Stop Microsoft
Operating Systems => Linux and UNIX => Topic started by: dmcfarland on 29 November 2005, 04:21
-
I had my 1st linux experience 6 years ago. I worked for a company that was using linux for its file serving, email, database, e-commerce servers, some workstations and for various other tasks.
I was working for a internet toy company, and I started two weeks before Christmas, and of course I was swamped, but our web servers and database didnt crumble from the pressure. The entire system was stable and handle a lot of hits. Linux withstood the test.
Things began to change as the company began to expand, and began hiring more people. They hired a CIO who wanted to switch everything over to NT. He reffered to IT analyst like me as "fucking gear heads."
The company ended up swithching over to NT and then the problems began. The PDC crashed every other day of the week, the exchange server was on the same computer as the PDC, so exchange went to hell when the PDC crashed as it did often.
I noticed increased loging wait, problems getting email and a general reduction in speed when accessing the internet. IMHO things on the IT end went to hell when we downgraded from Linux to NT.
My buddie there had a contest to see what was faster NT or Linux. The NT technician (Wannabe,) used copy from his workstation and my buddie used SSH on his. Needless to say SSH was by far faster.
The company went belly up in 2001, becaused it expanded too fast and made some really shitty business descions. I cashed my options and got the hell out. I know that has nothing to do with the switch from Linux to NT.
I got my first taste of linux there, but I didnt really use it as my default because it wasnt ready to be a Desktop OS, but it is ready now.
Feel free to use this post as a testomonial to what not to do with an IT structure. I learned a lot from that and would never downgrade from a OS like LInux, FreeBsd or other unix like flavors and install XP or any microsoft os to run an enterprise.
Thanks for all the input and advice. I d'ed xbasic and Im going to find some books to get started.
Oh yeah :fu:Microsoft
-
Yes well, this is 6 years old so it proves nothing. Show something like FC4 vs Windows 2003 and people might actually care. Windows 2003 is, REALLY STABLE.
-
Windows 2003? Theres Office 2003, but no windows 2003. BTW XP sucks ass compared to fc 4, and we using Redhat for our servers. Linux continues to get better, and Windows stay the same no matter how many bells and whistles it has.
I wonder if you ever posted without someone f'ing a sheep or some other moronic post youve posted in the past. I feel sorry for you if your still using Windows XP. Please get a life kintaro.
God bless you.
-
Windows 2003? Theres Office 2003, but no windows 2003.
http://www.microsoft.com/windowsserver2003/ ;)
-
Windows 2003? Theres Office 2003, but no windows 2003. BTW XP sucks ass compared to fc 4, and we using Redhat for our servers. Linux continues to get better, and Windows stay the same no matter how many bells and whistles it has.
I wonder if you ever posted without someone f'ing a sheep or some other moronic post youve posted in the past. I feel sorry for you if your still using Windows XP. Please get a life kintaro.
God bless you.
Windows Server 2003 (http://en.wikipedia.org/wiki/Windows_2003) (A.K.A. Windows 2003)
-
Samba is faster than Windows Server 2003.:p
-
My mistakes. Thanks for the info. :thumbup:
Windows Server 2003 (http://en.wikipedia.org/wiki/Windows_2003) (A.K.A. Windows 2003)
-
Things began to change as the company began to expand, and began hiring more people. They hired a CIO who wanted to switch everything over to NT.
Did he have a reason for this switch?
The company ended up swithching over to NT and then the problems began. The PDC crashed every other day of the week, the exchange server was on the same computer as the PDC, so exchange went to hell when the PDC crashed as it did often.
Whoops! There was your problem! You don't put exchange on a domain controller. You can do just about anything else on a domain controller - file/print/database, but putting exchange on it is just asking for trouble. Judging by this one big no-no and the PDC dying like it did, it sounds like the dudes who set up your NT domain didn't know what the fuck they were doing.
My buddie there had a contest to see what was faster NT or Linux. The NT technician (Wannabe,) used copy from his workstation and my buddie used SSH on his. Needless to say SSH was by far faster.
Faster at what?
Regardless, if linux was running everything fine, the switch to NT seems needless. I've heard similar stories about new IT heads coming into perfectly operational WIndows shops and switching everything to linux with disasterous results.
If it aint broke - DONT FIX IT!
-
Regardless, if linux was running everything fine, the switch to NT seems needless. I've heard similar stories about new IT heads coming into perfectly operational WIndows shops and switching everything to linux with disasterous results.
If it aint broke - DONT FIX IT!
IT heads trained in what ? Winblow$ I bet ... Winblow$ is broke, and it can't be fixed ... except with a sledgehammer.
-
I didn't push for the switch over to M$. I am some of my co-workers were against it and we were vocal about our opposition. The idiot (CIO) argued that Windows had better technical support and that Linux didn't because he argued Linux was free. He didnt understand that Linux has a worldwide support base that wasnt limited to the RedHat corp. Not to mention the idiot (CIO) didnt listen to us.
Just for the record I would never advocate putting exchange on the same computer as the PDC. Thats suicide. Thats suicide . Samba was faster than Window$ when it came to printing, loging in etc. They erased my Samba machine after I quit, and installed NT on it. My Samba server went down one time, and thats when the power supply blew during a blackout. I dont know how it happened. I had it hooked it to an UPS. Needless to say, I swapped the drives into an idenical piece of hardware and fired up without any problems.
I hate NT. I hate Window$ 2000, 2003, and the rest of the windows family. My first love was netware and will always be a favorite. I used DOS and Xtree.net and things were good. I was drug kicking and screaming to Windows 3.1. I went reluctantly to 95, 98, and ME.
I love Linux.
-
IT heads trained in what ? Winblow$ I bet ... Winblow$ is broke, and it can't be fixed ... except with a sledgehammer.
The window$ manaul comes with two pictures. One of a hammer, and another with a bigger hammer that has a caption underneath it-Use if the smaller hammer failed.:thumbup:
-
IT heads trained in what ? Winblow$ I bet ... Winblow$ is broke, and it can't be fixed ... except with a sledgehammer.
How profound. What problems have you had with Windows that lead you to say this?
-
Dmcfarland, did you ever mention hating Windows 2000 before?
I didn't realise that you've used it. :P
-
How profound. What problems have you had with Windows that lead you to say this?
Problems you ask ... I've had nothing but problems with Window$, and I never realised how many there were until I tried Linux. Every day (or nearly every day) I used Window$ a new problem arose. Most of them were security issues and stability issues. These went hand in hand, because the more secure I tried to make it the less stable it became. It was a lose lose situation ... until I installed Linux. And the amount of spyware and adware that kept building up on my computer despite numerous anti-spyware programs, and an anti-virus program, and a hardware and software firewall, all to no avail. Winblow$ is shit ! that's the least I can say for it.
-
Problems you ask ... I've had nothing but problems with Window$, and I never realised how many there were until I tried Linux. Every day (or nearly every day) I used Window$ a new problem arose.
And let me guess. You've never had any problems with linux, right?
Most of them were security issues and stability issues.
Okay.
These went hand in hand, because the more secure I tried to make it the less stable it became.
What exactly do you mean? Care to give an example of 'trying to make it more secure'?
It was a lose lose situation ... until I installed Linux.
You're starting to sound like an infomercial here.
And the amount of spyware and adware that kept building up on my computer despite numerous anti-spyware programs, and an anti-virus program, and a hardware and software firewall, all to no avail.
So you're saying that instead of learning the root causes of security issue in Windows, and addressing them, you jumped ahead to the easy "solution" of installing applications that only take action after you've been exploited. Isn't that like hiring a bouncer and then having him sit inside your house? There are numerous steps you can take to prevent security problems in Windows. My best is that you installed so many redundant security applications, that they stepped all over eachother and caused the majority of the stability problems you spoke of.
Right now you riding the wave of obscurity, and judging by your "blame the software" attitude, if linux had 95% marketshare on the desktop, your linux box would have just as many security issues as your Widnows box did.
-
Right now you riding the wave of obscurity, and judging by your "blame the software" attitude, if linux had 95% marketshare on the desktop, your linux box would have just as many security issues as your Widnows box did.
I doubt it considering the fact that Linux is incomparable to Winblow$ in security ... and the fact that Winblow$ has serious design flaws. (http://www.vanwensveen.nl/rants/microsoft/IhateMS_A.html)
So you're saying that instead of learning the root causes of security issue in Windows, and addressing them, you jumped ahead to the easy "solution" of installing applications that only take action after you've been exploited.
Uhhhh ... so you're saying it's my job to patch up Winblow$'s many holes ? Sorry ... I got better shit to do.
My best is that you installed so many redundant security applications, that they stepped all over eachother and caused the majority of the stability problems you spoke of.
I don't see how "redundant" they were since each spy-remover I installed (they were all legitimate anti-spyware programs ... I checked) seemed to detect malware that the others somehow missed.
By trying to 'make it more secure' I mean a feutile attempt to do Bill Gates's work for him and patch up Winblow$ myself in whatever way I found ... I searched the net long and hard for solutions ... they ended up being half-assed solutions ... the most I can expect for Winblow$
-
I doubt it considering the fact that Linux is incomparable to Winblow$ in security ... and the fact that Winblow$ has serious design flaws. (http://www.vanwensveen.nl/rants/microsoft/IhateMS_A.html)
Do you even understand anyththing written on that page? Do also know that almost all of that shit on that page is either hyperbole or just plan wrong?
Uhhhh ... so you're saying it's my job to patch up Winblow$'s many holes ? Sorry ... I got better shit to do.
No, it your job to have a rudimetary understanding of security. It obvious that you don't, so perhaps an obscure desktoip OS like linux is a good thing for you.
I don't see how "redundant" they were since each spy-remover I installed (they were all legitimate anti-spyware programs ... I checked) seemed to detect malware that the others somehow missed.
Again you completely miss the point. WHy were you getting spyware in the first place? Did you even attempt to figure it out? There are very easy measures you cant ake to protect yourself from spyware that don;t involve installing hundreds of anti-spyware apps.
By trying to 'make it more secure' I mean a feutile attempt to do Bill Gates's work for him and patch up Winblow$ myself in whatever way I found ...
There is no patching up to do. There are a few very simple steps you can take to make Windows very safe.
I searched the net long and hard for solutions ... they ended up being half-assed solutions
Like what? What solutions did you try? Installing 20 anti-spyware apps? That's not a solution, thats a reaction. Did you create a limited user account for yourself? Did you turn of file and printer sharing? Did you use firefox instead of IE? Did you refrain from blindly executing random email attachments? What exactly did you do? Linux doesn't do anything to protect you that windows can't easily do.
-
No, it your job to have a rudimetary understanding of security. It obvious that you don't, so perhaps an obscure desktoip OS like linux is a good thing for you.
Again you completely miss the point. WHy were you getting spyware in the first place? Did you even attempt to figure it out? There are very easy measures you cant ake to protect yourself from spyware that don;t involve installing hundreds of anti-spyware apps.
There is no patching up to do. There are a few very simple steps you can take to make Windows very safe.
Like what? What solutions did you try? Installing 20 anti-spyware apps? That's not a solution, thats a reaction. Did you create a limited user account for yourself? Did you turn of file and printer sharing? Did you use firefox instead of IE? Did you refrain from blindly executing random email attachments? What exactly did you do? Linux doesn't do anything to protect you that windows can't easily do.
Please elaborate on the possible steps to make Window$ more secure ... ok to answer your questions in order ... Yes I did install about 20 anti-spy aps ... I used the admin account, I turned off all file sharing and printer sharing, and remote desktop, and instant messenger and all that shit. Of course I used Firefox ... I never executed a sigle attachment ... ever ... in fact executables of any kind were disabled on my mail server. As I said I installed at least 20 anti-spymare programs, , both a hardware (router) and a software (McAfee) firewall ... as well as McAfee anti-virus, I disabled any sharing and remote anything (desktop, registry, etc.), disabled Window$ messenger, and did a whole bunch of other stuff like applied a null IPC fix (just in case it wasn't fixed), and disabled Admin shares, DCOM, lots of services and many more things (I can't remember them all ... nor do I care to). I looked up every potential exploit and fixed it ... or at least attempted to.
I agree with you that Linux was a very good thing for me :D
So again ... please elaborate and list all steps (or most) that may possibly make a Window$ machine even marginally more secure ... I don't believe it's possible, but I wanna hear what you have to say ...
(Just in case you were wondering ... there was a chance -- a very good chance -- that my computer was infected by the $ony DRM rootkit ... if so then I'm sure there still "are a few very simple steps 'I' can take to make Windows very safe.")
-
I only know Windows crashes no matter how fast, how big the hard drive, no matter how much RAM you have, cpu speed, or video acceleration. Windows crashes no matter what, on a regular basis, and it has more holes in it than oday and cusay hussien.
