WinXP

[jaguar]

Tony i just read your post on the M$ firewall issue (good work it seems the max ever online has just doubled around the same time too) - this is the latest "less is more" WinXP issue - is *anyone* here planning on getting this 'upgrade'? You can't burn, rip, use competing software or play many games properly - how arrogant can they get?????

[elSicomoro]

Could someone explain to me just how "great" of an upgrade this is supposed to be? I mean, Windows95 was THE overhaul. I've used Win98 and use Win2K at work now...and they don't seem like they're THAT much of a step up from 95 (although I'm sure there are some technical aspects that many of you would know better than me).

[jaguar]

95 was half win3.1 code and crached every 10 minutes, same iwth 98, 2k is baed on NT kernel and i have to admit - im' pretty dman god, its never crashed on me, it runs everything, i like it. On the other hadn it still does some unlikeable and aodd stuff (aparantly i have a clsoed IRC server running thanks to 2k...ok then.....)

[Undertoad]

Without question, avoid the upgrade at least until ALL of the implications are obvious. If you can get done everything you need to get done, there's not a reason to upgrade. Modern MS upgrades are as much for their benefit as for yours. In this case it's particularly true.

Microsoft is actually in the process of getting out of the operating systems business. Instead, they want to be the checkout counter and intellectual property cops for all future content. Their approach will be to embrace and extend the very protocols that run the Internet. XP is the first step to doing so.

One pundit said today that XP's intentionally insecure TCP stack -- which some analysts have said is going to be a bigger and badder security problem than any Outlook virus -- is part of the MS strategy to implement their own protocols by making them necessary. Scary shit.

And when you own the road, you say who drives what, where, and what the tolls are.

The computer business, internet business, etc. is not going to be much fun by 2008, I'm afraid. Either that or the next revolution will come along to sweep us off our feet and change all the rules again. Man, I hope that happens.

But that's just my opinion, I could be wrong.

[jaguar]

Spot on tony, and hell yes its dman scary, ill get a msft passport/mark of the devil over my dead body. On a side note i jsut had a look though the deafult services under win2k...one for REMOTE REGISTERY MODIFICATION!?!?!?!?!

I think iwth the stack in XP they have actally followed the standard, but goddamn all msft stuff is insecure as al hell, thats why i have a linux firewall.

[mbpark]

If it wasn't "spyware", it'd be a heck of an OS.

Jaguar, Remote Registry Modification has been a registry key in NT since version 3.1. The reason it's in there is so that one machine can roll out installs via a system management program to multiple boxes, and one master can change the registry on 300 systems. NT/2000 is designed for corporate networks. If ships with Remote Registry disabled, I believe, in 2000. At the least, I've had to enable it here on some of our machines .

It's stable, doesn't crash on me with Office XP or my other apps (I am running RC1 on a Thinkpad 770X with 128MB RAM). It won't play back my DVD's, but that's a known issue with Digital Rights Management and my DVD-ROM drive.

The new GUI can be switched off (yay!). It's a really good OS. Other than the following characteristics:

1. There is a Microsoft Support account in there with LocalSystem privs. This means that Microsoft already has access. No, it cannot be disabled.

2. This is a truly multi-user OS, with Terminal Services being embedded in at every OS level. This is a first for MS. This also means that MS can log in and do stuff without you knowing, if they so chose.

3. Yes, you have to register XP. If you run Windows Update, it checks on you as well. However, keep in mind that 90% of all copies of MS OS'es are pirated or copies. They want their money. They are actually losing money on the consumer side of the applications. They want to make money. Why do you think WinMe was such a POS? If I were in some sort of management position there, I'd not want to invest money in something that 90% of all people were going to copy, and that was losing money.

3a. Any net admin who really knows what they are doing can set their Cisco firewall to block incoming from Microsoft on certain ports, like ours .

3b. Disabling the Internal Microsoft Security account will take some registry hacking as well. At the least, you can shut it out of your hard drive access using general NT security. One of the advantages of 2000 is that you can even shut LocalSystem out of hard drive access.

Microsoft makes their billions selling licenses to the Fortune 500 for Office, and the 2000 family of products, including Exchange Server, 2000 Server/Advanced Server/Datacenter Server, SQL Server, and Host Integration Server 2000. They have 9-figure contracts with several large companies, most notably ExxonMobil, Wal-Mart, Ford, GM, and the major pharmas (who are well-documented for throwing money away regardless to Sun as well). Piracy isn't as rampant here because less people use the products, and large corporations have nasty policies in place to curb it (not that it isn't totally rampant at most corporations in some places anyway).

