"Every time my computer does something strange, I'm worried that I might be infected."
Dispose of Windows, install a more secure OS, and take the time to learn to properly use your new OS. Surf using a virtual appliance to isolate the rest of the system. Some folks even surf and do much of their stuff using a live CD. Somewhat awkward but quite safe, and not a bad idea for online banking etc. Even if one isn't especially worried, this stuff is fun and useful to learn. I always laugh my ass off when people suggest "get a more secure OS". What's wrong with Windows? You can make one single minor adjustment to your computer's usage and be free of malware: fucking stop using Windows as administrator. Problem solved. No need to install another OS, no need to buy a more expensive computer (Mac). One single thing to do.
Oh and stop clicking on every "OMG YOU WON AN IPOD TOUCHME CLICK HERE1111!!!!ONEONEONoneELEVENTYone11!!" banners. And how about some common sense about not executing a file called "horny_18_teen.jpg.exe"?
99% of current malware is due exclusively because of user ignorance and stupidity. Wipe out Windows from the face of the Universe and what will you get? One BEEEELLLIIIIOOOON Linux and Mac zombies sending out SPAM.
Windows security is easy: (1) Stop using your computer logged on as administrator. (2) Common sense.
Very true, and I think nerds are the worst at recognizing this. All those people who spend hours on WoW, leading guilds, doing raids, and conversing over VOIP with their team are most likely NOT introverts, even if society makes them feel that way. The most successful raid leaders are introverted, for many reasons: - Small talk and chit chat leads to raid inefficiency. Introverts hate chit chat because it kills raids. In fact, one of the first things you'd see appear in our raid channel is: CUT THE CHATTER! And sometimes: SHUT THE FUCK UP OR LEAVE THE RAID!. Oh and introverts tend to pay more attention to raids and chat less. - As a leader you have to take difficult actions like bench people and kick people out. Again, not for extroverts. As an introvert you care less about personal feelings and more about raid efficiency. In cutting edge WoW raiding, efficiency is the main priority. - Introverts know the intricacies of the game. They spend way more time "powergaming", learning the game, than socializing like extroverts. They spend enormous time learning combat formulas, gather information about classes, read boards and technical posts and do boring mundane solo farming (again, little socializing) to improve their characters to maximum efficency. When you are on the cutting edge of raiding in WoW, you need to know every single detail about the game to "beat" some encounters. Again, not a job for extroverts who care more about the social aspect of the game.
From personal experience of over 4 years of "raiding", the best raid leaders I known were introverted, heavily.
The linux drivers for nvidia suck too, nvidia clearly take a long time to get up to speed on new operating systems, it's one reason I no longer use them. Having said that, they're pretty damn solid, so its most likely becuase vistas so mucked up when it comes to drivers. I got a fanless NVidia 7600GS, installed the restricted drivers for it (maybe even updated it, don't rememer). No problems at all. Runs my dual monitor setup *WAY* better than my Win 2k3 machine.
Everything. People run as administrator because they have to. Since when?
On my non administrator account I run the following programs (Windows XP): - World of Warcraft. - A few other games I play once every blue moon. - Music player, video player, encoders, editing software. - Office. - VPN client for my job. - Firefox with Flash, Java, AdBlock and NoScript. - Azureus. - Thunderbird.
I need administrator to run these: - Windows update (Duh!). - Various software updates (Duh!).
How is that different from a typical Linux usage? I still need root access (via sudo or root) to update my OS and installed programs. So where is this "Windows won't let you do anything of substance once you're running as non-administrator." problem?. I can play video games, do video editing, listen to music, surf the web, use office and work from home via VPN and all that without being logged in as administrator. Where is the problem?
I am perfectly aware that there are a few programs that have trouble running as non administrator most notably CD burning/ripping stuff. You can always run them "Run as administrator" or find one that works fine. Mind you, I never bothered finding one that works well, just picked up one from Sourceforge and run it as root.
The whole Windows security "issue" is strictly educational. The underlying OS has a very solid security framework that IMHO is better than Linux because it's more granular.
how marvelously uninformed.. Ah the irony...
