Why XP?
-
I've been going round and round with myself and others on this one. I run a dual booted system between Window Me and Windows 2000. Everyone around me is telling me just to go Windows XP because it merges them nicely. I keep telling them no! I don't want XP to touch my hardware in any way/shape/or form. I am not saying this just because I am rather strongly anti-microsoft (which I am :)) I am saying this because of all the problems and issues with XP. I don't like the idea of raw sockets being usable by anyone on the home edition of XP. I know, my 2k partition can do it too, but not many home users run 2K so I feel safer. (For those of you who do not know about the raw sockets, go here: http://grc.com/dos/sockettome.htm It's a good article) Then we have all of the security problems with XP that caused a nice panic the other day. The security problems are not something to brush off, they are serious. (Here's a good link for general XP problems: http://grc.com/dos/winxp.htm) With all of this, there are now several corporations that have banned XP from their network. I won't mention names simply because of contracts and such, I'm sure you all understand. My company and two of the company's that we work closly with have banned XP. To the point that one of them has informed everyone that it is a terminatable offence. They are taking XP *very* seriously as a security risk. In my own company I was informed that it was able to take out the section of the network that it was on in just a few minutes. It did a broadcast storm from what I was told. (I was not there on that one, so I can neither confirm nor deny that one) At this point you are probably wondering "What's this lunatic's point?!?" Well it's quite simple. Why does everyone run XP? I see it everywhere! Screen captures of sample apps are running XP (with the telltale FP design, FP = Fisher Price). With all of these problems, what is the point of running XP? Does it really provide more stability than 2K? Does it have better compatability than 2K? For a home user, is it really easier to use than 98/Me? I have used it a little, and I really don't think it's that much different than 2K... And actually, if you run a winver on it, it comes back as 5.1. Why would I pay $100/200 for a .1 upgrade? I hope I didn't just start a flame war about whether XP is good or not, that was not the intention. I have supplied links to show my point. I wouldn't mind an honest debate on it, with proof. I think it would be interesting. Programmi
I've been using Windows and doing development on it since 3.0 Along the way I've used and upgraded to 95/98 (not ME), 2000 and XP (not NT). I've stayed with the Classic Desktop until XP. Without doubt W2K has been the best development platform I've used, meaning it is rock solid and no matter how badly your app crashes while debugging, you just keep working away. On 16 bit Windows reboots were the norm in this situation. I tend to lag behind the pack a little when it comes to Windows upgrades, however for various reasons I've upgraded my main development machine to XP Home from W2K and I've also recently purchased a new Dell Notebook with XP Pro. First up I've got a Firewall (DLink 713P) in place which gives me a much better feeling than when I was using Zonealarm. I've got a Broadband Cable connection and continue to be surprised at the number of attacks I get. If you've got a permanent Net connection I certainly recomend putting in a real Firewall. But I'm getting off topic. WinXP has been the most painless, trouble free Windows installation ever. Everything just worked, which blew me away. I'm sure it picked up more stuff like Network Printers, LAN settings etc. than previous versions. I resisted the tempation to use the Classic Desktop and I luv the new look and feel and the various UI improvements MS has made. The MRU Task Bar apps list is nice, on top which you can lock apps in place so they are always visible. And the Quick Launch toolbar has been improved and I like the new Start Menu. I also like the changes to Explorer, Control Panel etc. I get a general feeling that everything is just that bit easier to use, a bit friendlier and has better help. These are all important areas for many users. On my new Notebook the support XP provides leaves everything I've had before in the dust. Unplugging PMCIA works better than ever, hot swapping of the CD drive works for the first time, I plugged in a brand new Wireless 802.11 card and it worked without me doing anything. Power management, hybernation etc. feels better than ever, and not something tacked on the side. Restoring from Standby or Hybernate is so much quicker. Then there is built-in ZIP file support, where ZIP files look just like Folders, built-in CD/RW support which works a treat, tight integration with the NET which is pretty cool and clearly demonstrates where MS is heading, automatic notification and installation of updates, Wireless Network support, Remote Desktop control, faster startup, great new look and feel etc. etc. There a
-
Actually there are some games that don't run under Win2K, Alice for example. That's why I currently have my machine dual booted with Me (for games) and 2K (for programming). Not really sure of the reason, but it's not *fully* compatable. Most of the time it is though. Programming in binary is as easy as 01 10 11.
