Is Windows XP Service Pack 2 secure enough?

Posted By: rjdohnert | Aug 14th, 2004 @ 10:11 PM
page 1 of 2
Comments: 34 | Views: 16468
#Aug 14th, 2004 @ 10:11 PM
rjdohnert
rjdohnert
You will never know success until you know failure
Is Windows XP Service Pack 2 secure enoug? Here is what I think.
#Aug 14th, 2004 @ 11:27 PM
tbeckner
tbeckner
Blissful
rjdohnert wrote:
Is Windows XP Service Pack 2 secure enoug? Here is what I think.
If you think that ANY OS is secure, then you are delusional. I have been in IT over 31 years and I have never found any OS that was really secure. And I can guarantee that you will never find an OS that is really secure.
 
A very simple statement sums it all up for me, "What the mind of a man has created, can be undone by the mind of a man."
 
PC: change man to human being.
#Aug 14th, 2004 @ 11:34 PM
rjdohnert
rjdohnert
You will never know success until you know failure
Its not a question of whether its secure or secure enough, but has Microsoft done a good job with Windows XP Service Pack 2, IMO yes they have, Should Microsoft call it quits and not continue to improve the OS?  not by any means.
#Aug 15th, 2004 @ 11:43 AM
imekon
imekon
Bah humbug!
rjdohnert wrote:
Is Windows XP Service Pack 2 secure enoug? Here is what I think.


Since the firewall only does half the job, and Zone Alarm does it all, and has been doing it for quite a while now, I'd say SP2 is not secure enough.
#Aug 15th, 2004 @ 11:43 AM
nektar
nektar
You can do the same as the Unix exec bit in Windows too. Under Windows, on the root folder \ of every drive the permitions are set such as Execute is allowed to all files in the root folder and all subfolders. You can remove this or much better remove from folders that do not contain executable files like the Desktop or My Documents, using tools like Windows Explorer or MMC Group Policy. In so doing when you save an attachment to such a "restricted" folder, it won't run. You will need to explicitly go into the Properties of the file and grand it execute permitions. Or you can use the cacls or xcacls commands for managing permitions from the command line.
Unix and Windows alike implement an execute permition on files and folders, but on Unix the default is not to enable this permition on a newly created file, on Windows it is the opposite: all newly created files have the execute permition on by default.
Actually, I tried this out. I removed the execute permitions from all my personal files in my user profile like Desktop, Cookies and My Documents and the computer works fine.
#Aug 16th, 2004 @ 9:09 AM
Jeremy W
Jeremy W
that blogging guy

Except that the firewall was never meant to do all the job.

As I posted elsewhere:

XP SP2’s Firewall is a floor, not a ceiling. It is a base layer of security to protect users from… Intrusions.

It isn’t designed to protect the web from the user, but to protect the user from the web. And that it, actually, does quite well.

If Microsoft designed this solution as a ceiling (ie: commercially viable product or fully featured product) they’d get in trouble. But, designing apps as a floor (like Outlook Express and Wordpad) gives users the tools they need without putting Microsoft in the hotseat.

#Aug 16th, 2004 @ 6:23 PM
Shining Arcanine
Shining Arcanine
Windows Longhorn has no registry? Would anyone from Microsoft confirm this?
#Aug 16th, 2004 @ 8:34 PM
Manip
Manip
(Beer check the Transcript link)

I have said it before and I'll say it again.. registry settings need to have an 'owner' object which is linked to a 'real' file on the hard-disk. This allows you to remove all registry entries just by removing the file (and scanning). It should also prompt for Windows spesific registry modifications.
#Aug 16th, 2004 @ 10:27 PM
jamie
jamie
zoiks!

zonkers!


*didnt have any other words to use to reply to this!

( ahh...beer28 beat me to it Smiley
#Aug 16th, 2004 @ 11:36 PM
Keskos
Keskos
Beer28 wrote:
Keskos wrote:

Registry API has nothing to do with viruses.

FYI, I started programming on the C64 in the 80's with basic, and let me say it's more machine than you're ready for.


