PDA

View Full Version : Service Pack 2


jspchief
01-31-2005, 10:19 PM
A lot of people recommended not installing SP2 when it first came out. I didn't really delve into why, I just assumed others knew what they were talking about (dangerous approach on the Planet, I know).

So my question is, Is it safe to install it yet? And if so, what precautions should I take? Please explain it to me like I'm computer retarded.

theultimatekcchiefsfan
01-31-2005, 11:06 PM
I just installed it and it seems that my internet speeds have been quite slower. Dont know if anyone else is getting the same result. I would still reccommend it for security purposes though.

BigRedChief
01-31-2005, 11:17 PM
SP2 is still not a mature update. There are still many bugs/issues with third party software that can be caused by installing it

Phobia
02-01-2005, 01:17 AM
I've tried SP2 twice - bad experiences both times. I'm not gonna try again.

There are other people who swear by it. All I know is what I've seen and I don't like it.

Miles
02-01-2005, 01:40 AM
I havent installed it on my desktop since i read so many negative things about it when it was first released. Though my laptop came preloaded with it. I have noticed no speed/bug issues with it so far.

Phobia
02-01-2005, 01:44 AM
I havent installed it on my desktop since i read so many negative things about it when it was first released. Though my laptop came preloaded with it. I have noticed no speed/bug issues with it so far.

That's a great point. A virgin OS is more likely to take a service pack. Then you can load all your other stuff, which is what you're seeing with the laptop that came preloaded with SP2.

ExtremeChief
02-01-2005, 06:05 AM
I have had a few games crash my comp since installing SP2. I also have the comp randomly wanting to use dial up to connect now even though I have a network connection.

I needed to throw some of those old games away anyway I guess.

I wouldn't recommend it from the experience I've had.

htismaqe
02-01-2005, 09:06 AM
I waited to install it until about 2 weeks ago. It worked fine, and some of the new features are pretty sweet...

Iowanian
02-01-2005, 09:47 AM
I'm not a tech guru, but installed sp2 at home.....my internet connection(cable) was lost to the provider, and speeds have been slower since.

I don't know the "whys", but I know I'd not tell anyone to use it yet.

ROYC75
02-01-2005, 09:49 AM
Done mine 2 months ago, no problems at all.

But that's just me.

htismaqe
02-01-2005, 09:49 AM
I'm guessing tha the slower speeds people are reporting is because of the level of inspection included with SP2.

The two big ones that come to mind are:

1) SP2 automatically enables the Windows firewall (it's off by default in SP1).

2) SP2 does pop-up blocking IN the IE code itself.

Iowanian
02-01-2005, 09:52 AM
I should check the windows firewall......I'm running zonealarm, so maybe if 2 of them are running in conjunction, thats the problem?

htismaqe
02-01-2005, 09:59 AM
I should check the windows firewall......I'm running zonealarm, so maybe if 2 of them are running in conjunction, thats the problem?

That would definitely be a problem.

Each time a packet has to be opened and inspected, it creates a few microseconds of latency. ZoneAlarm would open the packet multiple times at layers 3, 4, and 7 most likely. The MS firewall would do the same.

Lzen
02-01-2005, 10:28 AM
I installed SP2 several months ago and have not noticed anything signifigant. Turn off the firewall if you are already running a software firewall like Zone Alarm. Also, don't use Internet Explorer. Try Mozilla's Firefox. ;)

HC_Chief
02-01-2005, 10:51 AM
SP2 will wreck your OS if you're running a 'hacked' copy of XP; as will Windows Spyware Removal Tool.

SP2 installs Windows Firewall, as well as a couple of other monitoring/administrative functions (among many other things) to help secure your PC and keep it up-to-date.

I have had zero problems w/ SP2, and would recommend you install it.

Phobia
02-01-2005, 10:55 AM
SP2 will wreck your OS if you're running a 'hacked' copy of XP; as will Windows Spyware Removal Tool.

Mine are legit. FWIW.

HC_Chief
02-01-2005, 10:59 AM
Hmm, odd. What kind of errors/problems, and what hardware?

