Why XP?
-
You made your point about previous points, but Windows ME really sucks. I know from experience. Stability alone is a huge problem. If you haven't used ME consider yourself lucky. I couldn't do anything without it crashing. I think stablity-wise XP or any NT based system is better that ME now XP is cheap enough for a home user. pushing us back into the Windows ME age Here I was trying to say ME sucks (it does) and It is about time to get out of 16-bit. My brain is fried right know. If I think of some good reasons I will get back to you. -:suss:Matt Newman:suss: -:suss:Matt Newman:suss: -Sonork ID: 100.11179:BestSnowman
-
I've been going round and round with myself and others on this one. I run a dual booted system between Window Me and Windows 2000. Everyone around me is telling me just to go Windows XP because it merges them nicely. I keep telling them no! I don't want XP to touch my hardware in any way/shape/or form. I am not saying this just because I am rather strongly anti-microsoft (which I am :)) I am saying this because of all the problems and issues with XP. I don't like the idea of raw sockets being usable by anyone on the home edition of XP. I know, my 2k partition can do it too, but not many home users run 2K so I feel safer. (For those of you who do not know about the raw sockets, go here: http://grc.com/dos/sockettome.htm It's a good article) Then we have all of the security problems with XP that caused a nice panic the other day. The security problems are not something to brush off, they are serious. (Here's a good link for general XP problems: http://grc.com/dos/winxp.htm) With all of this, there are now several corporations that have banned XP from their network. I won't mention names simply because of contracts and such, I'm sure you all understand. My company and two of the company's that we work closly with have banned XP. To the point that one of them has informed everyone that it is a terminatable offence. They are taking XP *very* seriously as a security risk. In my own company I was informed that it was able to take out the section of the network that it was on in just a few minutes. It did a broadcast storm from what I was told. (I was not there on that one, so I can neither confirm nor deny that one) At this point you are probably wondering "What's this lunatic's point?!?" Well it's quite simple. Why does everyone run XP? I see it everywhere! Screen captures of sample apps are running XP (with the telltale FP design, FP = Fisher Price). With all of these problems, what is the point of running XP? Does it really provide more stability than 2K? Does it have better compatability than 2K? For a home user, is it really easier to use than 98/Me? I have used it a little, and I really don't think it's that much different than 2K... And actually, if you run a winver on it, it comes back as 5.1. Why would I pay $100/200 for a .1 upgrade? I hope I didn't just start a flame war about whether XP is good or not, that was not the intention. I have supplied links to show my point. I wouldn't mind an honest debate on it, with proof. I think it would be interesting. Programmi
I just bought a new computer that came with XP home edition installed. Good: It's cute. It found the network printer right away, without having to install anything extra. It found my digital camera right away without installing any drivers. It has built in photo editing. Bad: I can't log onto a domain. Only professional edition will let you do this. This is very bad. I could do it in Win98. This is supposed to be an upgrade not a downgrade. When you buy a OEM version you no longer get the CD. What happens when I have to reinstall windows? I have to use their repair utility that resets it back to factory contition. All my data will be gone. Again very bad. I did not know this until after I bought the computer. I can't get it to work with my AT&T Broadband internet connection. I can hit a couple of pages then it can't connect and I have to do Repair Connection to continue. Again, very bad. My husband says I should just format and install Win98 SE. I can't do windows 2000 because of the lack of game support. :( Cathy Life's uncertain, have dessert first!
-
I just bought a new computer that came with XP home edition installed. Good: It's cute. It found the network printer right away, without having to install anything extra. It found my digital camera right away without installing any drivers. It has built in photo editing. Bad: I can't log onto a domain. Only professional edition will let you do this. This is very bad. I could do it in Win98. This is supposed to be an upgrade not a downgrade. When you buy a OEM version you no longer get the CD. What happens when I have to reinstall windows? I have to use their repair utility that resets it back to factory contition. All my data will be gone. Again very bad. I did not know this until after I bought the computer. I can't get it to work with my AT&T Broadband internet connection. I can hit a couple of pages then it can't connect and I have to do Repair Connection to continue. Again, very bad. My husband says I should just format and install Win98 SE. I can't do windows 2000 because of the lack of game support. :( Cathy Life's uncertain, have dessert first!
