Why XP?
-
Chances are that cheap hardware with cheap drivers is buggy as hell anyway. Tim Smith Descartes Systems Sciences, Inc.
Tim Smith wrote: Chances are that cheap hardware with cheap drivers is buggy as hell anyway. Most likely what the problem is. -:suss:Matt Newman:suss: -:suss:Matt Newman:suss: -Sonork ID: 100.11179:BestSnowman
-
OMG, Thanks for showing me the light. Now I understand. Hmm, but if all this was true, then how on earth did we have DOS attacks prior to this scourge of the earth called XP. Never mind, I take it back. You don't have a clue. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Then lets shutdown SourceForge and the rest of the FreeBSD systems. They have been hacked and were vulnerable to being used as DOS source attacks. Tim Smith Descartes Systems Sciences, Inc.
EXCUSE ME! I have been nothing but polite and considerate. And you have the audacity to tell me that I don't have a clue? I have come back with links to articles and facts. What have you come back with? "Yer dumb!" Good statistic there! Sorry if I sound pissed off, but I am! This is exactly the kind of response I didn't want! I *was* having a nice discussion with everyone else... But in response to this ill-tempered, ignorant post... We had dos attacks because the crackers that got in the unix systems were good. There will always be dos attacks because there will always be good hackers and crackers. However, before XP their pickings of machine to get into were slim. Win 9x machine were not good machines to attack for dos attacks. Only the unix boxes were really good for it. Now they have millions of home users that are dumb to choose from. *That* was my point. The access to a machine *capable* of handling a proper dos attack has just multiplied 10 fold. This *is* serious, and if you don't think it is, then perhaps you should go back to school after Christmas and ask you high school teacher what network security is! That is a risk. And if you disagree, then come back with an intellegent response with facts. Not this: Tim Smith wrote: Never mind, I take it back. You don't have a clue. That is childish and not needed. Programming in binary is as easy as 01 10 11.
-
Andrew Peace wrote: o Only Home Edition has this flaw Hate to be picky, but do you have proof of this? The reason I ask is that I don't believe it. I have read/heard that both have this flaw... Andrew Peace wrote: o It's not a huge flaw Depends on how you look at it. If you look at it on the small scale, no it's not that big of a deal. When you look at it on the big scale, it opens up the ability to make a ddos attack server out of the home market machines. The thing I think most people are missing by saying that it doesn't matter, it's been around for a while (through linux, unix, mac osx, etc) is that those os's are not mainstream yet. Without XP, if you want to do a serious, take down the server, ddos attack you would need to be able to control multiple big unix sites. That is not an easy task. I'm not denying that it can be, and has been done, just that it's not that easy. With XP, all you have to do is infect a home user with the virus payload and have it spread like wildfire. Instead of having a few hundred thousand unix variations out there to pick from, currently they have over 7 million XP boxes to play with. (statistic from MS sales statistics) That is a serious threat in my eyes. That is the difference. Programming in binary is as easy as 01 10 11.
Greven wrote: Andrew Peace wrote: o Only Home Edition has this flaw Hate to be picky, but do you have proof of this? The reason I ask is that I don't believe it. I have read/heard that both have this flaw... I'm pretty sure I'm right in saying that raw sockets are supported by not only Windows XP Home/Professional, but by Windows 2000 as well. However, raw sockets are only available to user accounts with administrative priviledges under all three OSs. This becomes a concern with XP Home because Microsoft decided (for compatibility with Win98/Me) to make all user accounts administrators by default. So, the workaround is to change the user accounts back to ordinary ones. IMHO a bad call, but an understandable one. Steve Gibson talks about this in some detail at http://grc.com/dos/sockettome.htm. Andy Metcalfe - Sonardyne International Ltd
Trouble with resource IDs? Try the Resource ID Organiser Add-In for Visual C++ 5.0/6.0
"I'm just another 'S' bend in the internet. A ton of stuff goes through my system, and some of the hairer, stickier and lumpier stuff sticks." - Chris Maunder (I just couldn't let that one past ;)) -
I've been going round and round with myself and others on this one. I run a dual booted system between Window Me and Windows 2000. Everyone around me is telling me just to go Windows XP because it merges them nicely. I keep telling them no! I don't want XP to touch my hardware in any way/shape/or form. I am not saying this just because I am rather strongly anti-microsoft (which I am :)) I am saying this because of all the problems and issues with XP. I don't like the idea of raw sockets being usable by anyone on the home edition of XP. I know, my 2k partition can do it too, but not many home users run 2K so I feel safer. (For those of you who do not know about the raw sockets, go here: http://grc.com/dos/sockettome.htm It's a good article) Then we have all of the security problems with XP that caused a nice panic the other day. The security problems are not something to brush off, they are serious. (Here's a good link for general XP problems: http://grc.com/dos/winxp.htm) With all of this, there are now several corporations that have banned XP from their