Phobia
02-01-2005, 11:04 AM
Hmm, odd. What kind of errors/problems, and what hardware?
It disabled internet browsing, essentially. I didn't spend a lot of time troubleshooting the problem, because I knew what happened. I just backed the SP off and everything was fixed.

htismaqe
02-01-2005, 11:15 AM
If you guys are concerned with throughput, I would get rid of ALL software based firewalls, including ZoneAlarm and MS Windows Firewall...

Get a hardware-based firewall, much faster and far more secure...

ROYC75
02-01-2005, 11:19 AM
If you guys are concerned with throughput, I would get rid of ALL software based firewalls, including ZoneAlarm and MS Windows Firewall...

Get a hardware-based firewall, much faster and far more secure...

Question : Do I need the SP2 ?

Why would I want to use the MS firewall in the SP2 when I already have a external firewall between my internet and router ?

htismaqe
02-01-2005, 11:25 AM
Question : Do I need the SP2 ?

Why would I want to use the MS firewall in the SP2 when I already have a external firewall between my internet and router ?

SP2 contains some kernel enhancements and also has a VERY good pop-up blocker (much better than any 3rd-party software I've tried).

You shouldn't use MS Firewall with a HW firewall, you don't need it and it will just slow you down.

mcan
02-01-2005, 11:27 AM
I kept getting kicked out of poker sites and my connection seemed a little slower. But, I added that site to my firewall exceptions and now everything seems hunky dory. SP2 took me forever to download, and it took a couple tries, but it hasn't had any problems. I just with I knew what it did besides upgrade my security features. I haven't noticed that my computer has any new features on it or any cool upgrades or anything.

ROYC75
02-01-2005, 11:35 AM
Originally Posted by htismaqe
SP2 contains some kernel enhancements and also has a VERY good pop-up blocker (much better than any 3rd-party software I've tried).

You shouldn't use MS Firewall with a HW firewall, you don't need it and it will just slow you down.



OK, not knowing a thing about SP2, can you use it, but still disable the firewall on it, allowing the blocker to help stop the malware and trojans ?

My pc guys wants me to use it, just checking with what most of you guys feel as well .

htismaqe
02-01-2005, 11:39 AM
OK, not knowing a thing about SP2, can you use it, but still disable the firewall on it, allowing the blocker to help stop the malware and trojans ?

My pc guys wants me to use it, just checking with what most of you guys feel as well .

As long as you are a local admin on your machine, it can be disabled.

ROYC75
02-01-2005, 11:45 AM
As long as you are a local admin on your machine, it can be disabled.

Bingo, I am. I have 2 pc's that are linked that has Wins XP that need them, a Wins 98 and a Wins 95 that willnot take the SP2.

Got another question for you, Am I putting my business/home pc's at risk when I plug my daughters or III's up when trying to clean them up ?

III's stays hooked up all the time, but I do have to clean his up from time to time because of the sites he visits. So far to date, no problems, but am I asking for trouble here, can they back up into my business/home pc's ?

htismaqe
02-01-2005, 11:48 AM
Bingo, I am. I have 2 pc's that are linked that has Wins XP that need them, a Wins 98 and a Wins 95 that willnot take the SP2.

Got another question for you, Am I putting my business/home pc's at risk when I plug my daughters or III's up when trying to clean them up ?

III's stays hooked up all the time, but I do have to clean his up from time to time because of the sites he visits. So far to date, no problems, but am I asking for trouble here, can they back up into my business/home pc's ?

Does your daughter or III have access to the internet independent of your firewall?

If so, then yes. You've introduced another attack vector.

I would suggest creating a DMZ on your firewall (if it can do it) and hooking those machines up there to work on them.

Otter
02-01-2005, 11:52 AM
I installed it with no problems what so ever.

However, I was having some problems with an application I use regularly and un-installed and re-installed XP. Then installed SP2 and all the other updates (service packs and drivers) first thing before any apps were installed.

Much eaiser that way as opposed to laying all that old stuff under such a big update.

ROYC75
02-01-2005, 12:05 PM
Does your daughter or III have access to the internet independent of your firewall?