Cathy wrote: I can't do windows 2000 because of the lack of game support. FWIW - I'm not a heavy gamer, but W2K Profesional has run everything I've ever thrown at it. It (unlike NT) supports DirectX.
Mike Mullikin - Sonork 100.10096 "Oh, you hate your job? Why didn't you say so? There's a support group for that. It's called EVERYBODY, and they meet at the bar." - Drew Carey
-
Cathy wrote: I can't do windows 2000 because of the lack of game support. FWIW - I'm not a heavy gamer, but W2K Profesional has run everything I've ever thrown at it. It (unlike NT) supports DirectX.
Mike Mullikin - Sonork 100.10096 "Oh, you hate your job? Why didn't you say so? There's a support group for that. It's called EVERYBODY, and they meet at the bar." - Drew Carey
-
I've been going round and round with myself and others on this one. I run a dual booted system between Window Me and Windows 2000. Everyone around me is telling me just to go Windows XP because it merges them nicely. I keep telling them no! I don't want XP to touch my hardware in any way/shape/or form. I am not saying this just because I am rather strongly anti-microsoft (which I am :)) I am saying this because of all the problems and issues with XP. I don't like the idea of raw sockets being usable by anyone on the home edition of XP. I know, my 2k partition can do it too, but not many home users run 2K so I feel safer. (For those of you who do not know about the raw sockets, go here: http://grc.com/dos/sockettome.htm It's a good article) Then we have all of the security problems with XP that caused a nice panic the other day. The security problems are not something to brush off, they are serious. (Here's a good link for general XP problems: http://grc.com/dos/winxp.htm) With all of this, there are now several corporations that have banned XP from their network. I won't mention names simply because of contracts and such, I'm sure you all understand. My company and two of the company's that we work closly with have banned XP. To the point that one of them has informed everyone that it is a terminatable offence. They are taking XP *very* seriously as a security risk. In my own company I was informed that it was able to take out the section of the network that it was on in just a few minutes. It did a broadcast storm from what I was told. (I was not there on that one, so I can neither confirm nor deny that one) At this point you are probably wondering "What's this lunatic's point?!?" Well it's quite simple. Why does everyone run XP? I see it everywhere! Screen captures of sample apps are running XP (with the telltale FP design, FP = Fisher Price). With all of these problems, what is the point of running XP? Does it really provide more stability than 2K? Does it have better compatability than 2K? For a home user, is it really easier to use than 98/Me? I have used it a little, and I really don't think it's that much different than 2K... And actually, if you run a winver on it, it comes back as 5.1. Why would I pay $100/200 for a .1 upgrade? I hope I didn't just start a flame war about whether XP is good or not, that was not the intention. I have supplied links to show my point. I wouldn't mind an honest debate on it, with proof. I think it would be interesting. Programmi
Do I presume correctly that the concerns you have are with WinXP Home Edition? Does WinXP Pro Edition have these same issues? I do know that the hardware drivers for XP Home Ed. are NOT the same as XP Pro Ed., and that many peripheral and third party software vendors are advertising on their websites "WinXP Pro Edition drivers coming soon...". I perused a quick glimpse of a comparison between XP Home and XP Pro and the Pro Ed. seems to have better potential security provisions available, the incompatible driver model issue notwithstanding. Any experience with XP Pro? :confused: EWE It's good to be missed -- especially when they're shootin' at ya!
-
Actually there are some games that don't run under Win2K, Alice for example. That's why I currently have my machine dual booted with Me (for games) and 2K (for programming). Not really sure of the reason, but it's not *fully* compatable. Most of the time it is though. Programming in binary is as easy as 01 10 11.
