The Register, which is generally no purveyor of Microsoft fawning, notes the many security improvements in Windows 2003 SP1, among those a perceived attitude change in its documentation that acknowledges security challenges inherent to their platform, and nifty features like the ability to tun off inbound network connections during setup to prevent the latest worms striking before you can run Windows Update.
So what happens if the unthinkable happens and MS manages to fix its security problems? What will th eanti-MS crowd have to bitch about next?
With Win95, they added long filenames (which was a big boasted point for MS opponemtns back in the day), with Win2k, they (largely) fixed stability. And if the security issue gets fixed so that Joe Sixpack can use it safely (unless he does something really stupid via social engineering, which NO OS is immune from), what will be next on the firing squad?
then everyone will bitch microsoft for not giving it away for free :]
there’s always
monopolistic business practices
bloatware
poor interface
not being open source
habitually making it’s own “standards”
not that i am (at the moment) accusing them of any of that (i prefer the interface to kde and osx) but the complaints will be ther
If MS will manage to get Windows secure, it will be a major achievement. The fact remains that it is the most poorly designed OS around. But who cares, we have seen what happened with Video2000/Betamax/VHS. Still to me it is a relief, that compatibility is no issue anymore and there are only advantages to run something like OSX.
Still to me it is a relief, that compatibility is no issue anymore and there are only advantages to run something like OSX.
How do you figure there are no compatibility issues, unless you mean for you personally? If you run Virtual PC, you’re still running Windows, so you haven’t exactly accomplished the entire objective by switching. And even with Virtual PC, there are still apps that don’t run well in it.
As for bloatware pertaining to Windows, granted that it’s not as responsive as BeOS (then again, what is), but it feels snappier to me than all the user friendly Linux distros I’ve tried, and CERTAINLY a helluva lot faster than OSX.
Personally, I use Linux because I like the Free Software Way (TM), and I like the software on it. Less and less I use the security argument to MS’s detriment and to Linux’s advantage, mostly because the topic is debateable and there are no clear cut advantages to Linux if there is a poor user/admin at the helm (except for pre-made viruses/worms/trojans).
I say that Windows should become the operating system of the lay-people, with it taking all the virus and worm beatings that any OS should take, and let Linux be the OS of the more tech-savvie users and servers. With this strategy Windows becomes the target for abuse, both by virus writers and users, and Linux becomes the OS that used by those that know that they should not open email attachments from unknown senders, have a firewall, use virus scan software, not agree to pop-ops that want to install software.
Windows for grandma, Linux for everybody else.
Interesting, that you choose to approach the issue from a kindergarten perspective.
I can’t imagine what goes through someones head whose first reaction to reading an article by someone who has constantly criticised MS for bad security practices and now actually praises MS for finally doing the right thing is:
“What will th eanti-MS crowd have to bitch about next?”
Do you really find this interesting, or in any way important?
Grow up!
For as long as I’ve disliked Microsoft, their security problems, bloatware and incompatibility between versions were truly irritating but one that I could live with. The thing I don’t like with Microsoft and one that I will continue to “bitch” about is Damocles’ Sword hanging over my head.
Each and every move that M$ makes appears to me as just more and more an attempt to lock me into their product. Some are quite understandable given that M$ is a business, but things like paid ads that stretch the truth (putting it mildly) about the virtues of opensource, influencing politicians and policy-makers to put their interest above people, closed protocols that prohibit interaction with non-MS products, etc. are just things that get worse as time goes on.
i just presented a list of common complaints about microsoft in response to the guy above me, i didn’t at all attempt to influence anyone’s views (or even explicitly agree with them) and for the most part if you’re on a site like this a list -sans explanations- shouldn’t change your views. don’t get all hostile man.
as for nameless coward? my name is axel. does that change anything? no, not really you still don’t know me as anything more than a string of text and i could always change (or use) screen names if i wanted to post something else.
Let’s say all these improvements are as good as they sound.