Many large software manufacturers have been using registration for years, most notably Computer Associates with ArcServe and their other products, Adobe with their very high-end software, Mercury Interactive LoadRunner, the new Embarcadero ERStudio, ERWin, Rational's Entire Product Line, and the Compuware products. Maya from Alias/Wavefront has a dongle as well I believe.

Most engineering/CAD programs have been using hardware dongles for YEARS.

<B>People are just pissed off because they have to pay for software now. </B>

Microsoft is doing EXACTLY what many other software companies have been doing and have not been crucified for. Just because it's Microsoft, people are going nuts. If this is so bad, why didn't they hold congressional hearings for CA, Autodesk, Rational, and Alias/Wavefront as well? Why not drag SCO/Caldera, QNX, or Verisign up as well?

I especially like how the "privacy advocates" wrap everything up as an invasion of privacy. "Internet Privacy" doesn't mean "get free stuff". Unfortunately, most of the Slashdot-heads mistake "privacy" for "way to hide getting stuff for free".

There's a difference between privacy and outright piracy. The difference is that if you don't pirate and are judicious in what you do on the Internet, you usually get left alone. Fortunately Napster couldn't hide behind privacy.

Unfortunately in the US, when you buy anything with any amount of IP in it, be it music, software, or movies, you're buying a single-user single-copy license. Read the EULA for any piece of media you buy. The US is run by lawyers who collect lots of money for violations of your EULA.

Windows XP is only making people more aware of the nasty legal issues that surround any IP in the USA. This has been going on for many years, and Microsoft uses less strong-armed tactics than Computer Associates, Rational, Autodesk, or Adobe are famous for.

XP's good. It's actually the best OS Microsoft has put out yet. It's got support for 99% of all hardware ever made, including the 8-bit ISA Microsoft Bus Mouse. However, I see more people running 2000 and Linux out of this. Finally the rest of you see what software companies do to protect their investment.

As a software developer whose money comes from selling software products, I can't say I disagree with MS for protecting their rights. The company I work for would do exactly the same thing, if not more harsh and nasty. When you sell software products, you look at the world a lot differently.

[mbpark]

Here it is in a nutshell:

XP implements Raw Sockets. Linux, BSD, and even BeOS have this ability. Win9x and WinMe did not have it enabled.

NT4.0 and 2000 do have it enabled.

Essentially, if lets you spoof packets. This is how a lot of the DOS attacks were done. Combining MS's lax application security with Raw Sockets is a BAD thing. This means that the new generation of Outlook Express email viruses will outright start DOS attacks when combined with DSL or Cable Modem. This is an incredibly bad thing.

As much as people pooh-pooh this, they won't when 50% of the Win2000/XP boxen on DSL and Cable connections start DOS'ing CNN.com, Amazon, eBay, and Slashdot .

Geez. If someone wanted to spoof a lot of packets, there are a very large amount of unpatched Red Hat Linux boxes on the net as well with loads of BIND, Sendmail, Apache, and telnetd exploits .

The potential for this, however, can be mitigated by the following:

1. ISP's actually checking packets coming from each MAC address for proper IP addresses. Tony, can this be done practically? I know that even cable modems have a MAC address, and I know how to filter this under a Cisco or Linux box. It would take some big-ass iron to do this practically, but it can be done. You know it as the CheckPoint firewall .

2. Microsoft turning off the massive gaping security holes they have in their products. The XP firewall is a good start, however no firewall protects against Outlook Express . Outlook 2000 SP1 and XP don't allow executable content in e-mail if you specify it, and I have all executable content turned off. Outlook Express is the big issue, since it has zero security.

3. Microsoft scrapping Outlook Express

The real issue here is the fact that Raw Sockets, which have been on any OS doing TCP/IP EXCEPT Win9x for years, have been combined with Outlook Express, IIS, and all the other nasty security bugs in MS Applications. This is potential for a massive amount of DOS attacks!

I can see a whole new large amount of attacks happening because of the millions of users on broadband who will be running 2000/XP. You've not seen anything yet with DOS and distributed cracking attacks.

