't have an integrated firewall
Guess what? it does have one. It's part of the native IPSec service. See this tutorial, and, in general, avoid Norton products like rats with bubonic plague
Windows patches keep restoring MS Outlook Express!
Yeah, quite annoying, but blame sloppy Windows developers for that (system file protection is good. I didn't realize it until an install of Corel DRAW 9 on Windows NT 4 overwrote msvcrt.dll with an earlier version, and I was blamed). However, I've reversed it, discovered where the list of protected files is (sfcfiles.dll), in which format, and I can hand you a bogus sfcfiles.dll (with sources, if you're curious) that disables file protection completely by returning an empty list of files. Mail me if you are interested
We write the software you use. We keep your systems up and running. We do your backups. We manage your data. We guard you while you sleep
Then, we get replaced by cheap temps from India, get fired and got to learn really fast how to say "Would you like fries with that?" without bursting in tears
Maybe there is a way to have it return better results, but I haven't found it. I want it to be easier to narrow down my choices for APIs.
Stop fighting against the MSDN search engine, it's a waste of time. Download the Platform SDK (install only the documentation if you already have a developement environment, like Delphi or MinGW, because the thing is huge. Note that, for some reason, even the full download requires IE - but with wget and enough perseverance you'll be able to work around that): most of the time you won't even need to use the search - the keyword index is faster and straight to the point
If you need something that isn't in a downloadable SDK documentation pack, use Google. You know it's better, so why waste your time with the Microsoft search engine?
what's strange is that Office (as of version 8, aka Office 97) supports PNG transparency perfectly. I scanned my father's signature and saved it as a semi-transparent PNG, and Word correctly alpha-blends it (but, IIRC, trying to modify the image destroys the picture completely)
You think I haven't explored the third party issue? If you read what I wrote carefully you'll see that I said that a lot of the problems which occured did so immediately after the completion of the Windows install - before the third party products were installed.
"Blowing smoke in one's eyes" is the phrase that springs to mind. I somehow get the impression that you still have no idea of what was the problem, and you guess it was some kind of dark mystical voodoo. "Considering the third party issue" sounds a lot like "Let's uninstall random stuff until it either fixes itself or breaks horribly worse" - I mean,
Didn't I hear somewhere that NW7 is going to be a services based connectivity, authentication and management layer running on Linux? Samba? LDAP? NIS? ACLs? THAT would be cool.
They are considering Windows too, so that may be NetBT, Active Directory and, uh, ACLs
Apparently they have some product in the pipeline which would be easier to create with the unix source... probably interoperability or that text-mode windows server we were hearing about
Most definitely, it's for interoperability. For the text mode Windows server they'd have to remove, rather than add code. Nothing prevents a Windows text-mode server right now, other than the huge amount of low level code (OLE comes to mind) that depends on the windowing system in some measure - not to mention the insane amount of third party software surely broken in this respect
All I know is that, having decided to pull down some of the critical updates (not on auto, you understand) I can no longer get the properties window to appear for a directory in Explorer, except in safe mode
Do you call yourself a power Windows user? I hope not
I mean, man, this is basic. You clearly have some broken property page handler installed either for the Directory or Folder file classes (slowdonws in Explorer after installing software are always related to shell extensions - yes, this includes that handy WinZip menu)
Disable all of them, then reenable one by one (registry magic: you don't need to restart Explorer when you change this kind of things), until the problem reappears. Then, take note of the class-id of the broken property page and look it up in HKCR\CLSID to see what DLL implements it. In the worst case scenario you may have to sacrifice an useful property page - but often the DLL name and path will give you enough hints to discover the cause
memory handling? assuming you mean virtual memory management, Windows NT's virtual memory model is so deeply different from the simpler, traditional UNIX model of data segment plus stack segment (prevalent, no, the only possible in the old days of MMU-less machines, such as the hardware Xenix ran on) that this isn't even funny
networking? again, assuming you mean TCP/IP, why use the buggy, closed and expensive UNIX implementation when you have BSD?
You can patch a file in use on UNIX without shutting down because you can delete an open file and the applications will still be able to map/read/write to that inode, which will magically disappear when the last application closes it.