If so, then yes. You've introduced another attack vector.

I would suggest creating a DMZ on your firewall (if it can do it) and hooking those machines up there to work on them.

They don't touch none of the settings on the firewall. Nobody touches those, even me. The guy I use to do my pc work set it up for me.

All I have done is took her pc on line with my internet hook ups.

I guess it is possible for one to back up inside my firewall once her's is hooked up.

htismaqe
02-01-2005, 12:05 PM
Yeah, I never "upgrade".

I backed up all of my files that weren't already on a separate partition, formatted C:, and installed XP from scratch.

I then installed SP2.

htismaqe
02-01-2005, 12:07 PM
They don't touch none of the settings on the firewall. Nobody touches those, even me. The guy I use to do my pc work set it up for me.

All I have done is took her pc on line with my internet hook ups.

I guess it is possible for one to back up inside my firewall once her's is hooked up.

Yeah, unfortunately it doesn't look like you're in a situation where you can do much about it.

I have a "sandbox" setup on my firewall at home (and I've setup several in corporate environments) specifically for working on "untrusted" PCs like my mom's laptop.

Lzen
02-01-2005, 03:21 PM
If you guys are concerned with throughput, I would get rid of ALL software based firewalls, including ZoneAlarm and MS Windows Firewall...

Get a hardware-based firewall, much faster and far more secure...

Actually, I read an article about home networking on a computing site that said it's best to use both a software and a hardware firewall. I have a router firewall and also use Zone Alarm.

htismaqe
02-01-2005, 03:32 PM
Actually, I read an article about home networking on a computing site that said it's best to use both a software and a hardware firewall. I have a router firewall and also use Zone Alarm.

Why?

Yes, you should use a multi-layered defense strategy. But having two devices that do the EXACT same thing are useless.

You'd be better off doing host-based intrusion detection on your PC and coupling that with a hardware FW.

Lzen
02-01-2005, 03:40 PM
You'd be better off doing host-based intrusion detection on your PC...

English please? :p

htismaqe
02-01-2005, 03:54 PM
English please? :p

A firewall is by nature a "deny all and allow only things I explicitly allow" device.

An intrusion detection device is by nature an "allow all and deny only things that are known to be malicious" device.

A firewall is designed to restrict access to hosts/networks based on the networks and applications used with that host.

An intrusion detection device is designed (much like anti-virus software) to detect anomalous or malicious traffic in what is otherwise a normal traffic flow.

So, let's just restrict the discussion to web traffic and keep it simple.

A firewall can be used to restrict your access to Chiefsplanet. We can create restrictions based on IP like:

1) Only allow access to Chiefsplanet if Lzen's source address is X.
2) Only allow Lzen to access Chiefsplanet. If the destination address of Lzen's request is an IP address other than www.chiefsplanet.com, deny it.

We can also restrict access based on protocol.

1) Only allow Lzen to access Chiefsplanet using HTTP (TCP port 80).

You can then combine the 3 methods to form a rather restrictive access policy.

But what happens when Parker decides to infect Chiefsplanet with the W32/Badazz.HTTP worm, transmitted on TCP port 80?

Well, with a firewall, we have three options:

1) Block Parker's source address - not a great option since Parker is using AOL and can be coming from any one of 65000 source addresses.
2) Block HTTP at the firewall - yeah, the server is now invulnerable, even to legitimate users.

Intrusion detection, much like an AV program, has signatures and other pattern analysis tools that can identify W32/Badazz.HTTP and remove it from the bitstream without effecting legitimate traffic.

Make sense now?

Lzen
02-01-2005, 04:18 PM
A firewall is by nature a "deny all and allow only things I explicitly allow" device.

An intrusion detection device is by nature an "allow all and deny only things that are known to be malicious" device.

A firewall is designed to restrict access to hosts/networks based on the networks and applications used with that host.

An intrusion detection device is designed (much like anti-virus software) to detect anomalous or malicious traffic in what is otherwise a normal traffic flow.

So, let's just restrict the discussion to web traffic and keep it simple.