I've played the demo of Alice on my computer (using Win2K of course) and I didn't have any problems. I can't recall ever having a problem getting a game to run on Win2K. "Am I talking too fast, or are you just playing dumb? If you want I can write it down." -Jarvis Cocker/Pulp
-
I'm sick to death of hearing about this raw sockets thing. The facts; o Only Home Edition has this flaw o It's not a huge flaw o The driver models are the same AFAIK but I would imagine because of the tighter security in Pro it's harder to create a driver that works (for an incompetent at least) Hope that settles things :). -- Andrew.
Andrew Peace wrote: The driver models are the same I have found some cheaper hardware (OEM Cheapware mostly) XP drivers do not work with XP. -:suss:Matt Newman:suss: -:suss:Matt Newman:suss: -Sonork ID: 100.11179:BestSnowman
-
I'm sick to death of hearing about this raw sockets thing. The facts; o Only Home Edition has this flaw o It's not a huge flaw o The driver models are the same AFAIK but I would imagine because of the tighter security in Pro it's harder to create a driver that works (for an incompetent at least) Hope that settles things :). -- Andrew.
Andrew Peace wrote: o Only Home Edition has this flaw Hate to be picky, but do you have proof of this? The reason I ask is that I don't believe it. I have read/heard that both have this flaw... Andrew Peace wrote: o It's not a huge flaw Depends on how you look at it. If you look at it on the small scale, no it's not that big of a deal. When you look at it on the big scale, it opens up the ability to make a ddos attack server out of the home market machines. The thing I think most people are missing by saying that it doesn't matter, it's been around for a while (through linux, unix, mac osx, etc) is that those os's are not mainstream yet. Without XP, if you want to do a serious, take down the server, ddos attack you would need to be able to control multiple big unix sites. That is not an easy task. I'm not denying that it can be, and has been done, just that it's not that easy. With XP, all you have to do is infect a home user with the virus payload and have it spread like wildfire. Instead of having a few hundred thousand unix variations out there to pick from, currently they have over 7 million XP boxes to play with. (statistic from MS sales statistics) That is a serious threat in my eyes. That is the difference. Programming in binary is as easy as 01 10 11.
-
Ugh, this raw sockets crap again. I hate to tell people, but some computer professionals really need to grow up. If raw sockets are so bad, then this is an inherent design flaw in the INTERNET. It isn't a problem in XP, W2K, Linux, FreeBSD, etc. People in the know freely admit that raw sockets get exploited on non XP systems all the time EVEN THOUGH they required extra privs. So, basically Steve has his panties in a wad because some kid exploited a VERY SERIOUS FLAW in the internet and he had to go blame somebody. The funny thing is that this kid could have used any other OS to do what he did. He just chose XP. Like a hacker on a Linux box isn't going to log into a priv account to hack. RIGHT!!!!! In summary, the raw sockets thing is a total red herring. As far as the other bugs in XP. Well, it is new. There will always be problems with any OS right after the release. Hell, the last version of the Linux kernel trashed file systems on hard drives. But I don't hear anybody talking about burning Linus in effigy. If you look at independent reports. Linux has more security flaws reported every year than any one of Microsoft's operating systems. I would imagine that XP will take the lead again. But MS will work out the problems and get it back in line with the other operating systems. But this isn't a MS vs. Linux thing. It is the reality of the software industry. I just use Linux since people seem to have this false notion that Linux is airtight. The same holds true for W2K. It has a lot of security issues. Tim Smith Descartes Systems Sciences, Inc.