[jaguar]

Its not so much paying for QUALITY software i mind but renting.
If i bought officeXP, i'd have it for a year, then'd i'd have to pay again - fuck. off. Its liek music cds only working for a nothing, its stupid, they are trying to change a product into a service and i don't think people are going to swallow that. I'm certainly not going to rent office/windows/vis studio while they have bugs, crash, destroy my work, have stupid limitations and watch my every move.

[mbpark]

Hello,

You do not have to rent either of these products.

They are rolling out the rental plan with WinXP, and there will be monthly charges stated

[lisa]

Quote:

Originally posted by mbpark
It's a really good OS. Other than the following characteristics:

1. There is a Microsoft Support account in there with LocalSystem privs. This means that Microsoft already has access. No, it cannot be disabled.

Personally, this is sufficent to me to negate the "It's a really good OS" statement.

Quote:

Microsoft is doing EXACTLY what many other software companies have been doing and have not been crucified for. Just because it's Microsoft, people are going nuts. If this is so bad, why didn't they hold congressional hearings for CA, Autodesk, Rational, and Alias/Wavefront as well? Why not drag SCO/Caldera, QNX, or Verisign up as well?

AFAIK, Microsoft is NOT being investigated or harassed (by the government, anyway) for trying to make people pay for their software, the main complaint has been that they have been using monopolistic power (and they are a monopoly, no reasonable person can deny that) to keep others from entering the market and driving out those who are there.

It's pretty clear that Microsoft has been doing this for quite some time -- way back to the day when they modified Windows 3.1 so that you couldn't run it under DR-DOS. Code was found that clearly served no other purpose than to prevent this and to "force" anyone who wanted to run windows to use MS-DOS and not DR-DOS.

Quote:

As a software developer whose money comes from selling software products, I can't say I disagree with MS for protecting their rights. The company I work for would do exactly the same thing, if not more harsh and nasty. When you sell software products, you look at the world a lot differently.

True, but apparently not always the same way you do. The ends do not always justify the means. Most computers sold are sold with a registered, legitimate, copy of windows on them -- whether you want it or not (if I wanted to go through the trouble, I could quickly find legitimate, unused copies to give to at least 10,000 people who want to legitimize themselves -- many more if I felt a need to). I don't know the real numbers (I doubt that anyone does) but I think that most computers running windows have a legitimate copy of windows -- they may have illegitimate upgrades, but if the upgrade prices were reasonable, I doubt that would be much of an issue either.

I doubt that many people disagree that Microsoft has a right to collect a reasonable price (directly or indirectly) from people running their software. What many of us disagree with is the means that they subject ALL users of their software to in order to catch those who use it illegimately. Add to that the fact that many of us have paid for their software who don't use or it want it.

If Microsoft were a government entity, I'd say they were damn close to (if not already over) crossing the line of the consitutional protection against "illegal search and seizure" of the many to try to catch the few. (But they're not, so this isn't a constitutional issue)

My choice is to avoid the whole problem and just use Linux. Others feel that it's better to fight these issues and stick with MS products. To each his/her own.

And, BTW, I also make my living selling software.

[russotto]

Quote:

Originally posted by mbpark
If it wasn't "spyware", it'd be a heck of an OS.

The new GUI can be switched off (yay!). It's a really good OS. Other than the following characteristics:


1. There is a Microsoft Support account in there with LocalSystem privs. This means that Microsoft already has access. No, it cannot be disabled.

And aside from that, Mrs. Lincoln...

Quote:

<B>People are just pissed off because they have to pay for software now. </B>

Microsoft is doing EXACTLY what many other software companies have been doing and have not been crucified for. Just because it's Microsoft, people are going nuts. If this is so bad, why didn't they hold congressional hearings for CA, Autodesk, Rational, and Alias/Wavefront as well? Why not drag SCO/Caldera, QNX, or Verisign up as well?

All the license schemes I know of which require contacting the manufacturer are for high-dollar items purchased mainly by corporations who have people to take care of such things. Putting even uglier security on a consumer product (note that corporate licensees don't have to deal with this activation crap) is ridiculous.

Quote:

I especially like how the "privacy advocates" wrap everything up as an invasion of privacy. "Internet Privacy" doesn't mean "get free stuff". Unfortunately, most of the Slashdot-heads mistake "privacy" for "way to hide getting stuff for free".

Aha, it's the old "if you have nothing to hide you don't need privacy" argument. Privacy includes "way to hide getting stuff for free" as a side effect. If Microsoft can't see what's on my computer, they can't see all the pirated copies of Microsoft BOB I have there. There isn't any way they can be assured I don't have pirated software without violating my privacy.