A firewall can be used to restrict your access to Chiefsplanet. We can create restrictions based on IP like:

1) Only allow access to Chiefsplanet if Lzen's source address is X.
2) Only allow Lzen to access Chiefsplanet. If the destination address of Lzen's request is an IP address other than www.chiefsplanet.com, deny it.

We can also restrict access based on protocol.

1) Only allow Lzen to access Chiefsplanet using HTTP (TCP port 80).

You can then combine the 3 methods to form a rather restrictive access policy.

But what happens when Parker decides to infect Chiefsplanet with the W32/Badazz.HTTP worm, transmitted on TCP port 80?

Well, with a firewall, we have three options:

1) Block Parker's source address - not a great option since Parker is using AOL and can be coming from any one of 65000 source addresses.
2) Block HTTP at the firewall - yeah, the server is now invulnerable, even to legitimate users.

Intrusion detection, much like an AV program, has signatures and other pattern analysis tools that can identify W32/Badazz.HTTP and remove it from the bitstream without effecting legitimate traffic.

Make sense now?


I have a much better grasp of it now, I think. Thanks. What intrusion detection program(s) would you recommend? Would something like Spybot be one of these?

htismaqe
02-01-2005, 04:32 PM
I have a much better grasp of it now, I think. Thanks. What intrusion detection program(s) would you recommend? Would something like Spybot be one of these?

It is in a way, yes.

I use a hardware-based firewall with intrusion protection built-in. I use WinPatrol and Spybot S&D on my PC. I don't have any problems.

Now, I should say (and I don't know if this is true of ZoneAlarm) some PC-based firewalls like Kerio can do one thing a hardware firewall cannot -- they can have rules based on source APPLICATION. This can be very effective in catching trojans.

Alot of trojans use well-known ports to communicate to the outside world -- port 80 (HTTP) for instance.

Kerio personal firewall can restrict that -- for example, if the HTTP traffic came from the Internet Explorer APPLICATION, it's legit. But if the HTTP traffic came from a background process called Badazz.exe, it would block it.

Otter
02-01-2005, 07:06 PM
Why?

Yes, you should use a multi-layered defense strategy. But having two devices that do the EXACT same thing are useless.

You'd be better off doing host-based intrusion detection on your PC and coupling that with a hardware FW.

I disagree here. I use both a software and hardware firewall as well.

Hardware firewalls do not regulate outgoing traffic. With a software firewall you can block windows from contacting the internet everytime you search for a file, watch an MPG, listen to an MP3, use the thesurus on MS Word or Photoshop, DVD Shrink ect...

Also, in a moment of brainfart I downloaded a shareware file that contained a virus and my soft firewall caught it with an "is OK for this APP to contact the internet" check.

It was nuetralized before it could do any damage and before my anti-virus software caught it.

Hence, if you want to monitor outgoing traffic as well as incoming, a software firewall is needed.

dirk digler
02-01-2005, 10:20 PM
If you want a truly safe PC you should use both a hardware and software firewall along with an AV solution, and spyware/adware solution and not use IE but use Firefox.

I have all of the above except for a hardware firewall but I feel pretty safe while browsing the Internet because I use ZoneAlarm which blocks everything incoming or outgoing unless I tell it otherwise.

If you want to see how good your firewall is go to www.grc.com and run the Shields UP test. I run at true Stealth so basically my PC doesn't exist on the Internet.

"Your system has achieved a perfect "TruStealth" rating. Not a single packet solicited or otherwise was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice."

Kerberos
02-01-2005, 11:09 PM
That's a great point. A virgin OS is more likely to take a service pack. Then you can load all your other stuff, which is what you're seeing with the laptop that came preloaded with SP2.

My personal experience with installing SP2 is that it DOES load allot easier without problems on a virgin install of windows FIRST.

If you are going to try and install SP2 on a computer that has had the same install of XP for more than a month or so you need to make sure that you:

#1 Have all spyware and/or viruses checked for and removed before proceding. Viruses and spyware will cause your install of SP2 to fail about 99.9% of the time so it is imperative that you make sure you have NONE before install.

