SP2- To install or not to install, that is the question

[Ian Hoare]

Salut/Hi Ken Blake,

le/on Sun, 23 Jan 2005 17:58:15 -0700, tu disais/you said:-

I think that "if ain't broke why fix it?" is a usually a very
prudent and good point of view.

I don't. Certainly on anything mechanical, preventive maintenance is
crucial. Sorry Ken, but my brother in law lived on a boat. His guiding
principle was "if it ain't broke, don't fix it". So whenever we had a storm,
all the things that were holding on by their fingernails would break because
they were stressed to the limit. Sheet lines broke, mast stays broke, etc
and so forth. And always just at the moment when it was crucial that they
worked ad always at a time when it was horribly difficult to replace/repair
them. A simple inspection and replacement of worn stuff BEFORE they broke
would have prevented a great many near catastrophes.

Even on computer systems, I suggest that a similar methodology should
prevail. My main problem is to work out what to do and how to do it! Should
one regularly uninstall a program, (saving data and settings first, of
course) and re-install it (possibly upgrading/dating at the same time)?
Should it be windows that we do that to? How about defragging disks? What
intervals....

I'm happy with the free version of Zone Alarm.

I have some issues with it, but on the whole I agree.

 

[Ian Hoare]

Salut/Hi David Candy,

le/on Tue, 25 Jan 2005 02:21:47 +1100, tu disais/you said:-

Software isn't a boat and doesn't age.

It's as true for sox as for anything else, IMO. People make mistakes, which
little by little tend to reduce the reliability of the application. Disks
become fragmented, the registry gets its knickers in a twist. All these
things tend to make the operation of the computer less reliable.

 

[Guest]

I have been putting off installing SP2 on my machine, and now I need to make
a decision, to install or not? From the threads on this group, I am leaning
toward NOT.

If I have adware/spyware software, and norton anti-virus and have kept my
machine up to date with all the MS updates, and a install a firewall can I
live without SP2 until they distribute a more stable fix?

I haven't had any issues so far, and I figure if ain't broke why fix it?
PS please recommend a good firewall app.

 

[Colin Barnhorst]

There is nothing unstable about SP2. Millions have installed it without a
problem. I have installed it on 6 machines with no problems.

It is not a "fix." It is a substantial rewrite of the OS that implements a
number of security strategies that go far beyond what patches and programs
can do.

As for firewalls, I recommend Zone Alarm.

 

[gls858]

I have been putting off installing SP2 on my machine, and now I need to make
a decision, to install or not? From the threads on this group, I am leaning
toward NOT.

If I have adware/spyware software, and norton anti-virus and have kept my
machine up to date with all the MS updates, and a install a firewall can I
live without SP2 until they distribute a more stable fix?

I haven't had any issues so far, and I figure if ain't broke why fix it?
PS please recommend a good firewall app.

Rmember, people come here for help with problems. So naturally
most of the posts you see will be negative. Most people installed
SP2 without issues, as long as they prepared first. Check the
following link for info on how to prepare.

http://support.microsoft.com/winxp

gls858

 

[Ken Blake]

In

I have been putting off installing SP2 on my machine, and now I
need
to make a decision, to install or not? From the threads on this
group, I am leaning toward NOT.

Your choice of course, but I think you're making a poor decision.

If I have adware/spyware software, and norton anti-virus and
have
kept my machine up to date with all the MS updates, and a
install a
firewall can I live without SP2 until they distribute a more
stable
fix?

It already is very stable (although, like anything else, not
perfect). Realize two things:

1. If you're reading about problems in the newsgroups, this where
people come with their problems, not with their successes. You
get a very distorted view of what's going on in the real world
here; as someone once said, "hang around a transmission shop and
you will think that all cars have transmission problems."

2. Most problems, by far, that people report--whether or not they
are SP2-related--have nothing to do with defects in the software.
They result from people's ignorance, from bad or inadequate
hardware, from old drivers, from viruses, from spyware
(*especially* from spyware; installing it on a spyware-laden
machine is a presciption for disaster), and so on. And except for
very rare situations, they always get a fix for their problems,
and in most cases, that fix is a very simple
one to implement.