network. I won't mention names simply because of contracts and such, I'm sure you all understand. My company and two of the company's that we work closly with have banned XP. To the point that one of them has informed everyone that it is a terminatable offence. They are taking XP *very* seriously as a security risk. In my own company I was informed that it was able to take out the section of the network that it was on in just a few minutes. It did a broadcast storm from what I was told. (I was not there on that one, so I can neither confirm nor deny that one) At this point you are probably wondering "What's this lunatic's point?!?" Well it's quite simple. Why does everyone run XP? I see it everywhere! Screen captures of sample apps are running XP (with the telltale FP design, FP = Fisher Price). With all of these problems, what is the point of running XP? Does it really provide more stability than 2K? Does it have better compatability than 2K? For a home user, is it really easier to use than 98/Me? I have used it a little, and I really don't think it's that much different than 2K... And actually, if you run a winver on it, it comes back as 5.1. Why would I pay $100/200 for a .1 upgrade? I hope I didn't just start a flame war about whether XP is good or not, that was not the intention. I have supplied links to show my point. I wouldn't mind an honest debate on it, with proof. I think it would be interesting. Programmi
Greven, I think you are swallowing Steve Gibson's tirade hook line and sinker without really thinking it through yourself. But, here are some of the most immediate points that come to mind after reading your post. #1 It's possible and easy to do raw sockets on Win98, all it takes is installing a device driver to do it, something that anyone that hacks the machine can do because there is no security in 98. In fact, Most of the machines used to do these sorts of attacks *ARE* 98 machines with Raw Socket drivers installed. #2 XP only allows administrators to use raw sockets. Of course XP Home makes everyone an administrator by default, but that is changeable. If you're worried about your own machine, simply remove administrator access from them and they can't use Raw Sockets. BTW, steve is incorrect that only malicious code needs raw socket access. Applications such as network sniffers and diagnostics require this level of support as well. #3 Lots companies "ban" new OS's when they come out. The companies I worked for "banned" Win2k when it came, and those same companies "banned" NT4 when it came out and then "banned" Win95 when it came out. All this means is that they aren't prepared to deal with desktops that have this OS installed and need time to develop a support policy. #4 Yes, XP *IS* more compatible than Win2k is. There has been a great deal of work to make XP more compatible with games (especially DOS ones. For instance, the DOS box now has sound card emulation for DOS). Yes, XP is more stable than Win2k. (though much of this is theoretical, since Win2k was pretty stable to begin with). XP has had lots of auditing and automated testing done to try and remove potential stability and security problems. Of course this could never be perfect, and stuff will slip through, they caught a lot of potential problems in the process. #5 I find XP to be more useable than Win2k. The new start menu is much more productive than the old one (for instance, I tend to go into Computer Management a lot, I can access this directly from the start menu by right clicking on the My Computer icon and choosing "Manage". You can do this on the desktop as well, but often I have windows obscuring it). #6 Security. Yeah, a few new security vulnerabilities have popped up. That's going to happen in any complex software. Win2k will have more vulnerabilties as well. If you take precautions, such as only enabling those services you use, you will go a long way. For instance, I wasn't vulnerable to t
-
Ok... where to begin on this rant :) Raw sockets by themselves are not the problem and no one is claming that they are. They are *required* by drivers and the system to operate at all on a network of any kind. However, they are not required by Joe User to run his latest version of Quake. That is where the problem comes from. Joe User running XP does have access to raw sockets, but again that is not where the problem comes from. Joe User doesn't have a clue. When it comes to security risks you have to assume that he will open that email that comes from someone he doesn't know, and will open the attachment even though it's an exe. Now he's infected. He doesn't know it, he hasn't updated his anti-virus since he bought the machine. He is now a perfect ddos attack server. And again, that by itself, who cares. It happens on unix based machines all the time. But, when you compare the statistics of unix based systems to the number of XP boxes that were sold in the first week (counting machines running XP and XP sales) it's rather stagering. There are probably a few hundred thousand unix based machines that someone could hack into. But there were over 7 million XP units sold in the first week. Let's just say that a third of them are stupid Joe Users who are going to get infected by ignorance. That still leaves 2.3 million Joe Users that are infected with a virus that will be able to wipe out any network it wants to. The reason that raw sockets have become an issue is that they have hit the mainstream. They have never done that before now. Now ask yourself, is having the chance (just the chance) of 2.3 million ddos attack servers worth the risk? I think not. Programming in binary is as easy as 01 10 11.