-
I only know Windows crashes no matter how fast, how big the hard drive, no matter how much RAM you have, cpu speed, or video acceleration. Windows crashes no matter what, on a regular basis, and it has more holes in it than oday and cusay hussien.
Sorry to hear that. It doesn't for me.
-
please elaborate and list all steps (or most) that may possibly make a Window$ machine even marginally more secure ... I don't believe it's possible, but I wanna hear what you have to say ...
I'd be happy to, but I have to give my son a bath and put him to bed. Tommorow. :)
-
Sorry to hear that. It doesn't for me.
Same for me, I've never had a crash, the only BSOD I have had was a driver issue, a simple re-install of the driver stopped that. :)
-
Exactly, if you know what you're doing Windows can be quite satable - this is even more the case if you don't run anti-virus.
-
Samba is faster than Windows Server 2003.:p
I dont see how you can say that with any credibility when you just admitted you had no idea what Microsoft Windows 2003 was, and assumed that it was Microsoft Windows XP.
-
Exactly, if you know what you're doing Windows can be quite satable
Also, refrain from right-clicking on any folders.
I used Windows for no more than half an hour one night and it fucking crashed when I right-clicked on a folder.
WHAT. THE. FUCK?
You'd almost think someone set that up, just to piss me off. But no, it's just Windows.
-
That's what can happen on a malware infested installation, normally you just get this (http://www.electronics-lab.com/action/upload/getimg.php?image=/rightclick.PNG&) when you right click on a folder, it sounds like you have shitware installed or even a bad driver, this never ever happens on a healthy Windows set up.
-
Also, refrain from right-clicking on any folders.
I used Windows for no more than half an hour one night and it fucking crashed when I right-clicked on a folder.
WHAT. THE. FUCK?
You'd almost think someone set that up, just to piss me off. But no, it's just Windows.
Hehe, coincidentally the same thing happened to me only worse :D ... just before I switched to Linux, explorer crashed every time I right-clicked :confused: ... which sucked ass. I also could not delete, copy, paste, or move any file wihout explorer crashing :( ... and I somehow managed to backup all my important data to a CD without right-clicking or using any of the mentioned functions. Luckily, the CD burning software was somehow still able to access and burn the needed files correctly. At that moment I promised myself I would never use Winblow$ again ... I plan on keeping that promise.
-
That's what can happen on a malware infested installation, normally you just get this (http://www.electronics-lab.com/action/upload/getimg.php?image=/rightclick.PNG&) when you right click on a folder, it sounds like you have shitware installed or even a bad driver, this never ever happens on a healthy Windows set up.
How would malware or a bad driver make the system crash on a right click? Maybe if it's the mouse driver, but I think (didn't check, and don't intend on checking) it's a Microsoft-provided driver (isn't it usually unless he installed the logitech software (IIRC it's a logitech mouse) (which I doubt he did)?). My brother's on the computer now and I'd guess he can right-click alright, it's only this one time it just had to fucking crash.
I guess I should've said this already but, I'm not entirely sure whether the whole OS went down or just Explorer or if it woulda come back or WTF. I just left. It's been a long time since I've had to put up with shit like that.
My brothers system does have a bit of malware alright. But when I ran Windows XP on my own computer it didn't, and I don't forget what it was like.
In fact, my best experiences with Windows stem from Windows 98. It ran dreamy on the system I had at the time (about two years ago), but Mandrake ran better.
-
Your personal experiance vs mine, why are we bothing to argue about this?
My Redhat 9 system would often kernel panic on boot up but other times it wouldn't, yes I know Linux is better now (both Vector Linux and Ubuntu haven't given me this problem). I know I didn't know what I was doing and obviosly neither do you when it comes to Windows.
It could be a driver problem but I doubt it, it's far more likely to be a malware problem and it's highly unlikely you'll be able to fix it without a re-install. If you'd pay for my journey to where ever you live I bet you I could get the fucking thing working. Otherwise (to save me the bother) backup your files, do a clean install following the instructions I gave here (http://www.microsuck.com/forums/showpost.php?p=106359&postcount=59) and you shouldn't have this problem ever again I certaintly don't, those days are long gone.
When I first started using XP we contracted the netsky worm via an email virus sent to my dad who was using Outlook, this caused random reboot and all kinds of shit. I installed AVG anti-virus and the system was still slow and unstable, after I've done a fresh install and set things up properly Windows just runs and runs and runs - there's no stopping it! I mean how do you think I can stay logged on to the Internet and type such long rants if the Windows BSODs every 5 miniutes? :D
-
Your personal experiance vs mine, why are we bothing to argue about this?
Windows crashed on me when I right-clicked a fucking folder, that's why.
My Redhat 9 system would often kernel panic on boot up but other times it wouldn't, yes I know Linux is better now (both Vector Linux and Ubuntu haven't given me this problem).
Any time I've had a kernel panic it was 'cause I didn't have a CLUE WTF I was doing in 'make menuconfig' when compiling linux, or it was on my iPod (I remember getting a kernel panic on my iPod (with ipod-linux), and I can't remember what the cause of it was. I Think it was something to do with init.).
Kernel panics on Redhat 9.. Interesting. Any idea what they were about (they have error messages to point in the right direction (and they worked for me))?
neither do you when it comes to Windows.
Actually, I do. And I was dissappointed, because I learned nothing, when I read this (http://www.microsuck.com/forums/showpost.php?p=106359&postcount=59).
I suck at Windows because it crashed when I right-clicked?
It could be a driver problem but I doubt it, it's far more likely to be a malware problem
How would malware be the problem? Maybe explorer.exe or something is infected. Know what the best way to check would be (check file sizes/MD5 sums)? It could be something that explorer.exe uses either, I dunno.
If you'd pay for my journey to where ever you live I bet you I could get the fucking thing working.
It does work, I'd guess.
Otherwise (to save me the bother) backup your files, do a clean install following the instructions I gave here (http://www.microsuck.com/forums/showpost.php?p=106359&postcount=59) and you shouldn't have this problem ever again I certaintly don't, those days are long gone.
I learned nothing new in that post. Whenever I had Windows XP on this system I did pretty much all the same stuff.
When I first started using XP we contracted the netsky worm via an email virus sent to my dad who was using Outlook, this caused random reboot and all kinds of shit. I installed AVG anti-virus and the system was still slow and unstable, after I've done a fresh install and set things up properly Windows just runs and runs and runs - there's no stopping it! I mean how do you think I can stay logged on to the Internet and type such long rants if the Windows BSODs every 5 miniutes? :D
6 minutes, actually.
-
Have you ever tried to keep Windows XP running for a few weeks? From people I know who tell me they have, it ain't pretty.
Maybe that's a good thing, actually. Because less people will keep their computers on 24/7 and the enviornment will be better off.
Or maybe Microsoft will sell more server editions of Windows.
-
I dont see how you can say that with any credibility when you just admitted you had no idea what Microsoft Windows 2003 was, and assumed that it was Microsoft Windows XP.
Yeah, I've seen benchmarks that show the opposite.
-
.....and now I've seen benchmarks that show samba 3 to be faster than WIn2k3. So which is it? It's funny how one benchmark with show one thing and another will show something completely the opposite.
-
Windows crashed on me when I right-Kernel panics on Redhat 9.. Interesting. Any idea what they were about (they have error messages to point in the right direction (and they worked for me))?
It's over a year ago, I'm guessing the motherboard driver. I agree with you about the error messages though - Windows is shit at reporting errors.
I suck at Windows because it crashed when I right-clicked?
Well who ever installed and set up the system lacked experiance, as well as the people using it if they didn'y know what they were doing and used Admin accounts for everything and downloaded and installed shitware from p2p.
I know some other people here have had problems with Windows but there are many people who don't, either this is just luck or it's something that some people are doing right and others are doing wrong.
How would malware be the problem? Maybe explorer.exe or something is infected.
Probably, but yes it is fucking hard to diagnose what's wrong when Windows goes wrong and yes it is a flaw in the operating system but it's something MS don't want to fix.
Know what the best way to check would be (check file sizes/MD5 sums)? It could be something that explorer.exe uses either,
Have you checked them then?
I learned nothing new in that post.
If you've listened to my advice then it's a clean install that's only used to access the Internet from a limited account and there are no shitty 3rd party memory resident security programs running then.
Have you ever tried to keep Windows XP running for a few weeks?
Windows 2000, yes but not XP since I've had not reason to but after a couple of days I haven't notice any significant degredation in performance. I know (if my hardware supports it, I'll find out) I might be able to get it to hibernate instead of closing down.
I'm not trying to say Windows rules or anything (I've already pointed out two of its faults in this post). I'm just saying that (if you know what you're doing) it isn't all that bad, it doesn't BSOD every 6 miniutes or when you right click a folder, it runs well on 256MB of RAM and boots in an acceptable time, all of the aforementioned don't make it a good OS, they're just things you'd expect from a good OS and I've pointed out some of these things that Windows doesn't have that it should.
-
Well who ever installed and set up the system lacked experiance
He doesn't quite lack experience, just intelligence. We both have about the same experience with computers, but I've always been more curious about how everything worked. Ever since our first computer - running Windows 95.
Ya know, Windows makes it really hard to become intelligent. It treats every user as a fucking retard, even intelligent and curious users, and because it's not so intelligent at setting things up itself (the default settings), it makes it really hard to run it securely.
My two Windows brothers browse the web in an administrator account, because they're not intelligent (their OS/nothing educated them. I tried a small bit, but fuck them if they didn't listen.). Me and my Mac OS X brother browse the web in user accounts. Me because I got A BIG FUCKING WARNING MESSAGE when I first tried to start KDE as root (and also other reasons. Stuff I read, and Mandrake already setup intelligent defaults.), and him because Mac OS X has sane defaults just like Mandrake. It's not because we're more intelligent than the other guys. Back then I knew nothing about GNU/Linux or security or user accounts, yet I refrained from browsing the web as root because I was educated by KDE and some stuff I read, and Mandrake's defaults aren't retarded. The Mac OS X guy and the other two Windows users are probably on about the same level intelligence-wise (Nicholas may find that offensive.). None of them would think of setting up a user account by themselves (they would only have to do this on Windows. And Slackware.) for general computer use.
There's another reason Windows sucks: it doesn't make it easy for it's users to become intelligent, instead it assumes retardism (which is often true). That's alright, as long as it has intelligent defaults, which it doesn't.
So many extra Windows computers are infected by malware because of this, and it's sad. Windows brought this upon itself (note that I didn't say Microsoft did it, because what Microsoft did is develop Windows, which is the software I'm discussing. This is about Windows, not Microsoft.).
Now I'm thinking that I just accidentally found a good reason that if the market was dominated by GNU/Linux or Mac OS X, they'd cope with malware much better. All that typing wasn't quite so useless.
Now I'm thinking: WHERE THE FUCK IS MUZZY!? :p
-
Weird, I don't run any security software and in the 5+ years or so that I have been running Windows 2000 I have never had one problem, neither have I had the problem that you mentioned (then again, that is what happens when you use Windows Explorer for a shell ;))
At least in Windows 2000 you have Program Manager. :D
-
Weird, I don't run any security software and in the 5+ years or so that I have been running Windows 2000 I have never had one problem, neither have I had the problem that you mentioned (then again, that is what happens when you use Windows Explorer for a shell ;))
At least in Windows 2000 you have Program Manager. :D
There isn't as much malware floating about for Windows 2000, so you probably don't need much security software.
I wouldn't expect I'd be able to reproduce that crash I got on the right-click. I usually can't reproduce Windows and explorer crashes, kinda wierd. It's almost like they're programmed to crash at random intervals.
Isn't Windows 2000 supposed to be more stable and secure than Windows XP anyhow? I haven't used it much at all.
-
I know some other people here have had problems with Windows but there are many people who don't, either this is just luck or it's something that some people are doing right and others are doing wrong.
I know that the things you explained in that post aren't what's wrong, because I've done most of them. The Windows XP SP2 setup I had before I installed Mandrake on this system was as good as I could get it and it still often sucked. I can't remember it crashing (that doesn't mean it didn't crash), but I can remember it running slow when you try to do stuff in it like run Flash and Photoshop. I remember thinking it truley sucked at multi-tasking, but I put that right down to my "mingey" 256MB RAM (good news for the RAM manufaturers!). However, before I got down to getting another 512MB RAM I installed Mandriva (bad news for the RAM manufacturers!) and was dual-booting. I must've booted into Windows about two times after that, before removing it.
it's something MS don't want to fix.
Bad news for Windows and Windows users! If it was free, it wouldn't matter much that Microsoft don't want to fix some problem, because the door's always open for someone else to do it (that I couldn't resist).
Have you checked them then?