Microsoft don't have more bots and virii in windows because their stuff is closed source, they have it because the underlying security model of windows is, and always has been, pretty poor. For years, normal users have run windows boxes in admin mode by default. This is INSANE!!, and yet it persists. What does the underlying security model have anything to do with idiots running Windows as administrator? No really, what? Please enlighten us. Do you have any idea about the Windows security model or you are just repeating the same old internet cliché "OMGZ WINDOZE IS NOT SECURE!!!1111oneoneeleventyone!!!!"?
How is your "poor Windows security model" different than someone running Linux as root? Just because the user is uninformed it doesn't mean the underlying OS is non secure. Windows is secure once you spend 1 minute creating a non administrator account.
Before I get flamed: I ran Windows since Win2k without *ANY* anti-malware programs installed, it's easy and never had any issues. My second machine is running Kubuntu.
And it would short-circuit Microsoft's share holders in the long run whom they answer to. MS doesn't answer to it's shareholders. Look at their stock price. Same as it was 7 years go. Look at their major competitors, GOOG and AAPL. Ooops? Did shareholders ask for Ballmer's head?
That's fair, because evolution IS a scientific theory. So is Gravity. Hopefully they'll also teach the kids what it means to be a theory, and that "theory" doesn't mean "wild-ass-guess". Evolution is a *FACT*. Gravity is a *FACT*.
The scientific explanations of those observed facts are called "Scientific Theories": The Theory of Evolution and The Theory of Gravity.
If you don't believe in gravity being a fact, please jump off a 42 story building.
The program you think of was ShowEQ. Also, this was a direct result of retarded game design by Sony where by one dragon can only be killed by one group of people per week, unlike the current crop of MMOGs where everything is instanced and this is no longer a problem.
Just the way ShowEQ was a direct result of game design flaws in EverQuest, the same way leveling bots are for other games or ingame currency selling for real life money and whatnot. Game design flaws will result in hacks, bots and currency trading.
Re:This Could Be The Worst Thing For KDE
on
KDE 4.0 Is Out
·
· Score: 1
So, what happens to Joe Average? He installs KDE4, tries out a few things, finds it broken in several places, not working as expected in others and not configurable where he may want it to be configurable. Yeah, because Joe Average spends time configuring desktops. Have you seen the Average Joe's XP desktop? Factory default settings with the Fisher Price interface.
Before you blast the man, think long and hard about the fact that he is the first billionaire to ever publically give away his entire fortune to real charity (that's right, he's not even giving his own kids anything). That's way more than any of the geek "heroes" like Steve Jobs have done or will ever do for humanity.
It's easy to bad-mouth his business practices, it's easy to bad-mouth his products. But I can't bad-mouth the man himself. He's way more charitable than I would be in the same circumstance.
Did he earn his vast fortune in an ethical, and in some cases legal way?
No.
MS is a convicted monopolist on 3 continents. MS used every possible strong arm tactic to cram their shitty OS down on everyone's throat. It's very easy to bad mouth the man himself when he earned most of his fortune by screwing others.
And I won't even mention BillG's "stellar" predictions. Now let me go back and continue work on my Tablet PC because it's more productive... oh wait...
You do realize God is the Good One, right? What kind of "good" God allows genocides to happen? What kind of "good" God sits around and does nothing while thousands of children die every single motherfucking day?
You see logic and faith as orthogonal concepts that supplement each other, rather than as competing concepts.
Or as the old Pope hold, science provides a description of how God created the world, while religion provides a description of why God created the world. So we take something very complex like the Earth or the universe, and we explain its origins by something even *MORE* complex.
Does that make any sense?
I see logic and faith as two totally opposite concepts. One relies on rational thinking while the other relies on two thousand year old myths. One of the memorable parts of Neil deGrasse Tyson's speech on Beyond Belief 2006 was the fact that 15% of scientists believe in God, and he thought that this 15% was the biggest worry of science. Because he, and many other scientist can't reconcile the belief in God with science because explaining something complex and unlikely by something even more complex and even more unlikely doesn't make any sense.
