Fair enough. The OP "Vijay" has posted several, uh, terse
but similar questions in the past, which make it sound like
he is trying to lock down XP machines in some kind of
large-scale deployment; eg a business or school. So the
considerations he faces are likely somewhat different to
those of individual Windows users at home.
Yes, or he has some things he wants to keep secret. That was
fairly clear.
BTW - after "sitting" on it for two months after physically
installing the card - I tried to install the SW yesterday. I
repeatedly got an installshield error/setup termination and
according to the company, I am the first person ever to report
it - which I fully believe - and they are dumfounded. I have had
stuff happen to me that you would NOT believe. Nice to get
another one.
I appreciate the link but I am trying to keep my mind free of
things which do not directly concern me... I am getting older
and grey matter allocation tables are shrinking... ;-)
The Windows NT Kernel is pretty secure, in the grand scheme
of things. The Windows user-mode subsystem (aka Win32) has
some architectural vulnerabilities which Microsoft know how
to fix ... except it would break every existing Windows
application!
What a surprise...
In the kernel, every Windows application runs
in a protected memory space; and every kernel object can be
secured by ACLs. But the Win32 user mode objects, such as
Desktops and WinStations, are able to pass messages to each
other, *by design*, which provides (a) a very flexible and
powerful user environment, and (b) very porous (vulnerable)
security boundaries.
I can't understand most of that. My knowledge comes purely from
sitting in front of a total of maybe 15 Windows machines over
about 20 years. I have little formal computer education and a
lot of basics, sadly, are unknown to me.
Microsoft's response, since 2004, has been to develop major
products (especially Windows OS and SQL Server) using the
Security Development Lifecycle (SDL) methodology and tools.
See:
http://blogs.msdn.com/sdl/
http://www.microsoft.com/downloads/details.aspx?familyid=241
2c443-27f6-4aac-9883-f55ba5b01814&displaylang=en
Again, thanks, but no thanks. What I don't understand is why MS
doesn't just write a decent OS from scratch. Surely one of the
most profitable corporations in the world could afford to hire
the brainpower? And if the excuse is "awww, but then all our
customers would have to buy new software" is total BS since one
of the things MS is best at doing is FORCING everyone to buy new
software all the time anyway - either by making things
incompatible, changing formats, or just forcing the big world
corpo machine to upgrade since it "will fix all problems". It's
an inescapable chain reaction which works better than any
pyramid scheme ever conceived.
This is one of the main reasons that Vista - for all its
undoubted problems - is significantly more secure than XP;
and why Windows 7 is significantly more secure again (and
eliminates many Vista problems).
Possibly. I'll probably never know. After this XP test run, I'm
trying Linux - mostly because I have nothing better to do.
If older versions of Windows such as 98 meet your own
specific needs then that's fine; stick with them! But in
the organisational context, with large networks of Windows
users needing to be both secure, supported and productive,
then the security features in current releases of Windows
are quite useful.
I believe that, but I still think they should admit they have
been ****ing around with us long enough and start from scratch.
It is worth noting that most banks, government departments,
security and law enforcement agencies - all quite
security-conscious organisations! - run some version of
Windows as their main desktop OS. A secure deployment of
Windows may require some work and planning; but it is not
a hopeless cause.
I'm not sure I'd agree - again, I doubt any of those entities
would complain if MS issued a completely new totally secure
platform - they upgrade their HW and SW all the time anyway.
But like I said, MS prefer to throw good code after bad - I read
somewhere there's still 80's code in Vista, and I would not be
surprised if that were true. The fact there is not a single
person in the world who has read /ALL/ the Vista code and
therefore could answer that question
is another matter which proves how hopelessly tangled things
have gotten. When the garage is so full of crap you can barely
open the door 3 inches, it's time to do some MAJOR
housecleaning!
I have enjoyed your posts, thanks.
PS I guess you know already but Nyx was the mother of
Thanatos, and Hypnos was his brother - hence my opening
quip
)
While the names are familiar, I did not know the relationships,
BION. I have serious gaps in my knowledge. I chose thanatoid
because I have been obsessed with the idea of killing myself
since I was 10 years old - for a variety of unfortunate reasons
I am still here. Sigh...