First, most Windows users don’t run Server 2003, so they don’t get the benefits.
Second, 50% of Windows users run 2000 or later and will be without any fixes this year. Their only (Microsoft) choices are pay for upgrades or die on the Internet.
“Windows is a piece of poop. I don’t use nor should anyone else the holes alone in IE that have been there forever are a security risk enough. ”
IE is not windows!! use firefox or Opera!!
try again…!!!
the ability to tun off…
Spelling error!
He did everything short of stand up and yell “I’m mad as hell about Windoze-bashing and I want to start a flamewar!!”
Seeing the Register with a headline of “In praise of Windows
2003 SP1” or any phrase including praise and windows and NOT including downfall, destruction, or doom, ranks right up there with Steve Ballmer showing up at Linux World to do the Monkey Boy dance.
Ok, let’s use one of the links you provide (Secunia) and check the two operating systems I have installed in my computer:
Windows XP Professional:
Microsoft Windows XP Professional with all vendor patches installed and all vendor workarounds applied, is currently affected by one or more Secunia advisories rated Highly critical.
Currently, 22 out of 88 Secunia advisories, is marked as “Unpatched” in the Secunia database.
Suse 9.2:
The Secunia database currently contains 0 Secunia advisories marked as “Unpatched”, which affects SUSE Linux 9.2.
Currently, 0 out of 38 Secunia advisories, is marked as “Unpatched” in the Secunia database.
Yep, it looks like Linux is more insecure…
“Windows is a piece of poop. I don’t use nor should anyone else the holes alone in IE that have been there forever are a security risk enough. ”
IE is not windows!! use firefox or Opera!!
try again…!!!
IE is so tightly intergrated into the M$ OS that IE and Windows are the same beast
Are you saying that your Windows XP Pro is already 0wned by hackers? It must be, with so many vulns unpatched. I feel for you.
>”Yep, it looks like Linux is more insecure… ”
Actually, Linux users are. Trying too hard to convince the world they are doing the right thing.
Linux is leading when it comes to kernel vulnerabilities this year — as well as last year. I have no yet seen a kern vulnerability for XP this year, FreeBSD has had one minor one, and Linux has had about 30.
Yay4u.
since when is turning off an inbound connection a “nifty feature”? to be even more of a moaner, why are there inbound connections turned on by default? i know its a server, but microsoft either must a) be psyhic or b) have some gall to open ports that i may or may not want on my box.
here’s some things that SHOULDN’T be on a server:
Control Panel: Game Controllers
Control Panel: Scanners and Cameras
Internet Explorer
Outlook Express
Paint
Windows Media Player
if i was a middle/high school student or going off to college, i might want those things. if i’m serving data/apps/services in a production environment, those things do not belong (a web browser yes, Internet Explorer, no; scanners, maybe).
IExplorer is Windows as it is part of Windows Explorer and tightly integrated into the core of the OS. If I’m not wrong I think it is actually running in kernel space not user.
Oh well, care factor = 0
“and CERTAINLY a helluva lot faster than OSX”
The usual MS FUD.
I am running Quicksilver 800Mhz,/1GB no speed issues what so ever.
FUD, the only way for MS to survive.
What I mean with compatability is that because of open data-standards, protocols and some backward engenering (samba) there are no problems communicating between different OS’s.
Windows emulating. On the software front, in every area there are better alternatives running apps on OSX.
I read that article and 1 thing scared me: turning off inbound connections. Does that stop all inbound connections, or just connections to bug ridden RPC and SMB services?
I can just see this situation happening:
I upgrade one of hundreds of servers I am in charge of, remotely. The connection goes out because of a ADSL network hangup (thanks Telstra).
I then try to remote desktop, VNC, PCAnywhere, etc back onto the box to complete the installation. Thanks to the SP1 feature of turning off all inbound connections, I am now unable to connect back onto the box.
If this box is in a datacenter, to gain access I’ll either have to organise a visit and pay money, or get a onsite repersentative to reboot the box for me.