I estimate that, at the kernel level, it's a matter of commenting out a single line to make that work consistently on Windows (where an application can request that a file can't be deleted - which is, nowadays, ridicolous, but you'll see that also MacOSX supports this behavior). At the application level it's an entirely different matter - it may or may not be enough to solve the problem, because most Windows applications are notorious for being complex houses of cards that make undocumented assumptions about their environment
Meanwhile, there are currently 13 KNOWN unpatched vulnerabilities in Microsoft's Internet Explorer [...]
Jesus Christ, I swear I've already read this post at least three times. What does this mean? why do you keep posting this over and over and over again?
Other inherent vulnerabilities [...]
"Inherent". Oh, please! why doesn't anybody even make some attempt at research? I mean, how can you talk out of your ass so blatantly? Do you know what I did, when I read the (laughable and written by a media whore type, as I realized shortly thereafter) article about Shatter? I fired up the PSDK help, and checked, one by one, the documentation of all of the window messages to see how many passed pointers to procedures as their parameters. I don't like making unsupported claims - if the topic interests me (and anything Windows does), I always do some research, regardless of how much time it's going to cost me
Anyway, guess how many I found? exactly one: the WM_TIMER discussed in the article (some sub-messages of WM_NOTIFY did too, but since WM_NOTIFY can't be sent inter-process that doesn't matter). The fix was trivial - just look for WM_TIMER in the Knowledge Base for a number of good articles about the fix and some errors in designing non-interactive services that should be avoided (and that Microsoft learned to avoid the hard way)
[...] Microsoft has known about since 1994!
Any supporting fact to this claim? no, obviously. Microsoft (and everyone else, for that matter) have always "known" about it not entirely unlike everybody knew about gets(), strcat(), sprintf() but didn't realize they were dangerous
Even if the API/call flaw is inherently unfixable, [...]
If you're going to troll, at least be humble. You could have said "The initial fix for Windows NT 4 was broken and it caused repeated BSODs", but no, you prefer unsupported claims, knowing that Slashdot is mostly a Linux crowd that will just nod in approvation. Well, I personally tested the exploit, and patched my machine as soon as the QFE came out - what did you do, apart from copying-pasting a post four times?
None of Microsoft's own hotfix/patch status scanning tools designed to prove "baseline security" were able to help administrators avoid Sapphire.
So Microsoft says "it's the best tool" and everybody automatically believes it? Can someone explain why Windows seems to cause chronic laziness in so many people?
I mean, I feel constantly stimulated by learning new things about its internals and trying new toys every day, so I can't sympathize at all with fellow Windows users that happily swallow Microsoft press releases or never even try alternatives to Microsoft tools even if they know they exist (e.g., in this case, the original HFNetChk by Shavlik, that I find better. Other examples are people insisting to use Visual C++ even if they hate it, have always used GCC and know that there's GCC for Windows - I mean, WTF?)
When I open openoffice is just sits there doing nothing for like 20 seconds and then launched. No excess cpu overhead or anything. It just stalls and then runs. Its just annoying and I wonder if its a conspiracy theory.
I'm experiencing the same issue. Only it happens with Explorer (seldom, at logon) and Outlook Express (always - luckily I don't use it), and it's been happening for a long, long time (but I blame myself and my obsession to reorganize hierarchically the whole Program Files folder...). They appear to be stuck in an invocation of NtReplyWaitReceivePortEx - and luckily the *Ex form of this system call can time out! - from some RPC runtime routine, but I never indagated the problem in depth
Heh, nice to see them giving up and implementing the priority boost. I wish them the best luck implementing the detection of "foreground" tasks, with an user interface with so little contact with the processes it serves
Don't you know what this patch is about? Well, ever noticed how on Windows the three/four most used programs among the currently open tend to display their windows instantly when switching between them, not cause the disk to swap at all, be generally more responsive? It's because the Win32 subsystem gives foreground tasks a slight sheduling priority boost, and frees up background tasks' unused resources (the on-screen buffers of windows, I guess) as required by the foreground tasks' needs
You (and I mean you, random Slashdotter talking out of your ass) can easily see how X11 can't possibly compete on equivalent hardware, no matter how hard they try:
kernel-mode means one thing: everything happens in-process. You don't need to switch to another process's context to safely access shared resources. This means that the "system" (whatever that means) doesn't need to be notified when a task goes background - the task knows it, and it calls into the kernel, becoming the server process for the small amount of time it takes to access global resources
even shared memory and message passing instead of sockets won't speed up X11 much. Windows kicked X11's ass even when it had an user-mode GUI subsystem: the Windows NT team realized the importance of a responsive GUI, and invented a special synchronization object, the low-high pair, with the sole, specific purpose of synchronizing together a client and a server thread with the minimum overhead possible (in fact, extending the scheduler with a new waiting reason for threads)
I guess the only way to reliably scan a Windows system is take the hard disk out and mount it as a secondary drive in a known clean system? Beats me. Just about every other OS can be booted from removable media, but I don't know a way to do that with Windows.