Quote:

Unfortunately in the US, when you buy anything with any amount of IP in it, be it music, software, or movies, you're buying a single-user single-copy license. Read the EULA for any piece of media you buy. The US is run by lawyers who collect lots of money for violations of your EULA.

The EULA for shrink-wrapped software is pretty much unenforcable; it would take UCITA to give it strength and only Maryland and Virginia have passed that law. The courts have ruled that the sale of software, EULA or not, is a sale for the purposes of the "first sale" doctrine under copyright law.

[mbpark]

I just disabled the two accounts HelpAssistant and SUPPORT_388945a0 (the latter being the registered serial number of my beta of XP Pro, apparently, since it changed between Beta 2 and RC1 which were different installs). I also removed their group membership to HelpServicesGroup (Admin with a different face). I think I'm going to change the passwords as well to something rather nasty . Meanwhile, I know deep down it's hard to truly eliminate them.

What I noticed about the SUPPORT account is that it points directly to Microsoft's own Active Directory server for authentication. Looks like we'll be explicitly blocking LDAP outgoing when this comes in . If there are AD exploits, this is one heck of a way to own MS as well .

However, my nastiest experience with the spyware was with CA ArcServeIT 6.61. I had a server behind two firewalls, with a proxy server that was not specified in the Internet Explorer settings for that machine (which is where the proxy detection comes from). I was doing the upgrade from 6.5 to 6.61 and the installer did the following:
1. Found my proxy server (and this is without it being specified in Proxy Settings on a NATed LAN with the internal IP being a legit one so as to confuse other programs)
2. Sent registration info to CA.
3. Sent complete system information to CA.

I was just shocked as heck that it managed to find it all, and within 5 seconds of installation was on the net doing that. I put the Proxy in so that I could at least have some control over this, but I learned that day it was a bad idea.

I know for a fact that all CA products, Veritas, Rational Rose, among several others, employ this verification method. I wouldn't be surprised if MS bought it from CA, actually.

However, the Sun products I've worked with don't have that issue. The Sun Developer products I have to call in to get an activation certificate every time we reinstall Solaris on a developer machine.

I'm against them looking at my machine as much as I respect the privacy of others, aka I don't care enough to look at others' machines, and I don't want anyone caring enough to look at mine at all . However, UCITA (which I know is MD and VA) scares the crap out of me for that.

Microsoft's trying to stop the people from selling Windows 2000 Advanced Server for $3 in Moscow and Kuala Lumpur. They're the ones trying to restructure it all so that your machine is no longer yours. Unfortunately, they put the squeeze on the USA. Meanwhile, it's a well-known fact their employees leak beta code out to their friends, and distribute it on the Net. They actually just fired several people for putting full copies of software on a web server for their friends.

I'm just a little po'ed at the fact that there are some people using the privacy movement as an excuse to hide many things that they have stolen. I fully support privacy and my rights to not have goons from Redmond examine my machine for anything they deem objectionable content.

However, there's a difference between privacy for the sake of keeping Redmond out and keeping my business my business and no one else's, and privacy to thumb one's nose at lots of big nasty corporate entities who will do what it takes to make your life hard. It's the equivalent of hiding behind a mother's skirts and pissing off the other kids, IMHO. I care more about keeping my information mine and mine alone, and about my right to not give my bank account info to Microsoft or AOL . This poor excuse of hiding behind the privacy movement has already caused Microsoft and friends to suddenly take notice and start doing what it takes to remove our right to it.

However, as someone who writes software, I reacted rather negatively to the general consensus. I apologize if my meanings got crossed. I, like many other people who make a living writing software, do not like how rampant piracy happens. There's a billion-dollar industry of copylocks that are well-used. I know that we've already started using them on code we write, especially the embedded code. I just thank god we're not in the videogame industry, where the rate's around 95% instead of 90%.

My point about the congressional hearings was due to the fact that several congressmen have expressed extreme interest in Windows XP and have called for hearings about it in an attempt to delay the shipping date. As you can see from above, another company with rather monopolistic tendencies does exactly the same thing (and it's the backup software the US government uses in many installations AFAIK ).

I'm just not installing XP on a real system. Too much hassle. KDE 2.2 is looking nicer every day, and soon all my hardware at home will be supported.