#2 When satisfied that all OS is free of spyware and viruses you need to defrag the C: dirve before installing SP2.

#3 For best results on install I suggest you go to your start button and go to the RUN command and type in msconfig and then push ok. Then go into your startup and turn off everything. Then when you apply it and go out of it let it restart your computer and start your SP2 install from there. It is better to have NOTHING running in the backround after startup when installing something like a service pack.

My .02

Cliff

OldTownChief
02-02-2005, 03:06 AM
My personal experience with installing SP2 is that it DOES load allot easier without problems on a virgin install of windows FIRST.

If you are going to try and install SP2 on a computer that has had the same install of XP for more than a month or so you need to make sure that you:

#1 Have all spyware and/or viruses checked for and removed before proceding. Viruses and spyware will cause your install of SP2 to fail about 99.9% of the time so it is imperative that you make sure you have NONE before install.

#2 When satisfied that all OS is free of spyware and viruses you need to defrag the C: dirve before installing SP2.

#3 For best results on install I suggest you go to your start button and go to the RUN command and type in msconfig and then push ok. Then go into your startup and turn off everything. Then when you apply it and go out of it let it restart your computer and start your SP2 install from there. It is better to have NOTHING running in the backround after startup when installing something like a service pack.

My .02

Cliff
I agree. Start fresh with a new install and you'll have a lot less problems. I've updated a lot of systems with SP2 and as long as you can work through the little annoyances you will be happy with it but a clean install is the way to go if you can.

Lzen
02-02-2005, 02:04 PM
If you want a truly safe PC you should use both a hardware and software firewall along with an AV solution, and spyware/adware solution and not use IE but use Firefox.

I have all of the above except for a hardware firewall but I feel pretty safe while browsing the Internet because I use ZoneAlarm which blocks everything incoming or outgoing unless I tell it otherwise.

If you want to see how good your firewall is go to www.grc.com and run the Shields UP test. I run at true Stealth so basically my PC doesn't exist on the Internet.

"Your system has achieved a perfect "TruStealth" rating. Not a single packet solicited or otherwise was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice."


Hmmm, I may have to try that site. Do you know for sure that it is a legit site?

htismaqe
02-02-2005, 02:18 PM
I disagree here. I use both a software and hardware firewall as well.

Hardware firewalls do not regulate outgoing traffic. With a software firewall you can block windows from contacting the internet everytime you search for a file, watch an MPG, listen to an MP3, use the thesurus on MS Word or Photoshop, DVD Shrink ect...

Also, in a moment of brainfart I downloaded a shareware file that contained a virus and my soft firewall caught it with an "is OK for this APP to contact the internet" check.

It was nuetralized before it could do any damage and before my anti-virus software caught it.

Hence, if you want to monitor outgoing traffic as well as incoming, a software firewall is needed.

I mentioned that already.

However, it is possible with several PC-based firewalls to enable said outbound APP filtering without enabling full inspection, particularly for inbound traffic flows.

Inspecting inbound traffic flows is a waste of time if you have a hardware FW and all it does is slow things down.

htismaqe
02-02-2005, 02:20 PM
If you want a truly safe PC you should use both a hardware and software firewall along with an AV solution, and spyware/adware solution and not use IE but use Firefox.

I have all of the above except for a hardware firewall but I feel pretty safe while browsing the Internet because I use ZoneAlarm which blocks everything incoming or outgoing unless I tell it otherwise.

If you want to see how good your firewall is go to www.grc.com and run the Shields UP test. I run at true Stealth so basically my PC doesn't exist on the Internet.

"Your system has achieved a perfect "TruStealth" rating. Not a single packet solicited or otherwise was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice."

Having a truly secure system doesn't depend on FireFox.

Frankly, I'm getting sick of hearing it. It's 50% hype and 50% substance.

The reason more vulnerabilities haven't been found for FireFox is because very few people are exploiting them because virtually nobody is using it.

Lzen
02-02-2005, 04:06 PM
Having a truly secure system doesn't depend on FireFox.

Frankly, I'm getting sick of hearing it. It's 50% hype and 50% substance.