Get Windows XP Embedded Edition. It can boot from R/O media, and a fullly working installation can be stripped down to take up as little as 16 MB of disk space
Now, I probably shouldn't be saying this, but while the evaluation version Microsoft sells to the public is timebombed, you can easily crack it by overwriting the timebombed executables with their equivalents from Windows XP Corporate Edition, like you do with the Home and Professional editions. If you don't feel like tinkering with setup packages and DLLs, some guy has already gone through the hassle of craking it, and sharing the "fixed" ISO on the eDonkey network
You're warned: the database of dependencies is quite heavy (over 2GB), so it requires SQL Server or MSDE (don't bitch about it, would you prefer a 2GB Jet database, instead?:-). The latter is already included on the CD
Re:No need to run Windows as an Administrator
on
Windows Rootkits
·
· Score: 1
We're all familiar with sudo for linux. There's an equivalent for Windows.
No, there isn't, because the relevant system calls aren't documented. In fact, I'm writing the first and only Windows equivalent of sudo as I type. What you're thinking of is probably su, rather than sudo
Re:rootkit redundant.
on
Windows Rootkits
·
· Score: 3, Informative
You cannot run another copy of Explorer.exe with it (and so you cannot access the control panel as administrator using this trick).
wrong, and wrong
First, you can. Kill explorer.exe from the task manager, and then rerun it as Administrator: you'll get the Administrator's taskbar, desktop, etc.
Second, you don't need to. You can run the command prompt as Administrator, and launch all the commands you need from there, including control panel applets and MMC snap-ins (you learn soon which has what filename). Or you can start Internet Explorer (iexplore.exe) as Administrator, instead - when browsing local folders, it will turn into an Explorer workalike, with just some UI problems (it won't be able to receive update notifications, not even from itself, so you'll need to refresh directory listings manually with F5)
As I understand it, a program running as Administrator on NT can elevate its privileges to LocalSystem and do just about anything, such as write sectors to physical drives.
It's correct, altough it isn't necessary to gain SYSTEM privileges to write to fixed disk partitions. Essentially because it isn't a matter of privileges, but of access control.
What's the difference? access control limits your access to secured objects, while privileges either allow you to bypass access control on some types of objects or in some circumstances (e.g. SeDebugPrivilege for processes and threads, SeBackup/RestorePrivilege to bypass access checks when reading/writing files, etc.), or they restrict dangerous operations on some or all kinds of objects (e.g. SeTakeOwnershipPrivilege to take the ownership of any object, SeSecurityPrivilege to set auditing control lists for objects, etc.), or they control access to non-object oriented (thus unaffected from access control) operations (e.g. SeSystemEnvironmentPrivilege to write to the NVRAM, SeLoadDriverPrivilege to load device drivers, etc.)
In this case, being in the Administrators group is enough to write on a fixed disk unit, as the default ACL for that kind of devices allows full access to the Administrators group
Is this actually intended to supplant Windows on the desktop, or is it more aimed at small embedded systems?