I've personally installed SP2 on several machines and I know many
others who have installed lots more. In the all the installations
I've been part of or know about, I know of a single failure, and
that was on a spyware-laden machine. Even there, uninstalling it
fixed the problem easily.

Can you live without it? Probably. But over and about it's
highly-touted new features, there are lots of fixes and new
improved code in SP2, and most people should have it. See "List
of fixes included in Windows XP Service Pack 2"
http://support.microsoft.com/default.aspx?scid=kb;en-us;811113&Product=windowsxpsp2

I haven't had any issues so far, and I figure if ain't broke
why fix
it?

I think that "if ain't broke why fix it?" is a usually a very
prudent and good point of view. But not here. When dealing with
something like SP2, it's a very *imprudent* point of view. This
is a security-oriented release. It's not primarily designed to
fix things that may be broken now, but to protect you against
problems in the future. There are some small risks in installing
it, but the risks of running without it are far greater.

PS please recommend a good firewall app.

I'm happy with the free version of Zone Alarm.

 

[Gene K]

Why wait? I installed it as upon release and persuaded several others
to do the same. None had significant problems other than the short learning
curve. Read all the problems in this and other forums and you will soon be
persuaded the world has come to an end. The ones not represented are a huge
bunch who have installed SP2 and marched forward to other things.
Gene K

 

[Kevin]

The installation of Service Pack 2 is not required. At least, not yet!
There is no reason to install it if you are protecting your system with a
firewall, anti-virus and malware applications. I use Zone Alarm Pro as my
firewall and it has worked without issues for quite some time. Service Pack
2 is a major upgrade (?) to the Windows XP operating system. As such it
makes many changes to the core code of Windows XP. Sometimes these changes
can cause problems. There are steps that need to be taken to prepare your
system for the installation of SP2. These can be found on the Windows
Update website.

I have not installed SP2 and my system is running just fine. No adware,
spyware, worms, Trojans, popups or viruses have made their way onto my hard
drive in a long, long time. If you don't want to install SP2, don't. At
some point in the future, the installation of SP2 will be a requirement to
download and install further updates and patches.

 

[ruth]

I tried installing SP2 on my laptop and everything worked fine for 10
days, then my computer stopped booting up following the windows xp
screen and I was faced with a blank screen. Thankfully this was
reversible (some friends of mine weren't so lucky) and I was able to
get into the last known working configuration of windows to remove SP2.

 

[David Candy]

Software isn't a boat and doesn't age.

 

[Ken Blake]

In

Salut/Hi Ken Blake,

le/on Sun, 23 Jan 2005 17:58:15 -0700, tu disais/you said:-




I don't. Certainly on anything mechanical, preventive
maintenance is
crucial. Sorry Ken, but my brother in law lived on a boat. His
guiding
principle was "if it ain't broke, don't fix it". So whenever we
had a
storm, all the things that were holding on by their fingernails
would
break because they were stressed to the limit. Sheet lines
broke,
mast stays broke, etc and so forth. And always just at the
moment
when it was crucial that they worked ad always at a time when
it was
horribly difficult to replace/repair them. A simple inspection
and
replacement of worn stuff BEFORE they broke would have
prevented a
great many near catastrophes.

I should have qualified that I didn't mean on mechanical things,
and especially not on boats. But software doesn't wear out the
way hardware does.

 

[André Gulliksen]

Software isn't a boat and doesn't age.

No it isn't, but yes it does. A security vulnerability in a piece of
software is not a problem until it is discovered. But when the vulnerability
is discovered the software is suddenly rendered useless, regardless of how
long the vulnerability has existed but not been exploited. Any worm from the
last couple of years should prove this point.

SP2 does not only contain fixes to know security holes, but also takes
countermeasures to reduce the impact of yet unknown threats. My advice would
be to install it, and be prepared to roll back if things breaks.