The reason more vulnerabilities haven't been found for FireFox is because very few people are exploiting them because virtually nobody is using it.

Kinda like the Macs? :)

htismaqe
02-02-2005, 04:38 PM
Kinda like the Macs? :)

Basically.

dirk digler
02-02-2005, 04:46 PM
Having a truly secure system doesn't depend on FireFox.

Frankly, I'm getting sick of hearing it. It's 50% hype and 50% substance.

The reason more vulnerabilities haven't been found for FireFox is because very few people are exploiting them because virtually nobody is using it.


What? Nobody is using it huh?

Firefox, the open-source browser which only went 1.0 in November, has this morning hit 20 million downloads. At the time of writing, the site's download counter reads "20,001,054" - it's currently averaging anything from 210,000 to 270,000 downloads every day.

Figures show that 1.1 million people downloaded v1.0 on the day of its release. Download figures also rose to around 300,000 a day for the two days after an advert for the browser appeared in the New York Times. The download rate has remained fairly steady since the middle of November. v1.1 of Firefox is expected later this year.

Have you tried it yet? I use to love IE if that is possible but since I have tried Firefox I will never go back. And the main reason that there is hardly any vulnerabilites and spyware is because Firefox doesn't support Active X which is the main culprit for spyware in IE.

htismaqe
02-02-2005, 06:44 PM
What? Nobody is using it huh?

Firefox, the open-source browser which only went 1.0 in November, has this morning hit 20 million downloads. At the time of writing, the site's download counter reads "20,001,054" - it's currently averaging anything from 210,000 to 270,000 downloads every day.

Figures show that 1.1 million people downloaded v1.0 on the day of its release. Download figures also rose to around 300,000 a day for the two days after an advert for the browser appeared in the New York Times. The download rate has remained fairly steady since the middle of November. v1.1 of Firefox is expected later this year.

Have you tried it yet? I use to love IE if that is possible but since I have tried Firefox I will never go back. And the main reason that there is hardly any vulnerabilites and spyware is because Firefox doesn't support Active X which is the main culprit for spyware in IE.

I don't "love" anything. I use IE because it's a browser, just like Firefox is a browser. Firefox doesn't do anything that IE doesn't do - they display webpages, they don't create art.

My IE doesn't use ActiveX either, because I turned it off.

Firefox is used by 20 million people? Wow, that's about 2% of total web users. Approximately 950 million people use Internet Explorer. And that's why it has 10 times as many known vulnerabilities.

Netscape got just as much hype as Firefox is getting now. Where is Netscape? Oh yeah, it was exposed to have fundamental security flaws and disappeared from the browser landscape.

htismaqe
02-02-2005, 06:54 PM
And sorry if I sound like an asshole.

I just take exception to the downright arrogance of the "rebels" in this business - the people that look down their nose at you because you're not using Linux, or OpenOffice, or Firefox.

Sound security isn't about technology. EVERYTHING is vulnerable.

Sound security is about policy and effective procedures to support it. Most of all sound security is about education.

dirk digler
02-02-2005, 07:02 PM
I don't "love" anything. I use IE because it's a browser, just like Firefox is a browser. Firefox doesn't do anything that IE doesn't do - they display webpages, they don't create art.

My IE doesn't use ActiveX either, because I turned it off.

Firefox is used by 20 million people? Wow, that's about 2% of total web users. Approximately 950 million people use Internet Explorer. And that's why it has 10 times as many known vulnerabilities.

Netscape got just as much hype as Firefox is getting now. Where is Netscape? Oh yeah, it was exposed to have fundamental security flaws and disappeared from the browser landscape.

I agree that Firefox is still as a way to go to unseat IE but that is because MS integrates IE into Windows and most regular users, non techies, don't give 2 cents about what browser they use. Hell half of them probably don't even know what a browser is.

But to say Firefox doesn't do anything IE doesn't do is absurd. I went to one webpage that I know that has spyware opened it up in IE with the highest security setting and my spyware detector started going crazy because the web page was trying to install a ton of spyware.