If its true that it turns off *all* inbound connections then I dont know what is worse: Microsoft “Fixing” a problem, or them doing nothing about it.
Yes, it is all inbound connections.
You seem to have a lack of understanding that their is a trade-off between security and functionality.
Try installing XP on a fresh box while it’s connected to the inet, it will be so bombarded with attacks that you likely won’t be able to do much of anything.
The default install of XP does not have the patches that are now available installed, and as such, you have all these problems.
MS is trying to fix this problem in 2003, by making you set certain security settings and such before the box can connect up, to help against the same kind of an attack.
I say that Windows should become the operating system of the lay-people, with it taking all the virus and worm beatings that any OS should take, and let Linux be the OS of the more tech-savvie users and servers.
Windows for grandma, Linux for everybody else.
No. You have to split tech-savvie users into two categories:
1)Power users
2)Geeks
Geeks are concerned with the operation of the computer an OS, and like to know how things run behind the scene, but will pretty much run whatever applications you throw at them. They are usually into the political aspect of it all as well. Power users care just enough about the computer and the OS to make it do what they want, while at the same time exploiting just about every bell and whistle in all their applications. They could give two shits about the politics So I propose this:
Windows: For power users
Linux and the BSD’s: For geeks
Macs: For grandma and people with too much money to spend
“and CERTAINLY a helluva lot faster than OSX”<
The usual MS FUD.
I am running Quicksilver 800Mhz,/1GB no speed issues what so ever.
FUD, the only way for MS to survive.
I’m basing this off some personal experience, but mostly an article posted here recently by a Mac person (don’t have the link handy) from anandtech.com, where the guy spent $3,000 on a new Mac and it still ran like ass. Granted, OSX is much better at multi-tasking, but no way in hell its faster than Windows (or even Linux) for day-to-day tasks.
Hot Patching allows customers to apply updates to drivers, DLLs, APIs, or any non-kernel level component of Windows Server 2003 without restarting the server.
It’s done. Period.
I’m not trying to convince anybody to switch to Linux. I’m just pointing that for me, with the stats provided Dr.BooBooGoneby and the operating systems I have installed, Linux is more secure for me than Windows, no more, no less.
Dude, you can say whatever you want but the fact remains, Windows is much more responsive than any KDE or GNOME based linux install on same hardware.
If i don’t use KDE or GNOME then i don’t get rich UI as Windows (even though KDE and GNOME still are quite far from Windows experience).
Other thing i would like to say is that its ok to not like an OS but please don’t be dishonest. You said Windows is bad, its design is bad. I would like you to study the architecture of windows first.
Windows NT is a fully asynchronous kernel from day 1, something which Linux is not till today. Windows has a uniform well-defined IO model. Linux is way behind it.
If you want really fine details, read Mark Russinovich’s talk “A tale of two kernels” online if you can get a free version.
um… windows is the only operating system i know that basically shuts down when you are trying to copy files from one disk to another (cdrom to hd, hd to floppy). and don’t try to get any work done if it thinks the disk is corrupt (even if it isn’t). and run a job in cmd with a lot of output. IO is definitely not windows strong point.
You seem to have a lack of understanding that their is a trade-off between security and functionality.
you seem to have a lack of understanding that you’ve bought into microsoft FUD! i can connect to remote boxes without passwords (not passwords stored in some registry or file, but actually no passwords). when i start my computer, i have 0 (that’s zero, notta) incoming ports open to the outside world (that’s the way it was installed). i can open up all my email attachments without ever worrying about a virus and browse to any site without fear of getting spy/malware.
this isn’t a lack of functionality. this is life in a non-MS world, and its pretty sweet. the tradeoff is when a company has to back peddle because its spent the last 20 years not focusing on security only to have to force it later. for MS users, perhaps security = less functionality. the rest of us started secure and love it.
