MS OS Patch This Patch That

Just in case anybody's wondering about the effectiveness of said patches/updates:

I don't run antivirus software, and I don't have a software firewall running . .

. . . ever.

All I have is an up to date machine and a router with hardware firewall. . .

. . . and I don't get viruses . . . .

. . . ever.

I got one with Windows 98 once, though Took out our whole network (well, it still worked, but every computer got it . . . Luckily we all had 4GB drives, so it didn't take too long to scan and fix).

One thing I do do is run Panda ActiveScan once a week or so, just to make sure, but it's not been necessary yet . . . I guess that might technically count as running antivirus software, but what I mean by "running" is the AutoProtect part of Norton (and its brethren in McAfee, etc.). They bother me.

HOWEVER (and this is one BIG however):

Casual computer users (ie, the everyday one that knows squat about maintaining a computer) NEED AutoProtect and LiveUpdate and WindowsUpdate, because they're not going to do it on their own, and they all use AOL or RoadRunner without a firewall. Windows Firewall is good too, in that it's better than nothing. It's too bad AdAware doesn't auto-run (in the free version . . . methinks it does in the pro version). I personally don't like AutoUpdate either, but I know to check WindowsUpdate.

I'm not saying this is fool-proof. What I'm saying is that if you're smart, you won't get any unless they just pop up without warning and run rampant without public notice for a while . . . In which case you're as vulnerable as anybody with Norton and ZoneAlarm running simultaneously. Virus scanners really only protect you from ones that are already known to exist. If you don't download something weird, don't open random emails, and have a hardware firewall, you won't get them . . .

That's my philosophy . . .

Z

zachj said:

I think we're forgetting that all OSs have security flaws, including the fabulously stable and virus-free OSX. Single User Mode might be useful, but unless you know you need it, you don't, and for those that have no idea it'ss even there, it represents a security risk, especially if their computer is in a "public" place. Microsoft does release a lot of patches . . . too many, in my opinion. Yet some of this can't be blamed solely on them. Hackers hack Windows because 90% of people use it. That makes them a BIG and EASY target, considering the average computer user knows nothing of windows update or virii . . . If Linux were to replace Windows as the OS of choice, I imagine that it would require more frequent updates than it has now (in so much as it "has" them already, since they don't exactly "patch" Linux). Sure, Apple releases a patch/update no more frequently than once a month, and that makes MS look terrible, but look at how many people are actively trying to hack or infect OSX . . . they simply don't have the reason to fix something wrong . . . MS is trying to better its image (and deflect a new lawsuit, which I hope they win . . . I'm a Microsoft fan, personally), but releasing much-needed (sometimes) patches only monthly to save face is a worse idea. I agree that shipping a product with known flaws is a big no-no, but since everyone does it, why should Microsoft be attacked for it?

Z

Click to expand...

You are halfway right. The main reason that there are so many patches released for Windows OS's is because os the pathetic security model. by default a user is an administrator in windows XP... NOT the case in OSX or Linux...

Does a standard virus need administrator privileges to do its deed? I imagine if it has to "install" something or modify system files, that it might require admin access, but I think a standard, run-of-the-mill virus wouldn't need admin access.

Am I wrong?

Even so, it wouldn't matter NEARLY as much how flawed and insecure Windows is if it weren't on top, installed on 90%+ machines . . . It might be an easy target, but it's because it's so big that it's targeted. I can install Linux . . . That doesn't mean I'm going to do it and call myself an l33t haxor . . . If it weren't so big, they wouldn't attack it, because then they're just exploiting an easy target for no point . . .

Z

zachj said:

they're just exploiting an easy target for no point . . .

Z

Click to expand...

I didnt know that there was a valid point to make a virus....

Yes if 90% of the systems were Linux/unix/OSX then they would be a much larger target, but the built in security of the OS's make it MUCH harder to mess up the entire system. at most a normal user would only mess up hes/her profile. (Unless you use Lindows, you are root by default) This makes it much harder for a virus to do system wide damages. On a windows XP system, most virus' get to run as the ADMINISTRATOR with unlimited access to everything.... Remember to make modifications to the registry, you need admin rights... that is where a lot of viruses like to put entrys so that they are run for evey user....

Of course there's no valid reason to make a virus. I'm saying that even for THEM, there's bottom of the barrel. . . They avoid it as much as anyone else does.