Ok... where to begin on this rant :) Raw sockets by themselves are not the problem and no one is claming that they are. They are *required* by drivers and the system to operate at all on a network of any kind. However, they are not required by Joe User to run his latest version of Quake. That is where the problem comes from. Joe User running XP does have access to raw sockets, but again that is not where the problem comes from. Joe User doesn't have a clue. When it comes to security risks you have to assume that he will open that email that comes from someone he doesn't know, and will open the attachment even though it's an exe. Now he's infected. He doesn't know it, he hasn't updated his anti-virus since he bought the machine. He is now a perfect ddos attack server. And again, that by itself, who cares. It happens on unix based machines all the time. But, when you compare the statistics of unix based systems to the number of XP boxes that were sold in the first week (counting machines running XP and XP sales) it's rather stagering. There are probably a few hundred thousand unix based machines that someone could hack into. But there were over 7 million XP units sold in the first week. Let's just say that a third of them are stupid Joe Users who are going to get infected by ignorance. That still leaves 2.3 million Joe Users that are infected with a virus that will be able to wipe out any network it wants to. The reason that raw sockets have become an issue is that they have hit the mainstream. They have never done that before now. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Programming in binary is as easy as 01 10 11.
-
Andrew Peace wrote: The driver models are the same I have found some cheaper hardware (OEM Cheapware mostly) XP drivers do not work with XP. -:suss:Matt Newman:suss: -:suss:Matt Newman:suss: -Sonork ID: 100.11179:BestSnowman
-
Ok... where to begin on this rant :) Raw sockets by themselves are not the problem and no one is claming that they are. They are *required* by drivers and the system to operate at all on a network of any kind. However, they are not required by Joe User to run his latest version of Quake. That is where the problem comes from. Joe User running XP does have access to raw sockets, but again that is not where the problem comes from. Joe User doesn't have a clue. When it comes to security risks you have to assume that he will open that email that comes from someone he doesn't know, and will open the attachment even though it's an exe. Now he's infected. He doesn't know it, he hasn't updated his anti-virus since he bought the machine. He is now a perfect ddos attack server. And again, that by itself, who cares. It happens on unix based machines all the time. But, when you compare the statistics of unix based systems to the number of XP boxes that were sold in the first week (counting machines running XP and XP sales) it's rather stagering. There are probably a few hundred thousand unix based machines that someone could hack into. But there were over 7 million XP units sold in the first week. Let's just say that a third of them are stupid Joe Users who are going to get infected by ignorance. That still leaves 2.3 million Joe Users that are infected with a virus that will be able to wipe out any network it wants to. The reason that raw sockets have become an issue is that they have hit the mainstream. They have never done that before now. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Programming in binary is as easy as 01 10 11.
OMG, Thanks for showing me the light. Now I understand. Hmm, but if all this was true, then how on earth did we have DOS attacks prior to this scourge of the earth called XP. Never mind, I take it back. You don't have a clue. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Then lets shutdown SourceForge and the rest of the FreeBSD systems. They have been hacked and were vulnerable to being used as DOS source attacks. Tim Smith Descartes Systems Sciences, Inc.
-
Chances are that cheap hardware with cheap drivers is buggy as hell anyway. Tim Smith Descartes Systems Sciences, Inc.
Tim Smith wrote: Chances are that cheap hardware with cheap drivers is buggy as hell anyway. Most likely what the problem is. -:suss:Matt Newman:suss: -:suss:Matt Newman:suss: -Sonork ID: 100.11179:BestSnowman
-
OMG, Thanks for showing me the light. Now I understand. Hmm, but if all this was true, then how on earth did we have DOS attacks prior to this scourge of the earth called XP. Never mind, I take it back. You don't have a clue. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Then lets shutdown SourceForge and the rest of the FreeBSD systems. They have been hacked and were vulnerable to being used as DOS source attacks. Tim Smith Descartes Systems Sciences, Inc.
EXCUSE ME! I have been nothing but polite and considerate. And you have the audacity to tell me that I don't have a clue? I have come back with links to articles and facts. What have you come back with? "Yer dumb!" Good statistic there! Sorry if I sound pissed off, but I am! This is exactly the kind of response I didn't want! I *was* having a nice discussion with everyone else... But in response to this ill-tempered, ignorant post... We had dos attacks because the crackers that got in the unix systems were good. There will always be dos attacks because there will always be good hackers and crackers. However, before XP their pickings of machine to get into were slim. Win 9x machine were not good machines to attack for dos attacks. Only the unix boxes were really good for it. Now they have millions of home users that are dumb to choose from. *That* was my point. The access to a machine *capable* of handling a proper dos attack has just multiplied 10 fold. This *is* serious, and if you don't think it is, then perhaps you should go back to school after Christmas and ask you high school teacher what network security is! That is a risk. And if you disagree, then come back with an intellegent response with facts. Not this: Tim Smith wrote: Never mind, I take it back. You don't have a clue. That is childish and not needed. Programming in binary is as easy as 01 10 11.