Yes, the NT kernel may be better designed than the Linux kernel, but so what? Nobody cares. And I really mean nobody. None of the features of NT’s kernel are really exposed to the user in any useful way, and they’re hidden from developers as well. VMS exposed most of the kernel’s functionality to developers in a useful way, and it could do all kinds of stuff that Linux and Unix-oid systems have only managed to do recently, and that Windows still can’t do properly (like clustering, for example). So what advantage does the NT kernel’s theoretical superiority give you? Nothing. Zero. Zip. Nada. Nothing.
As for the GUI… It’s chaotic, distracting, and sometimes painful to use if you’re used to something else. If you’re used to Windows, it’s probably quite tolerable. But I absolutely can’t stand the thing. There’s certainly no warm, fuzzy “experience” that would make me use the thing voluntarily. I feel more like I’m being assaulted. At least Linux DEs are relatively peaceful, multitasking works much better (and no, you can’t say that Windows has good multitasking if you’re using a powerful SMP box), and there aren’t really any unexpected suprises (except if I’m using development versions of stuff, but that would be expected).
The WinXP GUI does respond slightly faster that most Linux systems, but only slightly, and only if you’re using generic VESA drivers on Linux against full hardware accelerated drivers on Windows, and that just wouldn’t be fair. I do not notice any lag whatsoever on my machine using KDE (and it’s not a particularly powerful machine), there’s only minimal lag using GNOME (noticeable, but only if you’re looking for it), and both seem to run much faster than WinXP. That’s probably down to the fact that Explorer is a gigantic pile of garbage though – Windows is just about tolerable if you replace it with something else.
You are basically making your argument solely off personal experience and assumptions.
You are assuming no one cares about the NT kernels design. That is false.
You are saying you can’t stand windows and Linux DE’s are more peaceful. Well, I find both the default XP skin (luna) and most skins shipped with KDE and Gnome to be CRAP. But, switch to a nicer skin (or just classic with windows) and all is good in the world. Except for fonts. Linux font’s rendering still doesn’t hold a candle to windows for readability. This shows especially in gnome where everything is BIGGER. Default font sizes are larger to make up for the poorer rendering, and in turn I find that to be quite annoying. I can change it, but it makes the fonts unreadable to a point when they are smaller. Of course, I have cleartype enabled, so simply throwing Tahoma in linux doesn’t work. As stupid as it sounds, this is a very important thing to me.
As far as responsiveness, my experience is that XP is a little better than all the linux distros I’ve used (with nvidia drivers, not crappy vesa). I shouldn’t have to get into the guts of things just to try and speed thigns up either. And Server 2003 is even more snappy than XP, almost sickengly so.
BUT, I understand others will have different experiences. Which is one of the ultimate decisions in choosing what OS to stick with.
Other thing i would like to say is that its ok to not like an OS but please don’t be dishonest. You said Windows is bad, its design is bad. I would like you to study the architecture of windows first.
Well I did study the architecture, because it is my job, that’s why I don’t want to use it in privat.
um… windows is the only operating system i know that basically shuts down when you are trying to copy files from one disk to another (cdrom to hd, hd to floppy).
If you are having this happen running 2k/XP, something is definitely wrong. I routinely copy around 4GB+ of data with no issues.
You seem to have a lack of understanding that their is a trade-off between security and functionality.
There doesn’t have to be a tradoff – search for an article of mine that was posted a couple of months ago.
i can open up all my email attachments without ever worrying about a virus and browse to any site without fear of getting spy/malware.
So can I. AVG + Thunderbird and Firefox are wonderful things
PS: If you think your OS (whatever OS that is) is immune to viruses, remember what happend to those people on the Titanic who swore it could never sink.
IE is so tightly intergrated into the M$ OS that IE and Windows are the same beast
I have to call BS on this one. While the HTML renderer and libs are still there IE itself is basically not an issue after switching to a different browser.
I started using firefox and set it as my default browser some months ago. I have not directly seen the IE interface or had a single IE related issue since doing this.