No, I haven't really used that computer since.
If you've listened to my advice then it's a clean install that's only used to access the Internet from a limited account and there are no shitty 3rd party memory resident security programs running then.
It's not my system to fix, and I will not fix it. The only fix I'd give it is a decent operating system like GNU/Linux, but last I checked it's owner didn't want that. I'll just wait for him/Windows to completely fuck something up, and try again.
Windows 2000, yes but not XP since I've had not reason to but after a couple of days I haven't notice any significant degredation in performance.
Sounds like a great operating system!
EDIT: Oops, I read that wrong. Anyhow, try running it for a few weeks. If your experience is anything like these other guy's, you will notice quite a degration in performance.
I'm just saying that (if you know what you're doing) it isn't all that bad
That depends on what you mean by "all that bad". To a small extent I'd agree.
[it doesn't BSOD] when you right click a folder
Well it/something did crash/fuck up when I right-clicked a folder on my brothers system. Whether that was the fault of a driver (that came with Windows and is very much a part of the operating system), some part of Windows Exploror, something deep inside Windows, or malware, I cannot say. But it happened. And it pissed me off, and brought back memories. And it's something I hadn't seen in yonks.
it runs well on 256MB of RAM
Except it has shit memory management. So 256MB is probably okay so long as you never fill it (good thing the operating system doesn't waste much space (which I've been led to believe is true)), I think.
-
My Windows XP is very stable and I've never had virus problems.
Never update (apart from Sp2)...just use ZoneAlarm and AVG...I don't know how people have all these problems.
I've installed hundred of apps, even shit like window blinds and its still solid.
Only problem I've had is my nostromo driver was BSOD on login, I think the loadout manager was being started before the driver was fully initialised. All I did was set in to manual startup and its fine.
Vector Linux SOHO on the other hand is rather broken at the moment ...
...i know, i know ... user error... :P
-
pP : Yes, Windows 2000 is godly compared to XP in terms of speed, it runs great on 256mb of ram too, even with 128mb it runs fine.
Windows 2000 has always run great on my machine, and my machine isn't very fast at all, 1.5ghz processor and 512mb ram, XP ran horribly slow it didn't really surprise me though, as I expected it :D
-
Calm down piratePenguin please just accept that lots of people run XP and have no problems what so ever. I can see your point about Windows dumbing down computer administration - I learned about llimited accounts and security when I discovered Linux too.
-
Calm down piratePenguin
Eh, WHAT?
please just accept that lots of people run XP and have no problems what so ever.
Sure, except that memory management is plain shit no matter who you are. That's not so bad if you never fill your RAM, but I did and most people do once in a while.
Then there are other problems that everybody has in certain situations. Like that piece of shit excuse of a firewall. They also don't care who you are.
-
Windows on its own is a piece of shit unless you know how to tweak it. I ran Windows on my current PC, which is a p3-550, 384 MEGS RAM, 64 MB Vid card. It ran fine, but I had to put a good virus program on it, spyware, disable the stupid ass bells and whistles etc. Of course I installed Linux and its work fine without worrying about spyware, virus checkers and resourse leeching bells and whistles.
Most normal users shouldnt be allowed to use windows because they dont what they are doing, but then again they've made it possible for me to make good money for simple stuff. Its kind of sad if you think about it.
-
I'm in the same dilemma. Should I support their usage of Windows, to fund me in my tech jobs? (pays quite well.) Or should I insist they do otherwise?
I'll probably end up recommending Macs to laypeople, and if they refuse, I'll mutter "sucker" under my breath. :D
-
Windows on its own is a piece of shit unless you know how to tweak it.
You can only say that because you are able to choose the linux distribution that suits you.
What if Linspire was the only linux distribution, you'd probably have the same problems.
I agree with the spyware bit. Microsoft chose compatibility over putting in a proper user privileges system like linux's that would screw existing software.
-
You can only say that because you are able to choose the linux distribution that suits you.
exactly... i love linux
-
I'm in the same dilemma. Should I support their usage of Windows, to fund me in my tech jobs? (pays quite well.) Or should I insist they do otherwise?
I'll probably end up recommending Macs to laypeople, and if they refuse, I'll mutter "sucker" under my breath. :D
Yeah you should. It would be easy money for you, and mention Linux and see what they say. Let them pay you more money and hopefully they will draw their own conclusions and make the switch to Linux or buy a Mac.
-
You can only say that because you are able to choose the linux distribution that suits you.
What if Linspire was the only linux distribution, you'd probably have the same problems.
I agree with the spyware bit. Microsoft chose compatibility over putting in a proper user privileges system like linux's that would screw existing software.
Linspire from what I heard isnt that hot anyway. Your right it would be a bigger piece of shit if it was the only linux distro.
You can limit user rights in XP. We used to do that with the NT workstations back in the day. The DFU's (Dumb Fucking Users) would complain to their managers and the managers would complain to our manager and we would end up having us make the machine unsecure again. I would lock down a windows machine so users couldnt move an icon on the desktop, make them save their files to a network share, and limit them to firefox etc so they wouldnt fuck up the computer with a virus and spread it to the rest of the network. Needless to say I wanted to do the right thing despite the fact that would have affected my job security.
-
Weird, I don't run any security software and in the 5+ years or so that I have been running Windows 2000 I have never had one problem, neither have I had the problem that you mentioned (then again, that is what happens when you use Windows Explorer for a shell ;))
At least in Windows 2000 you have Program Manager. :D
Won't you be pissed when you find out your computer's been posting while you were at the movies. :D
-
Won't you be pissed when you find out your computer's been posting while you were at the movies. :D
Hahaha, nope? :p
It has never happened. ;)
-
Hahaha, nope? :p
It has never happened. ;)
Wait until Root gets home. :p
-
H_TeXMeX_H, I said I'd tell you how to keep a Windows box clean.....here ya go....
How to keep your Windows box secure
* Do not log on as an administrator. Create a limited account for yourself and USE IT religiously.
* When something doesn't work under your limited account, find out why it doesn't work and make the proper adjustments.
If in the rare case that you have a program that can't run under a limited account, make a shortcut that launches it under an admin account
* Install updates regularly
* Refrain from using Internet Explorer
* Run AV
* Run some sort of firewall (software/NAT router/etc) that blocks unsolicited connections from the internet
How to keep your Windows box stable
* Instead of bitching about them like a baby, learn how to troubleshoot windows kernel panics ("Blue screens")
Like linux and BSD and jsut about any other MODERN OS, OS crashes in Windows are almost allways caused by faulty hardware or drivers. If you are getting random reboots, do the following:
1) Log on as an admin
2) Right click on "My Computer"
3) Click on the "Advanced" tab
4) Click on settings by "Startup and recovery"
5) Uncheck the "Automatically Reboot" checkbox
Now, instead of rebooting, you computer will display a pretty blue screen with lots of informative information when it crashes. Use the information and Google to toubleshoot your problem. If your blue screen doesn't point to a specific driver, then you might have bad hardware. memtest86 is a good open source app for testing memory.
* Make sure all of the latest drivers for your hardware are installed.
* See above in the security section about not logging on as admin.
Buggy programs can sometimes do things by accident that will hose your system. Running them as a non admin will keep badly written programs from doing nasty things like corrupting your registry or deleting system files.
* Back Up your system state every once in awhile.
Sometimes when you install a new driver, the install doesn't go so well, or the driver just plain doesn't work and it will cause your computer to bluescreen on boot. backing up your system state using the built in backup utility before installing new drivers is a good way to revert back after a failed driver install. Safe mode should keep the dodgy driver from loading at boot. The neat thing about backing up your system state is that is creates a backup of your registry in "C:\WINDOWS\repair" that you can restore from the recovery console... (by copying the files over to "C:\WINDOWS\system32\config") so if you system get REALLY hosed and even safe mode doesn't work, you can still go into the recovery console and restore a known good copy of your registry.
[rant]
Don't bitch like a baby when something doesn't work under your limited account. I hear this all the time from Windows users when someone tells them to not log on as admin. "But so and so doesn't work unless I'm admin!!" the whiny botches say. Well tough shit. You run Windows, not OSX. You asked how to make your machine secure. If you don't like the answer then shut the fuck up and use linux or buy an Apple! Lots of things do not work in linux/unix under regular accounts without having to adjust permissions or set SUID bits. Linux users don't log on as root to do their emailing/porn-surfing in linux just because certain apps they use neet root or a SUID bit set...why should Windows users?[/rant]
-
In XP you don't even have to log out, just right click Run As and enter the admin name and pass.
-
In XP you don't even have to log out, just right click Run As and enter the admin name and pass.
Not to mention you don't even need to log in, because of the stupid unpassworded login it gives you by default. :rolleyes::rolleyes::rolleyes:
-
It's not so stupid. In XP accounts with no password cannot connect remotely by default, so the danger of having a blank admin password is not all that great.
The stupid part is the default user accounts being admin, but that's another story.
-
It's not so stupid. In XP accounts with no password cannot connect remotely by default, so the danger of having a blank admin password is not all that great.
The stupid part is the default user accounts being admin, but that's another story.
That's a bit odd, I don't understand why I don't have a problem using an admin account. :scared:
I'm supposing creating a different administrator account and not logging in as "Administrator" makes no difference. :rolleyes:
-
That's a bit odd, I don't understand why I don't have a problem using an admin account. :scared:
I'm supposing creating a different administrator account and not logging in as "Administrator" makes no difference. :rolleyes:
I'm not sure WTF you're talking about here. Why would you have a "problem" using an administrator account?
-
I'm not sure WTF you're talking about here. Why would have a "problem" using an administrator account?
Why would who now?
-
Why would who now?
opps. meant to say "you". Edited my post.
-
Rule of thumb: read your posts OUT LOUD before submitting.
-
It will awlays be SuSe linux for me I will nevever look back at winblow$
-
Why does it seem that people are defending Windows in this argument?
What I think is that any operating system that has to be tweaked and have tons of stuff installed to make it work is stupid. Mac OS X and Linux just work out of the box. Windows almost never behaves in my experience. You can never be bored if you have a Windows machine.
Linux and Mac OS X have decent default settings. Mac OS X doesn't have stupid services running, or everything bound to all ports. Mac OS X doesn't have tons of crap running that you can remove to save ram with no ill effects. Linux doesn't either.
Windows is seriously rubbish. I'd rather use Linux in qemu or vmware on a Windows machine (and I do try to...).
-
Why does it seem that people are defending Windows in this argument?
What I think is that any operating system that has to be tweaked and have tons of stuff installed to make it work is stupid. Mac OS X and Linux just work out of the box. Windows almost never behaves in my experience. You can never be bored if you have a Windows machine.
Linux and Mac OS X have decent default settings. Mac OS X doesn't have stupid services running, or everything bound to all ports. Mac OS X doesn't have tons of crap running that you can remove to save ram with no ill effects. Linux doesn't either.
We all totally needed that kick back to reality.
They argue that Windows isn't so bad after an hour or so of disabling broken Windows shit, bit of a problem there. Nothing is so bad when you don't use it ;)
Windows is seriously rubbish. I'd rather use Linux in qemu or vmware on a Windows machine (and I do try to...).
Ever try using VNC to connect to your home computer?
-
Ever try using VNC to connect to your home computer?
Actually, how's FreeNX coming along? ;)
-
Actually, how's FreeNX coming along? ;)
I've never used it (probably would have if my old computer worked, but it wasn't meant to be).
I've only ever gotten a graphical connection to a remote computer once, Lead Head let me into his via VNC, and I seized the opportunity to look at lots and lots of porn :)
-
Why does it seem that people are defending Windows in this argument?
Because people like you are completely ignorant of Windows and how it works. You are all living in a fantasy world - Your own little propaganda circlejerk, where you shoot your loads of falsehood at eashother and gobble it up with big smiles.
What I think is that any operating system that has to be tweaked and have tons of stuff installed to make it work is stupid.
Well then you must really hate linux and BSD. Tell me Mr. Windows expert. What exactly do you need to "tweak" in Windows to make it work?
Mac OS X doesn't have tons of crap running that you can remove to save ram with no ill effects.
Netiher does Windows. What OS are you talking about here?
-
Netiher does Windows. What OS are you talking about here?
Actually, many of my windows-using-friends almost religiously hit ctrl-alt-del to stop TONS of processes before starting up games
-
Because people like you are completely ignorant of Windows and how it works. You are all living in a fantasy world - Your own little propaganda circlejerk, where you shoot your loads of falsehood at eashother and gobble it up with big smiles.
Ofcourse! Because people don't have bad experiences with Windows! Now it all makes sense! If you ever do have a bad experience with Windows, blame yourself and your shabby seven years experience! Maybe in ten years time you'll know more and you won't ever have any bad experiences with Windows again!