-
Do I presume correctly that the concerns you have are with WinXP Home Edition? Does WinXP Pro Edition have these same issues? I do know that the hardware drivers for XP Home Ed. are NOT the same as XP Pro Ed., and that many peripheral and third party software vendors are advertising on their websites "WinXP Pro Edition drivers coming soon...". I perused a quick glimpse of a comparison between XP Home and XP Pro and the Pro Ed. seems to have better potential security provisions available, the incompatible driver model issue notwithstanding. Any experience with XP Pro? :confused: EWE It's good to be missed -- especially when they're shootin' at ya!
Actually, from what I understand these issues (huge security holes, raw sockets, etc.) are in both home and pro. I didn't know that about the drivers either... Seems odd, you would think since the kernal would be the same, the drivers should work on both. Must not be that way though. We do have XP Pro at work. And from what I've played with it, it seems identical to home. Except of course for domain support (which is dumb, why would you take that out?) Programming in binary is as easy as 01 10 11.
-
I've been going round and round with myself and others on this one. I run a dual booted system between Window Me and Windows 2000. Everyone around me is telling me just to go Windows XP because it merges them nicely. I keep telling them no! I don't want XP to touch my hardware in any way/shape/or form. I am not saying this just because I am rather strongly anti-microsoft (which I am :)) I am saying this because of all the problems and issues with XP. I don't like the idea of raw sockets being usable by anyone on the home edition of XP. I know, my 2k partition can do it too, but not many home users run 2K so I feel safer. (For those of you who do not know about the raw sockets, go here: http://grc.com/dos/sockettome.htm It's a good article) Then we have all of the security problems with XP that caused a nice panic the other day. The security problems are not something to brush off, they are serious. (Here's a good link for general XP problems: http://grc.com/dos/winxp.htm) With all of this, there are now several corporations that have banned XP from their network. I won't mention names simply because of contracts and such, I'm sure you all understand. My company and two of the company's that we work closly with have banned XP. To the point that one of them has informed everyone that it is a terminatable offence. They are taking XP *very* seriously as a security risk. In my own company I was informed that it was able to take out the section of the network that it was on in just a few minutes. It did a broadcast storm from what I was told. (I was not there on that one, so I can neither confirm nor deny that one) At this point you are probably wondering "What's this lunatic's point?!?" Well it's quite simple. Why does everyone run XP? I see it everywhere! Screen captures of sample apps are running XP (with the telltale FP design, FP = Fisher Price). With all of these problems, what is the point of running XP? Does it really provide more stability than 2K? Does it have better compatability than 2K? For a home user, is it really easier to use than 98/Me? I have used it a little, and I really don't think it's that much different than 2K... And actually, if you run a winver on it, it comes back as 5.1. Why would I pay $100/200 for a .1 upgrade? I hope I didn't just start a flame war about whether XP is good or not, that was not the intention. I have supplied links to show my point. I wouldn't mind an honest debate on it, with proof. I think it would be interesting. Programmi
Ugh, this raw sockets crap again. I hate to tell people, but some computer professionals really need to grow up. If raw sockets are so bad, then this is an inherent design flaw in the INTERNET. It isn't a problem in XP, W2K, Linux, FreeBSD, etc. People in the know freely admit that raw sockets get exploited on non XP systems all the time EVEN THOUGH they required extra privs. So, basically Steve has his panties in a wad because some kid exploited a VERY SERIOUS FLAW in the internet and he had to go blame somebody. The funny thing is that this kid could have used any other OS to do what he did. He just chose XP. Like a hacker on a Linux box isn't going to log into a priv account to hack. RIGHT!!!!! In summary, the raw sockets thing is a total red herring. As far as the other bugs in XP. Well, it is new. There will always be problems with any OS right after the release. Hell, the last version of the Linux kernel trashed file systems on hard drives. But I don't hear anybody talking about burning Linus in effigy. If you look at independent reports. Linux has more security flaws reported every year than any one of Microsoft's operating systems. I would imagine that XP will take the lead again. But MS will work out the problems and get it back in line with the other operating systems. But this isn't a MS vs. Linux thing. It is the reality of the software industry. I just use Linux since people seem to have this false notion that Linux is airtight. The same holds true for W2K. It has a lot of security issues. Tim Smith Descartes Systems Sciences, Inc.
