Linked by Thom Holwerda on Tue 25th Sep 2012 22:40 UTC, submitted by Anonymous Coward
Windows NeoSmart Technologies has released a new version of EasyBCD, the free bootloader editor for Windows which supports Windows 8, the latest GRUB2 distributions, EFI machines, and comes with all-new support for 13 different languages. If you have a Windows-based multiboot machine, you really need EasyBCD. It's a fantastic application.
Order by: Score:
Good link
by benali72 on Tue 25th Sep 2012 23:30 UTC
benali72
Member since:
2008-05-03

On the one hand, thanks for a great link. Never heard of this app before and it's a great one. On the other hand, I really don't like controlling my computer through Windows. I'd rather put up with GRUB2 than Windows malware/security issues.

Reply Score: 4

RE: Good link
by moondevil on Wed 26th Sep 2012 09:17 UTC in reply to "Good link"
moondevil Member since:
2005-07-08

Sure, because we know all other operating systems are security perfect.

Reply Score: 3

RE[2]: Good link
by Neolander on Wed 26th Sep 2012 14:19 UTC in reply to "RE: Good link"
Neolander Member since:
2010-03-08

Let's put it this way : while technical merits can be debated in much details, a much simpler observation to make is that Windows powers more than 90% of the world's desktops and laptops.

If some piece of software has such a large market share, unless it is built with supernatural attention to security concerns, it will always be broken by crackers at a much faster rate than flaws are fixed, and therefore should not be used by people who are worried about the security of their computers.

Can we agree on that ?

Edited 2012-09-26 14:21 UTC

Reply Score: 3

RE[3]: Good link
by moondevil on Wed 26th Sep 2012 17:07 UTC in reply to "RE[2]: Good link"
moondevil Member since:
2005-07-08

Yes, we can.

But this only makes the other platforms, ignored platforms, not more secure.

See what is happening to Mac OS X, now that it has a user base big enough to attract attention.

Or how easy it is to hack certain Android mobile phones.

And let's not forget if the operating system does not make use of proper sandboxing, an owned process will have all the rights as the user account it runs under.

This is enough to make your "My Documents", $HOME, /Users/username visible to the world.

We will only get more secure OS, when the mainstream OS finally adopt microkernel architectures, with enforced sandboxing for all applications.

Additionally moving away from C to more strong typed languages without buffer overflows by design, would help reducing the amount of attack vectors.

Of course, once you car manipulate assembly, the language used to compile the code does not matter that much. So my last remark can be compensated by making static analysis tools part of the standard compiler toolchain.

Reply Score: 3

RE[4]: Good link
by Neolander on Wed 26th Sep 2012 20:14 UTC in reply to "RE[3]: Good link"
Neolander Member since:
2010-03-08

And there it is my turn to fully agree with you.

In my pessimistic opinion, no current OS should be considered to be truly secure. There only are those that attract cracker attention, and those that don't.

Mobile OSs do attempt to take some steps toward a proper security infrastructure (think Android's permission system), but implementation is often so piss-poor that users still have to blindly rely on some godlike sysadmin's opinion about what is secure and what isn't. Which is some truly awful denaturation of what the personal computing concept is supposed to stand for.

Edited 2012-09-26 20:17 UTC

Reply Score: 2

RE[5]: Good link
by moondevil on Thu 27th Sep 2012 06:34 UTC in reply to "RE[4]: Good link"
moondevil Member since:
2005-07-08

This is why I am following how Mac OS X sandbox model, or WinRT picks up in the mainstream OSs.

We already have capabilities in BSD, AppArmor and SELinux in GNU/Linux, but few take advantage of it.

It is also nice to see Minix3 picking up speed, and Hurd still progress, although very slowly.

All these sandboxing mechanisms can probably be used for nefarious purposes, by the mainstream OS vendors. On the other hand we really need to improve security beyond the basic user/group model most OS offer.

Reply Score: 2

RE[6]: Good link
by Neolander on Thu 27th Sep 2012 08:45 UTC in reply to "RE[5]: Good link"
Neolander Member since:
2010-03-08

The problem with all these approaches that try to add sandboxing functionality to existing OSs, is that sandboxing is only useful if users and developers are aware of its existence and ready to deal with it.

We have billions of Windows users out there who have been trained for decades to give root access to any "installer" program. How are Microsoft supposed to teach them that they should now be wary of such behaviour and expect a fine-grained description of what the program is up to ? Same thing for all these Mac users that know for sure that "If that Flash installer from abodeflashdownload.com wants to make changes to my computer and displays a window with a lock on it, I should sure give it my password !"