I guess administrator rights does make it easier for viruses to do their deed, but a lot of them aren't causing system-wide "damage". I guess, though, that that "damage" could be avoided if they weren't able to be installed at all . . . Of course there's no registry in Linux, either, so what would it be able to change there? Just system files? That AIM trojan thing is pretty cool . . . I guess that's Windows specific, but I imagine it's not that hard to get to work on Linux . . . And I bet there are more holes in Linux than most people think . . .

Z

zachj said:

And I bet there are more holes in Linux than most people think . . .

Z

Click to expand...

Agreed! There are definitly more issues than people think....

MS releases more patchs every week.

this is the first time in the history of OS.

MS tries to stop bad guys and faulty software from coming

don't you love to have SP2 for winXP right now ????

i can't catch up with all the updates MS releases any more. I'm glad i have DSL

without it, i don't know when i'm done with all the updates

ZedBias said:

I just read somewhere that Windows XP was realeased with 63,500 known bugs! Surely that cant be right. Or can it??

I got the link if any one wants a lil read??

Click to expand...

Can you post this link or PM it to me.
Thanks

Someone I know said it best. When you have something this big, being worked on by this many people, with release dates and the more lines of code you create, the more likely for bugs there wil be. I dont think many people have a good grasp of how large and powerful windows truly is. Now, those of you who program can appreciate this.. those tha dont its harder, imagine how much text is needed to make a text file 1024 BYTES. now, multiply that into megs, then compare that to the average size of a windows install. Do you see how much code is there? how many places can have problems? How long it takes to debug even the smallest programs? As said above, these free updates is like a lifetime warranty for a car, if it breaks or a problem is found it is fixed for FREE. Now how can you complain about free? c'mon people, you need to stop whinning and be a bit more humble. Some of you might remember the couple people on the forums that tred to write thier own OS (CL based) it took them months just to write the boot loader. And it didnt even work until several versions later. And as far as I know they gave up, (havent seen updates on it in months/year). And have you ever looked at the HCL for windows 2k/xp? look at what it can even RUN on! Id like to see any or all of you write something that will even run on ONE of those things or even write a damn driver for ONe piece of hardware found on those lists, AND have it work the first time through, or even the second or third with NO bugs or glitches or intermitent errors. I mean, look at all the minor programs included, on the internet, find source code for a basic calculator program and read through it.. now, thats a calc, imagine what it takes to make an OS.
Now some might say, this guy is a MS employee or something. Nope, in fact Im typing this on a RedHat 7.3 system right now. I use windows cause its easy, quick, and more or less friendly. I have XP Pro right now with SP1, thats all I need because of the large disk support. And no software is bug free. you know ZA, spybot killers, adaware, Antivirus progs, firewalls, codecs, games? ALL those have updates, fixes and patches. hell look at Steam, you download patches everytime you start it pretty much, but we still use it right and aside from Steam we dont really complain right? But no, lets bash MS cause its popular or fun to do, even if we would never think of using something different. and yes it was shipped with that many known bugs. And for Win98 there is even a BOOK that documents some 9 thousand error codes found in 98 and what to do about them. And Linux is perfect right? no updates whatsoever? or constant patches? uh-huh. and what kernel version are we at or close to now? 2.16.x/2.14.x or something? no errors? if there were no problems with the other OS'es then why would we need the Linux documentation project? or even tech support for getting stuff to work? And yes the fixes are freely downloadable for those too, but do we bash them? nope. lets all pick on MS, because they are a business and like all businesses they want/need to make money. And so, they make good software, and when a problem is found, they generally try to make a patch for it. They dont expect you to fix it yourself. they help thier customers with FREE knowledge bases and patches. There have been way too many "microsoft sucks/lame/blah because of blah" threads I have to say something this time.

In closing, Microsoft is so expensive, or hard to use, or doesnt support this or wont run on that or always have to update blah blah.. shutup and use something else or do something about. [/rant] *goes to play some game*

I will give one thing.. Linux ships with better games on it

To some degree I agree that microsoft represents a bigger target than say linux and that brings the hackers and such out of the woodwork to go after them. I also agree that the default security model of windows is also a joke BUT why is it like this? There is a gap the size of the grand canyon in the computer savyness of a linux user compared to that of the typical windows user.