-
Andrew Peace wrote: o Only Home Edition has this flaw Hate to be picky, but do you have proof of this? The reason I ask is that I don't believe it. I have read/heard that both have this flaw... Andrew Peace wrote: o It's not a huge flaw Depends on how you look at it. If you look at it on the small scale, no it's not that big of a deal. When you look at it on the big scale, it opens up the ability to make a ddos attack server out of the home market machines. The thing I think most people are missing by saying that it doesn't matter, it's been around for a while (through linux, unix, mac osx, etc) is that those os's are not mainstream yet. Without XP, if you want to do a serious, take down the server, ddos attack you would need to be able to control multiple big unix sites. That is not an easy task. I'm not denying that it can be, and has been done, just that it's not that easy. With XP, all you have to do is infect a home user with the virus payload and have it spread like wildfire. Instead of having a few hundred thousand unix variations out there to pick from, currently they have over 7 million XP boxes to play with. (statistic from MS sales statistics) That is a serious threat in my eyes. That is the difference. Programming in binary is as easy as 01 10 11.
Greven wrote: Andrew Peace wrote: o Only Home Edition has this flaw Hate to be picky, but do you have proof of this? The reason I ask is that I don't believe it. I have read/heard that both have this flaw... I'm pretty sure I'm right in saying that raw sockets are supported by not only Windows XP Home/Professional, but by Windows 2000 as well. However, raw sockets are only available to user accounts with administrative priviledges under all three OSs. This becomes a concern with XP Home because Microsoft decided (for compatibility with Win98/Me) to make all user accounts administrators by default. So, the workaround is to change the user accounts back to ordinary ones. IMHO a bad call, but an understandable one. Steve Gibson talks about this in some detail at http://grc.com/dos/sockettome.htm. Andy Metcalfe - Sonardyne International Ltd
Trouble with resource IDs? Try the Resource ID Organiser Add-In for Visual C++ 5.0/6.0
"I'm just another 'S' bend in the internet. A ton of stuff goes through my system, and some of the hairer, stickier and lumpier stuff sticks." - Chris Maunder (I just couldn't let that one past ;)) -
I've been going round and round with myself and others on this one. I run a dual booted system between Window Me and Windows 2000. Everyone around me is telling me just to go Windows XP because it merges them nicely. I keep telling them no! I don't want XP to touch my hardware in any way/shape/or form. I am not saying this just because I am rather strongly anti-microsoft (which I am :)) I am saying this because of all the problems and issues with XP. I don't like the idea of raw sockets being usable by anyone on the home edition of XP. I know, my 2k partition can do it too, but not many home users run 2K so I feel safer. (For those of you who do not know about the raw sockets, go here: http://grc.com/dos/sockettome.htm It's a good article) Then we have all of the security problems with XP that caused a nice panic the other day. The security problems are not something to brush off, they are serious. (Here's a good link for general XP problems: http://grc.com/dos/winxp.htm) With all of this, there are now several corporations that have banned XP from their network. I won't mention names simply because of contracts and such, I'm sure you all understand. My company and two of the company's that we work closly with have banned XP. To the point that one of them has informed everyone that it is a terminatable offence. They are taking XP *very* seriously as a security risk. In my own company I was informed that it was able to take out the section of the network that it was on in just a few minutes. It did a broadcast storm from what I was told. (I was not there on that one, so I can neither confirm nor deny that one) At this point you are probably wondering "What's this lunatic's point?!?" Well it's quite simple. Why does everyone run XP? I see it everywhere! Screen captures of sample apps are running XP (with the telltale FP design, FP = Fisher Price). With all of these problems, what is the point of running XP? Does it really provide more stability than 2K? Does it have better compatability than 2K? For a home user, is it really easier to use than 98/Me? I have used it a little, and I really don't think it's that much different than 2K... And actually, if you run a winver on it, it comes back as 5.1. Why would I pay $100/200 for a .1 upgrade? I hope I didn't just start a flame war about whether XP is good or not, that was not the intention. I have supplied links to show my point. I wouldn't mind an honest debate on it, with proof. I think it would be interesting. Programmi
