Support NeoGAF

[Matlock]

http://www.eweek.com/article2/0,1759,1639456,00.asp

...holy crap, how could...

Wait, it's Microsoft.

 

[ZombieSupaStar]

grah they just need to hit th reset button and focus on longhorn

 

[WasabiKing]

haha, what a shock. Just concentrate on the next version, and admit that you guys are shoddy programmers.

 

[dem]

Something executed with administrative rights can screw up your os? What a shock...

 

[Matlock]

Something executed with administrative rights can screw up your os? What a shock...

What about the millions of people that start up Windows XP and just go with making one account (administrator, by default)?

You can't account for that.

 

[DaCocoBrova]

I swear... The Federal Goverment is a big mess when it comes to IT and security. I work on a Federal facility that employs almost 30,000 locally. Just found out that SP2 was already rolled out, now they're applying patches like crazy.

Idiots.

 

[Hitokage]

Something executed with administrative rights can screw up your os? What a shock...

Windows programs aren't usually designed with a strict user/admin seperation in mind. Single-user DOS/Win9x mentality prevails.

 

[maharg]

Windows programs aren't usually designed with a strict user/admin seperation in mind. Single-user DOS/Win9x mentality prevails.

This is a problem that goes deeper than microsoft's ability to fix in any reasonable but fast way. For what it's worth, it is changing, especially with the MSInstaller making it plain how to do it, and stuff like InstallShield being sane about it. Most new software should be perfectly usable in reduced privileges.

 

[clipunderground]

doh

 

[Che]

My WinFastPVR mutes the whole system

ADSL connection problems

Windows were crushing all the time when I installed SP2 on top of SP1. I had to format.

Obviously Microsoft is a retarded company.

 

[pestul]

Looks like my "I'll wait a few months for the bugs to be worked out" might turn into "Maybe I'll skip SP2 all together".

 

[aaaaa0]

The one mitigating factor that we found is that to change the WMI, and spoof the Security Center, the script has to be running in Administrator mode.

That's just silly. If a virus wanted to screw with you, and you're running as admin, it would be more effective to just install a rootkit instead of screwing with WMI to hide itself.

Running as admin means as soon as you run ANYTHING you don't trust, you're machine is owned.

No OS can prevent admins from doing whatever they want to the machine.

So don't run as admin. It's perfectly doable on Windows.

If some programs don't work, bitch at those developers to fix them. You can use "Run As..." as well to elevate some programs to admin level, but leave yourself logged in as a regular user. (Hold down the shift key and right click on an icon.)

Some people are really grasping at straws here. It's like saying "OMG IF YOU RUN TEH LINUX AS ROOT I CAN TRICK YOU INTO RUNING A TROJAN THAT WILL CORREPT /etc!!!1OMG!!"

 

[DarthWoo]

Our school sent out a mass e-mail advising us NOT to install SP2, despite its usual insistance on on-campus residents downloading any sort of update ASAP. Pretty much said it was too buggy for their liking when combined with the network.

 

[maharg]

That's just silly. If a virus wanted to screw with you, and you're running as admin, it would be more effective to just install a rootkit instead of screwing with WMI to hide itself.

Hah, exactly.

And anyone thinking of skipping out on sp2 because of new ways to pwn you when you're running as Admin, when there are already infinite ways, is asking to get haxed as they're left behind on other security issues.

 

[pestul]

Hah, exactly.

And anyone thinking of skipping out on sp2 because of new ways to pwn you when you're running as Admin, when there are already infinite ways, is asking to get haxed as they're left behind on other security issues.

Don't you think that perhaps the hackers have moved on to try and exploit SP2? It's a shitty world.. but they like a challenge.

 

[SKluck]

Still better than without sp2.

 

[maharg]

Don't you think that perhaps the hackers have moved on to try and exploit SP2? It's a shitty world.. but they like a challenge.

Um, so? Do you avoid locking your door because the thieves have figured out how to pick locks?

 

[andthebeatgoeson]

Wait, what's the problem with creating only one account on XP? Don't haxxor me...please.

 

[CaptainABAB]

The whole Administrator vs. User issue is not just an issue for MS.

The same people who want to have Windows auto-login for them, are going to want to log-out and re-login to do tasks like installing software? Do you think they will run as Admin the first time they plug in a digital camera and wonder why the setup CD can't recognize the new device?

And, to be honest, what is more important to a user - system files being tampered with or an exploit that runs within the boundaries of user space and deletes all their word docs and spreadsheets?

 

[CaptainABAB]

Wait, what's the problem with creating only one account on XP? Don't haxxor me...please.

Ideally, you set-up two users. One with Administrative permissions to be able to install software and make system changes. The other user is for normal usage - browsing the web, writing docs, email, etc - this account should only belong to the "users" or "power users" security groups.

This way, if you run into something that infects your computer, it should only do as much harm as permissions allow for the user account in use.

 

[Celicar]

I turned that crap off. Good thing.

 

[aaaaa0]

And, to be honest, what is more important to a user - system files being tampered with or an exploit that runs within the boundaries of user space and deletes all their word docs and spreadsheets?

Depends on the goal of the attacker.

The vast majority of attacks today are ones where the attacker is interested in using the owned machine to attack another machine.

If the attacker is trapped in a non-administrative user, the attacker can't load a driver, can't wipe the security logs, can't spoof packets, can't use raw sockets, etc.

It also means the machine is more likely to be safely disinfected without a complete reinstall.

 

[Mashing]

I swear... The Federal Goverment is a big mess when it comes to IT and security. I work on a Federal facility that employs almost 30,000 locally. Just found out that SP2 was already rolled out, now they're applying patches like crazy.

Idiots.

We haven't rolled it out (I work for a college), we are in the process of testing it on the 20 or so different machine models we have and throughly testing it with a benchmarking tool.

 

[shuri]

Oh wait, i behind a locked down firewall.

 

[aoi tsuki]

I swear... The Federal Goverment is a big mess when it comes to IT and security. I work on a Federal facility that employs almost 30,000 locally. Just found out that SP2 was already rolled out, now they're applying patches like crazy.

Idiots.

Needless to say, local governments ususally aren't much better. i worked in the finance department of a major county government office and found a way to browse user accounts without passwords through a major security flaw in the old version of Novell we were using. i eventually got access to upper management's passwords and even logged into their email via the web mail interface. i didn't change anything, but i was shocked at how easy it was, especially when there were so many highly-touted security features in place.

 

[ge-man]

It's a damn shame that we are afraid of updating our OS as much as we are afraid of getting a virus.

 

[gofreak]

Since installing SP2, my DVD/CD burner and floppy drives don't seem to write files properly. I deleted files from a floppy with it, and added new ones, and on another machine the old files were still on it without the added ones. Similarly, CDs I burn with it now aren't recognised by other machines