-
Actually, from what I understand these issues (huge security holes, raw sockets, etc.) are in both home and pro. I didn't know that about the drivers either... Seems odd, you would think since the kernal would be the same, the drivers should work on both. Must not be that way though. We do have XP Pro at work. And from what I've played with it, it seems identical to home. Except of course for domain support (which is dumb, why would you take that out?) Programming in binary is as easy as 01 10 11.
I'm sick to death of hearing about this raw sockets thing. The facts; o Only Home Edition has this flaw o It's not a huge flaw o The driver models are the same AFAIK but I would imagine because of the tighter security in Pro it's harder to create a driver that works (for an incompetent at least) Hope that settles things :). -- Andrew.
-
I've been going round and round with myself and others on this one. I run a dual booted system between Window Me and Windows 2000. Everyone around me is telling me just to go Windows XP because it merges them nicely. I keep telling them no! I don't want XP to touch my hardware in any way/shape/or form. I am not saying this just because I am rather strongly anti-microsoft (which I am :)) I am saying this because of all the problems and issues with XP. I don't like the idea of raw sockets being usable by anyone on the home edition of XP. I know, my 2k partition can do it too, but not many home users run 2K so I feel safer. (For those of you who do not know about the raw sockets, go here: http://grc.com/dos/sockettome.htm It's a good article) Then we have all of the security problems with XP that caused a nice panic the other day. The security problems are not something to brush off, they are serious. (Here's a good link for general XP problems: http://grc.com/dos/winxp.htm) With all of this, there are now several corporations that have banned XP from their network. I won't mention names simply because of contracts and such, I'm sure you all understand. My company and two of the company's that we work closly with have banned XP. To the point that one of them has informed everyone that it is a terminatable offence. They are taking XP *very* seriously as a security risk. In my own company I was informed that it was able to take out the section of the network that it was on in just a few minutes. It did a broadcast storm from what I was told. (I was not there on that one, so I can neither confirm nor deny that one) At this point you are probably wondering "What's this lunatic's point?!?" Well it's quite simple. Why does everyone run XP? I see it everywhere! Screen captures of sample apps are running XP (with the telltale FP design, FP = Fisher Price). With all of these problems, what is the point of running XP? Does it really provide more stability than 2K? Does it have better compatability than 2K? For a home user, is it really easier to use than 98/Me? I have used it a little, and I really don't think it's that much different than 2K... And actually, if you run a winver on it, it comes back as 5.1. Why would I pay $100/200 for a .1 upgrade? I hope I didn't just start a flame war about whether XP is good or not, that was not the intention. I have supplied links to show my point. I wouldn't mind an honest debate on it, with proof. I think it would be interesting. Programmi
I've been using Windows and doing development on it since 3.0 Along the way I've used and upgraded to 95/98 (not ME), 2000 and XP (not NT). I've stayed with the Classic Desktop until XP. Without doubt W2K has been the best development platform I've used, meaning it is rock solid and no matter how badly your app crashes while debugging, you just keep working away. On 16 bit Windows reboots were the norm in this situation. I tend to lag behind the pack a little when it comes to Windows upgrades, however for various reasons I've upgraded my main development machine to XP Home from W2K and I've also recently purchased a new Dell Notebook with XP Pro. First up I've got a Firewall (DLink 713P) in place which gives me a much better feeling than when I was using Zonealarm. I've got a Broadband Cable connection and continue to be surprised at the number of attacks I get. If you've got a permanent Net connection I certainly recomend putting in a real Firewall. But I'm getting