Perhaps you aren't aware of this, but currently there are over 12 million Unix based web servers out there alone. This isn't counting FTP servers and general Unix/Linux machines that are on the net. Yes, Windows overall has many many more, but I think your argument about only a few hundred thousand unix machines is way off base. There are currently many more Unix machines on the internet than XP machines (and not all of those XP machines will be on the internet at all). -- Where are we going? And why am I in this handbasket?
-
Greven, I think you are swallowing Steve Gibson's tirade hook line and sinker without really thinking it through yourself. But, here are some of the most immediate points that come to mind after reading your post. #1 It's possible and easy to do raw sockets on Win98, all it takes is installing a device driver to do it, something that anyone that hacks the machine can do because there is no security in 98. In fact, Most of the machines used to do these sorts of attacks *ARE* 98 machines with Raw Socket drivers installed. #2 XP only allows administrators to use raw sockets. Of course XP Home makes everyone an administrator by default, but that is changeable. If you're worried about your own machine, simply remove administrator access from them and they can't use Raw Sockets. BTW, steve is incorrect that only malicious code needs raw socket access. Applications such as network sniffers and diagnostics require this level of support as well. #3 Lots companies "ban" new OS's when they come out. The companies I worked for "banned" Win2k when it came, and those same companies "banned" NT4 when it came out and then "banned" Win95 when it came out. All this means is that they aren't prepared to deal with desktops that have this OS installed and need time to develop a support policy. #4 Yes, XP *IS* more compatible than Win2k is. There has been a great deal of work to make XP more compatible with games (especially DOS ones. For instance, the DOS box now has sound card emulation for DOS). Yes, XP is more stable than Win2k. (though much of this is theoretical, since Win2k was pretty stable to begin with). XP has had lots of auditing and automated testing done to try and remove potential stability and security problems. Of course this could never be perfect, and stuff will slip through, they caught a lot of potential problems in the process. #5 I find XP to be more useable than Win2k. The new start menu is much more productive than the old one (for instance, I tend to go into Computer Management a lot, I can access this directly from the start menu by right clicking on the My Computer icon and choosing "Manage". You can do this on the desktop as well, but often I have windows obscuring it). #6 Security. Yeah, a few new security vulnerabilities have popped up. That's going to happen in any complex software. Win2k will have more vulnerabilties as well. If you take precautions, such as only enabling those services you use, you will go a long way. For instance, I wasn't vulnerable to t
Finally, a well thought out and intellegent response. Thank you. I am beginning to change my mind on XP based on some of the responses I've been reading. But I do have a few questions and comments for you. Erik Funkenbusch wrote: #1 It's possible and easy to do raw sockets on Win98, all it takes is installing a device driver to do it, something that anyone that hacks the machine can do because there is no security in 98. In fact, Most of the machines used to do these sorts of attacks *ARE* 98 machines with Raw Socket drivers installed. I believe I did say that this was possible with the installation of third party drivers. My biggest thought on this is that you know that you are enabling it on 98. With XP, it's just there. Erik Funkenbusch wrote: #2 XP only allows administrators to use raw sockets. Of course XP Home makes everyone an administrator by default, but that is changeable. If you're worried about your own machine, simply remove administrator access from them and they can't use Raw Sockets. BTW, steve is incorrect that only malicious code needs raw socket access. Applications such as network sniffers and diagnostics require this level of support as well. I have no problem admitting that programs like sniffers and such may require raw sockets. If you are head of network security for a corporation, you will probably have multiple applications which require it. But, Joe Blow down the street does not need it. There is not a single application out there that says "requires use of raw sockets" on the box. That is what scares me. Erik Funkenbusch wrote: #4 Yes, XP *IS* more compatible than Win2k is. There has been a great deal of work to make XP more compatible with games (especially DOS ones. For instance, the DOS box now has sound card emulation for DOS). Yes, XP is more stable than Win2k. (though much of this is theoretical, since Win2k was pretty stable to begin with). XP has had lots of auditing and automated testing done to try and remove potential stability and security problems. Of course this could never be perfect, and stuff will slip through, they caught a lot of potential problems in the process. This I find very interesting and didn't know about the sound card emulation. That is pretty neat... Erik Funkenbusch wrote: #5 I find XP to be more useable than Win2k. The new start menu is much more productive than the old one (for instance, I tend to go into Computer M