If Vista is FAR more secure than XP, then why do Vista users continually insist that you must have anti-virus, anti-spyware, anti-rootkit, and anti-thisandthat? If security is the one super duper feature that is to compell me to upgrade, then why not allow me to do away with the anti-crap?
I never used any anti-malware program on my XP machines. Taking simple precautions like not running the PC as administrator pretty much kills malware. A bit of common sense is all one needs to forgo the use of anti-malware bloatware. Common sense like not clicking on "OMGZ UR PC IS SLOW MEGAHURTZ!!!!111oneone!" flashing banner ads helps too. Of course best thing to do is using virtual machines to test downloads or do "dangerous" browsing.
There are plenty of ways not to get caught in the anti-malware quagmire, all you need is common sense, and you don't even need Vista for it.
I would pay 4$ extra for a DVD that would include the following bonuses:
- One iPod and PSP version video of the movie along with one version in a standard codec. - One iPod and PSP version video of each episode (if it's something like a Futurama season DVD) along with one version in a standard codec. - Flac/Wav/lossless version of the songs, if it's a concert DVD. - No DRM on the ripped stuff.
I am sick of installing 10 gazillion CD/DVD rippers and encoders just so I can watch my DVDs on my PSP and my DSM-320. 4$ for me would be no big deal to pay for that service.
Who knows if it's more reliable to read the New York Times for your financial news or Jim's Stock Blog? Many people I know have found the blogs & forums to be a much more useful and timely source of information about what they need to know. For stuff like computer hardware, music or video games, I read blogs. They are simply way more insightful and full of interesting information compared to sellout game magazines and other mainstream computer magazines. As for music, there is no coverage of underground music anyways, so I turn to ezines and blogs.
I wouldn't be surprised that this happens to other mainstream media. I mean, I rather read a leftist blog than watch/read CNN who all they do is publish stories about Britney and other Hollywood retards and in the process ignore important news.
I am not so sure we can't do a controlled experiment. My situation was simple, prior to internet downloading I had about 50 or so CDs. I just didn't have the opportunity to discover new music because the one I like is never played on radios, so it was a very slow CD collection building process by friend suggesting bands by word to mouth. Now all that changed with mp3s from ftp, newsgroups, Napster and torrents. From about 1998ish my CD collection skyrocketed, I went from about 50 CDs to about 500+ today. Money was never an issue, I attribute my sharp rise in CD buying to the fact that I had access to a "try before you buy" system. A few of my friends are in the same position as me.
I am sure if more meticulous research is done, people could come to the conclusion that P2P doesn't really hurt labels (at least small ones). However, big labels will hurt badly no matter if people buy CDs or not. With the coming of P2P I pretty much stopped buying big label music. Not because of some protest but because simply put, the vast majority of "music" coming out of big labels is a steaming pile of horse manure. I discovered the whole indie label / specialized label music, which is FAR richer and I dumped the big labels.
If you installed XP on it, you'd have little drive capacity left. After you've installed the anti-malware, anti-virus, anti-this and anti-that which are essential with Windows, you might be left with a few kb for applications and data! Leave the poor thing alone, and let it run its small, efficient, reliable and secure operating system. It works very well straight out of the box! I run Windows without any anti-malware thank you very much! Just because the majority of people run Windows as administrator, use IE and blindly click on every retarded "OMG YOU WON AN IPOD!!!!oneone111!!!!" flashing banner, doesn't mean all people do. You can run Windows fine quite safe and secure without anti-malware software clogging your computer's arteries.
4: EMI already *do* diversify. They release everything between and including Pink Floyd and Kylie Minogue. Really? When EMI regulary sells drone metal, shoegaze, dark ambient or simply bands that play in 700-1000 people venues, then yes, EMI will be diversified. Right now most of their acts are regurgitated pop crap or bands who no longer play or make albums. And no, Pink Floyd doesn't count. If Floyd were a new band today, there is no way in hell they'll be signed to EMI. Case in point: Agalloch. Floyd make complex music, music you have to think about, savour, something the targeted audience of EMI doesn't want. Hell, when EMI will sell any decent metal music, then yes, they might be a bit more diverse.