I think themacuser knows that there are two sides to every coin (even if he kinda said otherwise), so stop with the shit-speak please.
I might qualify as "like themacuser", but I'm not "completely ignorant of Windows and how it works". Is there a slight possibility that maybe you're ignorant of how Windows doesn't work, and that's the main difference between us? Or maybe you've never had a single problem with Windows?
I've used Windows for over seven years, if I'm completely ignorant of how it works then so is most Windows users with seven years of experience (I'm quite-curious about how things work (especially, and especially how computers work)) with it. And let's not forget that good operating systems don't require you to be completely alert as to how they work (for most people, that'd be quite the challenge).
After using Windows for seven years, I didn't like it. Had some bad experiences with it, didn't like it. themacuser also stated that he had bad experiences with it. Is there a problem with that?
themacuser brought up some good points and justified at least the general idea of what he said in the beginning (I wouldn't be so sure that he/any sensible being believes that Windows doesn't have a single thing going for it - even if that's what he said).
Well then you must really hate linux and BSD.
That's not right, it's down to the distribution. He sure as hell won't like Slackware or NetBSD, but he might like Ubuntu or DesktopBSD.
Tell me Mr. Windows expert. What exactly do you need to "tweak" in Windows to make it work?
Where the hell have you been the last seven months? There's been alot of arguments against Windows since my arrival, and the general response Windows supporters give is (this doesn't count for the things Windows lacks, e.g. decent memory management and a half-decent firewall) "oh but if you disable X it's not so bad" (e.g. Internet Explorer and ActiveX). Aloone_Jonez even posted a long post about how to make Windows more secure.
Just try running a Windows system with default everything (so there's no tweaks. Although I don't know exactly what themacuser meant by "tweaks".), get it on the internet (you can update Windows, I presume), do some crap with it, and see how it handles. For a start, you're using a superuser account, so you're seriously vulnerable. ActiveX and Javascript will be enabled in IE too, you're more vulnerable, and you are seriously FUCKED if you land on the wrong website.
I don't know what you or themacuser mean, exactly, by "work", but Windows without any tweaks is not a safe place to be, so at this point I don't give two fucks how it "works" (whatever that may mean).
Conclusion: If, for whatever retarded reason (most reasons I got from people for using Windows are retarted, in that they don't use it because it's better than the competition. But then Microsoft is a monopoly, so what's to be expected?), you must use Windows, TWEAK IT (or suffer)! I shouldn't have to say that for a good operating system, and I don't have to say it for most GNU/Linux distributions I've used or Mac OS X.
EDIT:
Tell me Mr. Windows expert. What exactly do you need to "tweak" in Windows to make it work?
@themacuser, you don't need to answer that question, toadlife already mostly did (http://www.microsuck.com/forums/showpost.php?p=107770&postcount=52).H_TeXMeX_H, I said I'd tell you how to keep a Windows box clean.....here ya go....
How to keep your Windows box secure
* Do not log on as an administrator. Create a limited account for yourself and USE IT religiously.
* When something doesn't work under your limited account, find out why it doesn't work and make the proper adjustments.
If in the rare case that you have a program that can't run under a limited account, make a shortcut that launches it under an admin account
* Install updates regularly
* Refrain from using Internet Explorer
* Run AV
* Run some sort of firewall (software/NAT router/etc) that blocks unsolicited connections from the internet
How to keep your Windows box stable
* Instead of bitching about them like a baby, learn how to troubleshoot windows kernel panics ("Blue screens")
Like linux and BSD and jsut about any other MODERN OS, OS crashes in Windows are almost allways caused by faulty hardware or drivers. If you are getting random reboots, do the following:
1) Log on as an admin
2) Right click on "My Computer"
3) Click on the "Advanced" tab
4) Click on settings by "Startup and recovery"
5) Uncheck the "Automatically Reboot" checkbox
Now, instead of rebooting, you computer will display a pretty blue screen with lots of informative information when it crashes. Use the information and Google to toubleshoot your problem. If your blue screen doesn't point to a specific driver, then you might have bad hardware. memtest86 is a good open source app for testing memory.
* Make sure all of the latest drivers for your hardware are installed.
* See above in the security section about not logging on as admin.
Buggy programs can sometimes do things by accident that will hose your system. Running them as a non admin will keep badly written programs from doing nasty things like corrupting your registry or deleting system files.
* Back Up your system state every once in awhile.
Sometimes when you install a new driver, the install doesn't go so well, or the driver just plain doesn't work and it will cause your computer to bluescreen on boot. backing up your system state using the built in backup utility before installing new drivers is a good way to revert back after a failed driver install. Safe mode should keep the dodgy driver from loading at boot. The neat thing about backing up your system state is that is creates a backup of your registry in "C:\WINDOWS\repair" that you can restore from the recovery console... (by copying the files over to "C:\WINDOWS\system32\config") so if you system get REALLY hosed and even safe mode doesn't work, you can still go into the recovery console and restore a known good copy of your registry.
[rant]
Don't bitch like a baby when something doesn't work under your limited account. I hear this all the time from Windows users when someone tells them to not log on as admin. "But so and so doesn't work unless I'm admin!!" the whiny botches say. Well tough shit. You run Windows, not OSX. You asked how to make your machine secure. If you don't like the answer then shut the fuck up and use linux or buy an Apple! Lots of things do not work in linux/unix under regular accounts without having to adjust permissions or set SUID bits. Linux users don't log on as root to do their emailing/porn-surfing in linux just because certain apps they use neet root or a SUID bit set...why should Windows users?[/rant]
-
If you consider the things that I wrote 'tweaking', then fine by me. Macs don't have to be tweaked because there is no software written for it to cause them to have to be tweaked. Insinuating that linux never needs to be tweaked is just hilarious. Linux needs to be updated just like Windows does. Macs need to be updated too. The only downside to Windows, security-wise is that it is not protected by herd immunity, like linux, Mac and other obscure OS's.
-
What kind of software requires one of these mythical tweaks?
-
Macs don't have to be tweaked because there is no software written for it to cause them to have to be tweaked.
After installing Mac OS X you get mostly-sane defaults (services disabled and a user account setup). After installing Windows you get completely braindead defaults (even muzzy said so himself), and the user needs to setup a non-root account and a firewall to be half-safe (this, I think, is the kinda tweaking themacuser was talking about).
Insinuating that linux never needs to be tweaked is just hilarious.
Like I said, it depends on the distribution and what you want to do. I wouldn't ever say that any distribution "never" needs to be tweaked, but you don't have to do any tweaking to be safe.
Linux needs to be updated just like Windows does. Macs need to be updated too.
I don't think updating would be tweaking, I hinted that in my post.
The only downside to Windows, security-wise is that it is not protected by herd immunity, like linux, Mac and other obscure OS's.
That may be arguably true except for the "the only..." bit. That's just completely retarded and ignorant of the discussion at hand.
-
After installing Mac OS X you get mostly-sane defaults (services disabled and a user account setup). After installing Windows you get completely braindead defaults (even muzzy said so himself), and the user needs to setup a non-root account and a firewall to be half-safe (this, I think, is the kinda tweaking themacuser was talking about).
Okay setting up an account is tweaking. Fine. XP comes with the firewall turned on by defult now, so that argument is down the tube.
That may be arguably true except for the "the only..." bit. That's just completely retarded and ignorant of the discussion at hand.
I totally agree, the default user privledge is bad. But what else? PLease tell me.
-
XP comes with the firewall turned on by defult now, so that argument is down the tube.
Yea I guess casual users won't have to do a thing. What does one do, though, if they wanna allow connections in only through port 80 (while blocking all other ports) and are unlucky enough to be using Windows? Unless there's something I'm missing it's not even possible with the Windows firewall, but there could well be something I'm missing (we're talking about very basic and quite-popular firewall configurability here.). The poor ass would have to use a different firewall.
I totally agree, the default user privledge is bad. But what else? PLease tell me.
Internet Explorer (insecure ActiveX and apparently insecure Javascript enabled by default. And then the fact that it's shit.). Also, I remember getting MSN messenger to fuck off back in the day was a challenge not for the faint of heart.
-
Yea I guess casual users won't have to do a thing. What does one do, though, if they wanna allow connections in only through port 80 (while blocking all other ports) and are unlucky enough to be using Windows? Unless there's something I'm missing it's not even possible with the Windows firewall,
Of course that's posbbile with Windows firewall. When opening ports you can also specificy which addreses can access that port.
Internet Explorer (insecure ActiveX and apparently insecure Javascript enabled by default. And then the fact that it's shit.).
But, ActiveX flaws cannot be exploited if the user isn't running as admin. Admin access is required to install ActiveX controls. See what I was saying when I said the only problem with Windows is the default security level. ActiveX flaws become nonexistrent when you browse as a regular user. As for javascript sploits, the've been discovered for pretty much all browsers, so I don't see the why you would single out MS on that one.
-
Of course that's posbbile with Windows firewall. When opening ports you can also specificy which addreses can access that port.
Interesting, I never knew that, but I never used the Windows firewall much. Whenever I saw it I thought it was either on or off and that's it.
And I thought the Windows firewall was completely crap ;)
(can't beat iptables)
But, ActiveX flaws cannot be exploited if the user isn't running as admin. Admin access is required to install ActiveX controls. See what I was saying when I said the only problem with Windows is the default security level. ActiveX flaws become nonexistrent when you browse as a regular user.
Maybe, maybe. But it's still more tweaking than required on most GNU/Linux distributions and Mac OS X.
EDIT: Why does muzzy and Aloone_Jonez disable ActiveX if it's not a security issue with their limited accounts?
As for javascript sploits, the've been discovered for pretty much all browsers, so I don't see the why you would single out MS on that one.
Well muzzy has stated (IIRC, this was a long time ago) that he's disabled Javascipt in IE and anytime he absolutely must view a Javascripted page he goes to the bother of starting up Firefox. That's why.
-
Hell, why would you instruct H_TeXMeX_H to stay away from IE after instructing him to use only a limited account if IE/ActiveX/Javascript is okay in a user account?
Having to tweak one little thing isn't so bad, but user accounts aren't little things (Okay that sentence and the start of the next is bad. It's not hard to make a user account, I don't mean to say that. I mean to say that they're important. I'm too lazy to restructure it right now.). They're huge motherfuckers and everybody really should make good use of them. Apple and most GNU/Linux distributors took it on themselves to create a user account at installation time, because they knew it was important. Not only is it important for the individual user, it's important for the world of users because once one machine is cracked, the rest are in danger, especially if the rest are using superuser accounts to browse the web. For this reason, I believe that if Mac OS X or GNU/Linux dominated the market, they wouldn't have so much malware as Windows does now. There are other things to consider, ofcourse, and in the end I might be wrong, but I don't see how any non-retard could predict otherwise. IMO, Windows brought it's malware situation on itself more than anything else (the fact that it's a product of an evil corportion that many people have no/little respect for doesn't help much either).
Knowing how important using user accounts is is one thing, I still wouldn't declare anyone insane for releasing an operating system that doesn't setup a user account at installation time because there are other factors to be taken into account. One is the target market. I don't think Patrick Volkerding is insane because the Slackware installer doesn't setup a user account for the user, and probably most people don't. That's because Slackware is targetted towards people with a clue. Windows isn't.
I do think that Microsoft are insane for not having a user account setup at installation time. Did they expect most users to setup user accounts themselves or what? Microsoft were begging for disaster. Windows is/always has been begging for disaster.
-
EDIT: Why does muzzy and Aloone_Jonez disable ActiveX if it's not a security issue with their limited accounts?
That's a damn good question, because it's rather pointless. Are you sure alone and muzzy actually use limited accounts?
-
That's a damn good question, because it's rather pointless.
Then why don't you answer this one?:why would you instruct H_TeXMeX_H to stay away from IE after instructing him to use only a limited account if IE/ActiveX/Javascript is okay in a user account?
Are you sure alone and muzzy actually use limited accounts?
/me searches for a bit
Nope, got nothing for muzzy and only this (http://www.microsuck.com/forums/showpost.php?p=106359&postcount=59) for Aloone_Jonez:I set up all of the user accounts with restricted privileges and to show all file extentions to help gaurd against any infection by fire wall breaches or suspicious downloads.
Those could be accounts for other people though, so he might be browsing the web as root. There is one way to find out...
-
Hell, why would you instruct H_TeXMeX_H to stay away from IE after instructing him to use only a limited account if IE/ActiveX/Javascript is okay in a user account?
