PureBasic Forums - English

My 2 cents worth about unsigned drivers. As an ex MS sales partner (and i've had enough contacts in the business over the years), I know how much money is involved in this signing process and also have seen that it is no guarantee that the driver is good, stable or worthwhile.

Pay enough money to MS for the signing of the driver and it will get done, good or not. I have seen more than enough signed drivers park a system into hyperspace and plenty of unsigned drivers work perfectly. THis is a fact of life, get used to it.

Certification doesn't insure that a driver is bug-free, that's not its purpose. It's a hoop that, for the most part, only legitimate companies would jump through and certificates can be revoked if the situation warrants it. Administrators can set various policies as to how strict "enforcement" is in terms of signed drivers, so there's also a fair amount of flexibility there if needed.

true.

In all seriousness, the operating system is not supported by Microsoft any more, it gets no security updates, companies aren't producing drivers for it any longer

Not getting updates from MS is generally a good thing. I can remember how good XP was before SP2 and even SP1 hit. MS trying to fix something and ending up putting more vulnerabilities or stability problems in your system is NOT a good thing.

Companies don't provide drivers for the older operating systems for the simple reason most people running those old setup and not going to be buying and installing new hardware (other than hard drives or cd drives), heck much of the new hardware couldn't even be used in the older systems even if you wanted to because of changes in the hardware formats themselves.

really have to take issue with that. Windows 95/98/Me is not as secure and people who continue to use those old versions of Windows and are connected to the Internet are prime targets for attack.

Most of these users are going to be using a dial-up service and have a Dynamic IP. Most major dial-up services also have security features built into their software, such as AV, Firewall and increasingly Malware protection.

Most would argue systems like that are more secure than any XP system with a dedicated connection which relies on the user to install security software and keep it updated.

If you've worked extensively with Vista, you'd also understand why it is a significant step forward for security.

http://www.symantec.com/avcenter/refere ... urface.pdf

If something is NEW and unproven how can anybody claim it is more secure? With the adoption cycle of new operating systems, it will probably be two years before we know how secure Vista really is.

It's more difficult to get rootkits installed on the 32-bit version

Actually, part of the delay in Vista was to fix the vunerability in Vista that allowed rootkits and the system to be completely hijacked with little effort from exploiting a vulnerability in the newer processors. The name of the lady who wrote the paper on this escapes me at the moment, but it was very interesting.

and virtually impossible on the 64-bit version with PatchGuard.

MS's new kernel is pretty cool, dummy functions, functions that dont do what they are named, etc. Much harder to patch it if you can't figure out what is going on. However with all the improvements, currently all one has to do is disable the kernel's internal timer which it uses to autocheck itself, and PatchGuard is rendered virtually useless.

All of that, out the window.

All MS has done it make it so legitimate companies won't try and mess with the kernel, but it is still wide open to the bad guys who don't "play by the rules".

If there is a lesson to be learned from the past 15 years or so, there is no such thing as being "too paranoid about security" because everyone is out to get you.

Unfortunately, this mentality is what has lead to the heavy-handed DRM crap being put into Vista and the new hardware.

If the kids want to play games, well, that's what Playstations and XBoxes are for.

Ironic, but games are what made home computers, and got people using them back in the late 70s and early 80s. It is what has kept home computers alive and a thriving industry.

Take games away from home computers, and you have no need for home computers any more, all you need is a dumb terminal connected to the net to run what few netbased applications you may need, like email, word processor, etc.

Oh wait, didn't I hear MS spout this as the future direction 10 years ago at a MS conference? So, yes it will likely eventually happen.

Most people using computers have no business having one. If you can't program, you shouldn't have a computer. The unskilled users which are the majority are the ones who cause the problems with security and such by not using their systems properly.

The only reason I have computers is for writing 2d video games and playing 2d video games. NONE of the consoles have interested me over the past 20 years.