And then you have Fedora and iOS, which completely fail to understand what sandboxing is about and hide its existence away from users altogether...

Because of this legacy user problem, it seems to me that sandboxing can only be successfully implemented in new OSs or incompatible and rebranded forks of existing OSs. It is also just too bad that all too often, OS manufacturers also use it to force some locked-down "application store" down user's throat, making a bad name of an otherwise perfectly fine technology among expert users.

Reply Score: 2

RE[7]: Good link
by darknexus on Thu 27th Sep 2012 09:02 UTC in reply to "RE[6]: Good link"
darknexus Member since:
2008-07-15

The problem with all these approaches that try to add sandboxing functionality to existing OSs, is that sandboxing is only useful if users and developers are aware of its existence and ready to deal with it.

Even then, it won't be effective. No matter how tightly you sandbox something, you're eventually going to have to give it permission to access something. Whether it's a wordprocessor that you need to let access your documents folders (both local and remote) or a VOIP application that a user wants running on start-up, you will have to give it permission to access something outside of its own resources unless you want to end up like the Apple app stores. That approach works to an extent, but forces a massive inconvenience on more knowledgeable users. Not only do we not have access to the filesystem (which I could live with if I had to) but we can't send a file across to another application. Say I have an audio project which I'm recording. I then want to send portions of it over to an audio editor rather than a multi-track recorder program… oops, can't do that with iOS.
The long and short of it is that you will never have a perfect security mechanism. It doesn't matter how well you sandbox. When users are involved, you cannot prevent them from doing something stupid. It's rather like various systems of government in that respect: they look great on paper, but then you get people involved and somehow it never turns out as expected.
I think the best approach would be iOS-style sandboxing (notice I did not say having a locked down app store) but you need to allow either filesystem access or the ability to otherwise share data between applications. The instant you do that, you've essentially broken your sandbox. You have no choice however, if you want a fully-functional, productive environment. A balance between security and usability is, I think, the best we can ever hope for.

Reply Score: 2

RE: Good link
by darknexus on Wed 26th Sep 2012 14:09 UTC in reply to "Good link"
darknexus Member since:
2008-07-15

On the other hand, I really don't like controlling my computer through Windows. I'd rather put up with GRUB2 than Windows malware/security issues.

Do you Linux people seriously need to keep trolling every windows thread? Neither os is perfect where security is concerned, that's all there is to it. Isn't this getting a bit ridiculous?

Reply Score: 3

RE[2]: Good link
by ilovebeer on Wed 26th Sep 2012 16:24 UTC in reply to "RE: Good link"
ilovebeer Member since:
2011-08-08

On the other hand, I really don't like controlling my computer through Windows. I'd rather put up with GRUB2 than Windows malware/security issues.
Do you Linux people seriously need to keep trolling every windows thread? Neither os is perfect where security is concerned, that's all there is to it. Isn't this getting a bit ridiculous?

A lot of linux users are too pained by the fact that we aren't in the Windows 95 era anymore. They're too pained by the fact that Windows 7 is a great desktop OS with enormous improvements in stability and security since the Windows 95 era. And lastly, they're very bitter that the linux desktop is still a joke and never took over the world like it has `been about to do` since, well, forever in their minds.

I'm a daily linux user myself -- have been for over a decade now -- and I'm constantly annoyed by those lamers too.

Reply Score: 3

Excellent
by WorknMan on Wed 26th Sep 2012 01:20 UTC
WorknMan
Member since:
2005-11-13

MS changed how dual boot works starting with Vista, and I had no idea how to configure the Windows boot menu. Then I found out about Easy BCD, and have been happily using it ever since. I still don't know how to configure the boot menu without this tool ;)

Reply Score: 2

RE: Excellent
by Heard on Wed 26th Sep 2012 08:09 UTC in reply to "Excellent"
Heard Member since:
2009-12-24

There is a command line tool named "bcdedit" shipped with Windows. ;-)

Reply Score: 3

The name says it all
by jefro on Wed 26th Sep 2012 16:57 UTC
jefro
Member since:
2007-04-13

MS ought to buy the company. EasyBCD is maybe one of the best ways to manage boot options in newer bcd booted systems.

Reply Score: 2

RE: The name says it all
by darknexus on Wed 26th Sep 2012 18:59 UTC in reply to "The name says it all"
darknexus Member since:
2008-07-15

MS ought to buy the company.

Let's hope not, else we'd see this little gem essentially shoved to the side with no further work done on it. MS has too many side projects already, unfortunately.

Reply Score: 2