So I decided to see what would happen if I opened it up with Firefox, guess what? Nothing happened and no spyware was trying to install. So even with IE set to the highest security setting it couldn't even stop spyware which Firefox can. That IMO is the fundamental difference between the 2 browsers.

So far they have only found 1 security hole in Firefox which was fixed that day, it takes MS weeks to patch IE.

dirk digler
02-02-2005, 07:07 PM
And sorry if I sound like an asshole.

I just take exception to the downright arrogance of the "rebels" in this business - the people that look down their nose at you because you're not using Linux, or OpenOffice, or Firefox.

Sound security isn't about technology. EVERYTHING is vulnerable.

Sound security is about policy and effective procedures to support it. Most of all sound security is about education.


I don't look down on anybody especially with technology. I just happen to believe Firefox is a million times safer than IE.

The company I work for, which I am part of the IT Department, uses StarOffice and OpenOffice. I like OpenOffice but I would much rather have MS Office anyday and I know hardly nothing about Linux. Linux/Unix does do one thing much better than Windows and that is run websites. They are unmatched in that area other than that I don't know much about it. I think Linux is really for the ultimate tech geeks.

htismaqe
02-02-2005, 07:34 PM
I agree that Firefox is still as a way to go to unseat IE but that is because MS integrates IE into Windows and most regular users, non techies, don't give 2 cents about what browser they use. Hell half of them probably don't even know what a browser is.

But to say Firefox doesn't do anything IE doesn't do is absurd. I went to one webpage that I know that has spyware opened it up in IE with the highest security setting and my spyware detector started going crazy because the web page was trying to install a ton of spyware.

So I decided to see what would happen if I opened it up with Firefox, guess what? Nothing happened and no spyware was trying to install. So even with IE set to the highest security setting it couldn't even stop spyware which Firefox can. That IMO is the fundamental difference between the 2 browsers.

So far they have only found 1 security hole in Firefox which was fixed that day, it takes MS weeks to patch IE.

So your testament to the browser is to go to a KNOWN SPYWARE site?

Your methodology is flawed.

It's quite simple. TURN OFF ACTIVE X. It's easy to do. And once done, IE is no more vulnerable than Firefox. It's not rocket science.

dirk digler
02-02-2005, 07:40 PM
So your testament to the browser is to go to a KNOWN SPYWARE site?

Your methodology is flawed.

It's quite simple. TURN OFF ACTIVE X. It's easy to do. And once done, IE is no more vulnerable than Firefox. It's not rocket science.

I wanted to run a basic test because some of our users at work went to this site and infected the companies PC's with spyware which takes at least 1 hr a PC to clean.

If you turn IE security settings to High it disables all Active X components.

htismaqe
02-02-2005, 08:29 PM
I wanted to run a basic test because some of our users at work went to this site and infected the companies PC's with spyware which takes at least 1 hr a PC to clean.

Unfortunately, your test is inherently flawed because those exploits were written SPECIFICALLY to attack IE.

In the security continuum there are vulnerabilities and exploits. IE and Firefox are equally vulnerable. Only IE has a multitude of exploits. If Firefox were to somehow gather 40-50% of the market, there would be exploits for it too...

If you turn IE security settings to High it disables all Active X components.

Yep. And at that point, IE is not better, or worse, than Firefox.

HC_Chief
02-03-2005, 10:36 AM
Block ActiveX at your firewall (HARDWARE firewall, not ZoneAlarm or M$ Firewall, or BlackIce, or any other flavored software version) and no worries about what browser to use, period ;)

I use Firefox because it typically does a better job of blocking popups than IE. Plus, it's a much more lightweight browser. The footprint is tiny (8MB), and it adheres to W3C standards.

Some sites still require IE, becuase IE is much more lax in handling W3C standards. It is a much more forgiving browser that will attempt to display even poorly formed code, whereas Firefox simply says "nope".

Lzen
02-03-2005, 03:05 PM
So going by your argument, Parker, Firefox is safer simply because it is relatively anonymous to the majority of internet users. Therefore, there are much less hackers/hack attempts on it.

ActiveX - What exactly is ActiveX used for and/or why would anyone need it or not need it?