Security for all
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Security for all

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    Security for all

    Both legitimate and unlicensed users of Microsoft's XP operating system software will be able to download the Service Pack 2 security patch for free

    Microsoft's increasing concern over information security has translated into its decision to bite the bullet and make its upcoming SP2 (Service Pack 2) security patch available to all users - including those using pirated copies of its Windows XP software.

    "We haven't explicitly done anything to SP2 to exclude it from pirated copies," said Microsoft group product manager Barry Goffe. The United States-based executive was interviewed via telephone.

    This is unlike SP1 (Service Pack 1), which had features to prevent users with pirated copies from downloading it. In SP2's case, the mammoth 80MB to 250MB patch can be downloaded and installed on computers running both legitimate and pirated copies.

    Users can also request a free CD copy of SP2, although shipping charges could apply, something which the company has yet to finalise, said Mr Goffe.

    "It was a tough choice, but we finally decided that even if someone has pirated copy of Windows, it is more important to keep him safe than it is to be concerned about the revenue issue," he added.

    He admitted, however, that it is more than altruism that helped Microsoft come to this decision.

    "Having these unsecured users means bigger worm and virus outbreaks - which also impacts the Internet and consequently, our legitimate users as well."

    The most visible changes SP2 will introduce to XP is the new Windows Firewall, a renamed, upgraded version of the ICF (Internet Connection Firewall) firewall system that shipped with the original Windows XP, and the new aggressive attitude towards security updates and controls.

    Unlike ICF, Windows Firewall is turned on by default, and automatically locks up ports like DCOM (Distributed Component Object Model) popular among worm-writers.

    New technology allows it to dynamically open and close ports on demand. For example, when an approved online gaming application is given permission to send or receive data over the Net, the port is opened for it, and when the application shuts down, the port is closed.

    "We wanted a firewall good enough for most consumers' needs, and we believe Windows Firewall is it," said Mr Goffe.

    SP2 will also make XP more aggressive towards sloppy users. For example, features like the automatic patch updating feature or Windows Firewall will no longer go away quietly if ignored, and will continue to pester users to download new patches periodically. To balance this, the company is working on coming up with more user-friendly warnings and reports of any suspicious activities that occur.

    Besides these two changes, there are many other under-the-hood security features aimed at "stopping malicious code like worms, phishing attacks like websites that hijack web browsers to trick users into giving out personal information, and improving security against the buffer overrun attacks favoured by virus-writers," said Mr Goffe.

    Other than security-related upgrades, SP2 also introduces a much-awaited anti-pop-up ad feature, and is integrated with the Internet Explorer Web browser to allow users to stop pop-ups that the user did not explicitly request.

    The service pack is scheduled for a "first half of 2004" launch date, and the company is currently testing its first release candidate or RC1. There is expected to be at least another release candidate tested before the actual patch release.

    Meanwhile, Mr Goffe noted that pirate users should not assume that the change of heart in SP2 means that Microsoft is going soft on piracy.

    "We have and are developing new technologies to combat piracy for our software, but for SP2 we'll make one exception."
    Source : http://computertimes.asia1.com.sg/ne...4,2292,00.html
    -Simon \"SDK\"

  2. #2
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    741
    So I guess the first question we will have to answer when SP2 comes out is how good of a firewall is it going to have? I mean will it be good enough to replace firewall programs like zone alarm or the such or will it just be the next target for skiddies and virus writers to attack? Microsoft has done a lot of talking up with this firewall and their next SP so heres hopin that it will work out well. But dont count on me disabling any of the firewall rules I have set in place now.

    On a side note: do you think it wil be an editable firewall where you will be able to open your own ports?
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  3. #3
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Spyrus: Putting it into perspective any firewall is better then none. ICF functions, albeit in a limited fashion. In some ways a firewall that you have no control over is better for Joe and Jane Public. It doesn't bother them with "OMG, something is trying to get to the internet" which does nothing for them other than raising their level of paranoia.... If the next version can be unobtrisive yet effective while still allowing Joe to play his games while Jane racks up his credit cards then I'm for it...... and they'll both be happy and more secure...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #4
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    332
    "It was a tough choice, but we finally decided that even if someone has pirated copy of Windows, it is more important to keep him safe than it is to be concerned about the revenue issue," he added.
    This part kind of stands out to me. While it generally seems like they are trying to do the right thing. It also seems as if they are planning something. Smoke and mirrors. Maybe it is just me, I am very untrusting when it comes to big corperations.


    Two cents.
    Your heart was talking, not your mind.
    -Tiger Shark

  5. #5
    Senior Member
    Join Date
    Sep 2003
    Posts
    500
    "It was a tough choice, but we finally decided that even if someone has pirated copy of Windows, it is more important to keep him safe than it is to be concerned about the revenue issue," he added.
    Microsoft just wants to look good after the whole "We Are Going To Destroy The Hell Out Of Linux and it Sucks" thing. That and probobly their involvement with SCO. Politics Politics and more ways to make money (and look good to the open source community).

    My Three cents
    You shall no longer take things at second or third hand,
    nor look through the eyes of the dead...You shall listen to all
    sides and filter them for your self.
    -Walt Whitman-

  6. #6
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    332
    -Lansing_Banda

    Perhaps that is another way to look at it. Thanks for your point of view
    Your heart was talking, not your mind.
    -Tiger Shark

  7. #7
    Junior Member
    Join Date
    Apr 2004
    Posts
    10
    Just like dopeydadwarf I'm TOO SUSPICIOUS when it comes to big corporations. While it seems that M$ is trying to do the right thing (which I do NOT believe that that's what they're doing) I get a little worried about that "We have and are developing new technologies to combat piracy for our software, but for SP2 we'll make one exception."

    This and that "smoke and mirrors" thing dopeydadwarf said makes me wonder what's really behind the scenes....

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Actually, it really rather simple..... Microsoft _are_ trying to do the right thing, for the very reasons you people are so suspicious......

    With their historic stance on security all they have managed to acheive is criticism and mirth. Those two are not a good combination when you are trying to sell a product. The phrase "any publicity is good publicity" is all fine and dandy when you are talking about some idiot actor but when you are trying to sell a product bad publicity weighs into making the purchase decision.

    Now let's say they make a change, like they have, and over the next few years the proloiferation of worms and viruses begins to decrease..... What then? Well, with the decrease in attacks on WinX because it is harder to get into will come an increase in attacks on other OS's.... Interesting. M$ highlights the failure in other's products by reducing the failures in their own. At a minimum they should end up holding market share...... Which, I would suggest, is their absolute minimum goal....

    But we win in the end too......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #9
    AO's Resident Redneck The Texan's Avatar
    Join Date
    Aug 2003
    Location
    Texas
    Posts
    1,539
    I know some people who have downloaded the beta version of SP2 for XP Pro. and they have had lots of problems with it screwing up their hard drives.
    Git R Dun - Ty
    A tribe is wanted

  10. #10
    Junior Member
    Join Date
    Apr 2004
    Posts
    10
    You have to keep in mind that the people downloaded a BETA version of the Service Pack, thus they probably knew this kind of thing could happen (or at least, they were supposed to know).

    TigerShark said something interesting, though. Although I don't think the other OS's will stop creating patches for them, so, theoretically, the attacks should keep being the same for all of the OS's.

    And I do believe that there are more people trying to mess up with Win boxes than with any other OS's there is. =)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •