The code for release candidate 2 finally looks like a real release candidate. And sure enough, it will help you big-time with security. But what sorts of headaches will the eventual final version mean for IT shops? InformationWeek takes it piece by piece.
Evaluating Windows XP Service Pack 2 RC2
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
as i only have it running in a virtual machine in vpc now.
i patch my home machines completely and thoroughly. i keep the newest ati and nvidia drivers on my rigs. i strickly follow all security best practices and run the appropriate apps.
i learned about services and background apps and keep the machine running like a well tuned Porsche.
see http://www.blackviper.com/WinXP/servicecfg.htm for good info on xp home or pro services
My machines are as fast and as responsive as new machines I install for clients. They take a moment longer to boot since a third party firewall and antivirus are installed.
Patches aren’t released just for fun. But if you know what you are doing and you are using a good firewall, then one can debate over not installing patches. Otherwise…
I was wondering how long it would take for this to happen, and it looks like we have a new record! Sometimes I really wonder if its really worth the time to develop certain anti piracy measures. I can understand using a serial number and stuff. However, this product activation and key checking on the service packs doesnt seem to be working. Even as a legit owner of Windows XP and Office, I still am against activation. I even fixed my Office installation so I never had to register with Microsoft. Now if there is one thing that would move me away from Windows it would be the activation. I like to avoid products with this so called feature as much as I can unless I have a way of cracking it.
I do not agree – product activation is doing EXACTLY what Microsoft thought it would – preventing casual pirating. There will always be the fringe element out there with the smarts to figure out how to crack just about anything, but these are a small percentage of users. The majority of users will not (either by choice or more likely due to a lack of technical skill) go out and find key generators or hacks to the OS to get around it. Product activation isn’t perfect and Microsoft knows this.
well your smart, lets not patch a machine oh no i wonder why my pc keeps shutting down every 60seconds, oh a worm, hmm i wonder how i can stop this…
also your idea Service Packs slow down pc’s thats well crap, i have installed SP2-rc2 and my XP box runs alot faster than it did with SP1, and Activation as someone said earlier is to stop casual copying, like friends at school going oh i got XP Pro want a copy? most kids at school arent going to sit for hours sifting through supposed “KeyGen’s” to crack XP.
when that keygen installs a rootkit on your PC.
downloading and running illegal applications that you have acquired from the darkest corners of the internet is one of the surest ways to render your machine a gift to some malicious hacker bent on using your property for their next DOS attack.
well , i just tried it a few hours ago…
first thing i looked for was anti virus .. but it only mentioned my already installed norton antivirus. ( i though there was a MS anti virus built in )
in windows xp , i use a administrator account , but i do most things in an limited account.
so , in the administrator account i set up the firewall , and removed all exceptions on it.
on my limited account , i loaded trillian , and a box appeared saying : ” this app has been blocked , contact your computer administrator to unblock it ” ( or something like it ). funny thing is that trillian continued loading and connection to everything and working fine … i just said ok… and back to linux
other than firewall and antivirus ( security control center ) , i didnt see nothing new. ( i didnt test it very much , one , two hours maybe )
“ownloading and running illegal applications that you have acquired from the darkest corners of the internet is one of the surest ways to render your machine a gift to some malicious hacker
Very untrue Statement Bro, go back to Linux, you Troller.
”
he said illegal apps can cause problems. whats that go to do with linux?. keep this relevant
Sorry the linux comment was directed towards “Iori Yagami”
… i just said ok… and back to linux
I mean why do people have to give such a bad rap towards things, I mean nothing is perfect.
If it is full of security holes, and there is nothing to do but complain, well guess what, if you have such a problem as far as security is concern, perhaps they need to take a course in security, because last time i checked you can buy hardware firewalls (Dlink DI-604) that will protect you around the clock, and as far as Virus’. And get a Anti-vrius scanner, AVG (www.grisoft.com) has a free one .. Perhaps not as good, or best in the world, but it works.
And about Sp2 Crack, Keep in mind, You get what you pay for, that goes for illegal software as well.