Looking at the current trend in design (a carbon-copy of Windows NT - i.e. no way to selectively turn off features such as DOS support, mouse & keyboard handling, etc. during compilation, a great number of system services implemented through RPC, a minimum of 4 user-mode processes, started from hard-coded paths, etc.), I'd say it's aimed more towards the desktop, and it's not necessarily bad, IMO. Like Jason says, we should not spread ourselves too thin
Slashdot Mirror
pizza_order works almost out of the box, with just a few adjustments required:
I don't have a Dominoes account, so I can't really confirm it works. But it runs up until the authentication, so I'll assume it does.
Oh, and on Windows process command lines aren't world-readable, so it's safe to pass the password with the -P option.
445 is CIFS over direct TCP/IP (as opposed to 138/UDP and 139/TCP, which reach the CIFS server indirectly, through NetBIOS emulation over TCP/IP - also known as NetBT). The CIFS server, in other words, is both a NetBIOS and (since Windows 2000) a TCP/IP server. I hope this answers what port 445 is for.
What's LSASS for? LSASS is the center of Windows authentication. Logging on on a Windows system always involves LSASS. Single sign-on is all about LSASS - when the CIFS client needs to authenticate on a file server, it asks LSASS for the credentials the requestor provided. The opposite is also true: when the CIFS server receives a request on the network, it must validate the credentials and resolve them to a SID (Security ID, variable length identifiers for users, groups and domains). This is probably what happens here - CIFS is used to deliver malformed credentials to LSASS.
It looks like nobody really understands Windows NT. Not that I'll blame you for this, as it's hard to find enough information and cross-reference it. May I try to debunk some myth and present a few facts?
The Windows NT kernel is an upgrade of the VMS kernel. If you hear this, it's true - but at least know why. Many parts (scheduler, I/O manager, object manager) are equivalent or outright identical. To people asking, ironically, why Windows NT isn't nearly as reliable as VMS, I'll answer: hardware, third-party drivers, and a question: since the Linux kernel has basically been a pathetic low-end toy until version 2.6, how do you explain the success of GNU/Linux?
When I say Linux is only now becoming a real kernel, I intend to prove it - by comparison, of course. What's so new and cool about 2.6? let's see: ACLs, capabilities, constant time scheduler, a HAL, PnP, legacy-free system support, threads, TLS, futexes. Except PnP (introduced in Windows 2000), legacy-free support (Windows XP) and futexes ("keyed events", Windows 2003 Server), Windows NT has had them since day one. And what's this rumor I hear about making file names textual, vs. basically binary, strings?
Linux is innovating - by UNIX standards.
Windows NT is not a microkernel, but it was clearly to be one. It's a microkernel like me and you are monkeys: it takes X rays to see where our tails went.
You can easily spot the traces of the original design: named communication ports (LRPC ports) for rich IPC, fast thread pairing primitives (low-high event pair), ability to execute operations on any process or thread through a safe reference (object handle). You can even create a process that is a child of a third process - you can easily see where was this going to go (side note: the Interix subsystem still works old-style, as a microkernel).
It's also interesting to note the obscure and unique terminology: the kernel is called "system", to differentiate it from subsystems, that were supposed to run in user mode, and it's divided into "kernel" (what other systems call "scheduler") and "Executive" ("kernel") - scheme that could be taken to an extreme by running two different kernels on the same scheduler, with the HAL arbitering resources. Well, and mutexes are internally called "mutants", but that must be Dave's notorious sense of humor let loose
Windows NT is not object-oriented: it's object-based. It can't be object-oriented, as it lacks encapsulation and real inheritance. It does polymorphism, but lacking inheritance it isn't interface-based, but prototype-based: every object carries not only its implementation, but also its whole type description, allocator, factory and all else (curiously, prototypes are object themselves, of prototype ObjectType, of prototype itself)
There! don't we all feel better, now?
OK, I'll bite.
First, news flash: Windows comes with sensible defaults. Dialogs are meant to be a one-time annoyance, and they are long and winding because you need to get it right the one first time and then forget it. Things go wrong? doesn't happen so often, so you should be able to orient yourself without needing to have taken notes months ago, when you set it up.
Second, configuring networks by hand is an obsolete concept, so it's nothing that should be toted around so proudly. Part of the sensible defaults in Windows is DHCP support, and there's really no reason not to use it (is there? sucks to be you. You'd have to do extra work anyway). But I digress.