off topic. WinXP has been the most painless, trouble free Windows installation ever. Everything just worked, which blew me away. I'm sure it picked up more stuff like Network Printers, LAN settings etc. than previous versions. I resisted the tempation to use the Classic Desktop and I luv the new look and feel and the various UI improvements MS has made. The MRU Task Bar apps list is nice, on top which you can lock apps in place so they are always visible. And the Quick Launch toolbar has been improved and I like the new Start Menu. I also like the changes to Explorer, Control Panel etc. I get a general feeling that everything is just that bit easier to use, a bit friendlier and has better help. These are all important areas for many users. On my new Notebook the support XP provides leaves everything I've had before in the dust. Unplugging PMCIA works better than ever, hot swapping of the CD drive works for the first time, I plugged in a brand new Wireless 802.11 card and it worked without me doing anything. Power management, hybernation etc. feels better than ever, and not something tacked on the side. Restoring from Standby or Hybernate is so much quicker. Then there is built-in ZIP file support, where ZIP files look just like Folders, built-in CD/RW support which works a treat, tight integration with the NET which is pretty cool and clearly demonstrates where MS is heading, automatic notification and installation of updates, Wireless Network support, Remote Desktop control, faster startup, great new look and feel etc. etc. There a
-
Actually there are some games that don't run under Win2K, Alice for example. That's why I currently have my machine dual booted with Me (for games) and 2K (for programming). Not really sure of the reason, but it's not *fully* compatable. Most of the time it is though. Programming in binary is as easy as 01 10 11.
I've played the demo of Alice on my computer (using Win2K of course) and I didn't have any problems. I can't recall ever having a problem getting a game to run on Win2K. "Am I talking too fast, or are you just playing dumb? If you want I can write it down." -Jarvis Cocker/Pulp
-
I'm sick to death of hearing about this raw sockets thing. The facts; o Only Home Edition has this flaw o It's not a huge flaw o The driver models are the same AFAIK but I would imagine because of the tighter security in Pro it's harder to create a driver that works (for an incompetent at least) Hope that settles things :). -- Andrew.
Andrew Peace wrote: The driver models are the same I have found some cheaper hardware (OEM Cheapware mostly) XP drivers do not work with XP. -:suss:Matt Newman:suss: -:suss:Matt Newman:suss: -Sonork ID: 100.11179:BestSnowman
-
I'm sick to death of hearing about this raw sockets thing. The facts; o Only Home Edition has this flaw o It's not a huge flaw o The driver models are the same AFAIK but I would imagine because of the tighter security in Pro it's harder to create a driver that works (for an incompetent at least) Hope that settles things :). -- Andrew.
Andrew Peace wrote: o Only Home Edition has this flaw Hate to be picky, but do you have proof of this? The reason I ask is that I don't believe it. I have read/heard that both have this flaw... Andrew Peace wrote: o It's not a huge flaw Depends on how you look at it. If you look at it on the small scale, no it's not that big of a deal. When you look at it on the big scale, it opens up the ability to make a ddos attack server out of the home market machines. The thing I think most people are missing by saying that it doesn't matter, it's been around for a while (through linux, unix, mac osx, etc) is that those os's are not mainstream yet. Without XP, if you want to do a serious, take down the server, ddos attack you would need to be able to control multiple big unix sites. That is not an easy task. I'm not denying that it can be, and has been done, just that it's not that easy. With XP, all you have to do is infect a home user with the virus payload and have it spread like wildfire. Instead of having a few hundred thousand unix variations out there to pick from, currently they have over 7 million XP boxes to play with. (statistic from MS sales statistics) That is a serious threat in my eyes. That is the difference. Programming in binary is as easy as 01 10 11.