Right now EMI, like the other big labels, are selling mostly music that plays well on radio. 3:30 minute songs, catchy, poppy, perfect for radio. Yes there are a few exceptions that are mostly "legacy" artists who made their names in the 70s,80s.
Whey I'll see artists like Agalloch, Haggard, Tiamat, The Gathering, Ulver, Ulf Söderberg and Arcturus signed to EMI then yes, I will consider EMI diverse.
How is different from AV products prompting to update, to Azureus prompting to update, to KNotifier (or whatever the KDE update checker is called) asking me to install updates in Linux? This is far from being a Windows security issue. This is simply software update/interface problem. Yes people get fed up. Imagine if the planet was running Ubuntu, I bet that within months many people would switch to root because they'll be fed up with the password prompts for everything. Again, the problem is not Linux security, but people. If people are too lazy and stupid to understand security basics, let's not blame the underlying OS.
As for RadioactiveX components, I've been using Firefox for about 3+ years, if not more, have yet to see one major site, hell, one website, asking me to install a component. On the corporate side, a competent AD administrator will lock down every single station easy.
Finally, for "Run As" and people running as administrators, if software is written to be run only by administrators, then it's the software maker's fault not the OS, it's shitty software. Do you blame Linux (or Windows) when a shitty ATI driver crashes? No. I've been running Windows as a "peon" user for over 6 years now. The only programs I had to run with "Run As" where CD ripping/burning programs (Nero 7 allows to run as non administrator). Rest all worked fine: Office, media players, email, browsers, media transcoders/editors, Visual Studio, Eclipse, name it. And unless I am mistaken, if programs use basic CreateProcess() API to spawn children without SecurityToken fiddling, they should be fine. This is what Microsoft does, fire up CMD.exe as administrator and whatever process you start within that command box is running as administrator.
Windows XP SP2 and beyond has a very nice security framework. Perfect? No. A nightmare"? Hell no.
the nightmare OS that is Windows What's wrong with XP SP2 security wise? Or Vista? or Windows 2003 Server? Care to elaborate? No really, what is this big nightmare about Windows security post XP SP2?
The secret sauce is to not run Windows as administrator. You don't even need anti virus programs.
(1) Don't run Windows as administrator. This is the most important thing you can do to secure your Windows PC. (2) Use Firefox or Opera, if FF, use AdBlock+ and NoScript addons. (3) Use common sense. If you "Click here to win 20000$" sounds too good to be true. Yup, it is probably an invitation for malware. (4) Avoid downloading awesomevideo.exe when surfing for pr0n (or cracks/serials). In fact, treat every executable you download as a virus. Use a VM to test them. Free virtualization is available and is easy to use. (5) Use a router with built-in firewall (most have it anyways). (6) If you are really paranoid, do your surfing inside a VM.
VMWare is virtualization software, not emulation software. It runs pretty close to native speed, depending on what you run on it. Comparing it to bochs is just stupid, that's a full blown emulator. A VM still uses your processor natively to decode the majority of instructions, it just catches the privileged ones, that otherwise would make your OS go boom. (Simply put) I had to port this major banking application to VMWare ESX (in a VM running Windows 2003). I have to agree with your "runs pretty close to native speed, depending on what you run on it" comment. My only beef is that, "depending on what you run on it" is extremely limited.
On a native machine, we achieved about 55-70 transactions per second, after that, the CPU of the machine was maxed out. This was a quad Xeon with about 16 gigs of ram. The same exact machine, running ESX host, and one single VM, one, our Windows 2003 server, was able to achieve about 2-5 transactions per second before the host throwing in the towel. Now I am sure ESX 3 will be faster. This wasn't ESX 3, was 2.something.
What I noticed was that: - VMWare has a lot of trouble with applications who do a lot of context switches. Basically, object pools with significant usage. If the CPU has to swap from thread to thread, it kills VMWare. - We did a few network tests with bizarre results like VM network latency being 50% more. This is a killer with any system remotely trying to get a decent transactions per secon. We had to de-virtualize our SQL server and SNA gateway, it wasn't able to hold the load. - For some odd reasons MOM, anti-viruses and SMS can choke a host without any problems. My hypothesis is that missed file cache is brutal for VMWare, especially if other VMs are doing some I/O intensive stuff.