Third, Windows isn't a free ticket for one-sided ignorance and lazyness. It may be so around your circles, it isn't if I'm nearby (who am I? I'm your worst nightmare come true. I know what's the difference between %ENVVAR% and !ENVVAR! in the Windows command prompt and I can quote the XSI standard by heart and install bootsectors by hand with dd, complete with setting disk parameters. I'm the two-headed computer guy, and I'm your nemesis, my dear monochromatic Linux wimp). Do you consider yourself a person open to exploration and self-education? you aren't if you moved away from Windows because you just didn't get it. You may like repeatedly submitting yourself to the masochistic practice of routinely wading through configuration dialogs, it's not my business. Different strokes for different people. We who use Windows not only as a dubious source of sordid personal pleasure, instead, prefer to sort out networking matters with the "netsh" command, in the rare event that something isn't taken care of by DHCP. Free hint: try "netsh interface ip add dns", and please resist soiling your underwear.
Fourth: I use Windows exclusively and I still understand UNIX better than you (add "nyah nyah nyah"s at will). What makes text files great is that you can put them under version control, the rest is just "ain't it cool". And I won't even begin commenting on your utter lack of understanding of the Windows registry (whooops! hope this doesn't count as a comment), because I have an unfair advantage.
Oh, please! find a better excuse. The patch worked perfectly. I wouldn't have the slightest idea of what the shutdown message looks like if, about a year ago, I didn't think "what if I terminate the LSASS process?". Why? because I installed the goddamned patch when I should have, that is more than a month ago, as soon as it came out for my language
How can people say Windows is not secure? since I upgraded to Windows 2000 from Windows 98, I have never used a personal firewall or an antivirus, and I still have to be infected for the first time (I got a virus only once, on Windows 98, because I double-clicked it by mistake, believing it wasn't a valid executable. Lo and behold, it was Matrix - the last, true virus. After Matrix there have only been these lame web worms). It all depends on how much time you're going to invest initially, and on how much ease of use you can tolerate to sacrifice to security
Sure, hard-core security is almost impossible to achieve, but mostly because of lack of culture and infrastructure:
Culture:
Infrastructure:
Essentially, it boils down to the fact that Windows 95 was more successful than it deserved to be. The NT team was forced to port the bad joke turned nightmare known as "Win32" to their wonderful system (and they'll probably go to the OS Engineer hell for what they had to do to hide the protected memory nature of Windows NT to Win32), and NT has never been its good, old self, since then (why the hell do we need drive letters in 2003? why isn't the damn CD-ROM mounted by label, so that programs won't complain when you move scratched media from your old, crappy drive to the newer one?)
That's why all hotfixes are digitally signed. Windows Update, IIRC, checks the signatures on the files, but I'm not sure - I patch by hand (Windows Update isn't able to install patches without rebooting)
Gee, put some effort in configuring Windows too, and you'll never have this kind of trouble
Buzzz. Wrong. The .NET Framework won't be part of the system until Longhorn. Either you personally install it, or it doesn't get installed or updated automatically. The problem lies somewhere else
Guess what? it does have one. It's part of the native IPSec service. See this tutorial, and, in general, avoid Norton products like rats with bubonic plague
Yeah, quite annoying, but blame sloppy Windows developers for that (system file protection is good. I didn't realize it until an install of Corel DRAW 9 on Windows NT 4 overwrote msvcrt.dll with an earlier version, and I was blamed). However, I've reversed it, discovered where the list of protected files is (sfcfiles.dll), in which format, and I can hand you a bogus sfcfiles.dll (with sources, if you're curious) that disables file protection completely by returning an empty list of files. Mail me if you are interested
Then, we get replaced by cheap temps from India, get fired and got to learn really fast how to say "Would you like fries with that?" without bursting in tears
Stop fighting against the MSDN search engine, it's a waste of time. Download the Platform SDK (install only the documentation if you already have a developement environment, like Delphi or MinGW, because the thing is huge. Note that, for some reason, even the full download requires IE - but with wget and enough perseverance you'll be able to work around that): most of the time you won't even need to use the search - the keyword index is faster and straight to the point
If you need something that isn't in a downloadable SDK documentation pack, use Google. You know it's better, so why waste your time with the Microsoft search engine?