Good question. The reason is because, even though running as a limited user protects the operating system, remote code execution exploits, if coded properly, can still infect the users space and run. There are more than just ActiveX exploits for IE. There are image rendering buffer overflows, javasripts overflows, etc. Due to it's marktshare, IE is highly targeted and whenever some buffer overflow is detected tons of sites carry the exploit code. I've personally seen adware that is coded to run in the users space. Because it was restricted to the users space, it was very easy to clean up, but it was still malware. The most valuable files on a system are the user's files, so a malware infection restricted the users space can still do really bad things, like steal personal info. Thebig difference is malware stuck in the users space is easier to detect (no rootkits!) and easier to remove (just log in as a different account and nuke it!).
I got the clue on IE a loooong time ago and have been using mozilla since before version 1.0 and then firefox before version 1.0.
I do think that Microsoft are insane for not having a user account setup at installation time. Did they expect most users to setup user accounts themselves or what? Microsoft were begging for disaster. Windows is/always has been begging for disaster.
A agree. The default admin user account thing is dumb. It was amde to facilitate backward compatibility with programs coded for older versons of Windows that had no security model at all. Their other choice would have been some wierd sandbox/virtual machine type of workaround incompatible programs, which would probably severely degraded performance. It all comes down to what the customer wants. "Average Joe" computers users want, above all, their computers to work and not be slow. That's what Microsoft gave them.
You might be suprised that I think this, but when Vista comes out and it creates limited accounts by default, nothing will change as far as malware on Windows. Micreants will start to code their malware so that it runs in the users space, and people will continue to have their Windows machines infected just like they are today. Most viruses today propogate today by getting naive users to open up zip attachments and execute the files inside, so there is no reason to think that with Vista, malware will simply ask for the admin password - and naive users will type it in.
-
Good question. The reason is because, even though running as a limited user protects the operating system, remote code execution exploits, if coded properly, can still infect the users space and run. There are more than just ActiveX exploits for IE. There are image rendering buffer overflows, javasripts overflows, etc. Due to it's marktshare, IE is highly targeted and whenever some buffer overflow is detected tons of sites carry the exploit code. I've personally seen adware that is coded to run in the users space. Because it was restricted to the users space, it was very easy to clean up, but it was still malware. The most valuable files on a system are the user's files, so a malware infection restricted the users space can still do really bad things, like steal personal info. Thebig difference is malware stuck in the users space is easier to detect (no rootkits!) and easier to remove (just log in as a different account and nuke it!).
Okay but just one thing:Due to it's marktshare, IE is highly targeted
There's more to it than market share. Just to make sure you're aware of that.
A agree. The default admin user account thing is dumb. It was amde to facilitate backward compatibility with programs coded for older versons of Windows that had no security model at all. Their other choice would have been some wierd sandbox/virtual machine type of workaround incompatible programs, which would probably severely degraded performance. It all comes down to what the customer wants. "Average Joe" computers users want, above all, their computers to work and not be slow. That's what Microsoft gave them.
They also got seriously messed up security. Microsoft (or should I say Windows) got themselves into their own mess anyhow.
You might be suprised that I think this, but when Vista comes out and it creates limited accounts by default, nothing will change as far as malware on Windows. Micreants will start to code their malware so that it runs in the users space, and people will continue to have their Windows machines infected just like they are today. Most viruses today propogate today by getting naive users to open up zip attachments and execute the files inside, so there is no reason to think that with Vista, malware will simply ask for the admin password - and naive users will type it in.
Good think Linux has working MAC (SELinux (http://www.nsa.gov/selinux/)). Is there work going on to get MAC on Windows (A quick google search doesn't seem to think so... MS really should do be getting MAC on Windows I think...)?
# What does Security-enhanced Linux give me that standard Linux can't?
The Security-enhanced Linux kernel enforces mandatory access control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs. When confined in this way, the ability of these user programs and system daemons to cause harm when compromised (via buffer overflows or misconfigurations, for example) is reduced or eliminated. This confinement mechanism operates independently of the traditional Linux access control mechanisms. It has no concept of a "root" super-user, and does not share the well-known shortcomings of the traditional Linux security mechanisms (such as a dependence on setuid/setgid binaries).
The security of an unmodified Linux system depends on the correctness of the kernel, all the privileged applications, and each of their configurations. A problem in any one of these areas may allow the compromise of the entire system. In contrast, the security of a modified system based on the Security-enhanced Linux kernel depends primarily on the correctness of the kernel and its security policy configuration. While problems with the correctness or configuration of applications may allow the limited compromise of individual user programs and system daemons, they do not pose a threat to the security of other user programs and system daemons or to the security of the system as a whole.
Kinda cool if you ask me.
-
Dude....
Almost all of the features in SELinux have been a part of Windows since WindowsNT 4.0.
See what Im saying when I say you Widnows bashers dont know much about Windows?
-
Dude....
Almost all of the features in SELinux have been a part of Windows since WindowsNT 4.0.
Really? How well do they work? Why isn't it being used (or is it/where is it being used?)?
See what Im saying when I say you Widnows bashers dont know much about Windows?
Yea, maybe I should go to university and study Windows.
-
Well SELinux is more flexible than Windows, and very well might be a bit more advanced, but the concepts are the same. SELinux has ACL's for file permissions instead of the stadard rwx permissions. Windows has had since NT 3.5. SElinux uses policies which determind what actions what users can perform and I also think they can set ACL's. Again, Widnows has had system polcies forever.
There is a good discussion in Slashdot I had while back about the SELinux and it's comparison to Windows security model.
You can check it out it here. (http://it.slashdot.org/comments.pl?sid=171334&cid=14269937&pid=14269937&threshold=-1&mode=thread&commentsort=0&op=Change)
The big problem with these advanaced security models, us that they can get really complicated really fast. Most Windows users who have grown accustomed to Windows security features are shocked when they move over to UNIX, as the stadard UNIX seecuirty model is MUCH simpler, and therefore much less flexible. On the other hand, seasoned UNIX dudes who move into the windows world are known to curse the Windows security model because of the are accustomed to the simplicity of standard UNIX security and the complexity of ACL's and polcies are annoying to them, as they view the complexity it brings as a weakness - because the more complex something is, the easier it is the screw up.
-
Well SELinux is more flexible than Windows, and very well might be a bit more advanced, but the concepts are the same. SELinux has ACL's for file permissions instead of the stadard rwx permissions. Windows has had since NT 3.5. SElinux uses policies which determind what actions what users can perform and I also think they can set ACL's. Again, Widnows has had system polcies forever.
There is a good discussion in Slashdot I had while back about the SELinux and it's comparison to Windows security model.
You can check it out it here. (http://it.slashdot.org/comments.pl?sid=171334&cid=14269937&pid=14269937&threshold=-1&mode=thread&commentsort=0&op=Change)
The big problem with these advanaced security models, us that they can get really complicated really fast. Most Windows users who have grown accustomed to Windows security features are shocked when they move over to UNIX, as the stadard UNIX seecuirty model is MUCH simpler, and therefore much less flexible. On the other hand, seasoned UNIX dudes who move into the windows world are known to curse the Windows security model because of the are accustomed to the simplicity of standard UNIX security and the complexity of ACL's and polcies are annoying to them, as they view the complexity it brings as a weakness - because the more complex something is, the easier it is the screw up.
I was talking about MAC, which at least in SELinux, if I understand correctly, I can setup so that when the user "piratepenguin" runs gaim, the gaim process can only write to ~/.gaim. AFAIK SELinux can do that through MAC (I've never looked much into SELinux), can Windows do the same thing through these "policies"?
While we're talking about security, while I was googling for "windows "mandatory access control" selinux (http://www.google.it/search?q=windows+%22mandatory+access+control%22+selinux&start=0&ie=utf-8&oe=utf-8&client=firefox&rls=org.mozilla:en-US:unofficial)", I came accross this (http://os.newsforge.com/article.pl?sid=04/05/18/1715247&tid=2&tid=11&tid=16&tid=31&pagenum=1) article comparing the security capabilities of GNU/Linux and Windows. Damn there's alot of security stuff out there I never knew much about... Anyhow, it concludes that GNU/Linux is best in almost all areas (seven tested). It mentioned MAC for Linux through SELinux, and nothing about a Windows equivilent to it. Is this "policy" stuff I hear the same idea as MAC? It's well over a year old, but I don't know if much has changed since, maybe you do.
-
If the only reason Windows is attacked more is it's higher marketshare, then why is IIS attacked more than Apache httpd?
Also, consider this. While the Macintosh has a low market share, one common use for them is pro film editing. Since they dominate that market, someone with an axe to grind against the MPAA could put together a virus for OSX, and kill the movie studios. So if the Mac doesn't have better security, then why hasn't this happened?
Could it be that Unix systems are more secure? This so called Windows Firewall is a joke. Does it have HIPS, or any of the other things that you pay for in a real firewall? One thing I would like to see is a firewall that automatically gets a list of MAC addresses used by crackers, and automatically blocks them, sort of like PeerGuardian. Now, since Unix systems are open-source, at least the kernels, one could easily add this to Slackware or Debian or FreeBSD. But since Windows is closed source, you can't add it to the system.
Another issue is not just IE, but Outlook. They both use the same rendering engine, so a VB script will execute automatically in both IE or OE. And since there's no way to remove either, and IE is the file browser, that's a big hole. Now I know you can get the patches, but isn't a secure system supposed to hold it's own against crackers WITHOUT relying on a patching mechanism?
Now will Windows' stellar security features encrypt my entire disk drive, or my home folder, like MacOSX. You won't get code sharing, you'll just get a shoddy DLL, which can be replaced with one with malicious code. The only thing stopping this from happening is File Protection Services, which just checks the name. The fix for the .WMF hole was a DLL of the same name.
Now you could have a secure Windows box as long as you don't use IE, don't run as root, have a virus scanner, don't use Outlook, etc....
But the fact that all that is required to run Windows safely is proof that Windows is NOT secure, that it is a breaking dam, and that all those virus scanners are just delaying it's inevitable collapse.
-
If the only reason Windows is attacked more is it's higher marketshare, then why is IIS attacked more than Apache httpd?
It's not. Arguably, IIS has has the more famous attacks, but not as many.
-
If the only reason Windows is attacked more is it's higher marketshare, then why is IIS attacked more than Apache httpd?
It's not. Website defancements nowadays pretty much reflect marketshare numbers, with 65% hitting linux and 25% hitting windows. Check out Zone-H.org's 2003-2004 report on website defacements.
Also, consider this. While the Macintosh has a low market share, one common use for them is pro film editing. Since they dominate that market, someone with an axe to grind against the MPAA could put together a virus for OSX, and kill the movie studios.
So if the Mac doesn't have better security, then why hasn't this happened?
Herd Immunity. There are simply not enough Macs out there.
Could it be that Unix systems are more secure?
No, they are more obscrure - though this type of obscurity can lead to higher 'security'
This so called Windows Firewall is a joke.
Actually it does exactly what it was designed to do - protect computers from network worms. Microsoft wanted to protect customers computers, not enter the firewall market.
Does it have HIPS, or any of the other things that you pay for in a real firewall?
Again....It's not meant to be an advanced firewall.
One thing I would like to see is a firewall that automatically gets a list of MAC addresses used by crackers, and automatically blocks them, sort of like PeerGuardian. Now, since Unix systems are open-source, at least the kernels, one could easily add this to Slackware or Debian or FreeBSD. But since Windows is closed source, you can't add it to the system.
Your ignorance of networking is showing here. It impossible to get the MAC address of a computer which is not on your local network. This feature is not in PeerGuardian or any other firewall products because it's impossible to do.
Another issue is not just IE, but Outlook. They both use the same rendering engine, so a VB script will execute automatically in both IE or OE. And since there's no way to remove either, and IE is the file browser, that's a big hole. Now I know you can get the patches, but isn't a secure system supposed to hold it's own against crackers WITHOUT relying on a patching mechanism?
Holy shit, the ingorance train keeps rolling! First of all, firefox and thunderbird both use the same engine. IN KDE Koneror is also the filebrowser - and contrary to what you think, IE is not Widnows filebrowser. Explorer jsut has the ability to call IE's html engine to display web pages. Konqeror does this too.
Now will Windows' stellar security features encrypt my entire disk drive, or my home folder, like MacOSX.
Yes, windows can encrypt data, and the encrpytion cannot be cracked any easier than any other OS's file encryption. Full drive encryption is not available yet, but that is overratted IMO. The users file are what is important.
You won't get code sharing, you'll just get a shoddy DLL, which can be replaced with one with malicious code. The only thing stopping this from happening is File Protection Services, which just checks the name. The fix for the .WMF hole was a DLL of the same name./quote]
Not sure sure WTF you are talking about here. Windows file encryption is jsut as secure as other OS's file encryption.
Now you could have a secure Windows box as long as you don't use IE, don't run as root, have a virus scanner, don't use Outlook, etc....
But the fact that all that is required to run Windows safely is proof that Windows is NOT secure, that it is a breaking dam, and that all those virus scanners are just delaying it's inevitable collapse.