-
Ugh, this raw sockets crap again. I hate to tell people, but some computer professionals really need to grow up. If raw sockets are so bad, then this is an inherent design flaw in the INTERNET. It isn't a problem in XP, W2K, Linux, FreeBSD, etc. People in the know freely admit that raw sockets get exploited on non XP systems all the time EVEN THOUGH they required extra privs. So, basically Steve has his panties in a wad because some kid exploited a VERY SERIOUS FLAW in the internet and he had to go blame somebody. The funny thing is that this kid could have used any other OS to do what he did. He just chose XP. Like a hacker on a Linux box isn't going to log into a priv account to hack. RIGHT!!!!! In summary, the raw sockets thing is a total red herring. As far as the other bugs in XP. Well, it is new. There will always be problems with any OS right after the release. Hell, the last version of the Linux kernel trashed file systems on hard drives. But I don't hear anybody talking about burning Linus in effigy. If you look at independent reports. Linux has more security flaws reported every year than any one of Microsoft's operating systems. I would imagine that XP will take the lead again. But MS will work out the problems and get it back in line with the other operating systems. But this isn't a MS vs. Linux thing. It is the reality of the software industry. I just use Linux since people seem to have this false notion that Linux is airtight. The same holds true for W2K. It has a lot of security issues. Tim Smith Descartes Systems Sciences, Inc.
Ok... where to begin on this rant :) Raw sockets by themselves are not the problem and no one is claming that they are. They are *required* by drivers and the system to operate at all on a network of any kind. However, they are not required by Joe User to run his latest version of Quake. That is where the problem comes from. Joe User running XP does have access to raw sockets, but again that is not where the problem comes from. Joe User doesn't have a clue. When it comes to security risks you have to assume that he will open that email that comes from someone he doesn't know, and will open the attachment even though it's an exe. Now he's infected. He doesn't know it, he hasn't updated his anti-virus since he bought the machine. He is now a perfect ddos attack server. And again, that by itself, who cares. It happens on unix based machines all the time. But, when you compare the statistics of unix based systems to the number of XP boxes that were sold in the first week (counting machines running XP and XP sales) it's rather stagering. There are probably a few hundred thousand unix based machines that someone could hack into. But there were over 7 million XP units sold in the first week. Let's just say that a third of them are stupid Joe Users who are going to get infected by ignorance. That still leaves 2.3 million Joe Users that are infected with a virus that will be able to wipe out any network it wants to. The reason that raw sockets have become an issue is that they have hit the mainstream. They have never done that before now. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Programming in binary is as easy as 01 10 11.
-
Andrew Peace wrote: The driver models are the same I have found some cheaper hardware (OEM Cheapware mostly) XP drivers do not work with XP. -:suss:Matt Newman:suss: -:suss:Matt Newman:suss: -Sonork ID: 100.11179:BestSnowman
-
Ok... where to begin on this rant :) Raw sockets by themselves are not the problem and no one is claming that they are. They are *required* by drivers and the system to operate at all on a network of any kind. However, they are not required by Joe User to run his latest version of Quake. That is where the problem comes from. Joe User running XP does have access to raw sockets, but again that is not where the problem comes from. Joe User doesn't have a clue. When it comes to security risks you have to assume that he will open that email that comes from someone he doesn't know, and will open the attachment even though it's an exe. Now he's infected. He doesn't know it, he hasn't updated his anti-virus since he bought the machine. He is now a perfect ddos attack server. And again, that by itself, who cares. It happens on unix based machines all the time. But, when you compare the statistics of unix based systems to the number of XP boxes that were sold in the first week (counting machines running XP and XP sales) it's rather stagering. There are probably a few hundred thousand unix based machines that someone could hack into. But there were over 7 million XP units sold in the first week. Let's just say that a third of them are stupid Joe Users who are going to get infected by ignorance. That still leaves 2.3 million Joe Users that are infected with a virus that will be able to wipe out any network it wants to. The reason that raw sockets have become an issue is that they have hit the mainstream. They have never done that before now. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Programming in binary is as easy as 01 10 11.
OMG, Thanks for showing me the light. Now I understand. Hmm, but if all this was true, then how on earth did we have DOS attacks prior to this scourge of the earth called XP. Never mind, I take it back. You don't have a clue. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Then lets shutdown SourceForge and the rest of the FreeBSD systems. They have been hacked and were vulnerable to being used as DOS source attacks. Tim Smith Descartes Systems Sciences, Inc.