😉
“I mean why do people have to give such a bad rap towards things, I mean nothing is perfect. ”
sure , true , nothing is perfect … then you have to make an option available to anyone who can fix it .
i was just testing it … i am not a window user.
but i found that , there was no anti virus …. and the firewall wasnt working … back to linux ( is there something you didnt understand ?!??? )
“And about Sp2 Crack, Keep in mind, You get what you pay for, that goes for illegal software as well.”
er … what crack ?? heheh didnt use any crack
i have a friend , whose mother bought him windows xp ( she doesnt know a thing about computers ) and he could nt install it lol … he had to CRACK THE REALL THING to use it lol !
And not all cracks are going to install malicious content on your machine. No more than opening a stupid spam email or going to a web site. Some people don’t agree with MS policy, does it mean they are pirates, no. Just that they don’t want pc calling redmond whenever they do a hardware upgrade.
there is a simple strategy keeping your windows quite secure.
on my own I use:
– a firewall (kerio personal)
– a antivirus (bitdefender)
firewall: kerio seems to be very good (sure, others will do the same) and it is free. ok, keep in mind, if your firewall asks you, if it should allow the connection to your local “lsass.exe” or similar, you should do the right thing of course.
antivirus: keep an eye on magazines with fullversions of antivirus. in germany the well known c’t had bitdefender related to the security articles. (bitdefender was also tested very good)
– well, and as you surely know: don’t us outlook or internet explorer (except for windowsupdate)
firefox or the mozilla suite are very good browser alternatives
ok, for emails I admit: Mozilla (or Firefox) is not a good alternative related to group functions and with lacking pim functionality, but besides this his function as email client does it very well and synchronizes also without problems palmpilots etc. (sadly there is no ximain evolution for windows)
pegasus could be also a good alternative, but I didn’t use it extensively and I don’t know what it can.
I have not mentioned opera and eudora as possible alternatives as their free versions show advertisements.
That’s it! Not running every file from your friends or family, but testing it before executing will keep your pc very clean.
I used windows for 7 years (yes, used, I switched to linux 5 months ago). In this time I found several viruses with scanners in downloaded files or in emails, but my pc almost never got infected (well, almost is this 1% to keep your honor, if perhaps one time it was really infected without having noticed
) )
well, I hope my bad english is understandable
)
“when that keygen installs a rootkit on your PC.
downloading and running illegal applications that you have acquired from the darkest corners of the internet is one of the surest ways to render your machine a gift to some malicious hacker bent on using your property for their next DOS attack.”
I definitely agree. There are lot of current windows trojans that AV have trouble detecting and they can cirumvent software firewall, and “lanfiltrate” (using SIN or dyndns) past routers and hardware firewalls. If it can’t circumvent AV and software FW, it will just process kill them. The days of old school threats like Sub7 are long over. Modern trojans reverse connect, not forward connect. I’ve done some testing and found Trojan Defense Suite to be one of the better tools. It is pretty much the best I’ve used, but TrojanHunter and Tauscan appear to work too. TDS 3 was the only one to detect Optix Pro packed. Had I customized it a bit and packed/hexed it, I doubt TDS 3 would have found it.
Adding to threat are that some modern trojans have “one click” infection of all kazaa binaries. (I’m sure they’ll add generic P2P lists in private and subsequent public versions.)
Downloading binaries indiscriminately is much like finding food on the sidewalk and eating it.
If it is full of security holes, and there is nothing to do but complain, well guess what, if you have such a problem as far as security is concern, perhaps they need to take a course in security,
Just disabling unused services is a good rule. Whether linux or windows. Disable the services, then add firewalling rulesets and AV. Linux uses chkrootkit, tripwire, and iptables; windows uses AVG, Outpost but it’s still the same principle. It’s called “defense in depth” if you must have a reference to security courses. What it practically means is you still have extra layers if something ps kills your firewall. Or if one box on your LAN falls, perhaps you avoid the domino effect.
because last time i checked you can buy hardware firewalls (Dlink DI-604) that will protect you around the clock,
Consumer grade linksys are typically filtering blocking inbound traffic other than that which is port forwarded. SPI (stateful packet inspection) helps a bit over NAPT alone. But still, a software firewall can often regulate outbound traffic. Spyware, modern trojans, etc all connect from the inside out, that is the inner boxes send the initial SYN of the TCP segment. For real checking of inbound and outbound traffic you need an IDS ala RealSecure, a FW ala Checkpoint FW 1, or an application layer proxy. Some personal firewalls/IDS like BlackIce perform inspections of known protocols, and some scannning is done at the upper OSI layers. It helps I believe compared to simple inbound filtering like my older Neowatch personal firewall.
and as far as Virus’. And get a Anti-vrius scanner, AVG (www.grisoft.com) has a free one .. Perhaps not as good, or best in the world, but it works.