I wouldn't recommend anyone putting a server with moderate to high load as a VM. However, VMWare is awesome for very low load server, we can pack 6-10 of these servers easily on the same dual dual core Xeon. And could probably more.
Slashdot Mirror
Dispose of Windows, install a more secure OS, and take the time to learn to properly use your new OS. Surf using a virtual appliance to isolate the rest of the system. Some folks even surf and do much of their stuff using a live CD. Somewhat awkward but quite safe, and not a bad idea for online banking etc. Even if one isn't especially worried, this stuff is fun and useful to learn. I always laugh my ass off when people suggest "get a more secure OS". What's wrong with Windows? You can make one single minor adjustment to your computer's usage and be free of malware: fucking stop using Windows as administrator. Problem solved. No need to install another OS, no need to buy a more expensive computer (Mac). One single thing to do.
Oh and stop clicking on every "OMG YOU WON AN IPOD TOUCHME CLICK HERE1111!!!!ONEONEONoneELEVENTYone11!!" banners. And how about some common sense about not executing a file called "horny_18_teen.jpg.exe"?
99% of current malware is due exclusively because of user ignorance and stupidity. Wipe out Windows from the face of the Universe and what will you get? One BEEEELLLIIIIOOOON Linux and Mac zombies sending out SPAM.
Windows security is easy:
(1) Stop using your computer logged on as administrator.
(2) Common sense.
Yes I know, it's difficult.
- Small talk and chit chat leads to raid inefficiency. Introverts hate chit chat because it kills raids. In fact, one of the first things you'd see appear in our raid channel is: CUT THE CHATTER! And sometimes: SHUT THE FUCK UP OR LEAVE THE RAID!. Oh and introverts tend to pay more attention to raids and chat less.
- As a leader you have to take difficult actions like bench people and kick people out. Again, not for extroverts. As an introvert you care less about personal feelings and more about raid efficiency. In cutting edge WoW raiding, efficiency is the main priority.
- Introverts know the intricacies of the game. They spend way more time "powergaming", learning the game, than socializing like extroverts. They spend enormous time learning combat formulas, gather information about classes, read boards and technical posts and do boring mundane solo farming (again, little socializing) to improve their characters to maximum efficency. When you are on the cutting edge of raiding in WoW, you need to know every single detail about the game to "beat" some encounters. Again, not a job for extroverts who care more about the social aspect of the game.
From personal experience of over 4 years of "raiding", the best raid leaders I known were introverted, heavily.
YMMW!
On my non administrator account I run the following programs (Windows XP):
- World of Warcraft.
- A few other games I play once every blue moon.
- Music player, video player, encoders, editing software.
- Office.
- VPN client for my job.
- Firefox with Flash, Java, AdBlock and NoScript.
- Azureus.
- Thunderbird.
I need administrator to run these:
- Windows update (Duh!).
- Various software updates (Duh!).
How is that different from a typical Linux usage? I still need root access (via sudo or root) to update my OS and installed programs. So where is this "Windows won't let you do anything of substance once you're running as non-administrator." problem?. I can play video games, do video editing, listen to music, surf the web, use office and work from home via VPN and all that without being logged in as administrator. Where is the problem?
I am perfectly aware that there are a few programs that have trouble running as non administrator most notably CD burning/ripping stuff. You can always run them "Run as administrator" or find one that works fine. Mind you, I never bothered finding one that works well, just picked up one from Sourceforge and run it as root.
The whole Windows security "issue" is strictly educational. The underlying OS has a very solid security framework that IMHO is better than Linux because it's more granular.
How is your "poor Windows security model" different than someone running Linux as root? Just because the user is uninformed it doesn't mean the underlying OS is non secure. Windows is secure once you spend 1 minute creating a non administrator account.
Before I get flamed:
I ran Windows since Win2k without *ANY* anti-malware programs installed, it's easy and never had any issues. My second machine is running Kubuntu.