An unsigned driver wouldn't get installed in the first place under normal conditions, so yes, if there is one the operating system should disabled it. And if there's found to be a driver out there that is hostile or meant to defeat aspects of the security system, then they should be able to revoke the certificate if necessary and disable it... Certification doesn't insure that a driver is bug-free, that's not its purpose. It's a hoop that, for the most part, only legitimate companies would jump through and certificates can be revoked if the situation warrants it.

Since this stuff is also being built into the new hardware to comply with Vistas DRM requirements, a video card manufacturer could be late in paying its annual certificate licensing fee and under current rules, those video cards could be disabled at the hardware level for anybody owing one of those cards. The end user gets punished because the company screws up. You have neglected to even mention any of the DRM issues which are 100% connected to the other security features of Vista.

I really suggest people listen to episodes #73, #74, #75 of Security Now to get a better understanding of the DRM side of Vista and see how closely it is integrated into every aspect of Vista and new hardware. Vista has the ability to "brick" your entire system depending on how strongly things are enforced.

Don't brand me as a MS hater. I am not, but I am an honest MS user. With Vista, MS has the capability to stick it to you like Ned Beatty bent over a moss covered log.

I have to admit, I was really looking forward to Vista, but the things I was looking forward to like WinFS, etc were all pulled out. I really have no need for a 3D hardware accelerated interface, so Aero would be out for me.

I rushed out to get XP, as soon as it was released (as I did with Win 95), but Vista doesn't really have anything to interest me and my development machines and gaming machines are not connected to the net, so new security features wouldn't benefit me either. My net machine couldn't even run Vista due to the requirements, so it would be out for my net machine.

Someone has been reading and/or listening to Gibson's FUD, the "Bill O'Reily" of the computer world. The man certainly knows how to whip up a frenzy and howl about how the sky is getting ready to fall right now. I remember his hair-pulling and jumping about a few years back about how if Microsoft didn't make changes to their TCP/IP stack right away, it was going to be the end of Internet as we know it. The man can make a legitimate point, but then proceeds to slather so much hyperbole on it, you can't distinguish between what is a legitimate concern and what is him enjoying the sound of his own voice.

Is any security system perfect? No, of course not. And whitepapers on how that system may be breeched doesn't necessarily translate into real-world application. It is possible to disable PatchGuard, but as far as I know it isn't possible without the user pro-actively running code and accepting UAC prompts. In other words, someone can't send you an email, you open it and PatchGuard just falls over and dies. Some social engineering would need to be involved there, and human beings are always the weak link when it comes to security.

As far as saying that only programmers should be able to use computers, well that is so far out in the stratosphere, I'm not even sure how to respond to it. You're entitled to your opinion of course, but fortunately you're in a significant minority. I believe computers should be for everyone, and they should be safe to use.

You're entitled to your opinion of course, but fortunately you're in a significant minority.

Since I have been programming since '79, and I don't ever have issues with viruses, malware or hackers, etc. because of safe computing practices. I like being in the minority, to me it is definitely a good thing.

I believe computers should be for everyone, and they should be safe to use.

Since most people are not programmers, they don't know how to use a computer. They only know how to use the software installed on it. Sadly, most people would do just as well with a dumb terminal connected to the net and using "online" software. For the older grandmas connected to the net who want to email family and get pics of the grandkids, the webtv type devices are ideal.

Saftey is the responsibility of the user. Sadly, since most users aren't programmers they lack the knowledge necessary to properly secure their computers (which is why all the dialup services provide this for them) and blame MS when problems occur because of their own incompetence. Which is why for the "average" home user, we are really moving towards the dumb terminal scenario. There is less for them to mess up.

I don't like the idea of my operating system suffering from extreme paranoid schizophrenia and being bloated with all kinds of unnecessary protection crap because the average home user doesn't know how to properly use a computer.

To their defense, what is MS supposed to do, if they expect to sell operating systems for the average home user, this is the move they have to make. Doesn't mean I have to like it. Luckily for us geeks, there are alternatives if we choose to follow those paths.

where can i vote for Win3.11 and Win95?

BTW, before Vista even came out, there were already virii and other
security breaches found. And more on the way.

Vista is not a step forward at all, in fact it merely causes programmers
problems and not the creators of virii and trojans. It is a step forward
for MS itself, but not really for those who buy it.