-
Finally, a well thought out and intellegent response. Thank you. I am beginning to change my mind on XP based on some of the responses I've been reading. But I do have a few questions and comments for you. Erik Funkenbusch wrote: #1 It's possible and easy to do raw sockets on Win98, all it takes is installing a device driver to do it, something that anyone that hacks the machine can do because there is no security in 98. In fact, Most of the machines used to do these sorts of attacks *ARE* 98 machines with Raw Socket drivers installed. I believe I did say that this was possible with the installation of third party drivers. My biggest thought on this is that you know that you are enabling it on 98. With XP, it's just there. Erik Funkenbusch wrote: #2 XP only allows administrators to use raw sockets. Of course XP Home makes everyone an administrator by default, but that is changeable. If you're worried about your own machine, simply remove administrator access from them and they can't use Raw Sockets. BTW, steve is incorrect that only malicious code needs raw socket access. Applications such as network sniffers and diagnostics require this level of support as well. I have no problem admitting that programs like sniffers and such may require raw sockets. If you are head of network security for a corporation, you will probably have multiple applications which require it. But, Joe Blow down the street does not need it. There is not a single application out there that says "requires use of raw sockets" on the box. That is what scares me. Erik Funkenbusch wrote: #4 Yes, XP *IS* more compatible than Win2k is. There has been a great deal of work to make XP more compatible with games (especially DOS ones. For instance, the DOS box now has sound card emulation for DOS). Yes, XP is more stable than Win2k. (though much of this is theoretical, since Win2k was pretty stable to begin with). XP has had lots of auditing and automated testing done to try and remove potential stability and security problems. Of course this could never be perfect, and stuff will slip through, they caught a lot of potential problems in the process. This I find very interesting and didn't know about the sound card emulation. That is pretty neat... Erik Funkenbusch wrote: #5 I find XP to be more useable than Win2k. The new start menu is much more productive than the old one (for instance, I tend to go into Computer M
Sorry if I wasn't clear. When I said that you could install raw packet drivers in 98, I didn't mean you, the computer owner, I mean you the hacker can install them without the computer owners knowledge or permission. As such, it makes little difference whether raw sockets are available or not in XP, since they're fully available to anyone that hacks a machine in 98. Further, I use packet sniffers all the time in my little home network. I like watching the kiddies trying to attack my machine. Granted, Joe Sixpack isn't going to do that, but if he wants to, he should be able to. No, you can't configure the Win2k start menu to be like the XP one. There is a very major difference. Right clicking on the objects in the XP start menu allows you to adjust properties on those actual objects. Right clicking similar ones in a 2k menu would only allow you to adjust the properties of the SHORTCUTS to those objects. It's very different. Further, I like the way XP shows the most recently used PROGRAMS (as opposed to documents in 2k) which is better than 2k's smart menus. I can't imagine why you would want to encourage people to stay with an insecure, buggy, unstable OS that requires software developers to support two standards (9x and NT). By moving to a single standard, software becomes easier to maintain and develop. Yes, for a few years you'll still have to support both, but I for one want to encourage the wholesale adoption of a single standard as fast as possible. BTW, your comment about "It is not that their are security issue that actually allow someone to do whatever they want to your computer with a simple packet." is an over-exageration. This problem is no more severe or different from any other buffer overflow that's ever happened. The only difference is that it runs by default on desktop machines. There is nothing special about that bug. Also, you make the same mistake as everyone else. You didn't read what MS said. They didn't say XP was the most secure OS ever. They said it was the most secure *WINDOWS* ever. You make it sound like products like firewalls are bad things, because they lull people into a false sense of security. I'm sorry, but that's a very bizarre way to think of it. Maybe we shouldn't have locks on our doors, since they too give us a false sense of security, or burglar alarms, since those aren't going to protect you if you let a strange person in your home. Improving security doesn't obviate the need to be vigilant against threats, and I don't think anyone, not
-
Actually, from what I understand these issues (huge security holes, raw sockets, etc.) are in both home and pro. I didn't know that about the drivers either... Seems odd, you would think since the kernal would be the same, the drivers should work on both. Must not be that way though. We do have XP Pro at work. And from what I've played with it, it seems identical to home. Except of course for domain support (which is dumb, why would you take that out?) Programming in binary is as easy as 01 10 11.