I also started programming on C64 with basic.
#Aug 17th, 2004 @ 11:45 AM
thechris
thechris
i'd still say winXP home is the easiest to 0wn.  if you can sit at the computer it's yours 9 of 10 times.  having no admin password and listing admin in safe mode boot does that...

i don't hear about linux being hacked as much as i hear about spyware, worms, and virii.

i do like windows though, the security holes are usually funnier.  you have to ask how a webpage can execute code from a cookie (happened to me).  why you can overwrite windows media player, then link to a wmf file.  why help documents can execute code, and why mirrors to a help doc authenticate as the primary site...  all these have been fixed, but its a lot funnier then some buffer overflow in mremap().

windows registry needs to die!  have you seen it?  cluttered!  C:\Documents and Settings\ is reffered to in 3 or 4 ways.  there are options to disable things and options that disable options to disable things...  and sometimes these option to disable the disabling of disabling a feature are disabled...
#Aug 17th, 2004 @ 12:05 PM
lars
lars
thechris wrote:
i'd still say winXP home is the easiest to 0wn.  if you can sit at the computer it's yours 9 of 10 times.  having no admin password and listing admin in safe mode boot does that...


IIRC they saying is that if you don't have physical control over the machine and who has access to it - it's not your computer anymore. 
#Aug 17th, 2004 @ 12:05 PM
thechris
thechris
Keskos wrote:

Yourself admitted that, on linux you can't run something immediately because you first hve to chmod it. What stops people on linux to chmod it and run those programs? If someone wants to run something and runs it on windows, how does magically linux prevent him doing the same on linux. Are you saying that an old unix tradition which had nothing to do with security is the linux's solution to the security problems people are having,  Go and pitch this to companies and see if you get hired or if anybody wants to work with you. Anybody can easily tore you down by showing facts.

--normal users can't chmod.  only root can.  also, you actually CAN exec files that aren't flagged as executable with the source command.  the scripts however run as the logged in user and can't be suid or sgid.


Being a user on linux means being a root in that computer. Also why Linspire chose root as the default user. You can't argue to people not to use their computers to stay secure, or to shut down their computers to be secure. That's what you are saying: linux makes it everything extremely hard (because it sucks naturally, not because it wants you to be secure) so you are secure.

--that's exactly right.  i install software on a daily basis along with making major changes to system files.  almost hourly.  requiring me to log in a "root" or type a password would be really inconvienient becuase of the large amount of programs I install per day...

Being a user in almost ANY OS doens't mean being root/admin.  root as a default user is an incredibly insecure thing to do, especially if you choose to have no password...  in windows _default_ install users have admin rights.  this is a bad idea.  it makes things less secure but easier.  of course users could change this in either OS.  not sure if windows supposts anything similar to su sudo or kdesu.


On the other hand, SP2 has this feature which tracks where programs came from (there is no such technology in Linux) and asks people if they are sure to run them. That's innovation, not the executable bit which has been with unix to make shells find executable files easily. If you think about it, actually that's the most stupid solution to the problem, instead of having a standard extension like .exe, they have added an executable for every single file on the file system. In the orignal days of unix that was normal, but now it is completely stupid. However, because Linux is a 35 years old technology it is stuck with it so it tries to show its problems as a security enhancer.

--there are such technologies in linux.  gnupg and md5 checksums are used.  gentoo does this with portage. 
#Aug 17th, 2004 @ 12:33 PM
timf
timf
SecurityException
Beer28 wrote:


OK there buddy. spyware, and viruses don't exploit registry API at all, nope.


Uh.. they don't. No more than a virus would exploit .ini files, in any case.  Keys in the registry can have ACLs attached, just like regular files in the filesystem.

And what's all this about the executable bit?  If you're talking about embedded macros and passing commands through to the shell via a process that calls out to the system based on its input, Linux is every bit as exploitable as Windows in this regard:

$ cat - > this.is.not.executable.txt
print "hello world\n";
^X

$ perl this.is.not.executable.txt
hello world

$

I think you're missing some important details on the topics you've chosen to bring up.  And, as I've said before, and I'll say again; you don't need root access to spread viruses.  If a normal user can open a socket for any reason, so can a virus running under that user's credentials.
#Aug 17th, 2004 @ 12:35 PM
timf
timf
SecurityException
thechris wrote:
--normal users can't chmod.  only root can.


Normal users certainly can chmod their files.  They can't chown them.
#Aug 17th, 2004 @ 2:05 PM
Shining Arcanine
Shining Arcanine
Keskos wrote:
Linux is easier to 0wn. I have seen it many number of times. The guy installs linux, makes all the upgrades but still gets hacked. This guy is a linux expert btw. It happens all the times. Linux is such a big problem that people are warned about it. Recently a huge online attack was launched through many linux boxes in universities. These boxes are maintained by unix professionals, not home users.