I'm still waiting for that collaspe. I'll let you know when it happens.
-
Again....It's not meant to be an advanced firewall.
But if Windows computers are the most attacked, perhaps an advanced firewall is necessary. Since after all, Microsoft want's to secure their PC's, right?
Holy shit, the ingorance train keeps rolling! First of all, firefox and thunderbird both use the same engine. IN KDE Koneror is also the filebrowser - and contrary to what you think, IE is not Widnows filebrowser. Explorer jsut has the ability to call IE's html engine to display web pages. Konqeror does this too.
My point wasn't to slam MS for using the same engine, it was to point out that Outlook is as insecure as IE.
-
It's not. Website defancements nowadays pretty much reflect marketshare numbers, with 65% hitting linux and 25% hitting windows. Check out Zone-H.org's 2003-2004 report on website defacements.
Herd Immunity. There are simply not enough Macs out there.
No, they are more obscrure - though this type of obscurity can lead to higher 'security'
There are other important factors to take into account other than market share. Apache has proved this (whether it still holds true, I don't care). Whether the application was designed to be secure is one of them. NEVER FORGET than Windows doesn't setup a user account. As a result of that, there are HUNDREDS OF MILLIONS more super-Windows-users on the internet. Who do you THINK the crackers will target? Windows was asking for it, Mac OS X/many GNU/Linux distributions aren't.
Actually it does exactly what it was designed to do - protect computers from network worms. Microsoft wanted to protect customers computers, not enter the firewall market.
Again....It's not meant to be an advanced firewall.
Still, Linux has an excellent firewall, so does the BSDs and Mac OS X. Why doesn't Windows? It's the most used OS, it MUST be secure and it MUST have a REALLY good firewall to stop attackers.
Your ignorance of networking is showing here. It impossible to get the MAC address of a computer which is not on your local network. This feature is not in PeerGuardian or any other firewall products because it's impossible to do.
Can't iptables do it? Or does it only work for the local network?
http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/12/iptables-mac-address-filtering.php
-
Besides, with MS Anti-Spyware, it looks like they're going into security. Why not go for an advanced firewall?
One thing that would be nice is something like OSX, when you go to do something that needs admin permissions, you supply an admin username and pass, just like sudo. That would be great. Even better, use bundles, then you don't have to install anything besides the bundle, just put that into a folder with rwx all around.
-
Can't iptables do it? Or does it only work for the local network?
http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/12/iptables-mac-address-filtering.php (http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/12/iptables-mac-address-filtering.php)
iptables can filter by MAC, but it's useless for traffic that comes from outside of the local network, because the MAC addresses are only held by switches to map physical data ports to ip addresses. Computers and routers also hold MAC>IP translation caches, but this is only to determine if the data they are sending is detined for the local network, and in the case of routers, to decide which route is the best for a packet. Computers and routers find out MAC addresses by sending out ARP requests on the network. ARP requests are broadcasts (every machine on the local recieves the request), and therefore are not routed. So when a packet comes in from an outside network, iptables can send out an arp request asking for the MAC address of the souce IP, but it will get no answer because the source machine that sent the packet is not on the local network.
-
I really son't see the beef you guys have with the Windows firewall. It was meant for ONE purpose - to stop WORMS from coming in. Right now, it does that job perfectly. It allows you to block IP addresses, and subnets, open ports and specificy which ,machines or subnet have access to those ports and also does incoming application based filtering. No, it doesn't have all the features of Iptrables, or pf, or ipfw, but these features are avaiable for free via third party apps and you know as well as I do that Microsoft including a full featured firewall with Windows would stir up a load of Anti-trust crap.
-
I really son't see the beef you guys have with the Windows firewall. It was meant for ONE purpose - to stop WORMS from coming in. Right now, it does that job perfectly. It allows you to block IP addresses, and subnets, open ports and specificy which ,machines or subnet have access to those ports and also does incoming application based filtering. No, it doesn't have all the features of Iptrables, or pf, or ipfw, but these features are avaiable for free via third party apps and you know as well as I do that Microsoft including a full featured firewall with Windows would stir up a load of Anti-trust crap.
Who cares what Microsoft wanted to achieve with the Windows firewall, what matters is that it sucks, or at least that it's no iptables (whether Microsoft wanted something comparable to iptables or not).
If Microsoft lands in another anti-trust trial for including something that is actually useful, tough shit for them.
I guess in the next anti-trust trial they can bitch about being so kind as to not including a decent firewall in Windows.
-
I really son't see the beef you guys have with the Windows firewall. It was meant for ONE purpose - to stop WORMS from coming in. Right now, it does that job perfectly. It allows you to block IP addresses, and subnets, open ports and specificy which ,machines or subnet have access to those ports and also does incoming application based filtering. No, it doesn't have all the features of Iptrables, or pf, or ipfw, but these features are avaiable for free via third party apps and you know as well as I do that Microsoft including a full featured firewall with Windows would stir up a load of Anti-trust crap.
so a firewall is defined as "something that stops worms" ? or does it need a little more than that in order to be called a 'firewall' ? rather than a 'wormstopper' ? Oh and I can testify that it stops about as many worms as it can ... but most of them still get though ... at least that's what other anti-virus programs indicated
-
so a firewall is defined as "something that stops worms" ? or does it need a little more than that in order to be called a 'firewall' ? rather than a 'wormstopper' ?
A firewall is a device or software that processes and takes action on IP packets after checking them against a list of rules.
Oh and I can testify that it stops about as many worms as it can ... but most of them still get though ... at least that's what other anti-virus programs indicated
And I can testify that you are one of the most ignorant, fanboiish people (that's saying a lot) on this forum...at least that's what your posts have indicated.:thumbup:
-
IGNORING ALL PREVIOUS POSTS
Windows has inbuilt design flaws for a reason: the OS tries to be backward-compatible to DOS 6.0. Not a good excuse. DOS was a massive rush job, and no amount of upgrading will fix that. But on top of that, they insist on violating both standards and common sense, and do almost nothing against virii, worms and spam. (OpenBSD has pf, spamd and W|X to handle that)
If Microshit actually cared about security, they would redesign the OS from scratch, rewrite most of the emulation support to eliminate most I/O problems, and include a good firewall, a virus scanner, and a good spamblocker, just like they include IE and Outlook.
Speaking of Outlook, I set it to block all foreign TLDs, all foreign charsets, and all addresses not in my whitelist AND I'M STILL GETTING 15 SPAMS AN HOUR!!!! WTHFSEFFREFQW!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Although I don't have any GNU/Linux experience, I use OpenBSD, which is a lot less user-friendly, and is functionally about the same. Give or take. I use XP only for games (I need my Halo, even if its owned by the enemy), music (OpenBSD's SW Synth sucks), and email (PeoplePC is gay and only works on Winshit, apparently. I called and asked, and I think they put me on speakerphone so the whole company could laugh at me :fu: :mad: :o :nothappy: :( )
-
A firewall is a device or software that processes and takes action on IP packets after checking them against a list of rules.
And I can testify that you are one of the most ignorant, fanboiish people (that's saying a lot) on this forum...at least that's what your posts have indicated.:thumbup:
Well ... that may be your opinion of me ... at least I never flamed anyone ... unlike you ... what you think of me is beside the point ...
Here (http://en.wikipedia.org/wiki/Firewall_%28networking%29) is a wiki on firewalls ... I'm pretty sure that not only does Winblow$ firewall not fit into any of the firewall criteria ... it also does a very bad job at it. Both Norton and McAfee found worms on my computer that Winblow$ firewall missed ... how do you explain that ? ... I know what you will say ... that I didn't configure it properly ... well, you know, maybe it should come with a long and complicated manual that I should waste my time reading just to begin to learn how to use the user-friendly piece of shit called M$ Winblow$ firewall. Not to mention that the firewall can be disabled by hackers remotely with relative ease :D
-
http://en.wikipedia.org/wiki/Windows_Firewall
-
Ahhhh ... here is a nice video I found some time ago ... I posted it in another post here ... it fits better here though (Google video) (I apologize for the low quality ... it ain't my video ... it's more readable if you download it ... there is a download button in the upper right corner)
How to cheat the perfect Winblow$ "firewall" (http://video.google.com/videoplay?docid=5610343847576251062&q=windows)
Backdoor ? (http://habaneronetworks.com/viewArticle.php?ID=144)
it is clear that Winblow$ firewall is pretty much worthless security wise.
-
[offtopic]What the hell codec do they use over at GV, anyway? I ran the initial file through a text editor, it's a simple redirect; I ran the video file past a hex editor, and the first thing I saw that looked familiar was "RIFF" followed by "Divx" at some point near the beginning. However, my media players refused to identify it as Divx. Weirdness.[/offtopic]
-
How to cheat the perfect Winblow$ "firewall" (http://video.google.com/videoplay?docid=5610343847576251062&q=windows)
That's nice except you need admin rights to do whatever (I can't tell exactly what) that grainy video shows. If you have admin rights, why not just add an execption or turn the firewall off?
Backdoor ? (http://habaneronetworks.com/viewArticle.php?ID=144)
Again, you show your ignorance. That is no a "backdoor", it's an exeception that was created by an program that was installed with admin rights.
it is clear that Winblow$ firewall is pretty much worthless security wise.
Compared to what...iptables? Give me root access to your box and we'll see just how well iptables protects your machine.
-
Well ... that may be your opinion of me ... at least I never flamed anyone ... unlike you ... what you think of me is beside the point ...
My appologies for flaming, but my opinion of you has certainly not changed, especially after the last two posts you've made in this thread. You seem to be very gullable (falling for that "backdoor" article) and lack the basic networking knowledge needed to even understand that the wiki you linked to actually describes exactly what the Windows firewall does.
Here (http://en.wikipedia.org/wiki/Firewall_%28networking%29) is a wiki on firewalls ... I'm pretty sure that not only does Winblow$ firewall not fit into any of the firewall criteria ..
As I said that wiki describes what the windows firewall does quite nicely. From the wiki....[indent]In computing (http://en.wikipedia.org/wiki/Computing), a firewall is a piece of hardware (http://en.wikipedia.org/wiki/Hardware) and/or software (http://en.wikipedia.org/wiki/Software) which functions in a networked environment (http://en.wikipedia.org/wiki/Computer_network) to prevent some communications forbidden by the security (http://en.wikipedia.org/wiki/Computer_security) policy...
[/indent]
it also does a very bad job at it. Both Norton and McAfee found worms on my computer that Winblow$ firewall missed ... how do you explain that ?
It's not a firewall's job to find worms, it's job is to filter traffic. Those worms on your system did come into your system on their own through your firewall - you brought them in yourself, either by downloading some software and running it or some exploit. There is no case of anyone discovering how to bypass the windows firewall from outside of the computer.
Not to mention that the firewall can be disabled by hackers remotely with relative ease
Suuuuuure. Care to elaborate on this claim?
-
If a cracker has root on your box, you've got much bigger stuff to worry about then having an email worm slip through.
-
The only way you can make a fair comparason is if you access the Internet only using a restricted user account and this applies to both Windows and Linux.
-
The only way you can make a fair comparason is if you access the Internet only using a restricted user account and this applies to both Windows and Linux.
Compare what, the firewalls? iptables wins, enough said.
-
Compare what, the firewalls? iptables wins, enough said.
You sure are in love with iptables aren't you?
-
You sure are in love with iptables aren't you?
Better that than Windows.
-
Who here is in love with Windows?
-
Who here is in love with Windows?
Well, you are a shill for Microsoft.
-
Well, you are a shill for Microsoft.
According to some anonymous Microsuck.com forum member.
-
Who here is in love with Windows?
Who here is in love with iptables?
-
Software Installation
Windows: Most applications use an installer. Fairly easy provided that the program doesn't break something.
Linux: One word: Dependencies
Preformance
Windows: After a few hours of disuse, Windows will choke and sputter for about two minutes upon resuming. Then function continues normally.
Linux: Starts right up like it had never been idle
Management
Windows: DLL Hell. Installations will "age" with the addition and removal of programs
Linux: Does not have that problem.
Security
Microsoft: Has dangerous defaults like CD auto-run and hiding extensions for known filetypes. Additionally, if you disable CD auto-run, you may not be able to play one CD after another unless you reboot first.
Linux: Does not auto-run CDs nor does it come with things like file extension hiding by default.
Programs
Windows: Comes with default programs that cannot be removed or others that are only removed with a third-party program or registry hack.
Linux: Fully customizable.
-------------------------------
Of course not to mention the annoying things turned on by default in XP like program highlighting and that dumb dog search assistant.
And to add that their help files are on the Internet. That doesn't help when you are trying to troubleshoot an Internet connection. Additionally, Microsoft help files can be a chore to wade through.
Furthermore, why should you have to give Explorer Internet rights just to use the "Show Desktop" function?!
While Linux isn't perfect, it sure beats the hell out of Windows.
-
Linux: One word: Dependencies
You do realize that is really a non issue, right? Debian has had APT since the 90s, Gentoo has portage, and of course the 10000000000000000000000000 distros based off them use the same packages. The only package manager that has dependancy issues that I can think of, right now, is RPM. But then you have apt4rpm and such.
-
Well, you are a shill for Microsoft.
you read my mind ... toadlife sure does seem to love M$ ...
It's not a firewall's job to find worms, it's job is to filter traffic. Those worms on your system did come into your system on their own through your firewall - you brought them in yourself, either by downloading some software and running it or some exploit. There is no case of anyone discovering how to bypass the windows firewall from outside of the computer.
... so you are getting at the "fact" that if you use a restricted user account an a Window$ machine the Window$ firewall will be able to stop worms effectively ? but wait ... how can you install programs using a restricted user account ? You can't ... at least not most programs ... so basically I would need to know which programs contain malware and which ones don't so that I can make sure they don't in any way alter the precious Window$ firewall and maxe it let in all the worms. Well then the problem seems to be malware not the firewall ... but wait how do we get rid of that ... I have tried myself ... I've gotten programs to do it ... but there were still worms and trojans on my machine because Gates is in with malware companies (http://www.adwarereport.com/mt/archives/000150.html) and it would be bad business to eliminate them all ... just the ones he doesn't own ... as for McAfee and Norton and many other anti-virus companies live on the fact that Window$ is so vulnerable to malware and viruses. If all malware were eliminated then they would go bankrupt ... especially since their firewalls are also pretty lame and exploit ridden
-
You do realize that is really a non issue, right? Debian has had APT since the 90s, Gentoo has portage, and of course the 10000000000000000000000000 distros based off them use the same packages. The only package manager that has dependancy issues that I can think of, right now, is RPM. But then you have apt4rpm and such.
I use rpms a lot and the dependencies are not as much a problem if you use something that manages them like yum ... it installs the dependencies for you ...
-
how can you install programs using a restricted user account ? You can't ... at least not most programs
And you can't in Linux either. What's your point?
... so basically I would need to know which programs contain malware and which ones don't so that I can make sure they don't in any way alter the precious Window$ firewall and maxe it let in all the worms.
Well, there is this thing called 'common sense' that comes in real handy in this situation. If you download the source of a program do a compile/install that requires root, how do you know it won't turn off your firewall and root your system?
Well then the problem seems to be malware not the firewall ... but wait how do we get rid of that ... I have tried myself ... I've gotten programs to do it ... but there were still worms and trojans on my machine
I think based on this thread, you definitely shouldn't use Windows. Linux or OSX are good OSs for you to use. Just hope the OS you use doesn't ever become popular.
-
Preformance
Windows: After a few hours of disuse, Windows will choke and sputter for about two minutes upon resuming. Then function continues normally.
Linux: Starts right up like it had never been idle
See this thread (http://www.microsuck.com/forums/showthread.php?p=109006#post109006) for a possible explanation on why this happens.
-
And you can't in Linux either. What's your point?
Actually, I've not found ONE program that I can't run from my user home, configged and installed as *me* rather than root or via sudo. Even Grip gives me some functionality, albeit limited, and THAT is mostly because I neglected to config my CD drive to give mount permissions to user. To the Windows end, why in HELL would CDex ask me for my admin password for installation, particularly when it's going to a user Documents folder? Bad coding made to work for an awkward system configuration is the sole reason I can figure.
Well, there is this thing called 'common sense' that comes in real handy in this situation. If you download the source of a program do a compile/install that requires root, how do you know it won't turn off your firewall and root your system?
Not that I don't appreciate your subtle ad hominem ex parte, but anyone who runs programs that NEED to be run as root should be shot. There's not a single valid reason that I can think of for that behaviour on any system, barring bad coding practices. Having said that, at least we can CHECK the source, so we can't claim ignorance of the "problem" at hand (assuming it hasn't been somewhat mitigated by userspace).
I think based on this thread, you definitely shouldn't use Windows. Linux or OSX are good OSs for you to use. Just hope the OS you use doesn't ever become popular.
What is it with you and false premises? The *only* time that I can see that logic functioning *anywhere* in history is with Windows. That's like saying that if Chevys ever become as popular as Jaguars, they'll break down every bit as often. If you'll notice, Chevy has one of the BEST mechanical histories *IN THE WORLD* whereas Jaguars are literally in the shop every other week. Given, it's gotten somewhat better with the Ford buyout, but they're still pretty bad.
Now, don't get me wrong; I'm not saying you won't encounter minor annoyances (sometimes major, but more oftentimes minor) and quirks from time to time - you will. The point is that you're trying to argue that the future distribution of a product will affect its current security, and that - my friend - is bad logic.
Having said all that, I'm quite pleased to see you comfortable with your current platform, and at a level of expertise where you can make it perform to your expectations. You have achieved a level of mastery that few have bothered and will bother to reach. :cool:
-
Actually, I've not found ONE program that I can't run from my user home, configged and installed as *me* rather than root or via sudo.
I was referring to the standard practice of using package management systems to install software. This almost allways requires root. yes, I've downloaded, configed and installed programs in my own folder in BSD, but only becuase the application was not in the FreeBSD ports system. I'v also downloaded an run programs from my userspace for Windows too - though as you know, these are not nearly as common.
and THAT is mostly because I neglected to config my CD drive
Config your CD drive as root, right?
To the Windows end, why in HELL would CDex ask me for my admin password for installation, particularly when it's going to a user Documents folder? Bad coding made to work for an awkward system configuration is the sole reason I can figure.
Good question. I've used CDEx. Last time I did, I jsut unzipped it and ran it. CDEx might require low level driver access which means the proper permissions must be set for regular users, or it must be run as admin. Or maybe CDEX installs a driver?
...but anyone who runs programs that NEED to be run as root should be shot.
Have you ever burned a CD in linux?
If not, have you ever executed any of the following programs in linux?
/bin/su
/bin/ping
/bin/mount
/bin/umount
/var/qmail/bin/qmail-queue
/usr/bin/chfn
/usr/bin/chsh
/usr/bin/crontab
/usr/bin/chage
/usr/bin/expiry
/usr/bin/sperl5.6.1
/usr/bin/newgrp
/usr/bin/passwd
/usr/bin/gpasswd
/usr/bin/procmail
/usr/bin/suidperl
/usr/lib/misc/pt_chown
/usr/sbin/unix_chkpwd
/usr/sbin/traceroute
/usr/sbin/pwdb_chkpwd
That is a list of the files in Gentoo (and most other linux distros) that have the suid bit set on them by default becasue they won't work as non-root users otherwise."
There's not a single valid reason that I can think of for that behaviour on any system, barring bad coding practices.
I agree, but on any OS, there are certain apps that need elevated privileges, regardless of how well they are programmed, because the design of the OS requires it.
What is it with you and false premises? The *only* time that I can see that logic functioning *anywhere* in history is with Windows.
In order for a premise to be false it must be proven so first. But, feel free to call mine flawed if you like. Semantics nazism aside, you must have missed all of the viruses that affected the Mac when they had a relevant markethsare. The biggest collection of flawed premises I see is when people claim linux would be malware free if it had a large desktop following.
That's like saying that if Chevys ever become as popular as Jaguars, they'll break down every bit as often.
And I bet you there were 500 times more Chevys that broke down last year than Jaguars. That of course means nothing, but the statistics could be twisted to indicate that it does. On the same note, the fact that 500 times more Windows machines were infected or hacked last year than linux machines it doesn't neccesarily mean Windows is flawed. The numbers, use and users between the two platforms are completely different, and therefore straight simple stats comparisons mean very little.
Now, don't get me wrong; I'm not saying you won't encounter minor annoyances (sometimes major, but more oftentimes minor) and quirks from time to time - you will. The point is that you're trying to argue that the future distribution of a product will affect its current security, and that - my friend - is bad logic.
IMO, my logic is quite sound, and I will explain why. Lets just pretend that Linux's poularity exploded on the desktop and it gained, oh...50% desktop marketshare. I'm not saying you or anyone else here has said these things, but these are all arguments I've heard multiple times by linux zealots on the net.
Flawed premise: Linux users are security concious, therefore if it became popular on the desktop malware wouldn't be prevelent.
The reality is, most computer users are completely ignorant of how their computer works, and don't have any inclination to learn. hell, with the current rash of n00bular linux distros the same could even be said of many linux users now. Look at how succesful the Sober worm has been on Windows. There have been, what, 500 variants of Sober over the last year or so? The Sober worm relies entirely on user interaction to propogate. The user must open up a zip file and execute the file inside to get it to work. If that's not a damning portrait of the state of overall security awareness, then I don't know what is. So what current feature of linux is going to stop Joe User from opening up that gzip archive he got in the email with Ark and runnning the script, or installing the rpm inside? What feature of linux is going to stop Joe blow from installing that firefox extension that "cracks.ru" says he needs to download the latest keygen for Quake V? What feature in linux is going to stop Joe Blow from installing that trojaned loki installer of Quake V that he just downloaded from KTorrent?
Flawed premise: Because linux is open source, more eyes get ot look at the code and flaws are discovered faster.
Besides not having seen a shred of proof of this, I can give many reasons why this doesn't make much sense. First of all flaws are usually discovered by accident, or by simply feeding an application garbage and getting lucky, not by browsing source code. Flaws have gone unoticed in Open source operating systems for years. What's the excuse for that? Yes, it's possible to find flaws by looking at the code, but what percentage of the population actually has the ability, let alone the will to even bother trying to find flaws in source code? Besides that leads to another false premise - that the people who find all of these extra flaws would not use them maliciously.
Flawed premise: Vulnerabilities in Linux are fixed faster than Vulnerabilities in Widnows, therefore linux users will be less exposed.
Getting fixes out fast is great, but unfortunetely people tend to not install them. And it seems, the more ignorant users and apathetic admins you have, the more boxes you will find that go unpatched. My Awstats weblogs for toadlife.net show that 15% of firefox users still run verison 1.04 or less, which is vulnerable to multiple remote code execution vulnerabilites.Imagine if firefox had a 90% browser marketshare. OS and App Vulns aside, stupid users are the biggest vulnerability and the patch for that is nowhere in sight.
False premise: Linux users will be protected from worms and trojans because they don't run their machines as root.
The only thing running as a non-root users will protect you from is complete system compromise. Trojans don't need your root password to do the things that modern trojans do, like connect to IRC servers and send email, or grab personal data. Not that running with least privilege is bad - it's great, but it's certainly no panacea.
Flawed Premise: Files in unix are not executbale by default so users won't be hit by mail viruses.
If the file is zipped, the executable bit has already been set for you. ;) (read:The Sober Virus)
Having said all that, I'm quite pleased to see you comfortable with your current platform, and at a level of expertise where you can make it perform to your expectations. You have achieved a level of mastery that few have bothered and will bother to reach. :cool:
Well my current platform is both Windows and Unix, so I'm not sure what you are getting at with that. My competence in Widnows is out of neccesity - it's my job. Any competence I have in UNIX is purely out of my liking for it, as it's not required (but has become very usefull) at my job.
-
Flawed premise: Linux users are security concious, therefore if it became popular on the desktop malware wouldn't be prevelent.
Who's been saying this? I hate when people say stuff like that, because it actually gives people like you some amunition. If only they'd just straighten them out a little bit, so they're actually sensible and perfectly correct. Or maybe they were straight and someone bent them, I guess I'll never know.
Some GNU/Linux distributions try to make their users more security concious by explaining the root account etc. If these distributions became popular, most likely the users would be more security concious and most likely they won't be getting themselves infected with as much malware.
Flawed premise: Because linux is open source, more eyes get ot look at the code and flaws are discovered faster.
I can see how few (but still, possibly important) flaws would probably be discovered by looking through the code, but fixing them is a different story entirely.
Yes, it's possible to find flaws by looking at the code, but what percentage of the population actually has the ability, let alone the will to even bother trying to find flaws in source code?
If one outside developer ever downloads and takes a look at the source code, that's one extra developer that's taken a look at the code and just might discover a flaw somewhere.
A good thing is a good thing no matter how insignificant it is.
Besides that leads to another false premise - that the people who find all of these extra flaws would not use them maliciously.
Now we're talking.
I imagine that most (not necessarily all) people who find a flaw in some free source code, and have the choice to exploit it or submit a bug/patch/email to the project's bug tracking software/mailing list, but if you don't then that's fine.
Flawed premise: Vulnerabilities in Linux are fixed faster than Vulnerabilities in Widnows, therefore linux users will be less exposed.