Mitch

[jaguar]

mbpark, i don't knwo about the US, but here officeXP is being advertiesed as a one year licence and that is the system microsoft is trying to roll out, paying for software like cable TV or a phone line. Product to service, its gonna be a royal pain in the ass for home users. Particualry with the anal retentive definition of computer which menas if i remember coreclty if you purchase a new system you need a new copy of winXP. (correct me if i'm wrong on that)

Yes piricy is ripping off legitimate companies right to income for the use of their product. At the same time i pirate nearly all the software i own including games.
BUT i buy copies of any good software i use regualry, including games. THe only exception to this is photoshop coz i just don't have the $.
Its the try before you buy system. Most of my freinds use the same system. Customers don't care how much it takes to make the software, or how long or how in debt you are, only how good it is, and they'll pay for that value, nothing else. Although i am less liekly to pirate software from smaller firms/artists.

The other issue with piracy si that software - for what it is is fucking expenisve. $100 for a game that lasts 2 weeks, no wonder you want to get a priate copy, its jsut not worth it.

Quote:

However, my nastiest experience with the spyware was with CA ArcServeIT 6.61. I had a server behind two firewalls, with a proxy server that was not specified in the Internet Explorer settings for that machine (which is where the proxy detection comes from). I was doing the upgrade from 6.5 to 6.61 and the installer did the following:
1. Found my proxy server (and this is without it being specified in Proxy Settings on a NATed LAN with the internal IP being a legit one so as to confuse other programs)
2. Sent registration info to CA.
3. Sent complete system information to CA.

Quote:

However, there's a difference between privacy for the sake of keeping Redmond out and keeping my business my business and no one else's, and privacy to thumb one's nose at lots of big nasty corporate entities who will do what it takes to make your life hard. It's the equivalent of hiding behind a mother's skirts and pissing off the other kids

How can u say that then say that privicy isin't a good excuse against this. This is stripping away all privicy, how long till we see the msft *full harddrive access clause* for gods sake to make sure you don't have a serial list or somthing. THis is guilty till proven innocent implimented by a company that obviosuly considers itself up there with the govt.

This is like somthing out of brave new world - what would you ever want to do in private?

If you value your privicy how can you defend XP? I know your a pro developer and yes, piracy does suck but.......

Someone is bound to yurn around and very correctly say, if you don't liek it use somthing else. Slowly, slowly i am, but it takes time, linux ain't that ready for desktop yet.

Hopefuly XP will be such a shit for home users they'll mabye start looking at alternatives.

--another series of incoherent vaguely lined though compiled by jaguar

[lisa]

Quote:

Originally posted by jaguar
Someone is bound to yurn around and very correctly say, if you don't liek it use somthing else. Slowly, slowly i am, but it takes time, linux ain't that ready for desktop yet.

I think the usability of Linux depends on what you use a computer for. I have not used windows on a computer that I own in more than 6 months.

The latest versions of Linux (like Mandrake 8.0, especially) are pretty damn easy to install and run in graphical format.

The biggest problem is specialized applications and information exchange as well as being able to find vendors, friends, etc. who can help you when you have a serious problem. And the SW developers and vendors won't get behind it until there's more installations out there.

IOW, the thing that is keeping Linux from becoming more popular and useful is the fact that it is not more popular and useful.

The one thing that kills me, as a Linux user, is that people routinely send me emails with word and excel files attached - even when the content is simple TEXT. What started this presumption that everyone has word and excel? The fact that most people do.

I guess I am offering no solutions here, just that things will probably not change/improve until the market starts pushing for this and, as said above, the tactics that Micro$oft is using, along with how easy it is for virii to get into a M$ system, is just starting to give a little more push in that direction.... I dunno if it'll be enough, but I can hope.

[jaguar]

I'm lucky to be using it - When i first got this comp GForce2 was not even supported by X and when it was it was not out of hte box by any distro, and its not easy for a newbie to install X from console. I was lucky a good friend of mine knows linux like the back of his hand and was able to walk me though everything, as well as someone to turn to when things go seriously wrong.
And yes, it is a catch 22, more support/software fi you have more users and more users if you have more software/suppport. The biggest thing i think linux has going for it is history. One of the big reasons Intel msotly won over Apple was that its chips were cheaper - more developers bought them therefore more software etc, etc. Linux for its userbase has *alot*of software, covering lal sorts of varied applications. Its varied nature at every level works both for and against it, Gnome vs KDE etc.