Main Area and Open Discussion > General Software Discussion
Windows XP Myths
mrainey:
my pc appears to working at the moment so i'll leave it well alone.
--- End quote ---
Good advice.
f0dder:
just when i thought it was time to stop believing in the myths. oh well, back to being confused and unsure of what to believe - just as well i can't really be bothered with all this tinkering - my pc appears to working at the moment so i'll leave it well alone.
-nudone (July 19, 2006, 02:35 PM)
--- End quote ---
Well, those were the only two items I really disagree with :) - and leaving it alone if it works is probably a good idea. I've built up my collection of tweaks over several years, and merged them in my unattended XP setup CD. Otherwise I probably couldn't be bothered (but would swear at XP often ;)).
Gothi[c]:
Rover makes a good point, there probably comparing windows OS vulns with linux+all apps that run on it vulns, that's just wrong.
And the only reason why there are more reported vulnerabilities for linux applications in the first place, is because they are easyer to spot, since it's all open source. On linux they usually get spotted, reported, and fixed quite fast, which adds to the security.
On windows they aren't usually spotted all that easily unless you want to dig through a bunch of assembly and do random penetration tests. And when they are spotted you're at the mercy of the original developers to wait for a fix, while on linux you can apply a patch to the original source code and recompile.
That comparison is so wrong for so many reasons and i probably only covered not even half of it :p
f0dder:
And the only reason why there are more reported vulnerabilities for linux applications in the first place, is because they are easyer to spot, since it's all open source.
--- End quote ---
That's not necessarily true... first of all there's (private) tools for finding exploits, appearantly some of them are pretty efficient. But even without such a tool and without source, it's not necessarily hard to find an exploit. I was chatting with a grey-hat friend of mine while he looked for holes in either AIM or Yahoo chat (can't remember which one). It took him between 30-60 minutes to find a 0-day exploit.
On linux they usually get spotted, reported, and fixed quite fast, which adds to the security.
--- End quote ---
How long did the chunked-mode exploit exist in Apache before it was discovered? (Discovered by full-disclosure people, anyway ;) ).
Robert Carnegie:
I'm a committed sceptic. I don't trust people who tell me I can speed up my computer by some mysterious fiddle that Microsoft apparently forgot to do, or by buying a tune-up product, and I also don't trust Microsoft. This document trusts Microsoft too much, I think.
Running as a limited user, specifically, is indispensable but not sufficient in a security recipe. Someday something nasty is going to leap out of Internet Explorer at me. I do encounter applications that don't work as limited user, and if I have to then I'll run them on my desktop as Administrator sessions. Apparently this will be easier in Vista. But, developers, I want to hear how you justify demanding full control of my PC. I don't have full control of my PC. I don't really understand what a Registry is. And it's -my- PC. So why should -you- get control of it??
It's like you're a guest in my home and you want the keys to the safe and the gun locker...
Specific root-only applications that I use include the Fitaly on-screen keyboard (I think it doesn't address the registry in a proper multi-user way - and its market is too small to demand a fix), and the software for Hauppauge DEC-2000T PC-DTV receiver, which is broken in a lot of other ways (video doesn't work on my Tablet PC; sound randomly cuts out of plays half an hour late[!?]; timed recording consist of using Task Scheduler to open and close the application, each time rebooting the hardware twice).
I use "ExplorerXP" as a file manager which I can run as Administrator to handle files for stoopid applications - amongst the things I can't see a way to run as Administrator from a limited desktop are Windows Explorer and Internet Explorer.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version