Windows SP2 is RTM!

[HTRegz]

Hey Hey,

Took me 16 minutes to download the service pack... Send me a PM if ya want it.. I'll accept payment of $1USD (paypal works) in exchange for mailing you a CD with SP2 burned on it. ... or if you're close enough that it'll only cost me a stamp or two I'll just mail it to ya.... If ya don't mind me having your address... Now I can make an SP2 Slipstream CD...

Peace,
HT

[ZomBieMann77]

I personaly dont know what the big freaking deal is. I downloaded it and installed it. Yea okay the firewall is "improved" but in under 2 minutes with nmap i was able to detect 5 open ports. Oh yea and it can tell me that i have AVG antivirus and when the last time i updated my virus definitions was. IMHO its another false sense of security for the uneducated masses.

[rudack]

Originally posted here by ZomBieMann77
I personaly dont know what the big freaking deal is. I downloaded it and installed it. Yea okay the firewall is "improved" but in under 2 minutes with nmap i was able to detect 5 open ports. Oh yea and it can tell me that i have AVG antivirus and when the last time i updated my virus definitions was. IMHO its another false sense of security for the uneducated masses.

I feel the same way. I guess we will see how this protects us or what worms it protects us from. Has anyone set up a compnter with sp2 and infected it with the latest worms just to see what happens?

[pooh sun tzu]

IMHO its another false sense of security for the uneducated masses.

Have you read ANY white papers on it? It isn't a 250+ meg download for shits and giggles.

We are talking about security on the kernel level, almost IDENTICAL to SELinux or grsecurity for linux kernels. Stack space randomizing, memory protection, i486 with i686 optimizations, etc. The majority of this SP2 is all under the hood work.

Read these:
http://download.microsoft.com/downlo...te%20paper.doc
http://www.microsoft.com/windowsxp/sp2/preinstall.mspx
http://www.windowsnetworking.com/art...es_Review.html

Yea okay the firewall is "improved" but in under 2 minutes with nmap i was able to detect 5 open ports.

So configure the firewall :P Don't just sit there and see the holes when you could be configuring the firewall instead.

[Vorlin]

I found out it was available through my favorite demo site for gaming...

HTTP://WWW.FILEPLANET.COM WOOOHAAAAA!! GAMES AHHHAHAHAHAHAH!

Ok, I'm done. I've installed it and I'll see how it goes tonight. If anyone seriously wants to get a copy, I've got stacks of CDs and I'll be glad to burn it to one and send it to them, much like HTRegz' offer. No I won't store your address in an encrypted intranet-only fileserver powered by ssh-only postgresql sessions, hehe....

[pooh sun tzu]

I don't see why people are so concerned with downloading it right away. The HUGE package they are downloading is meant for larger network installs across dozens of computers. A much more compact and simplified version will be avalaible through windows update very soon.

Not to mention, why is everyone downloading it from oddball sites instead of Microsoft?

http://www.microsoft.com/downloads/d...displaylang=en

[R0n1n]

It definately improves the security over the current version, and any improvement must be a good thing. Lots of good stuff has gone in there.

However...

Buffer overflows are still a risk, I believe that its using the .NET framework to provide protection against buffer overflows (Always boundary checking - please correct me if I am wrong) in which case if you include a legacy COM+ module then you have buffer overflow risks all over again.

And of course if you have already been hacked then the firewall is no use whatsoever (as it will leave all ports that its finds open).

So in short, yep some improvements, but people still need to keep their eye on the ball, keep the AV up to date, write decent code, and all that other good stuff..

[pooh sun tzu]

I agree 100% R0n1n, there are major improvements for security on SP2, and regardless of the improvements it does not mean we can suddenly slack off (note the firewall complaint above) and think the OS will maintain security for us. There is no such thing as "instasecurity".

[Vorlin]

Originally posted here by pooh sun tzu
I don't see why people are so concerned with downloading it right away. The HUGE package they are downloading is meant for larger network installs across dozens of computers. A much more compact and simplified version will be avalaible through windows update very soon.

Not to mention, why is everyone downloading it from oddball sites instead of Microsoft?

http://www.microsoft.com/downloads/d...displaylang=en

Pooh, that gets me right here *stabs heart*...oddball sites? You mustn't be a gamer of any relative hardcore nature because Fileplanet is *the* place for a majority of all patches, game updates, promos, etc... Other sites like http://www.gamespot.com provide more information on the games and their companies, as well as providing dl ability for patches, demos, etc...

For it to be on FP's main page, which is geared for all major gamers who have the machines, the bandwidth, and whatnot...that means something. And since FP is owned by Gamespy, which packages it's GSA package in a lot of games in trade for advertising space, including most Microsoft Games, MS must've paid them to do so...and nothing's preventing anyone from dl'ing it at all, nothing like the subscriber-only (which I am) or whatnot.

While we're discussing who should download what and where and when, why not just go ahead and just throw it on BitTorrent? There's your distributed networking...

[R0n1n]

So what are peoples thoughts on XP SP2 not installing on versions using pirated keys ? (As far as I am aware they went ahead with that). Personally I see the reason to do it, i.e. to prevent piracy, but from a security perspective, given that there must be thousands of pirated copies in use, its going to continue the problems we are having, as all those unpatched boxes float about,