On Wed, 13 Oct 2004 11:26:27 +0200, Hans-Georg Michna
Is it sp2 in general?...or is it the firewall? I don't run the
firewall. So I don't think its a security issue. I just think its an
incompatibility problem.
Trent,
it is not only the firewall. SP2 closes some other security
holes as well.
Yeah...another really dumb idea. Not as dumb as stop errors, though!
lol
I don't know which idea you mean. DEP is actually a bright idea,
otherwise the processor manufacturers (Intel, AMD) wouldn't
build it into their newer processors. A really dumb idea would
be to have such a processor and not use this ability.
If working well, it would put paid to the buffer overrun
exploits that many viruses use to infect a computer. The virus
feeds an oversized data block in the knowledge that the extra
tail will overwrite some program code. Then it will try to
execute that program code. With DEP, the processor marks the
data block as data and rejects any attempt to execute it as a
program.
These are stop errors. If you enable DEP and a driver falls foul
of it, the machine stops. Driver faults always halt the
computer, because the drivers run in ring 0 of the processor
security hierarchy for performance reasons. Microsoft once tried
to let graphics drivers run in ring 3 (user level) in early
versions of Windows NT, but they had to give that up quickly,
because it was too slow.
Are you trying to tell me that msft didn't anticipate the fallout from
this incompatibility?
I don't know, but the culprits are the motherboard
manufacturers, who deliver motherboards that do not fulfill the
processor specification. That's not just a defect, it is such a
shoddy design that I would hesitate to buy from one of those
manufacturers again. You can find a short list of some of the
affected motherboards in
http://www.michna.com/kb/WxSP2.htm.
Yer probably correct. So far, only people on the problem-programs
list should have problems. I wonder how many million that is?
And then there's guys like me...who use programs like LanTalk that
aren't all that popular.
But quite a few of the problem programs only needed to be
unblocked in the firewall, so the problems were not severe. Some
had bigger problems though.
Anyway, that's how it is. I'm not happy with this either, but
Microsoft genuinely tried to do their best. They've been blamed
for insecurity, now that they tighten security, they are blamed
for just the opposite. They always have the choice of being shot
or hanged.
I wonder how many residential, ordinary folk know how to diagnose and
install these kinds of updates. On my bench computer alone, there's a
dozen or so that I would need to upgrade.
My choise...upgrade dozens...or not install one.
That's a general problem. I think today's computers aren't
really usable for the vast majority of users who are not
technically oriented. The software is far to complex, too
unstable, too unreliable. Perhaps most users would be better off
buying a good PDA (Personal Digital Assistant), where the
software is simple and indestructibly burned in. I'm sure we
cannot go the current path for much longer, but I cannot foresee
the next 10 years. Am very curious though.
I want to compliment you on your page, Hans. You really put a lot of
work into it...and did a good job.
Thanks, I do what I can.
But YER a perfect example of what's goin' on. Even YOU don't know how
to answer and SOLVE most of the queries posted here. So for most of
your posts, you simply suggest folks go to your home page...and solve
the problem THEMSELVES.
Even YER overwhelmed, I think. lol
True. That's why I make these pages. Consider that I do all this
in my free time. Writing a newsgroup message takes a couple of
minutes, and there are hundreds of new messages here in this
newsgroup every day.
My latest experiment, the Small Network Troubleshooter at
http://www.michna.com/kb/wxnet.htm, tries to make the
troubleshooting semi-automatic. The problem is that it asks some
diligence, time (several minutes), and precision of the user.
Hans-Georg