We have all seen the countless helpdesk jokes regarding dumb users. Most of them are true! Can you imagine the stupid user trying to figure out how to install software if he had to log in with some special account that had administrative rights?

Until MS puts an autoupdate out that self destructives the user's keyboards and mice there is always going to be 1 HUGE security hole in windows, sitting right in front of the monitor.

mbentley said:

wow, now that was well said pik4chu

i couldn't agree more

Click to expand...

Then why doesn't MS release an OS, and instead of releasing another OS a few years later, stick with the current one and just continually improve it? That way they would be on a constant path to perfection instead of starting over.

I never even considered the above until just now, but I have to say that I wholee-heartedly agree . . .

Consider this: OSX requires administrator privileges to install updates, but you don't see people ripping out their hair and calling Apple asking how to enter the password for the root user, do you? That's how simple it would be to improve security on Windows. But that's only one of MANY problems Microsoft faces, which is why they constantly make new OSs.

But if you think about it, Microsoft is the only company that's "invented" "new" operating systems. Linux is just a continuance of the first one, and MacOS was the same until it became BSD-based, and Apple's updates "Panther, Jaguar" are like Linux advances . . . just new kernals with added software features. Joe Apple-user doesn't care about the kernal improvements, but he falls all over himself trying to get that new Apple app and improved security . . .

Windows could easily follow the same model, especially now that 9x is dead. I mean, yes, Windows was based on the "same" DOS from way back when, but that was never a modern OS, and thus it was not made with security in mind, just like OS9 and lower. Security in DOS-Me was, as it was in MacOS whatever-OS9, an AFTERTHOUGHT, and thus why both were not nearly as secure as XP and OSX. Of course, people didn't target OS9 any more than they do OSX, but it was still much less secure.

Windows XP is based on NT, which was designed to be "secure" because of its expected role. Thus it, like Linux, should technically be a good platform on which to build. If Microsoft would stop trying to redesign the whole system for Longhorn, they might have been able to release the "Jaguar" and "Panther" of Windows . . . There's no reason why they can't follow the *nix model . . .

It would prove FAR cheaper for Microsoft, and thus PERHAPS cheaper for the consumer. Regardless of whatever other benefits it might have, it might allow for a much more secure OS, as all of Microsoft's programmers could be focusing on patching flaws not yet exploited, as well as upgrading to XP2.0 or whatever they wanted to call it. Preemptive patching might save them from having to release so many patches . . . I'd wager there's some level of predictability to what flaws hackers exploit . . . I mean, look at DCOM . . . that's been exploited numerous times, yet the simple fix was to just turn it off. You don't need it unless you know you do, and if you know you do, then more than likely, you're smart enough to know what can happen if you don't patch your machine . . . and smart enough to employ people to patch them for you (as you're likely part of an organization).

So simple. No need to reinvent the wheel (as China's space program is doing . . .). There's nothing "WRONG" with doing that, but it seems like a waste of perfectly good effort that could have gone into something better.

Go Microsoft/China (seriously. I'm bitterly sarcastic, but I mean it. They do/did good work).

Z

No, only a few times did MS invent something new. and that was when they went for the DOS based OS to the non DOS based. basically what a new OS is, is a HUGE upgrade from a previous version. why do you think win 2k is denoted as NT5? XP is simply win2k with better support for stuff and reverse compatability.from Win3 to win ME it was just a GUI on top of DOS, in NT they changed it. now its like how it is. That I feel is the reason why they dont "stay with the same thing" And also, Linux is one continuos development. because thats all there is. its one big patch. And it has yet to catch up to MS or even come close for the home user. and Mac, the same holds true here. there is not enough use to warrant a major upgrade. MS has a huge customer base and world wide usage. so they have to keep making new stuff or people will lose interest. For the average user, touchy-feely stuff is big factor in purchase. And windows provides that. Everyone says that MS has all these crappy defaults and low security, you want to know why? Its because its designed to be asy to use anmd very friendly OUT OF THE BOX, is Linux like that? heck no, hell even installing it can be a battle sometimes. Mac? Macintosh is irrelevant in this discussion cause they have propritary hardware so thats apples and oranges.
Here is another big factor why MS doesnt keep updating the same OS, money. If you have developers making freely avaliable updates to an OS that was sold many years ago. how do you make money? Well? you dont. MS has to keep releasing NEW stuff to help pay for all those FREE fixes you get to download that keep your computer safe or stable, or occasionally do the opposite. Thats why Linux is all one thing, not different versions, its open source, its free, no one owns the official rights to the OS so there is no push to make it newer, simply make it work and fix problems and slowly add features. And when MS does release new OS'es its not starting over at all. everything for the most part looks the same in XP then it did in 95, it just works better. the control panel is still there, windows explorer, internet explorer, the start menu, the registry, the screensavers, the basic utilities the configuration, the look and feel is all there. Stability and power and greater support is what has been added. They didnt go and re-write anything. They changed the filesystem, added more hardware support, added stability, improved performance, added in backwards compatability for those that had old games they liked to play or whatever. The point is that windows is supposed to be friendly and easy to use out of the box, security comes next. And that is where IT comes in, thats why we have jobs. reinventing the wheel you say? What exactly did Linux do? more or less copied Unix. Ms and Apple? copied Xerox. DOS? bought from a guy whos name Ive forgotten for 20grand. Now please now that Im not bashing any of these companies, merely using them to back my position.
The reason why MS is targeted is because there is more of it. if want to write a virus, you want it to do the most damage, so you pick the platform that a majority of the people use. Its like the saying "When your at the top, you become the biggest target." And this thread is a perfect example of that.

