On Sat, Mar 06, 2004 at 02:35:53PM +0000, Philip Callan wrote:
Oh, man, I can't resist..
"To help developers, Microsoft has created an online training course that
details the implications of installing SP2 on Windows XP machines. "
rofl, enroll now!
"SP2 went into beta last year and Microsoft plans to release the update in
mid-2004. Compatibility issues should not hold back its release, Goodhew
said. "We're aiming to release SP2 midyear. As far as we stand, we're
still on track to do that," he said. "
Estimated time of first exploit that renders the service pack
irrelevant: 72 hours.
--
GNU/Linux revenues last quarter: $1 Billion.
micros~1 revenues last quarter: $4 Billion.
It's no longer a question of windows or GNU, it's a question of *Unix* or GNU.
Philip Callan wrote:
Ohh, follow the links -> training course -> whitepaper doc
[
Historically, operating systems have had to find a balance between ease
of use and security. Early versions of Windows were designed primarily
for ease of use, which was appropriate for computers used by one person,
without any connection to the outside world beyond an occasional shared
floppy diskette. For an isolated, single-user system, even requiring a
username and password seemed unnecessary.
Today's connected computing environment commonly exposes computers to a
variety of security threats. The majority of computers connect to the
Internet at least occasionally....Each of these conveniences also
exposes the computer to new threats.
]
And thanks to our legendary ability in ignoring real change, and only
imposing our own, we have legacy exploits, not just bugs.
[
Network protection is the largest area of improvement in Windows XP
Service Pack 2, and the one with the most implications for existing
software. It starts with an improved Windows Firewall (previously known
as Internet Connection Firewall, or ICF), which is enabled by default.
The new firewall turns on very early in the system boot cycle, before
the network stack is fully enabled, reducing the possibility of
intrusions during the boot cycle. It also turns off very late in the
shutdown cycle, after the network stack has been disabled, reducing the
possibility of intrusions during system shutdown.
]
Turn off all net, good solution, Not.
Hmm, starting the firewall before the GUI, proper implemenation for
power up/down before vulnerable (possibly) services that are remotely
accessible....
Sound familiar to anyone?
[
On CPUs that support execution protection (NX) technology, Windows XP
Service Pack 2 marks data pages non-executable. This feature of the
underlying hardware prevents execution of code from pages marked in this
way. This prevents attackers from overrunning a marked data buffer with
code and then executing the code; it would have stopped the Blaster worm
dead in its tracks. The only processor families that currently support
NX are the 64-bit AMD K8 and Intel Itanium; however, Microsoft expects
future 32-bit and 64-bit processors to provide hardware based execution
protection.
]
This is a good change for hardware. for a OS company to have to RELY on
its introduction to COVER THEIR SHITTY CODE, well... I dont think I need
to say anymore on that....
Best part, read the fine print people
[
This is a preliminary document and may be changed substantially prior to
final commercial release of the software described herein.
]
This is Microspeak for 'we're *introducing* these features to test the
water, and stall switching to operating systems that ALREADY HAVE
any/all of these abilities.
[
The information contained in this document represents the current view
of Microsoft Corporation on the issues discussed as of the date of
publication. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part
of Microsoft, and Microsoft cannot guarantee the accuracy of any
information presented after the date of publication.
]
Dont hold us to it if we lie about something we said were going to do,
its not our fault you believed us THEN.
[
Complying with all applicable copyright laws is the responsibility of
the user. Without limiting the rights under copyright, no part of this
document may be reproduced, stored in, or introduced into a retrieval
system, or transmitted in any form or by any means (electronic,
mechanical, photocopying, recording, or otherwise), or for any purpose,
without the express written permission of Microsoft Corporation.
]
Holy shit! good thing they covered their ass with 'Without limiting the
rights under copyright' they arent that powerful yet, law still outranks MS.
But you know, maybe they should put a java^H^H^H^Hactivex control that
tells people this first, so that ms can send me their
written_permission.doc first, but they have to send it to all the
routers, proxy servers and caching services in-between us first, and
then verify that I can keep the one in my cache.....