I recall reading that ZDLabs had two honey pots on the internet. One running Windows 98 and the other running Linux. The Windows 98 one was hacked within 72 hours while he Linux one was hacked within 24 hours. I also recall reading an article which showed there have been about 14,000 Linux server hackings and about 2000 Windows server hackings last year.
#Aug 17th, 2004 @ 2:39 PM
thechris
thechris
the advantage is that if a user executes virii.sh on linux, the script can't do something like rm -f /etc/* unless the script is run by root or chowned and suid'd to be run as root.  or the user needs a user-privledge escalation method.

really i think a great idea would be a secure install service.  windows does this with activeX installed by web pages, but not to anything else.  implementing a similar feature might reduce the numer of unexpectedly installed programs.
#Aug 17th, 2004 @ 3:51 PM
phunky_avocado
phunky_avocado
Dude! It's the (grilled) cheese.
I started on a 1978 SOL with basic.  Does anyone even know what that is without googling it?

Keskos wrote:
Beer28 wrote:
Keskos wrote:

Registry API has nothing to do with viruses.

FYI, I started programming on the C64 in the 80's with basic, and let me say it's more machine than you're ready for.


I also started programming on C64 with basic.
#Aug 17th, 2004 @ 4:38 PM
Keskos
Keskos
thechris wrote:

--normal users can't chmod.  only root can.  also, you actually CAN exec files that aren't flagged as executable with the source command.  the scripts however run as the logged in user and can't be suid or sgid.


thechris, you got it all wrong, normal users can chmod, chmod is a very basic shell command.You might be thinking about chown and that one is tricky in some systems,, depending on configuration.

thechris wrote:

Being a user in almost ANY OS doens't mean being root/admin.  root as a default user is an incredibly insecure thing to do, especially if you choose to have no password...  in windows _default_ install users have admin rights.  this is a bad idea.  it makes things less secure but easier.  of course users could change this in either OS.  not sure if windows supposts anything similar to su sudo or kdesu.


Window's impersonization technologies are much better than unix. More complete and much better integrated. Being the admin doesn't cause any big problem on windows. Windows got two things wrong, one, didn't turn on the firewall by default, second they turned on other unnecessary services by deafult which turned out to be security holes. None of these two are related to security problems. Viruses and worms can not be prevented unless you want people to enter a root password everytime they send email. I recommend you to look a little deeper than you look now, so you can see the fact that,.

I don't think forcing users into remembering two passwords is a good solution. You clearly have no clue about how users use computers. For a very long time I thought that computers are easy, but what I realized is that, using a computer is a really challenge in the first place. Many smart people will have a hard time learning them, because so many small things are not untuitive. For example, you copy some text to clipboard by pressing ctrl-C, and you never question this, but there are users who just get confused when you explain them how to copy text, because they don't get a feedback. The first time I used unix, I got confused, because the programs do not say anything when they successfully complete their jobs. You oversimplfy these important issues, completely ignore them for the glory of some anti-Microsoftinizm.

But in any case, you jump to the conclusions without much thinking. When you first install a system, any system, linux or windows, somebody has to be root. What you have to argue is that Windows should promote the idea of creating another user with less priviledges. Now is this a great idea? We don't know exactly, because you didn't conduct a usability study. Maybe people will get confused, people wil have problems installing programs. So your suggestion may end up making computers unusable in fact.

thechris wrote:

--there are such technologies in linux.  gnupg and md5 checksums are used.  gentoo does this with portage. 


Is this something like chmod?
#Aug 17th, 2004 @ 4:50 PM
Karim
Karim
Trapped in a world he never made!
phunky_avocado wrote:
I started on a 1978 SOL with basic.  Does anyone even know what that is without googling it?


If I had to guess (without googling) I'd say S-100 bus, Microsoft 8K BASIC-IN-ROM interpreter, and, uh, wood paneling?  And didn't the character generator have 16 colors, or was that something else?

I almost added "rich Corinthian leather" but that was something else from the late 70s.
#Aug 17th, 2004 @ 8:27 PM
thechris
thechris
""Viruses and worms can not be prevented unless you want people to enter a root password everytime they send email. I recommend you to look a little deeper than you look now, so you can see the fact that,.""
--sure they can!  what _legit_ email would ever need to install software on a computer?  especailly without user intervention?!  Or if a normal user can't install software the problem goes away.  this is one of the bad parts of logging in as admin.

on md5:  portage stores md5 checksums of the distfiles in portage (an easy to use linux application installer system.  because gentoo is a source-based distro people call portage slow).  in this case apps like wineX that send modified (tagged in this case) files will fail because the md5 of the downloaded app would be different then the accepted md5 checksum. 