Greven, I think you are swallowing Steve Gibson's tirade hook line and sinker without really thinking it through yourself. But, here are some of the most immediate points that come to mind after reading your post. #1 It's possible and easy to do raw sockets on Win98, all it takes is installing a device driver to do it, something that anyone that hacks the machine can do because there is no security in 98. In fact, Most of the machines used to do these sorts of attacks *ARE* 98 machines with Raw Socket drivers installed. #2 XP only allows administrators to use raw sockets. Of course XP Home makes everyone an administrator by default, but that is changeable. If you're worried about your own machine, simply remove administrator access from them and they can't use Raw Sockets. BTW, steve is incorrect that only malicious code needs raw socket access. Applications such as network sniffers and diagnostics require this level of support as well. #3 Lots companies "ban" new OS's when they come out. The companies I worked for "banned" Win2k when it came, and those same companies "banned" NT4 when it came out and then "banned" Win95 when it came out. All this means is that they aren't prepared to deal with desktops that have this OS installed and need time to develop a support policy. #4 Yes, XP *IS* more compatible than Win2k is. There has been a great deal of work to make XP more compatible with games (especially DOS ones. For instance, the DOS box now has sound card emulation for DOS). Yes, XP is more stable than Win2k. (though much of this is theoretical, since Win2k was pretty stable to begin with). XP has had lots of auditing and automated testing done to try and remove potential stability and security problems. Of course this could never be perfect, and stuff will slip through, they caught a lot of potential problems in the process. #5 I find XP to be more useable than Win2k. The new start menu is much more productive than the old one (for instance, I tend to go into Computer Management a lot, I can access this directly from the start menu by right clicking on the My Computer icon and choosing "Manage". You can do this on the desktop as well, but often I have windows obscuring it). #6 Security. Yeah, a few new security vulnerabilities have popped up. That's going to happen in any complex software. Win2k will have more vulnerabilties as well. If you take precautions, such as only enabling those services you use, you will go a long way. For instance, I wasn't vulnerable to t
-
Ok... where to begin on this rant :) Raw sockets by themselves are not the problem and no one is claming that they are. They are *required* by drivers and the system to operate at all on a network of any kind. However, they are not required by Joe User to run his latest version of Quake. That is where the problem comes from. Joe User running XP does have access to raw sockets, but again that is not where the problem comes from. Joe User doesn't have a clue. When it comes to security risks you have to assume that he will open that email that comes from someone he doesn't know, and will open the attachment even though it's an exe. Now he's infected. He doesn't know it, he hasn't updated his anti-virus since he bought the machine. He is now a perfect ddos attack server. And again, that by itself, who cares. It happens on unix based machines all the time. But, when you compare the statistics of unix based systems to the number of XP boxes that were sold in the first week (counting machines running XP and XP sales) it's rather stagering. There are probably a few hundred thousand unix based machines that someone could hack into. But there were over 7 million XP units sold in the first week. Let's just say that a third of them are stupid Joe Users who are going to get infected by ignorance. That still leaves 2.3 million Joe Users that are infected with a virus that will be able to wipe out any network it wants to. The reason that raw sockets have become an issue is that they have hit the mainstream. They have never done that before now. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Programming in binary is as easy as 01 10 11.
Perhaps you aren't aware of this, but currently there are over 12 million Unix based web servers out there alone. This isn't counting FTP servers and general Unix/Linux machines that are on the net. Yes, Windows overall has many many more, but I think your argument about only a few hundred thousand unix machines is way off base. There are currently many more Unix machines on the internet than XP machines (and not all of those XP machines will be on the internet at all). -- Where are we going? And why am I in this handbasket?