what's strange is that Office (as of version 8, aka Office 97) supports PNG transparency perfectly. I scanned my father's signature and saved it as a semi-transparent PNG, and Word correctly alpha-blends it (but, IIRC, trying to modify the image destroys the picture completely)
"Blowing smoke in one's eyes" is the phrase that springs to mind. I somehow get the impression that you still have no idea of what was the problem, and you guess it was some kind of dark mystical voodoo. "Considering the third party issue" sounds a lot like "Let's uninstall random stuff until it either fixes itself or breaks horribly worse" - I mean,
They are considering Windows too, so that may be NetBT, Active Directory and, uh, ACLs
Most definitely, it's for interoperability. For the text mode Windows server they'd have to remove, rather than add code. Nothing prevents a Windows text-mode server right now, other than the huge amount of low level code (OLE comes to mind) that depends on the windowing system in some measure - not to mention the insane amount of third party software surely broken in this respect
Do you call yourself a power Windows user? I hope not
I mean, man, this is basic. You clearly have some broken property page handler installed either for the Directory or Folder file classes (slowdonws in Explorer after installing software are always related to shell extensions - yes, this includes that handy WinZip menu)
Disable all of them, then reenable one by one (registry magic: you don't need to restart Explorer when you change this kind of things), until the problem reappears. Then, take note of the class-id of the broken property page and look it up in HKCR\CLSID to see what DLL implements it. In the worst case scenario you may have to sacrifice an useful property page - but often the DLL name and path will give you enough hints to discover the cause
Please! typical pseudo-informed Slashdot comment. Let's see:
I estimate that, at the kernel level, it's a matter of commenting out a single line to make that work consistently on Windows (where an application can request that a file can't be deleted - which is, nowadays, ridicolous, but you'll see that also MacOSX supports this behavior). At the application level it's an entirely different matter - it may or may not be enough to solve the problem, because most Windows applications are notorious for being complex houses of cards that make undocumented assumptions about their environment
Jesus Christ, I swear I've already read this post at least three times. What does this mean? why do you keep posting this over and over and over again?
"Inherent". Oh, please! why doesn't anybody even make some attempt at research? I mean, how can you talk out of your ass so blatantly? Do you know what I did, when I read the (laughable and written by a media whore type, as I realized shortly thereafter) article about Shatter? I fired up the PSDK help, and checked, one by one, the documentation of all of the window messages to see how many passed pointers to procedures as their parameters. I don't like making unsupported claims - if the topic interests me (and anything Windows does), I always do some research, regardless of how much time it's going to cost me
Anyway, guess how many I found? exactly one: the WM_TIMER discussed in the article (some sub-messages of WM_NOTIFY did too, but since WM_NOTIFY can't be sent inter-process that doesn't matter). The fix was trivial - just look for WM_TIMER in the Knowledge Base for a number of good articles about the fix and some errors in designing non-interactive services that should be avoided (and that Microsoft learned to avoid the hard way)
Any supporting fact to this claim? no, obviously. Microsoft (and everyone else, for that matter) have always "known" about it not entirely unlike everybody knew about gets(), strcat(), sprintf() but didn't realize they were dangerous
If you're going to troll, at least be humble. You could have said "The initial fix for Windows NT 4 was broken and it caused repeated BSODs", but no, you prefer unsupported claims, knowing that Slashdot is mostly a Linux crowd that will just nod in approvation. Well, I personally tested the exploit, and patched my machine as soon as the QFE came out - what did you do, apart from copying-pasting a post four times?
So Microsoft says "it's the best tool" and everybody automatically believes it? Can someone explain why Windows seems to cause chronic laziness in so many people?
I mean, I feel constantly stimulated by learning new things about its internals and trying new toys every day, so I can't sympathize at all with fellow Windows users that happily swallow Microsoft press releases or never even try alternatives to Microsoft tools even if they know they exist (e.g., in this case, the original HFNetChk by Shavlik, that I find better. Other examples are people insisting to use Visual C++ even if they hate it, have always used GCC and know that there's GCC for Windows - I mean, WTF?)