 

[Colin Barnhorst]

It is not a question of wear. It is a question of the appearance of new
threats where none was perceived to exist. SP2 includes new processes like
the stack watcher to intercept executables injected into the stack by
malware, and a whole lot of other new programming.

However, I perceive that you came in here asking a question without having
any intention of dealing with the answers, so do as you like. It's your
computer.

 

[David Candy]

No it doesn't age. It is exactly the same. My Dos 3.3 works exactly the same as it did 15 years ago. I don't care about security. This is just linux marketing hype.

 

[André Gulliksen]

No it doesn't age. It is exactly the same. My Dos 3.3 works exactly
the same as it did 15 years ago. I don't care about security. This is
just linux marketing hype.

Are you trolling?

AFAIK MS-DOS 3.3 had (okay, has) no networking support whatsoever. So you
are perfectly right, a default installation is probably not very vulnerable
to any remote exploits. But this thread is not about pre-internet operating
systems. It is not even about boats. It is about Windows XP. And it is a
fact that a clean default Windows XP installation should not be allowed
anywhere near a public IP address before it is pinned down, tied up, tucked
in and properly patched. Otherwise it would be blasted, sassed and generally
buttfscked after only minutes (yes, minutes) of exposure. Such a system has
plenty of known vulnerabilities, and probably even some unknown ones.

A clean default Windows XP SP2 installation probably also has holes waiting
to be discovered. But at least these holes will find themselves behind a
basic firewall, meaning the system can risk being exposed the time it takes
to bring it up to speed.

As for your point about Linux: Microsoft products would have plenty of
security issues, with or without Linux. Melissa proved that. Code Red proved
that. Blaster proved that. And these issues would have to be dealt with, one
way or the other. And even Linux is no magic wand against security threats.
Tons of Linux boxes are hacked, cracked, picked apart and violated every day
(though they do seem to be spared of the viral autonomous infections that
have scourged Microsoft products). If you are serious about security you
should probably look towards a BSD-based system, including Mac OS-X/Darwin.

 

[Len Dolby]

From one of the silent (till now) majority - SP2 works fine, provided the pc
is fully "housekept" first - just read the "readme" file (or the website).
As ever, time-consuming - takes about same time as initial installation of
XP. But, the important thing is, IT WORKS.
Only ever seen/heard of probs from those who don't RTFM's or believe they're
sufficiently savvy "experts" who don't need to. Go for it!
NB - there's already later critical updates posted that can't be installed
without SP2 present.

Delaying installation leaves your pc at risk. Your choice, your kit, your
personal responsibility.

Sincerely, Len. (experienced private user, retired, no connections to
Microsoft or IT industry).

 

[David Candy]

Utter crap. Unix has had far more holes than windows has ever had. Linux propaganda, that you swallow and MS is doing their usual value free marketing stuff, is that windows is weak. It is not true. Go through the CERT database. MS doesn't even get mentioned for a few decades.

A unpatched XP is unlikely to be infected. I didn't get infected nor did the MVPs who don't patch.

Perhaps you should form your own opinions.

Terrorists like you (rescuing drowning people a la Tampa) are doing a grave disservice by spreading lies. Users are absolutely terrified of their computers and their " security threats". Gee I might pay MS $500 so I can refuse to use my computer from fear.

It is extrenmely difficult to get infected. Users gluttony causes most spywear (free software, free photoes, free games, free that - give me more, give me more) infections. But more and more users won't do anything.

Anyway the answer is not in makeing computer useless but in enforcing the law. PS I also don't lock my door.

 

[Guest]

Thanks to all for your input. It has been very helpful in my decision making
process. I will do a little more investigation, and move forward.

One last question, if SP2 comes with a firewall, and IF I decide to install,
is it recommended that I still put another firewall in place?

 

[Colin Barnhorst]

Since the SP2 firewall does not stop outbound traffic, many users use a
third party firewall, like Zone Alarm.