AVG and NAV are ok, but IMHO are not very good at trojan detection.
It really depends on whether you download hack tools and P2P binaries, or only stuff from trusted sources.
I *HEART* OS-news debates
good god, the linux vs. windows debate is the lame.
in this room there are two computers. one runs linux (mine) and the other runs XP (wife’s). hers suits her needs better, mine suits mine better.
if i run into someone interested in computers and i think they have a need for a linux box, i recommend linux. if i think they have a need for a microsoft product, then i recommend that to them. if they have a mac, then i’m jealous of their money.
anyway, sorry for the outburst… but i’m reading a thread about and XP service pack and it degenerates into linux vs. windows crap and i want to smack my head against the wall.
alright… please carry on. ignore me. the whiskey just hit me.
So far it seems SP2 would be rather useless to me.
The added security features. Its nice to see MS add something like this in, no doubt. But I use Norton Personal Firewall and AntiVirus 2004 (which according to the article isnt detected properly by MS’s security center).
As for IE, again, looking good, but I have used firefox since it was phoenix, and its always been ahead of IE. Sure, I’ll give it a shot, but I don’t think it will beat out firefox.
Automatic updates again, are a nice addition, but I already get them via the automatic updater.
I don’t benefit here, at least for me. Maybe the fixes that are included, but it seems it may be more of a headache than helpful, at least in my situation, just an opinion though.
>> pete: I don’t benefit here, at least for me. Maybe the fixes that are included, but it seems it may be more of a headache than helpful, at least in my situation, just an opinion though.
That’s probably correct, but geeks will most likely see some benefit from the decrease in internet activity that will follow from having millions of naive consumers’ PCs protected with at least a rudimentary firewall and mandatory updates.
Just remember,the only people here who seriously recommend that you leave Windows unpatched are either complete retards, or they want you to be insecure.
Damned script kiddies think they’re badassed hackers.
What about those whose apps will not work with SP2 and don’t want to spend money to change the code?
On the other hand, those must be the retards you were talking about. :o)
I use Windows, but it is getting tiring to see each Linux distro and annual Apple OSX upgrade come up with new and better ways, nay, revolutionary–of computing, while we get a huge bug fix with basic security features in 3 years.
I’m sorry–and I am not flaming here–but how can MS say they really innovate anymore? Yeah, they should have a slower release cycle, but this is pathetic.
Apple is going to beat them to the punch on search–a feature MS hinted won’t fully be in Longhorn so they can make 2006–and the rest of Longhorn looks like v.1 of a GUI update. Yeah, I know there is a lot of exciting things under the covers, but it’s no expose.
It’s just kinda depressing. Maybe I should switch at home to MacOS or Linux and join the fun.
I use Windows, but it is getting tiring to see each Linux distro and annual Apple OSX upgrade come up with new and better ways, nay, revolutionary–of computing, while we get a huge bug fix with basic security features in 3 years.
Revolutionary ? I wouldn’t call anything that’s been introduced in OS X or the various Linux distros “revolutionary”. About the closest thing to “revolutionary” would be Expose.
Most of those yearly updates are addressing things like performance or basic features, or are incremental improvements.
Simple fact is both Linux distros and OS X have had further to go in recent times than Windows. OS X in terms of stability, performance (especially performance) and feature refinement and Linux distros mainly in terms of UI.
I’m sorry–and I am not flaming here–but how can MS say they really innovate anymore?
No-one can say they “innovate”, in the literal dictionary meaning of the word. Everything Apple, “Linux” and Microsoft are doing evolutionary steps.
There’s not much more that needs to be done with Windows’ internals, and UI improvements are _extremely_ difficult to develop from scratch and need to underfo extensive testing. They’re releasing slower because the only things that really need doing take so bloody long.
I have an athlon 64, and have been waiting for the Data execution portion of Windows to come out. This is to prevent some common exploits at the hardware level. Well, it is turned on by default. I have one gripe w/ it… It wont let me install Zone alarm, the problem though isnt that it wont let me install it, but rather, it just blue screens all the time, so I have been using windows firewall, which shouldn’t be too bad.
Or OSnews mods it seems