Oh and btw zachj, on RedHat7.3 /KDE/Konquerer homer is punching REALLY fast

a good example of MS trying to add secure defaults is 2003 server, that thing is quite impressive on default compared to its 2000 counterpart. Anyways [/rant part2] back to Vice City

pik4chu said:

No, only a few times did MS invent something new. and that was when they went for the DOS based OS to the non DOS based. basically what a new OS is, is a HUGE upgrade from a previous version. why do you think win 2k is denoted as NT5? XP is simply win2k with better support for stuff and reverse compatability.from Win3 to win ME it was just a GUI on top of DOS, in NT they changed it. now its like how it is. That I feel is the reason why they dont "stay with the same thing"

Click to expand...

I was just about to say that The only REAL operating systems that MS built were MS-DOS (though even that was "stolen" ), Win9x, and WinNT. (Win9x may require DOS for some of it's operations, but I'm a firm believer that it's more than just a simple shell)

Anybody ever notice how the different versions of MS-DOS were exactly alike except for some additional programs that came with it, and a few extra commands that could be run?

Win9x is the same thing. When Windows 98 was released, didn't it seem awefully similar to Windows 95? Sure there were a few enhancements here and there, but I'm willing to bet that the underlying code wasn't modified too much, and the only real changes were more or less asthetic or simply improvements on what existed. WinME... Well, I don't know what they were thinking with that when they released it, but it's built on the same underlying code as 95 and 98.

WinNT probably is the same thing (I can't say since the only NT based OS I have experience with is XP). The NT codebase probably hasn't significantly changed, instead added utilities and other improvements were added to new releases.


They release "new" OSs to make money. Get the latest and greatest version of their kernel (DOS, 9x, or NT) and get some neato features and hardware support that you can't get just by patching your old version. If they didn't sell their OSs, they wouldn't make any money.
JigPu

THANK GOD SOMEBODY RESPONDED TO MY PLEA IN MY SIG!!!!! That's the first reply I've had, and it's been there for two months! In OSX, he's beating the living he** out of poor little Bart, but in XP, it's just a friendly hair-removal attempt (so Bart won't be smothered . . . loving fathers are nice likee that) . . . Good to know it's not just my PowerBook . . .

Anyway, back on topic:

I think I might have diverged from my point a little in my previous post . . . I realize that Microsoft has revitalized its OS about as frequently as Apple has, so it's not like they're making a "new" OS every two years like some imagine . . . But the change-over from 98 to XP represents a new beginning. The upgrade from 95 to 98 to 98SE to *cough* Me was much the same as the "Panther" and "Jaguar" of modern OSX. But it never added the security that DOS always lacked, which is what an "update" ought to be. If Microsoft starts to simply modify the XP (NT) foundation, instead of adding all kinds of stuff in Longhorn, then they can follow a similar path to Linux.

When I say "reinvent the wheel", I think it can safely be assumed that all OSs are a reinvention of the wheel (in modern times) . . . They all do the same thing, so only one is technically necessary. What I meant is that Microsoft doesn't need to be doing what it's doing with Longhorn. Their time and money would be much better spent by securing XP and adding a new theme (maybe a new Windows App, as well) to justify the upgrade, and selling it for like 120 dollars, instead of 200. They still make plenty of money, but they spend a LOT less, so they're not losing any by retaining their roster of programmers.