Much of what MS put into it is GUI work, and features to aid MS in combating
piracy of the system itself. Yes, they did make a feeble attempt at trying
to make the system more secure, but obviously they took a bit of wrong
direction there. Though what they did do so far is something that probably
should have been done, but they never seem to dive in deep enough into
the system to weed out those bugs and oversights that are the crux of
the systems security issues.

And someone mentioned Linux here too, which is only a false sense of
security. The only reason Linux and OS X have been free from the
amount of virii and attacks, is because they aren't yet prolific enough
for the creators of these items to target. But rest assured, if Linux or
OS X becomes more and more main stream, you will lose your false
sense of security. Linux servers get hacked into all the time, web sites
get defaced or completely replaced. So don't get lazy if you're using
Linux, be just as on guard with that as with Windows.

And yes, you can secure a 9x system, just as secure as XP, which wasn't
all that secure either. It simply requires one to install the proper software
to help secure the system, and it also requires one to learn some good
habits for running that computer and being online with it. Routers with
firewalls, personal firewalls, browser configurations, AV programs etc.

Let's face it, most of the security breeches in any Windows system have
been born of users not paying attention, going where they shouldn't be,
downloading what they shouldn't download, foolishly clicking links in
emails, opening attachments from people they don't know etc. It is rare
that a breech is smart enough to find it's own way on or into the system,
but there are those types of breeches out there.

It's going to be the same story with Vista. And it's up to you if you want
to pay a couple thousand to buy a new PC that can run Vista, plus pay
a couple hundred to get Vista, then pay for new firewall software, then
pay for new AV software, then pay for new anti-trojan software, spyware
repellent software, software to keep users from opening attachments
from users they don't know etc. The costs of upgrading to Vista are far
more than people realize. Software companies need to totally reprogram
their products, people who bought that software previously will likely have
to buy it again.

And have you even read about the media DRM issues with Vista yet?

Have you even read about the potential issues with Windows Activation
and Verification processes?

Oh yeah, and one more thing... If MS still has the guts of Internet
Explorer built into the system, then Vista is headed down the same road
as XP. If they finally pulled the guts of it out of the system, then there
may actually be some hope this time.

So again I say, if you've got an old system already well secured, why
upgrade to Vista? If it ain't broke, don't fix it.

garretthylltun wrote:And have you even read about the media DRM issues with Vista yet?

Have you even read about the potential issues with Windows Activation
and Verification processes?

Oh yeah, and one more thing... If MS still has the guts of Internet
Explorer built into the system, then Vista is headed down the same road
as XP. If they finally pulled the guts of it out of the system, then there
may actually be some hope this time.

Sure, I've read about them. There's a lot of FUD being spread around about Vista, you can't hardly miss it. What's hillarious is that many of these folks don't even have a Vista system and are just repeating whatever they've read on some blog or heard from someone else, 4th, 5th and 6th person.

I've been beta testing Vista since it was initially released. It became my primary development system when it RTMed. How many DRM issues have I personally come across? None. How many activation errors or Genuine Windows validation problems have I had? None.

Yeah, I know. A friend of someone's cousin's sister's brother's mother's uncle's boss had a problem with activation, and therefore the whole operating system is doomed to oblivion.

garretthylltun wrote:So again I say, if you've got an old system already well secured, why upgrade to Vista? If it ain't broke, don't fix it.

If that old Windows 9x system is behind a state-of-the-art hardware firewall/IDS, then by all means. Enjoy antiquity to your heart's content and I have absolutely no problem with that. However, that is not the case for the vast majority of users who basically plug the RJ45 wire from their DSL/cable modem right into the back of their computer.

What you're saying is something akin to "If you're a professional driver, are wearing a safety harness and the vehicle is reinforced with rollbars, then it's perfectly safe to jump it over those 10 busses." The thing is, most people are out there driving Dodge Hornets with a clutch that slips and faulty breaks. They try to jump those busses, they're just going to crash and burn.