Getting fixes out fast is great, but unfortunetely people tend to not install them.
Gawd, people who do install them will be secure, faster. Good thing!
My Awstats weblogs for toadlife.net show that 15% of firefox users still run verison 1.04 or less, which is vulnerable to multiple remote code execution vulnerabilites.Imagine if firefox had a 90% browser marketshare. OS and App Vulns aside, stupid users are the biggest vulnerability and the patch for that is nowhere in sight.
Firefox 1.5 has an intergraded update client, and most GNU/Linux distributions will have the latest Firefox versions in their repositories. I'd say that nearly all Firefox <1.0.4 users are using Windows, which won't update Firefox, but Interenet Explorer, with Windows update.
False premise: Linux users will be protected from worms and trojans because they don't run their machines as root.
The only thing running as a non-root users will protect you from is complete system compromise.
Which is a good thing.
Flawed Premise: Files in unix are not executbale by default so users won't be hit by mail viruses.
If the file is zipped, the executable bit has already been set for you. ;) (read:The Sober Virus)
Excellent, we're making the crackers work harder.
There are other important factors to take into account other than market share. Apache has proved this (whether it still holds true, I don't care). Whether the application was designed to be secure is one of them. NEVER FORGET than Windows doesn't setup a user account. As a result of that, there are HUNDREDS OF MILLIONS more super-Windows-users on the internet. Who do you THINK the crackers will target? Windows was asking for it, Mac OS X/many GNU/Linux distributions aren't.
Flaw that, toadlife.
I imagine that if GNU/Linux had 50% market share, at least a few more crackers would start targetting it. However, I don't think, and I don't see any reason to think, that the situation would ever (100% market share, anyone?) be as bad as Windows has ever been (wanna gimme one, toadlife?).
Windows doesn't handle security all that well be default, big problem for it's mostly-retarded userbase, as well as it's small intelligent userbase who will be targetted by more crackers through more cracked Windows computers.
It seems to me as though all hints are pointing to "GNU/Linux will be much safer than Windows in a 50/50 market", and nothing in your post indicated that you think otherwise (you just debunked a few retarded intelligent arguements for GNU/Linux). But you still go on "Just hope the OS you use doesn't ever become popular", why do you think so?
-
I imagine that if GNU/Linux had 50% market share, at least a few more crackers would start targetting it. However, I don't think, and I don't see any reason to think, that the situation would ever (100% market share, anyone?) be as bad as Windows has ever been (wanna gimme one, toadlife?).
lol. You just said it...100% market share. But, yes Windows in it's current incarnation will allways more dangerous by default than other OSs due to admin accounts being created by default. But as I said, the only benefit malware makers have with root access is the ability to install rootkits. This ability is nice, but hardly neccessary. Microsoft could write the most secure, flaw free, locked down OS on the planet, and it won't make a huge difference because of the sheer amount of dummies who use their products. I'm sure Vista will be much improved, as far as defaults, and will probbaly contain less flaws, but I'm also equally sure the Windows malware train will continue to roll right through it.
Windows doesn't handle security all that well be default, big problem for it's mostly-retarded userbase, as well as it's small intelligent userbase who will be targetted by more crackers through more cracked Windows computers.
I agree, but as I said, I don't think more secure defaults will keep the dummies from screwing things up. WHat's the saying, "Never underestmate the power of stupid people in large groups."
It seems to me as though all hints are pointing to "GNU/Linux will be much safer than Windows in a 50/50 market"
Replace "much" with "slightly" and I might agree with you.
-
how can you install programs using a restricted user account ? You can't ... at least not most programs
You can do that in OSX. Those bundles don't have to be in Applications, they can go wherever.
-
I agree, but as I said, I don't think more secure defaults will keep the dummies from screwing things up. WHat's the saying, "Never underestmate the power of stupid people in large groups."
Still, you have to think about the not-completely-dummy people and the kinda-dummy people and everyone else. Some people will be stupid enough to plaster their root password at everything that asks for it, and some will be slightly more cautious.
Replace "much" with "slightly" and I might agree with you.
KO, "GNU/Linux would be safer than Windows in a 50/50 market".
-
KO, "GNU/Linux would be safer than Windows in a 50/50 market".
I never said it wouldn't - just that linux would have more than enough problems of it's own. This theortical 50/50 market, would require the installation of programs and drivers to be much more ubiquitous in linux than it is now. This would make it even easier for n00bs to screw things up. Also, what's to say future versions of Windows won't solve the major default config problems it faces today, this putting it on equal ground with other OS's?
-
I never said it wouldn't - just that linux would have more than enough problems of it's own.
It might have more problems than it does now, but they certainly aren't security related.
Also, what's to say future versions of Windows won't solve the major default config problems it faces today, this putting it on equal ground with other OS's?
Good for Windows if/when it happens, but right now it doesn't matter. Right now is what we're interested in.
Anyone who claims that GNU/Linux would be as bad with malware as Windows is if it had Windows' share of the market (which is mostly made up of super-Windows-users browsing around the internet) takes defaults with retards too lightly.
-
Anyone who claims that GNU/Linux would be as bad with malware as Windows is if it had Windows' share of the market (which is mostly made up of super-Windows-users browsing around the internet) takes defaults with retards too lightly.
And anyone who claims that Gnu/Linux is a feasable desktop solution for the masses in it's current state takes Gnu/Linux too seriously. :)
-
And anyone who claims that Gnu/Linux is a feasable desktop solution for the masses in it's current state takes Gnu/Linux too seriously. :)
Possibly.
-
Should the masses even be using computers at all? It was marketing and sales tactics that put computers in every home. Now we are beginning to see why this might not have been a great idea. I certainly don't remember any LOGO viruses!
Perhaps the reason that the masses aren't ready for Linux on the desktop is that they probably shouldn't have a computer in the first place.
-
You can do that in OSX. Those bundles don't have to be in Applications, they can go wherever.
Then the normal user should only be able to execute binarys from two directories one that contains the OS system files and the other containing user programs. However while this might be the most secure OS model it isn't practical at the moment as it'd break compatability with nearly all the old software.
-
Should the masses even be using computers at all? It was marketing and sales tactics that put computers in every home. Now we are beginning to see why this might not have been a great idea. I certainly don't remember any LOGO viruses!
Perhaps the reason that the masses aren't ready for Linux on the desktop is that they probably shouldn't have a computer in the first place.
You must really hate Apple. Do you think the masses would be ready for OS X on the desktop?
I think computers should be made accessible for everyone. They've all sorts of uses and make life easier. Plus, digital things can be reproduced basically for nothing, which opens some interesting possibilities for society. Of course, it's mostly not been going so well, but that's just an artifact of the fucked up world we're living in right now.
-
Then the normal user should only be able to execute binarys from two directories one that contains the OS system files and the other containing user programs. However while this might be the most secure OS model it isn't practical at the moment as it'd break compatability with nearly all the old software.
Why? What would be the big deal with running from another directory? As long as the user has to specifically invoke the executable, who cares where it resides?
-
Only allowing binary execution from two designated system directories which the user doesn't have permission to write to would stop the them from running an executable they've downloaded, received in an email or got from a CD or floppy disk, this would make it impossible for a them to infect the system with a virus.
-
It would also make it physically impossible to install software. If you're going to do this, you have to have something like sudo. Also, Safari will check any files for executables, whether it's an archive, disk image, etc. It even detects .exe apps. I'm sure something like this could be implemented for mail.
-
It would also make it physically impossible to install software.
Agreed. I happen to think application installs should *always* be confined to userspace, or better yet, an isolated subset thereof with zero write permissions to external directories. All temp files would be contained in the same directory, not particularly hard to pull off. That way, the worst any one program can do is wipe itself out.
If you're going to do this, you have to have something like sudo.
Unfortunately, as toadlife pointed out, sudo has its own set of problems. It's fine, however, if you can insure that you will be the only person EVER using your login (that means no installs of unchecked code in your userspace, or worse, /usr/bin).
Also, Safari will check any files for executables, whether it's an archive, disk image, etc.
I think we can all agree that this is "a good thing." However, if the end-user is uneducated regarding the proper action for unknown executables, they will just run them anyway. I have a buddy who's constantly cleaning out his PC because his idiot brother keeps clicking "Yes" to every download/install dialog he sees.
It even detects .exe apps. I'm sure something like this could be implemented for mail.
This HAS been implemented by numerous ISPs on numerous dates, only to later be repealed because poor Joe Averageguy can't read the .rtf(.vbs) that was sent to him by [email protected]. What ISPs need to start doing is educating customers about the dangers of viruses (being careful not to take the oh-so-infamous alarmist tone that turns Luddites off to new technologies completely), while simultaneously allowing themselves to lose a few customers that expect them to make decisions that endanger the whole of their subscriber base. There's something to be said about an uncompromisingly secure ISP, and word travels fast to the appropriate people.
-
It would also make it physically impossible to install software. If you're going to do this, you have to have something like sudo.
That would be the plan, also you'd have to class scripts as executables too.
Another method might be to have a configuration file containing a list of paths and file names and checksums of approved executables that normal unprivilaged users can run but this might slow the system down a bit too much.
-
Flawed Premise: Files in unix are not executbale by default so users won't be hit by mail viruses.
If the file is zipped, the executable bit has already been set for you. ;) (read:The Sober Virus)
Uhhh ... but .exe won't run on Linux ... so I don't quite see your point ... you are assuming that there are viruses that are made to run on Linux ... I've only heard of one so far and it only applies if you run a web server
And you can install most programs in your /home folder ... BUT also any program I install comes from tho fedora repo and yum will not install a program that does not match the md5 hash from the fedora site reducing the chances of me installing virus-laden programs with viruses that actually have the capability to appect my system to 0.000000000000000000000000000000001 % or less
-
And anyone who claims that Gnu/Linux is a feasable desktop solution for the masses in it's current state takes Gnu/Linux too seriously. :)
If my grandma can learn to use linux the masses better well be able to ... Linux is easier to learn than Winblow$ ... if you don't think so then we should run an experiment ... have two representatives of the masses sit down with 2 identical brand new computers with no OS installed (unformatted hard drives) ... give one of them a Window$ XP disk and one a Linux install disk (pick your favorite distro ... I would say Fedora is the easiest ... all gui ... or Ubuntu if you prefer) .. now tell me how these two are going to fare.
-
If my grandma can learn to use linux the masses better well be able to ...
Sure, any old fool can use Linux, in fact it's no easier/harder to use than Windows, but actually administering a Linux system is a totally differant thing altogeather.
Can your grandma install software?
Can she edit the fstab and XF86Config?
Has she ever heard of chmod?
-
Sure, any old fool can use Linux, in fact it's no easier/harder to use than Windows, but actually administering a Linux system is a totally differant thing altogeather.
Can your grandma install software?
Can she edit the fstab and XF86Config?
Has she ever heard of chmod?
Does she need to ? (most of the time)
-
That's because she probably doesn't administer the system she just uses it - big differance.
-
That's because she probably doesn't administer the system she just uses it - big differance.
You're assuming that having users as admins is "a good thing
-
As you know that's what causes most of the trouble in the first place.
-
Sure, any old fool can use Linux, in fact it's no easier/harder to use than Windows, but actually administering a Linux system is a totally differant thing altogeather.
Right I'm now going to counter my own argument and paradoxically back it up at the same time.
Of course Linux is easier to administer than Windows because it's easer to learn about the internals and if you have a knowledge of UNIX you're practically there. Windows is easier for most people because it does all the work for them, well infact it just pretends to and as a result most people don't have a clue so the browse under root and install any old shitware without a second thought. However Linux is harder because you have to learn about things and even with the most newb friendly distro you'll find yourself editing some text file because you've got some non-standard hardware or non-pre-packaged software.
Your nan probably can't administer either Windows or Linux. She might manage with the former for a few months but she'll probably need to call in help from someone to remove all te malware every now and again. With Linux she'd probably be hopelessly lost as soon as she buys that printer/scanner which requires her to download and compile a driver or she gets a free CD in mail which work under Linux.
-
Okay, just so long as you understand that giving normal users admin privs is like...
*Googles for arcane analogy*
...giving... ...bazookas... ...to... ...rhesus monkeys?
-
Okay, just so long as you understand that giving normal users admin privs is like...
*Googles for arcane analogy*
...giving... ...bazookas... ...to... ...rhesus monkeys?
It's more like releasing a career bank robber from prison and giving him the keys to the US Mint's vaults.
-
It's more like releasing a career bank robber from prison and giving him the keys to the US Mint's vaults.
I was thinking more along the lines of "over-reaction to repairs" rather than "under-reaction to security breaches" but whatever floats yer boat, tows yer trailer, jerks yer jimmy, skydives yer pilot... uh oh...