Linux isn't at all ready for mainstream desktop application.  but having used both, i have to say that windows does some things very poorly by default.  this isn't to say linux is perfect and does everything right, linux is guilty of some of the same issues.
1.)  windows handels partitions fairly poorly.  adding a hard disk will change partition names.  and god forbid you want to install windows on a device that isn't primary master...  i still can't beleive it put 100k of files on a seperate partition...  at least now users can set things up better with ntfs.
2.)  in windows you log in as admin by default.  i can't see why you would want to do this.  do you install so much software and edit configurations so much that you need to always have admin access?  most users won't like a password, but i think a secure click system might be a good idea -- like clicking OK if software is detected trying to install itself.  This obviously leads to a secured programs folder.  there isn't any need to run programs except scripts and user-compiled programs from ANY folder.
3.)  consistant config info.  linux isn't very good here.  MS's registry isn't too good either. 
4.)  a minimum of services should be started.  in linux i have very few services, especially ones that accept connections.
#Aug 18th, 2004 @ 9:27 AM
DataGuru
DataGuru
Ignoring all the hyperboly and ranting going on I will answer that "Yes, SP2 is secure enough". Having said that I will also say that SP1a was secure enough, and SP1, and "original" XP. What isn't secure is the user. Through ignorance (not a put-down, just a fact) most users leave themselves open to attack while the tools to protect themselves go unused.
To put any consumer OS on the Internet without a firewall or NAT would be a huge mistake. Doing the same with anti-virus software is also asking for trouble.
What MS needs to continue to work on is not adding new features, but shoring up the basic security of the "plain jane" installation as a consumer would do it and offering wizards that will incrementally open features. Ideally my Mother-In-Law should be able to install Windows XP SPX and have it automatically locked down. Simple email and web browsing would still work and the flashy "cool" features she never needs won't present vulnerabilities.
Firewall and plain text email should have been made standard a long time ago.
#Aug 18th, 2004 @ 9:58 AM
jamie
jamie
Re; SA:  "I recall reading that ZDLabs had two honey pots on the internet. One running Windows 98 and the other running Linux. The Windows 98 one was hacked within 72 hours while he Linux one was hacked within 24 hours. I also recall reading an article which showed there have been about 14,000 Linux server hackings and about 2000 Windows server hackings last year."


Try 20 minutes for Windows box - not even enough time to download updates to protect the PC in question:

http://news.com.com/Study%3A+Unpatched+PCs+compromised+in+20+minutes/2100-7349_3-5313402.html?tag=nefd.top


#Aug 18th, 2004 @ 10:27 AM
Keskos
Keskos
Beer28 wrote:

Speaking assemblywise, Windows OS has a GDT for all Local Descriptor tables of processes, LDT's with their virtual segment addresses, ect... so when the process gets it's timeslice, it can not "see" or jmp execute into another set of addresses. In an open, no OS system the CS code segment would contain the physical address of the code in memory instead of an offset into the LDT. This is the virtual execution that windows uses to try to keep itself  and programs safe.

Why not keep shared resources, shared or otherwise seperate on this type of level, using some physical means or at the very least as I suggested before, asking the user before shared access is granted.

If you say ask once, and the user checks, trust this application, and that application is then started by another process as hidden, or has already been started, and is either hooked for data, or simply taken over by SendMessage() to control it programmatically, it's lost, a malicious code writer is going to know what window classes to search for while enumerating the windows down from the desktop. And this is just one way to bypass security. That one link to "tooleaky.cpp" by zensoft or whatever their names are just looks up the path to IE in the  REGISTRY, then launches it with a url with GET data as it's arg, how easy is that. Who's not going to have IE as a trusted application?

What if that program had some extra code to hook your keystrokes and sent that as malicious.com/getdata.asp?hookeduser&hookedpass as an arg to iexplorer?

The firewall's not going to stop it. That's just one easy, plain example, not elaborate at all.

Windows FS security, ok, there's another, By default files are not encrypted. You have an NT system, you have tons of personel docs on there. Somebody steals your machine or another employee gets a hold of it while you're out of the office. They load up linux from a CD, or set a tiny partition and load up linux, they go into mnt/windows and just take all your files that aren't further encrypted. How is that secure?


I joked about this but you really suggest computers not to execute anything because a program may act maliciously.

If you close yourself in a home and never go out, you are secure. If you go out, you might get involved in an accident, fight, murder etc... So your suggestion that everything should be closed down doesn't make sense, not to mention that your suggestions for Linux is not implemented at all. Palladium will solve all your problems and some more. Every program has to be certified and go through a process, otherwise users will have a hard time running applications. That's not something I want, but obviously that's how you like it. I think just because some people can be tricked into running viruses shouldn't mean that we should be asked whether we trust apps everytime we run them or install them.
page 1 of 2
Comments: 34 | Views: 16468
Microsoft Communities