Would be very interested how many of the anti-ms posters have actually used server 2003 for any purpose.
I think Windows Server 2003 is a great step in the right direction, since my NT4 days and then going to Windows 2000, i’ve seen things getting better, it just takes time. SP1 for 2k3 is another good step forward.
Also has anyone switched over to Windows XP x64 yet? Though it is called XP it’s using updated 2k3 SP1 code at it’s core.
Windows XP 32bit v5.1
Windows XP 64bit v5.2 Same as Windows 2003
This should make XP x64 just as stable and secure, maybe even more secure then Windows Server 2003 because it’s not doing any server roles and used as a workstation/desktop, it’s attack serfice is smaller.
If I make a new system later this year i’ll be on XP x64.
Dude, you can say whatever you want but the fact remains, Windows is much more responsive than any KDE or GNOME based linux install on same hardware.
If i don’t use KDE or GNOME then i don’t get rich UI as Windows (even though KDE and GNOME still are quite far from Windows experience).
It is obvious from the claim that you have not used much of KDE and Linux. The Windows XP graphical environment is no where near KDE in terms of richness and functionality.
in no particular weight:
‘Currently, 22 out of 88 Secunia advisories, is marked as “Unpatched” in the Secunia database. ”
-learn how to use gpedit — it’s part of the job (oh and its 7 out of 46 this is after all a 2k3 article, and with an astute use of the most important tool in the toolkit 4 of these are trivial to fix)
“IE is not windows!! use firefox or Opera!! ”
–uhm actually to some extent it is, ever used ‘help’?
theoldnewthing has a nice writeup about it. again I recommend learning how to use gpedit and the mmc.
‘”Hot Patching allows customers to apply updates to drivers, DLLs, APIs, or any non-kernel level component of Windows Server 2003 without restarting the server.”
It’s done. Period.’
–wow! (really? –stunned and it works, well?)
‘Dude, you can say whatever you want but the fact remains, Windows is much more responsive than any KDE or GNOME based linux install on same hardware.’
–dude this is about servers! go join the #desktop thread but since you opened this can of worms — I beg to differ — on what? A k6-2 or p3 you’ve carried over since pre-2000!?! -maybe. On any decent kit made in the last two years KDE literally smokes everything under the sun (ooh that could send mixed signals but oh well) –and by the way there is a reason the ati rage xl 8mb chip is a consistent winner in rackmount boxes — we don’t care.
‘um… windows is the only operating system i know that basically shuts down when you are trying to copy files from one disk to another (cdrom to hd, hd to floppy). and don’t try to get any work done if it thinks the disk is corrupt (even if it isn’t). and run a job in cmd with a lot of output. IO is definitely not windows strong point.’
–sing it! That part just sucks arse.
‘If you are having this happen running 2k/XP, something is definitely wrong. I routinely copy around 4GB+ of data with no issues.’
–I move data like crazy in windows using massive _sustained_ disk i/o (4 gigs har har har, puny mate) and I’m glad your having no issues, but I’ve been selectively replacing windows boxes throughout the network. I’ve had nothing but grief and I work on a _lot_ of computers. Go SCSI!
I sincerely think that MS is very close to getting their ducks in a row. And these enterprise pretenders are going to have to get a clue fast, because ‘just works’ will be something that can be said of MS unlike some enterprise pretenders.
Depending on how your company infrastructure is allocated, MS licensing 6.0 is potentially _dirt_cheap_ with a run of the mill mcse and some junior technicians (think, with my worst Trump impression, ‘You’re Fired!’).
Later
I move data like crazy in windows using massive _sustained_ disk i/o (4 gigs har har har, puny mate) and I’m glad your having no issues, but I’ve been selectively replacing windows boxes throughout the network. I’ve had nothing but grief and I work on a _lot_ of computers. Go SCSI!
Ever think that maybe it’s.. the hardware?!
Jaki jest prawidłowy uniwersalny klucz do Windowsa z tematu