I've been mentioning on different occasions that I'd re-organise my computer systems at home, and last weekend was the planned time for doing so. The plan was to take the "best" (read less old) bits from the 2 computers I had, and put them togther, and then install a dual boot system with windows and a linux distro. This is the Windows tale….
- I got all the parts put together quite fast. I had a problem with the CD-rom cuz I did not have the user manual (doh), so I didn't know how to put the switches. I figured it out after having installed windows on a wrong setup, which made it into the C: drive.
- Knowing that I had the correct hardware setup I started with a fresh windows installation. (My windows cd is an XP sp1 cd)
- It installed with 6 hardware drivers missing
- I installed the modem driver
- Downloaded a firewall and installed it
- After a reboot XP acted strange, all sorts of windows pop up, and when checking the firewall had 400 attacks in less than 5 minutes. So I figured that some of the attacks had gone through my firewall. I installed a virus check, and all of my windows32 folder was worms or trojan horses. I decided to re-install and drive to Uni to download and burn firewall and virus software on a safe system.
- Got back and installed everything. The system was still under attack, but it seemed to keep it out. (No strange effects, and virus control hasn't shown any viruses!)
- I tried to find the missing 5 drivers, but as my hardware is old (and of unknown heritage), I do not have them for XP only 98, me and 2000. I started to search for them, put couldn't find them
- In the end I signed up at driveragent.com for $30 where they in 5 minutes found the drivers I needed, and I intalled them.
Section 1 took a Saturday afternoon.
Sections 2-9 took from 10AM to 11PM Sunday, due to several XP installation attemps as my XP cd was a bit dodgy and didn't work everytime. I couldn't find a new XP cd except for a sp2 cd which didn't accept my authentication code. Apparently sp2 and sp1 have different code systems, and I would only want a genuine Windows on my computer.
All hardware drivers were working, but I still hadn't got my email up and running. I got that the next evening!
The next challenge is the Linux challenge. I'll report back…
I don't think it's really an issue about it being SP1 or SP2 – more something to do with the keys provided on ELMS and various different versions of the disk floating around.
I certainly couldn't install a bog standard XP Pro SP2 CD with an ELMS SP2 Key.
I do however keep an SP2 Iso on my fileserver along with about 6 keys from SP0-SP2 in two different languages and I've used them all at one time or another – so the keys do work across versions.
The way I typically install Windows if I don't have SP2 on the installation CD is to download SP2 as a seperate patch first so I can install it before connecting to any network.
Connecting to any network pre-SP2 may as well be considered a death sentence I've found. Especially on the university network. Euch!
Do you know why that is a death sentence? You are so close at making a ruling over my little system at home: A new XP sp2 install…
I've never had any problems like this when installing Linux. I might be biased now before going into installing Linux on the system, so this probably won't be a truly scientific exercise 😉 Usually drivers is the problem there (I anticipate problems with my USB DLS modem), but my XP CD hard problems with my old hardware, even standard ethernet and USB cards. That might be resovled by getting a new SP2 cd.
Because SP1 is a leaky piece of crap 😉
Connecting to any compromised network ( IE, the uni one with lots of cretins who visit 'dodgy sites' on unupdated computers with no firewalls ) tends to result in crap being installed on your computer pretty much instantaneously. Bit of a pain really.
By either
a) Installing XP SP2 off a CD
b) Downloading SP2 and installing it before connecting to network
You connect with a pretty much secure system and can run Windows Update pronto. The main reason amongst many why SP2 is the saving grace here really, is that by default the Windows firewall is turned on preventing the nasties out there from getting onto your system.
Also when installing Windows, make sure your administrator password is something other than 'letmein' or blank because most script-kiddied worms rely on people being unimaginative with that password and sneak in that way whether you have SP2 on or not 😛
Of course you won't have this problem under Linux, where is the profit in exploiting such a small percentage of the home desktop market? 😉
LOL – I kinda new the reason, just wanted to have it confirmed that it was crappy!
The most scary part here is that I did install SP1 and installed a "better than" Windows standard firewall (Comodo) and still it has somehow messed up my Windows system. So a script kiddy must have gone through a security hole in OS. I caught it with my avast virus checker and isolated it, but I believe some internal effect has been done, cuz my system randomly shuts down down. Didn't talk about that in my blog, cuz then it would be a long story 😉
I've now downloaded the SP2 patch from MSDN and will proceed with that.