-
Greven, I think you are swallowing Steve Gibson's tirade hook line and sinker without really thinking it through yourself. But, here are some of the most immediate points that come to mind after reading your post. #1 It's possible and easy to do raw sockets on Win98, all it takes is installing a device driver to do it, something that anyone that hacks the machine can do because there is no security in 98. In fact, Most of the machines used to do these sorts of attacks *ARE* 98 machines with Raw Socket drivers installed. #2 XP only allows administrators to use raw sockets. Of course XP Home makes everyone an administrator by default, but that is changeable. If you're worried about your own machine, simply remove administrator access from them and they can't use Raw Sockets. BTW, steve is incorrect that only malicious code needs raw socket access. Applications such as network sniffers and diagnostics require this level of support as well. #3 Lots companies "ban" new OS's when they come out. The companies I worked for "banned" Win2k when it came, and those same companies "banned" NT4 when it came out and then "banned" Win95 when it came out. All this means is that they aren't prepared to deal with desktops that have this OS installed and need time to develop a support policy. #4 Yes, XP *IS* more compatible than Win2k is. There has been a great deal of work to make XP more compatible with games (especially DOS ones. For instance, the DOS box now has sound card emulation for DOS). Yes, XP is more stable than Win2k. (though much of this is theoretical, since Win2k was pretty stable to begin with). XP has had lots of auditing and automated testing done to try and remove potential stability and security problems. Of course this could never be perfect, and stuff will slip through, they caught a lot of potential problems in the process. #5 I find XP to be more useable than Win2k. The new start menu is much more productive than the old one (for instance, I tend to go into Computer Management a lot, I can access this directly from the start menu by right clicking on the My Computer icon and choosing "Manage". You can do this on the desktop as well, but often I have windows obscuring it). #6 Security. Yeah, a few new security vulnerabilities have popped up. That's going to happen in any complex software. Win2k will have more vulnerabilties as well. If you take precautions, such as only enabling those services you use, you will go a long way. For instance, I wasn't vulnerable to t
Finally, a well thought out and intellegent response. Thank you. I am beginning to change my mind on XP based on some of the responses I've been reading. But I do have a few questions and comments for you. Erik Funkenbusch wrote: #1 It's possible and easy to do raw sockets on Win98, all it takes is installing a device driver to do it, something that anyone that hacks the machine can do because there is no security in 98. In fact, Most of the machines used to do these sorts of attacks *ARE* 98 machines with Raw Socket drivers installed. I believe I did say that this was possible with the installation of third party drivers. My biggest thought on this is that you know that you are enabling it on 98. With XP, it's just there. Erik Funkenbusch wrote: #2 XP only allows administrators to use raw sockets. Of course XP Home makes everyone an administrator by default, but that is changeable. If you're worried about your own machine, simply remove administrator access from them and they can't use Raw Sockets. BTW, steve is incorrect that only malicious code needs raw socket access. Applications such as network sniffers and diagnostics require this level of support as well. I have no problem admitting that programs like sniffers and such may require raw sockets. If you are head of network security for a corporation, you will probably have multiple applications which require it. But, Joe Blow down the street does not need it. There is not a single application out there that says "requires use of raw sockets" on the box. That is what scares me. Erik Funkenbusch wrote: #4 Yes, XP *IS* more compatible than Win2k is. There has been a great deal of work to make XP more compatible with games (especially DOS ones. For instance, the DOS box now has sound card emulation for DOS). Yes, XP is more stable than Win2k. (though much of this is theoretical, since Win2k was pretty stable to begin with). XP has had lots of auditing and automated testing done to try and remove potential stability and security problems. Of course this could never be perfect, and stuff will slip through, they caught a lot of potential problems in the process. This I find very interesting and didn't know about the sound card emulation. That is pretty neat... Erik Funkenbusch wrote: #5 I find XP to be more useable than Win2k. The new start menu is much more productive than the old one (for instance, I tend to go into Computer M
-
Finally, a well thought out and intellegent response. Thank you. I am beginning to change my mind on XP based on some of the responses I've been reading. But I do have a few questions and comments for you. Erik Funkenbusch wrote: #1 It's possible and easy to do raw sockets on Win98, all it takes is installing a device driver to do it, something that anyone that hacks the machine can do because there is no security in 98. In fact, Most of the machines used to do these sorts of attacks *ARE* 98 machines with Raw Socket drivers installed. I believe I did say that this was possible with the installation of third party drivers. My biggest thought on this is that you know that you are enabling it on 98. With XP, it's just there. Erik Funkenbusch wrote: #2 XP only allows administrators to use raw sockets. Of course XP Home makes everyone an administrator by default, but that is changeable. If you're worried about your own machine, simply remove administrator access from them and they can't use Raw Sockets. BTW, steve is incorrect that only malicious code needs raw socket access. Applications such as network sniffers and diagnostics require this level of support as well. I have no problem admitting that programs like sniffers and such may require raw sockets. If you are head of network security for a corporation, you will probably have multiple applications which require it. But, Joe Blow down the street does not need it. There is not a single application out there that says "requires use of raw sockets" on the box. That is what scares me. Erik Funkenbusch wrote: #4 Yes, XP *IS* more compatible than Win2k is. There has been a great deal of work to make XP more compatible with games (especially DOS ones. For instance, the DOS box now has sound card emulation for DOS). Yes, XP is more stable than Win2k. (though much of this is theoretical, since Win2k was pretty stable to begin with). XP has had lots of auditing and automated testing done to try and remove potential stability and security problems. Of course this could never be perfect, and stuff will slip through, they caught a lot of potential problems in the process. This I find very interesting and didn't know about the sound card emulation. That is pretty neat... Erik Funkenbusch wrote: #5 I find XP to be more useable than Win2k. The new start menu is much more productive than the old one (for instance, I tend to go into Computer M
Sorry if I wasn't clear. When I said that you could install raw packet drivers in 98, I didn't mean you, the computer owner, I mean you the hacker can install them without the computer owners knowledge or permission. As such, it makes little difference whether raw sockets are available or not in XP, since they're fully available to anyone that hacks a machine in 98. Further, I use packet sniffers all the time in my little home network. I like watching the kiddies trying to attack my machine. Granted, Joe Sixpack isn't going to do that, but if he wants to, he should be able to. No, you can't configure the Win2k start menu to be like the XP one. There is a very major difference. Right clicking on the objects in the XP start menu allows you to adjust properties on those actual objects. Right clicking similar ones in a 2k menu would only allow you to adjust the properties of the SHORTCUTS to those objects. It's very different. Further, I like the way XP shows the most recently used PROGRAMS (as opposed to documents in 2k) which is better than 2k's smart menus. I can't imagine why you would want to encourage people to stay with an insecure, buggy, unstable OS that requires software developers to support two standards (9x and NT). By moving to a single standard, software becomes easier to maintain and develop. Yes, for a few years you'll still have to support both, but I for one want to encourage the wholesale adoption of a single standard as fast as possible. BTW, your comment about "It is not that their are security issue that actually allow someone to do whatever they want to your computer with a simple packet." is an over-exageration. This problem is no more severe or different from any other buffer overflow that's ever happened. The only difference is that it runs by default on desktop machines. There is nothing special about that bug. Also, you make the same mistake as everyone else. You didn't read what MS said. They didn't say XP was the most secure OS ever. They said it was the most secure *WINDOWS* ever. You make it sound like products like firewalls are bad things, because they lull people into a false sense of security. I'm sorry, but that's a very bizarre way to think of it. Maybe we shouldn't have locks on our doors, since they too give us a false sense of security, or burglar alarms, since those aren't going to protect you if you let a strange person in your home. Improving security doesn't obviate the need to be vigilant against threats, and I don't think anyone, not
-
Actually, from what I understand these issues (huge security holes, raw sockets, etc.) are in both home and pro. I didn't know that about the drivers either... Seems odd, you would think since the kernal would be the same, the drivers should work on both. Must not be that way though. We do have XP Pro at work. And from what I've played with it, it seems identical to home. Except of course for domain support (which is dumb, why would you take that out?) Programming in binary is as easy as 01 10 11.
Removing the ability to connect to a domain (from WinXP Home) was a strategic decision. MS does not want the corporate world to continue using consumer operating systems (ala Win9X) and this was a very smart way to discourage the use of WinXP Home Edition in the business world.