No. They are powerless or don't care.
Gravity is a *FACT*.
The scientific explanations of those observed facts are called "Scientific Theories": The Theory of Evolution and The Theory of Gravity.
If you don't believe in gravity being a fact, please jump off a 42 story building.
Butchering Clarke's 3d law: Any sufficiently advanced malice is indistinguishable from incompetence.
The program you think of was ShowEQ. Also, this was a direct result of retarded game design by Sony where by one dragon can only be killed by one group of people per week, unlike the current crop of MMOGs where everything is instanced and this is no longer a problem.
Just the way ShowEQ was a direct result of game design flaws in EverQuest, the same way leveling bots are for other games or ingame currency selling for real life money and whatnot. Game design flaws will result in hacks, bots and currency trading.
Did he earn his vast fortune in an ethical, and in some cases legal way?It's easy to bad-mouth his business practices, it's easy to bad-mouth his products. But I can't bad-mouth the man himself. He's way more charitable than I would be in the same circumstance.
No.
MS is a convicted monopolist on 3 continents. MS used every possible strong arm tactic to cram their shitty OS down on everyone's throat. It's very easy to bad mouth the man himself when he earned most of his fortune by screwing others.
And I won't even mention BillG's "stellar" predictions. Now let me go back and continue work on my Tablet PC because it's more productive
Or as the old Pope hold, science provides a description of how God created the world, while religion provides a description of why God created the world. So we take something very complex like the Earth or the universe, and we explain its origins by something even *MORE* complex.
Does that make any sense?
I see logic and faith as two totally opposite concepts. One relies on rational thinking while the other relies on two thousand year old myths. One of the memorable parts of Neil deGrasse Tyson's speech on Beyond Belief 2006 was the fact that 15% of scientists believe in God, and he thought that this 15% was the biggest worry of science. Because he, and many other scientist can't reconcile the belief in God with science because explaining something complex and unlikely by something even more complex and even more unlikely doesn't make any sense.
I never used any anti-malware program on my XP machines. Taking simple precautions like not running the PC as administrator pretty much kills malware. A bit of common sense is all one needs to forgo the use of anti-malware bloatware. Common sense like not clicking on "OMGZ UR PC IS SLOW MEGAHURTZ!!!!111oneone!" flashing banner ads helps too. Of course best thing to do is using virtual machines to test downloads or do "dangerous" browsing.
There are plenty of ways not to get caught in the anti-malware quagmire, all you need is common sense, and you don't even need Vista for it.
I would pay 4$ extra for a DVD that would include the following bonuses:
- One iPod and PSP version video of the movie along with one version in a standard codec.
- One iPod and PSP version video of each episode (if it's something like a Futurama season DVD) along with one version in a standard codec.
- Flac/Wav/lossless version of the songs, if it's a concert DVD.
- No DRM on the ripped stuff.
I am sick of installing 10 gazillion CD/DVD rippers and encoders just so I can watch my DVDs on my PSP and my DSM-320. 4$ for me would be no big deal to pay for that service.
I wouldn't be surprised that this happens to other mainstream media. I mean, I rather read a leftist blog than watch/read CNN who all they do is publish stories about Britney and other Hollywood retards and in the process ignore important news.
I am not so sure we can't do a controlled experiment. My situation was simple, prior to internet downloading I had about 50 or so CDs. I just didn't have the opportunity to discover new music because the one I like is never played on radios, so it was a very slow CD collection building process by friend suggesting bands by word to mouth. Now all that changed with mp3s from ftp, newsgroups, Napster and torrents. From about 1998ish my CD collection skyrocketed, I went from about 50 CDs to about 500+ today. Money was never an issue, I attribute my sharp rise in CD buying to the fact that I had access to a "try before you buy" system. A few of my friends are in the same position as me.
I am sure if more meticulous research is done, people could come to the conclusion that P2P doesn't really hurt labels (at least small ones). However, big labels will hurt badly no matter if people buy CDs or not. With the coming of P2P I pretty much stopped buying big label music. Not because of some protest but because simply put, the vast majority of "music" coming out of big labels is a steaming pile of horse manure. I discovered the whole indie label / specialized label music, which is FAR richer and I dumped the big labels.