By the way I don't think it is such a "small" market, cuz my hardware is "only" 3+ years (ethernet), and I could imagine some less-well-of countries where that would be quite new in a desktop. Also the MS "tax" (understand me correctly 😉 ) on hardware is also hard for many 3rd world citizens to face, quite frankly even I feel it is a bit harsh with my reasonable salary…
How many people in those third world developing nations have credit card details and internet banking details worth stealing?
Stats: http://www.onestat.com/html/aboutus_pressbox46-operating-systems-market-share.html
The reason that Windows gets attacked is because people don't like Microsoft and because more people use it. Most Linux installations are just as leaky. There is no such thing as a 'hacker proof' bit of software. Linux users have the added bonus of being able to hide behind so many different varieties.
Most of the time it isn't the OS at fault, normally just software that comes with it. IIS for example with Windows is a common culprit. You'll find a lot of OSS has the same problems ( Samba anybody? ).
I ran Windows XP SP2 for 2 years without using anything but the standard Windows firewall and no AV software whatsoever and never had any problems – mainly because I kept my system patched. It was for the most part a very well written piece of software and hell – it was mostly written before the new security guidelines at MS came into place properly.
If you look at what they're doing now with regards to internal library deprecation and programming best practises you start seeing why Vista and all their new software is such a huge step up in security.
If your computer has been compromised already then I would advise you just re-install following the above guidelines. Trying to FIX a compromised system just gets you into trouble – it's like trying to mend the Titanic with candle-wax and cardboard.
I like your titanic analogy, and yes it is in the pipeline to re-install (yet again, doh)
Probably wasn't too clear, but I was thinking of the old hardware as an issue, more than the security issue. For instance Vista will create a massive hardware need, which probably will make Linux even more attractive in the 3rd world, given their "tendency" to be cheaper and running on old hardware.
Regarding the security issue it is a proven fact that any system could be hacked (especially the one claiming to be safe, and that many of the security issues surrounding Windows is due to its massive market take-up.
However for me it seems strange that something like pre-SP2 XP ever was sold standalone before being checked and tested properly, and I sincerely hope that testing is the reason for prolonging the Vista release.
Unfortunately my experience with MS, which go back to early day dos (got my first proper PC in 1986) and have used most of the windows installments at some point in time, is that any early release from MS should be used with care. Hence I'll be waiting (not just because of old hardware 😉 cuz I'm buying a new desktop in January, yehaaa) with upgrading to Vista until massive takeup allowing hackers to have had their go at it!
MS probably will release the first security SP pretty soon after initial release and then I'll probably go in and install my Vista.
I think you're being sensible in not installing Vista on a not so new computer 😉
With a decent machine the increase in speed over an install of XP on the same machine is incredibly noticeable however so it's good to see they're putting the required hardware to good use!
I don't think the problem was a lack of testing – nearly all the issues in XP came from simple things like buffer overruns and a lack of forethought in default Admin accounts etc. I don't think computer security was mature enough back then for it to be a prime issue when trying to sell software. If you look at all the adverts around then it was about performance, useability and shiny graphics.
You are right though, a lot of the problems would have been found by proper testing – for example fuzzing; the practise of shoving random data at file readers/input areas to make sure unexpected behaviour such as crashes can't be caused by buffer overruns.
I'm just glad MS have realised that the only way they can survive in the ever competitive OS market is to learn from past mistakes and pitch themselves properly at security. I certainly feel a lot safer on Vista than I ever did on SP2 – I hope I'm not being too premature in my overconfidence!
As for reinstalling – look on the bright side, at least you didn't have to format your computer 4 times last week like *some* people 😉
Well we'll see how confidently Vista will perform soon… I might get Vista when upgrading anyway in January, and make this old computer I'm sitting at into a Linux box.
By the way do you know whether the network version of SP2 can be used on standalone computers? (Never used that patch…)
It seems I can only get the patch for a single computer through Windows Update and as you know I'd like to get it without network 😉
If you mean the downloadable for network administrators then yes, you can use it.
That's the puppy I've had sat on my fileserver since it came out because you never know when you might need it!