Removing the ability to connect to a domain (from WinXP Home) was a strategic decision. MS does not want the corporate world to continue using consumer operating systems (ala Win9X) and this was a very smart way to discourage the use of WinXP Home Edition in the business world.
-
Removing the ability to connect to a domain (from WinXP Home) was a strategic decision. MS does not want the corporate world to continue using consumer operating systems (ala Win9X) and this was a very smart way to discourage the use of WinXP Home Edition in the business world.
-
Sorry if I wasn't clear. When I said that you could install raw packet drivers in 98, I didn't mean you, the computer owner, I mean you the hacker can install them without the computer owners knowledge or permission. As such, it makes little difference whether raw sockets are available or not in XP, since they're fully available to anyone that hacks a machine in 98. Further, I use packet sniffers all the time in my little home network. I like watching the kiddies trying to attack my machine. Granted, Joe Sixpack isn't going to do that, but if he wants to, he should be able to. No, you can't configure the Win2k start menu to be like the XP one. There is a very major difference. Right clicking on the objects in the XP start menu allows you to adjust properties on those actual objects. Right clicking similar ones in a 2k menu would only allow you to adjust the properties of the SHORTCUTS to those objects. It's very different. Further, I like the way XP shows the most recently used PROGRAMS (as opposed to documents in 2k) which is better than 2k's smart menus. I can't imagine why you would want to encourage people to stay with an insecure, buggy, unstable OS that requires software developers to support two standards (9x and NT). By moving to a single standard, software becomes easier to maintain and develop. Yes, for a few years you'll still have to support both, but I for one want to encourage the wholesale adoption of a single standard as fast as possible. BTW, your comment about "It is not that their are security issue that actually allow someone to do whatever they want to your computer with a simple packet." is an over-exageration. This problem is no more severe or different from any other buffer overflow that's ever happened. The only difference is that it runs by default on desktop machines. There is nothing special about that bug. Also, you make the same mistake as everyone else. You didn't read what MS said. They didn't say XP was the most secure OS ever. They said it was the most secure *WINDOWS* ever. You make it sound like products like firewalls are bad things, because they lull people into a false sense of security. I'm sorry, but that's a very bizarre way to think of it. Maybe we shouldn't have locks on our doors, since they too give us a false sense of security, or burglar alarms, since those aren't going to protect you if you let a strange person in your home. Improving security doesn't obviate the need to be vigilant against threats, and I don't think anyone, not
Erik Funkenbusch wrote: Granted, Joe Sixpack isn't going to do that, but if he wants to, he should be able to. I am not disagreeing here, he should be able to. Just not by default. You make to many things defaulting on and it can cause problems. Erik Funkenbusch wrote: No, you can't configure the Win2k start menu to be like the XP one. There is a very major difference. Right clicking on the objects in the XP start menu allows you to adjust properties on those actual objects. Right clicking similar ones in a 2k menu would only allow you to adjust the properties of the SHORTCUTS to those objects. It's very different. Further, I like the way XP shows the most recently used PROGRAMS (as opposed to documents in 2k) which is better than 2k's smart menus. I wasn't aware of that, that is another point toward XP :) Erik Funkenbusch wrote: Also, you make the same mistake as everyone else. You didn't read what MS said. They didn't say XP was the most secure OS ever. They said it was the most secure *WINDOWS* ever. You make it sound like products like firewalls are bad things, because they lull people into a false sense of security. I'm sorry, but that's a very bizarre way to think of it. Maybe we shouldn't have locks on our doors, since they too give us a false sense of security, or burglar alarms, since those aren't going to protect you if you let a strange person in your home. I appologize, I did misspeak there. However to Joe Public it means what I interpreted it as. And they *do* make it sound like those pieces of software are not needed. They are lulling people into a false sense of security by saying it's the most secure and giving them a firewall that is just "ok." Erik Funkenbusch wrote: Further, you don't seem to understand how the internet works if you think the internet has central DNS servers. It doesn't. There are literally 10's of thousands of DNS servers, and they all talk to each other in a web. There's no "central" servers out there that run the entire internet. Actually there are. Please read up on that. In the beginning (of the internet) there were about six of them. They are what sort out the .com, .edu, and .net's. Then they sort out domain name. Once you get there, the local dns servers point to the IP of the machine needed (www, apps, whatever). The local dns servers that you hit first cache the IP's for most sites, but if it is a site it has never been