Right now EMI, like the other big labels, are selling mostly music that plays well on radio. 3:30 minute songs, catchy, poppy, perfect for radio. Yes there are a few exceptions that are mostly "legacy" artists who made their names in the 70s,80s.
Whey I'll see artists like Agalloch, Haggard, Tiamat, The Gathering, Ulver, Ulf Söderberg and Arcturus signed to EMI then yes, I will consider EMI diverse.
How is different from AV products prompting to update, to Azureus prompting to update, to KNotifier (or whatever the KDE update checker is called) asking me to install updates in Linux? This is far from being a Windows security issue. This is simply software update/interface problem. Yes people get fed up. Imagine if the planet was running Ubuntu, I bet that within months many people would switch to root because they'll be fed up with the password prompts for everything. Again, the problem is not Linux security, but people. If people are too lazy and stupid to understand security basics, let's not blame the underlying OS.
As for RadioactiveX components, I've been using Firefox for about 3+ years, if not more, have yet to see one major site, hell, one website, asking me to install a component. On the corporate side, a competent AD administrator will lock down every single station easy.
Finally, for "Run As" and people running as administrators, if software is written to be run only by administrators, then it's the software maker's fault not the OS, it's shitty software. Do you blame Linux (or Windows) when a shitty ATI driver crashes? No. I've been running Windows as a "peon" user for over 6 years now. The only programs I had to run with "Run As" where CD ripping/burning programs (Nero 7 allows to run as non administrator). Rest all worked fine: Office, media players, email, browsers, media transcoders/editors, Visual Studio, Eclipse, name it. And unless I am mistaken, if programs use basic CreateProcess() API to spawn children without SecurityToken fiddling, they should be fine. This is what Microsoft does, fire up CMD.exe as administrator and whatever process you start within that command box is running as administrator.
Windows XP SP2 and beyond has a very nice security framework. Perfect? No. A nightmare"? Hell no.
Just because the users are stupid and run Windows as administrator, doesn't mean the OS itself is insecure.
PS: I am posting this from my Kubuntu Feisty machine.
The secret sauce is to not run Windows as administrator. You don't even need anti virus programs.
(1) Don't run Windows as administrator. This is the most important thing you can do to secure your Windows PC.
(2) Use Firefox or Opera, if FF, use AdBlock+ and NoScript addons.
(3) Use common sense. If you "Click here to win 20000$" sounds too good to be true. Yup, it is probably an invitation for malware.
(4) Avoid downloading awesomevideo.exe when surfing for pr0n (or cracks/serials). In fact, treat every executable you download as a virus. Use a VM to test them. Free virtualization is available and is easy to use.
(5) Use a router with built-in firewall (most have it anyways).
(6) If you are really paranoid, do your surfing inside a VM.
On a native machine, we achieved about 55-70 transactions per second, after that, the CPU of the machine was maxed out. This was a quad Xeon with about 16 gigs of ram. The same exact machine, running ESX host, and one single VM, one, our Windows 2003 server, was able to achieve about 2-5 transactions per second before the host throwing in the towel. Now I am sure ESX 3 will be faster. This wasn't ESX 3, was 2.something.
What I noticed was that:
- VMWare has a lot of trouble with applications who do a lot of context switches. Basically, object pools with significant usage. If the CPU has to swap from thread to thread, it kills VMWare.
- We did a few network tests with bizarre results like VM network latency being 50% more. This is a killer with any system remotely trying to get a decent transactions per secon. We had to de-virtualize our SQL server and SNA gateway, it wasn't able to hold the load.
- For some odd reasons MOM, anti-viruses and SMS can choke a host without any problems. My hypothesis is that missed file cache is brutal for VMWare, especially if other VMs are doing some I/O intensive stuff.
I wouldn't recommend anyone putting a server with moderate to high load as a VM. However, VMWare is awesome for very low load server, we can pack 6-10 of these servers easily on the same dual dual core Xeon. And could probably more.