I'm experiencing the same issue. Only it happens with Explorer (seldom, at logon) and Outlook Express (always - luckily I don't use it), and it's been happening for a long, long time (but I blame myself and my obsession to reorganize hierarchically the whole Program Files folder...). They appear to be stuck in an invocation of NtReplyWaitReceivePortEx - and luckily the *Ex form of this system call can time out! - from some RPC runtime routine, but I never indagated the problem in depth
To rewrite it
Heh, nice to see them giving up and implementing the priority boost. I wish them the best luck implementing the detection of "foreground" tasks, with an user interface with so little contact with the processes it serves
Don't you know what this patch is about? Well, ever noticed how on Windows the three/four most used programs among the currently open tend to display their windows instantly when switching between them, not cause the disk to swap at all, be generally more responsive? It's because the Win32 subsystem gives foreground tasks a slight sheduling priority boost, and frees up background tasks' unused resources (the on-screen buffers of windows, I guess) as required by the foreground tasks' needs
You (and I mean you, random Slashdotter talking out of your ass) can easily see how X11 can't possibly compete on equivalent hardware, no matter how hard they try:
Get Windows XP Embedded Edition. It can boot from R/O media, and a fullly working installation can be stripped down to take up as little as 16 MB of disk space
Now, I probably shouldn't be saying this, but while the evaluation version Microsoft sells to the public is timebombed, you can easily crack it by overwriting the timebombed executables with their equivalents from Windows XP Corporate Edition, like you do with the Home and Professional editions. If you don't feel like tinkering with setup packages and DLLs, some guy has already gone through the hassle of craking it, and sharing the "fixed" ISO on the eDonkey network
You're warned: the database of dependencies is quite heavy (over 2GB), so it requires SQL Server or MSDE (don't bitch about it, would you prefer a 2GB Jet database, instead? :-). The latter is already included on the CD
No, there isn't, because the relevant system calls aren't documented. In fact, I'm writing the first and only Windows equivalent of sudo as I type. What you're thinking of is probably su, rather than sudo
wrong, and wrong
First, you can. Kill explorer.exe from the task manager, and then rerun it as Administrator: you'll get the Administrator's taskbar, desktop, etc.
Second, you don't need to. You can run the command prompt as Administrator, and launch all the commands you need from there, including control panel applets and MMC snap-ins (you learn soon which has what filename). Or you can start Internet Explorer (iexplore.exe) as Administrator, instead - when browsing local folders, it will turn into an Explorer workalike, with just some UI problems (it won't be able to receive update notifications, not even from itself, so you'll need to refresh directory listings manually with F5)
It's correct, altough it isn't necessary to gain SYSTEM privileges to write to fixed disk partitions. Essentially because it isn't a matter of privileges, but of access control.
What's the difference? access control limits your access to secured objects, while privileges either allow you to bypass access control on some types of objects or in some circumstances (e.g. SeDebugPrivilege for processes and threads, SeBackup/RestorePrivilege to bypass access checks when reading/writing files, etc.), or they restrict dangerous operations on some or all kinds of objects (e.g. SeTakeOwnershipPrivilege to take the ownership of any object, SeSecurityPrivilege to set auditing control lists for objects, etc.), or they control access to non-object oriented (thus unaffected from access control) operations (e.g. SeSystemEnvironmentPrivilege to write to the NVRAM, SeLoadDriverPrivilege to load device drivers, etc.)
In this case, being in the Administrators group is enough to write on a fixed disk unit, as the default ACL for that kind of devices allows full access to the Administrators group
Looking at the current trend in design (a carbon-copy of Windows NT - i.e. no way to selectively turn off features such as DOS support, mouse & keyboard handling, etc. during compilation, a great number of system services implemented through RPC, a minimum of 4 user-mode processes, started from hard-coded paths, etc.), I'd say it's aimed more towards the desktop, and it's not necessarily bad, IMO. Like Jason says, we should not spread ourselves too thin