Is Vista perfect? Absolutely not. And you're absolutely right that the weakest link is the users. But Vista does go through a lot more effort to protect the end-user from themselves, and by extension, protect us from them. And I count that a good thing.

How many DRM issues have I personally come across? None.

When you consider hardware enabled DRM video cards, monitors, graphics cards, optical drives, etc are not even on the market yet. Your experience proves nothing but a total lack of understanding of the topic being discussed.

What you're saying is something akin to "If you're a professional driver, are wearing a safety harness and the vehicle is reinforced with rollbars, then it's perfectly safe to jump it over those 10 busses." The thing is, most people are out there driving Dodge Hornets with a clutch that slips and faulty breaks. They try to jump those busses, they're just going to crash and burn.

Dodge Hornet? Somebody is showing his age Although they were AMC Hornets (a completely different company). So again, you clearly have no understanding of what you are trying to discuss. :roll:

Brice Manuel wrote:When you consider hardware enabled DRM video cards, monitors, graphics cards, optical drives, etc are not even on the market yet. Your experience proves nothing but a total lack of understanding of the topic being discussed.

I understand the issue perfectly, and that was my point (and some of the FUD out there is statements such as users being unable to rip CDs to a non-DRM format, which is completely untrue). The concern over DRM issues is all largely hypothetical at this point. When there's a real-world impact here, then we'll have something to talk about. Right now, all there is are a bunch of folks screaming that the sky is about to fall. For example, a big deal is made of key revocation, but we have yet to see how that actually plays out. I guess it's just human nature to automatically assume that the worst possible outcome is also the most probable, but that's more of an emotional response than a logical one.

Frankly, as someone who doesn't plan on playing HD-DVDs or Blu-ray discs on his workstation, I don't expect that I'll ever be running into these issues. But all of the panic about things like image downconverting when using insecure channels is not reality "on the ground" so to speak. In fact, as I recall, the major studios have explicitly stated that they are not going to use that "feature" of AACS (and it is the choice of the individual content providers as to whether downconverting will be enforced).

Virtually everything that's been written about is couched in hypotheticals and possibilities. It "may" happen, it "could" be done, it is "possible" that all of these draconian measures may be taken. Whether that actually happens remains to be seen. Currently, all of this hand-wringing is patently unjustified in my opinion. But then again, you seem to really enjoy it, so whatever floats your particular boat. I've made my point, so I'll let the issue rest. Windows 98 is dead, Windows Vista is not the devil incarnate. Take it as you will.

Edit: And yeah, I meant the AMC Hornet, not the Dodge concept car. C'est la vie.

I think you neglected to address the security issues with Vista, you've
covered the DRM and Activation issues, but not the security issues.

Such as trojans/virii/attacks already in the wild for Vista. Before it was
even released, the script kiddies and hackers were already at work
poking open holes with what seems to be relative ease.

BTW, I don't get my info as you have so gloriously portrayed, I get it
from such sources as reuters and other main stream news services.
Must be something to their reports of problems with the Vista DRM and
Activation.

Let's see, trust some guy who says he's beta tested Vista, trust a huge
news media company... Hard choice on this one.

Ok, that's not being nice, but you understand what I'm saying here. I
can't mark your information here as a reliable source at all. Though
you sound like you know what your talking about, with exception to the
AMC boo boo

Well, here's the thing, we only have to wait maybe what? Another month
before Vista gets in the hands of the home users. We'll see then.

There should be reports of issues from all the businesses already running
Vista soon enough.

MS has previously said they will drop support for XP in April of 2009. However, now they have decided to provide security fixes for XP for another five years which would bring it to April 2014. Security fixes will be free until 2014, but after 2009, tech support for XP appears it will cost:

http://apnews.myway.com/article/20070124/D8MRTBJ80.html

I have win98 as optional when booting my slowest computer. It's main use is to use external device where program does not work with better OS (ME is not an option for me )

I know DirectIO or userport (or something similar) could solve problem if program would not crash (because of better memory management) often in XP.

also my primary option (linux) on that machine knows how to restore win98 backup image back when needed ..

it's also good way to test if my PB programs are working in real hardware