And I hate to say it, but you did a pretty good job of disproving yourself . . . :

"everything for the most part looks the same in XP then it did in 95, it just works better. the control panel is still there, windows explorer, internet explorer, the start menu, the registry, the screensavers, the basic utilities the configuration, the look and feel is all there. Stability and power and greater support is what has been added. They didnt go and re-write anything. They changed the filesystem, added more hardware support, added stability, improved performance, added in backwards compatability for those that had old games they liked to play or whatever"

That's a whole lot of stuff to do for not being almost re-written. I agree that they retained a lot of the look and feel and such from previous OSs, but just because NT (2kPro) had most of these features already didn't mean they didn't have to re-write it. They just did it a long time ago, when they made NT . . . Sure, they saved themselves a lot of work by using NT instead of COMPLETELY re-writing their OS, but XP is still a complete departure from 9x . . . it just behaves similarly.

I'm not comparing OSX and Windows and Linux and saying they're all generally accepted. I'm saying they can follow the Linux model.

In regards to maintaining the "touchy feely" bit that the average user requires, I think we can both agree that it's possible to do that and still make a VERY secure system, as evidenced by OSX. It's just as easy to use as XP and, while totally different, easy to use coming from OS9 and earlier. The two are not mutually exclusive, they just take a secure foundation, something that 9x never was, and something that NT can't really be at this point because everyone knows too many of its flaws because it's been around since the mid-90's. I think Microsoft could modify the NT base enough to make it significantly different and secure while not changing anything that people have come to recognize as XP. This, coupled with a new theme, as I've said, would probably easily justify the expense, at least for us. And since the vast majority of PC users never upgrade their OS until they get a new computer, it doesn't much matter what additional frills Microsoft adds, since nobody's going to know about them anyway (since they don't read computer news), much less care about 'em.

When you're on top, you do become the biggest target . . . Look at almost anything, and you'll see it; the auto industry, government, computers, Wall Street, etc.. (I know you said this, so I'm just agreeing here . . . I hate it when people take credit for things that aren't theirs . . . I know this isn't an original idea, but you said it first )

And nobody ever denied that Bill Gates was a (to say the absolute, VERY least) shrewd business man. I admire him a great deal . . . Of course Microsoft would better be labeled an investment firm, but . . . They should split Microsoft into Microsoft the software company, and Microsoft the Investment Firm.

I agree that 2k3 is much more secure after a default install, but that's not targeted at home users . . . it's for people that already know what they're doing . . . Home users would have an absolute fit if they had to configure 2k3 for home use . . . computer would literally ( ) litter the street . . .

Regards

Z

zachj said:

I agree that 2k3 is much more secure after a default install, but that's not targeted at home users . . . it's for people that already know what they're doing . . . Home users would have an absolute fit if they had to configure 2k3 for home use . . . computer would literally ( ) litter the street . . .

Regards

Z

Click to expand...

Yes but its designed for office use, which is qhy its good that the security is a bvit better. Now, XP is for the home, and setting aside the account/password/admin issue, it can be rather secure, it has that simple little firewall that can be enabled. And good system security compared to its great functionality.

As for OSX, I would love the chance to use it more. but a grand or two just to get a Mac is way beyond my budget. So until Intel comes out with its RISC based proc, and makes it avaliable to the public at a decent cost, Ill stay with MS, though Im currently delving into Linux a bit. Since its not too bad once you get used to it. And is still rather functional as a regular worskatation/user machine.

And with that, I think my contribution to this thread has ended.

Macs can be had for much less than two thousand dollars. If you're interested in using OSX more frequently, might I suggest eBay? You can get a pretty cheap Mac that will run OSX (although, most likely, it'll be pretty slow). I got a 350G4 off of eBay . . . It can be upgraded to 1+ GHz if I ever wanted to . . . So if you found you liked it, but wanted more speed, there are plenty of options. If you want new, the cheapest you'll get is an eMac . . .

I personally like OSX, but I can do a lot more "normal" stuff using my PC. The fun I have with my Mac is unix fun, which is "nerdy" fun . . .

It's still fun, though . . .

Z