-
Chances are that cheap hardware with cheap drivers is buggy as hell anyway. Tim Smith Descartes Systems Sciences, Inc.
Tim Smith wrote: Chances are that cheap hardware with cheap drivers is buggy as hell anyway. Most likely what the problem is. -:suss:Matt Newman:suss: -:suss:Matt Newman:suss: -Sonork ID: 100.11179:BestSnowman
-
OMG, Thanks for showing me the light. Now I understand. Hmm, but if all this was true, then how on earth did we have DOS attacks prior to this scourge of the earth called XP. Never mind, I take it back. You don't have a clue. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Then lets shutdown SourceForge and the rest of the FreeBSD systems. They have been hacked and were vulnerable to being used as DOS source attacks. Tim Smith Descartes Systems Sciences, Inc.
EXCUSE ME! I have been nothing but polite and considerate. And you have the audacity to tell me that I don't have a clue? I have come back with links to articles and facts. What have you come back with? "Yer dumb!" Good statistic there! Sorry if I sound pissed off, but I am! This is exactly the kind of response I didn't want! I *was* having a nice discussion with everyone else... But in response to this ill-tempered, ignorant post... We had dos attacks because the crackers that got in the unix systems were good. There will always be dos attacks because there will always be good hackers and crackers. However, before XP their pickings of machine to get into were slim. Win 9x machine were not good machines to attack for dos attacks. Only the unix boxes were really good for it. Now they have millions of home users that are dumb to choose from. *That* was my point. The access to a machine *capable* of handling a proper dos attack has just multiplied 10 fold. This *is* serious, and if you don't think it is, then perhaps you should go back to school after Christmas and ask you high school teacher what network security is! That is a risk. And if you disagree, then come back with an intellegent response with facts. Not this: Tim Smith wrote: Never mind, I take it back. You don't have a clue. That is childish and not needed. Programming in binary is as easy as 01 10 11.
-
Andrew Peace wrote: o Only Home Edition has this flaw Hate to be picky, but do you have proof of this? The reason I ask is that I don't believe it. I have read/heard that both have this flaw... Andrew Peace wrote: o It's not a huge flaw Depends on how you look at it. If you look at it on the small scale, no it's not that big of a deal. When you look at it on the big scale, it opens up the ability to make a ddos attack server out of the home market machines. The thing I think most people are missing by saying that it doesn't matter, it's been around for a while (through linux, unix, mac osx, etc) is that those os's are not mainstream yet. Without XP, if you want to do a serious, take down the server, ddos attack you would need to be able to control multiple big unix sites. That is not an easy task. I'm not denying that it can be, and has been done, just that it's not that easy. With XP, all you have to do is infect a home user with the virus payload and have it spread like wildfire. Instead of having a few hundred thousand unix variations out there to pick from, currently they have over 7 million XP boxes to play with. (statistic from MS sales statistics) That is a serious threat in my eyes. That is the difference. Programming in binary is as easy as 01 10 11.