-
Removing the ability to connect to a domain (from WinXP Home) was a strategic decision. MS does not want the corporate world to continue using consumer operating systems (ala Win9X) and this was a very smart way to discourage the use of WinXP Home Edition in the business world.
-
Sorry if I wasn't clear. When I said that you could install raw packet drivers in 98, I didn't mean you, the computer owner, I mean you the hacker can install them without the computer owners knowledge or permission. As such, it makes little difference whether raw sockets are available or not in XP, since they're fully available to anyone that hacks a machine in 98. Further, I use packet sniffers all the time in my little home network. I like watching the kiddies trying to attack my machine. Granted, Joe Sixpack isn't going to do that, but if he wants to, he should be able to. No, you can't configure the Win2k start menu to be like the XP one. There is a very major difference. Right clicking on the objects in the XP start menu allows you to adjust properties on those actual objects. Right clicking similar ones in a 2k menu would only allow you to adjust the properties of the SHORTCUTS to those objects. It's very different. Further, I like the way XP shows the most recently used PROGRAMS (as opposed to documents in 2k) which is better than 2k's smart menus. I can't imagine why you would want to encourage people to stay with an insecure, buggy, unstable OS that requires software developers to support two standards (9x and NT). By moving to a single standard, software becomes easier to maintain and develop. Yes, for a few years you'll still have to support both, but I for one want to encourage the wholesale adoption of a single standard as fast as possible. BTW, your comment about "It is not that their are security issue that actually allow someone to do whatever they want to your computer with a simple packet." is an over-exageration. This problem is no more severe or different from any other buffer overflow that's ever happened. The only difference is that it runs by default on desktop machines. There is nothing special about that bug. Also, you make the same mistake as everyone else. You didn't read what MS said. They didn't say XP was the most secure OS ever. They said it was the most secure *WINDOWS* ever. You make it sound like products like firewalls are bad things, because they lull people into a false sense of security. I'm sorry, but that's a very bizarre way to think of it. Maybe we shouldn't have locks on our doors, since they too give us a false sense of security, or burglar alarms, since those aren't going to protect you if you let a strange person in your home. Improving security doesn't obviate the need to be vigilant against threats, and I don't think anyone, not
Erik Funkenbusch wrote: Granted, Joe Sixpack isn't going to do that, but if he wants to, he should be able to. I am not disagreeing here, he should be able to. Just not by default. You make to many things defaulting on and it can cause problems. Erik Funkenbusch wrote: No, you can't configure the Win2k start menu to be like the XP one. There is a very major difference. Right clicking on the objects in the XP start menu allows you to adjust properties on those actual objects. Right clicking similar ones in a 2k menu would only allow you to adjust the properties of the SHORTCUTS to those objects. It's very different. Further, I like the way XP shows the most recently used PROGRAMS (as opposed to documents in 2k) which is better than 2k's smart menus. I wasn't aware of that, that is another point toward XP :) Erik Funkenbusch wrote: Also, you make the same mistake as everyone else. You didn't read what MS said. They didn't say XP was the most secure OS ever. They said it was the most secure *WINDOWS* ever. You make it sound like products like firewalls are bad things, because they lull people into a false sense of security. I'm sorry, but that's a very bizarre way to think of it. Maybe we shouldn't have locks on our doors, since they too give us a false sense of security, or burglar alarms, since those aren't going to protect you if you let a strange person in your home. I appologize, I did misspeak there. However to Joe Public it means what I interpreted it as. And they *do* make it sound like those pieces of software are not needed. They are lulling people into a false sense of security by saying it's the most secure and giving them a firewall that is just "ok." Erik Funkenbusch wrote: Further, you don't seem to understand how the internet works if you think the internet has central DNS servers. It doesn't. There are literally 10's of thousands of DNS servers, and they all talk to each other in a web. There's no "central" servers out there that run the entire internet. Actually there are. Please read up on that. In the beginning (of the internet) there were about six of them. They are what sort out the .com, .edu, and .net's. Then they sort out domain name. Once you get there, the local dns servers point to the IP of the machine needed (www, apps, whatever). The local dns servers that you hit first cache the IP's for most sites, but if it is a site it has never been