Greven wrote: Andrew Peace wrote: o Only Home Edition has this flaw Hate to be picky, but do you have proof of this? The reason I ask is that I don't believe it. I have read/heard that both have this flaw... I'm pretty sure I'm right in saying that raw sockets are supported by not only Windows XP Home/Professional, but by Windows 2000 as well. However, raw sockets are only available to user accounts with administrative priviledges under all three OSs. This becomes a concern with XP Home because Microsoft decided (for compatibility with Win98/Me) to make all user accounts administrators by default. So, the workaround is to change the user accounts back to ordinary ones. IMHO a bad call, but an understandable one. Steve Gibson talks about this in some detail at http://grc.com/dos/sockettome.htm. Andy Metcalfe - Sonardyne International Ltd
Trouble with resource IDs? Try the Resource ID Organiser Add-In for Visual C++ 5.0/6.0
"I'm just another 'S' bend in the internet. A ton of stuff goes through my system, and some of the hairer, stickier and lumpier stuff sticks." - Chris Maunder (I just couldn't let that one past ;)) -
I've been going round and round with myself and others on this one. I run a dual booted system between Window Me and Windows 2000. Everyone around me is telling me just to go Windows XP because it merges them nicely. I keep telling them no! I don't want XP to touch my hardware in any way/shape/or form. I am not saying this just because I am rather strongly anti-microsoft (which I am :)) I am saying this because of all the problems and issues with XP. I don't like the idea of raw sockets being usable by anyone on the home edition of XP. I know, my 2k partition can do it too, but not many home users run 2K so I feel safer. (For those of you who do not know about the raw sockets, go here: http://grc.com/dos/sockettome.htm It's a good article) Then we have all of the security problems with XP that caused a nice panic the other day. The security problems are not something to brush off, they are serious. (Here's a good link for general XP problems: http://grc.com/dos/winxp.htm) With all of this, there are now several corporations that have banned XP from their network. I won't mention names simply because of contracts and such, I'm sure you all understand. My company and two of the company's that we work closly with have banned XP. To the point that one of them has informed everyone that it is a terminatable offence. They are taking XP *very* seriously as a security risk. In my own company I was informed that it was able to take out the section of the network that it was on in just a few minutes. It did a broadcast storm from what I was told. (I was not there on that one, so I can neither confirm nor deny that one) At this point you are probably wondering "What's this lunatic's point?!?" Well it's quite simple. Why does everyone run XP? I see it everywhere! Screen captures of sample apps are running XP (with the telltale FP design, FP = Fisher Price). With all of these problems, what is the point of running XP? Does it really provide more stability than 2K? Does it have better compatability than 2K? For a home user, is it really easier to use than 98/Me? I have used it a little, and I really don't think it's that much different than 2K... And actually, if you run a winver on it, it comes back as 5.1. Why would I pay $100/200 for a .1 upgrade? I hope I didn't just start a flame war about whether XP is good or not, that was not the intention. I have supplied links to show my point. I wouldn't mind an honest debate on it, with proof. I think it would be interesting. Programmi
Greven, I think you are swallowing Steve Gibson's tirade hook line and sinker without really thinking it through yourself. But, here are some of the most immediate points that come to mind after reading your post. #1 It's possible and easy to do raw sockets on Win98, all it takes is installing a device driver to do it, something that anyone that hacks the machine can do because there is no security in 98. In fact, Most of the machines used to do these sorts of attacks *ARE* 98 machines with Raw Socket drivers installed. #2 XP only allows administrators to use raw sockets. Of course XP Home makes everyone an administrator by default, but that is changeable. If you're worried about your own machine, simply remove administrator access from them and they can't use Raw Sockets. BTW, steve is incorrect that only malicious code needs raw socket access. Applications such as network sniffers and diagnostics require this level of support as well. #3 Lots companies "ban" new OS's when they come out. The companies I worked for "banned" Win2k when it came, and those same companies "banned" NT4 when it came out and then "banned" Win95 when it came out. All this means is that they aren't prepared to deal with desktops that have this OS installed and need time to develop a support policy. #4 Yes, XP *IS* more compatible than Win2k is. There has been a great deal of work to make XP more compatible with games (especially DOS ones. For instance, the DOS box now has sound card emulation for DOS). Yes, XP is more stable than Win2k. (though much of this is theoretical, since Win2k was pretty stable to begin with). XP has had lots of auditing and automated testing done to try and remove potential stability and security problems. Of course this could never be perfect, and stuff will slip through, they caught a lot of potential problems in the process. #5 I find XP to be more useable than Win2k. The new start menu is much more productive than the old one (for instance, I tend to go into Computer Management a lot, I can access this directly from the start menu by right clicking on the My Computer icon and choosing "Manage". You can do this on the desktop as well, but often I have windows obscuring it). #6 Security. Yeah, a few new security vulnerabilities have popped up. That's going to happen in any complex software. Win2k will have more vulnerabilties as well. If you take precautions, such as only enabling those services you use, you will go a long way. For instance, I wasn't vulnerable to t